Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

Java EE

A brief description about Java EE giving an overview about the concept, client / server model, containers, servlets, packiging and security.
by

Péter Takács

on 18 November 2015

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Java EE

Java EE
Concept
Application Model
basis: Java programming language and JVM
uses
multi tiered architecture
delivers scalability, accessibility and manageability
supports the development of large scaled distributed applications
splits up the implementation work to
business and presentation logic by developers
standard system services provided by Java EE platform
Component model
application logic divided into components according to function
components are installed on various machines - depending on the tier where they belong to
based on client-server architecture
provides a model to create flexible and reusable applications
Most of Java EE applications are 3-tiered applications
Distributed over 3 locations:
client machines
Java EE server
database/legacy machines (EIS)
Extension of the client-server model -> multi-threaded AppServer is placed between client application and back-end

Multi-tiered Architecture
Tiers might also be defined using logical boundaries:
Presentation tier
Business logic tier (it might be multi-tiered => N-tiered architecture)
EIS-tier

3-tiered architecture != MVC software design pattern
3-tier
: Client <-> Middle <-> Data (communication between layers is bi-directional and always passes through the Middle tier)
MVC
: Client (View), Middle (Controller), Data (Model) (communication is in unidirectional; we could say that each "layer" is updated by the one at the left and, in turn, updates the one at the right –where "left" and "right" are merely illustrative)

Java EE components
Component = self-contained functional software unit
Types of components:
client
web
business

Client components
Web Clients
e.g: Dynamic web pages containing various types of markup language (HTML, XML, and so on) + Web browser

Application Clients
e.g: runs on a client machine (directly access enterprise beans)
CLI or Swing/AWT based applications

Applets
e.g: a web page received from the web tier can include an embedded applet (small appl. Running on JVM)

Web components
Business components
Servlets
dynamically process requests and construct responses

Web pages
created using JSF or JSP technology

Static HTML pages and applets
bundled with web components during application assembly but are not considered web components by the Java EE specification

Business code, which is logic that solves or meets the needs of a particular business

Handled by enterprise bean
receives data from client programs, processes it and sends it to the enterprise information system tier for storage
retrieves data from storage, processes it and sends it back to the client program
e.g: session beans, message-driven beans, java persistence entities

Development roles
Development and deployment process can be divided into distinct subprocesses assignable to distinct roles due to reusable modules
Java EE Product Provider and Tool Provider
Application Component Provider
Enterprise Bean -, Web Component -, Application Client Developer
Application Assembler
Application Deployer and Administrator
All the developers act as Application Component Providers / Assemblers / Sometimes integrators / Lead devs / TPLs
Release-engineers are responsible for building the deliverable + deployment / administration in productive-like environments.

Client / Server Model
Client/Server Model
Two-tiered, distributed application structure
Server component
= provider of a service (or resource or function, respectively).
Client component
= requester for the services of the server.
Describes the relationship of cooperating programs in an application
One of the central ideas of network computing, supported by multiple networking protocols

HTTP
What is HTTP-protocol?
networking protocol for distributed, collaborative, hypermedia information systems
request-response protocol in the client-server computing model => it defines, how the client and server communicate with each other.
communication on the World Wide Web is based on this protocol.
Short history: 1991 – v0.9, 1996 – v1.0, 1999 – v1.1 -> used today
Clients
= user agents (like: browsers, search engine crawlers, mobile phones, etc.)
Servers
= service/resource providers. Identified / looked up by using URIs.
URIs might be classified as locators (URL) or names (URN) or both.
Syntax: <schema-name>:<schema-specific-part>
schema-names: ftp, http, mailto, file
define syntax and semantics of schema-specific-part
Stateless protocol
server is not required to retain any information related to the state of the conversation with the client during processing multiple requests.In most cases we need the state
we use cookies, server-side sessions, hidden variables, URL-rewriting
HTTP-session
a sequence of network request-response transactions

Generic message format

<start-line>
<message-headers>
<empty-line>
[<message-body>]
[<message-trailers>]

Servlet
Containers
Packaging
Security
A Servlet is a Java-based
server side web technology

Technically, JAVA class conforms Java Servlet API
Extends capabilities of servers
Request-response programming model
Life cycle
init
: container initializes the servlet
service
: called in case of every incoming request (sep. thread)
destroy
: take servlet out of service


Assume that a user enters a Uniform Resource Locator (URL) to a web browser.
The browser then generates an HTTP request for this URL.
This request is then sent to the appropriate server.
The HTTP request is received by the web server.
The server maps this request to a particular servlet.
The servlet is dynamically retrieved and loaded into the address space of the server.
The server invokes the init() method of the servlet.
This method is invoked only when the servlet is first loaded into memory.
It is possible to pass initialization parameters to the servlet so it may configure itself.
The server invokes the service() method of the servlet.
This method is called to process the HTTP request.
You will see that it is possible for the servlet to read data that has been provided in the HTTP request.
It may also formulate an HTTP response for the client.
The servlet remains in the server’s address space and is available to process any other HTTP requests received from clients.
The service() method is called for each HTTP request.
The server may, at some point, decide to unload the servlet from its memory. Invoke destroy
The algorithms by which this determination is made are specific to each server.
The server calls the destroy() method to relinquish any resources such as file handles that are allocated for the servlet; important data may be saved to a persistent store.
The memory allocated for the servlet and its objects can then be garbage collected.

Let us consider a typical user scenario
Containers
Interface between component and low-level platform-specific functionality

Web, enterprise bean, application client
components
must be
assembled into Java EE module
and deployed

Provides
services

Transaction handlining
State management
Multithreading
Resource pooling
Other low-level functionalities

Assembly and Deployment
Specify container settings for each component

Customize the underlying support provided by the Java EE server
such services as security
transaction management,
Java Naming and Directory Interface (JNDI) API lookups
remote connectivity

The deployment process installs Java EE application components in the Java EE containers

Container types
Server
The runtime portion of a Java EE product, it provides EJB and web containers
EJB container
Manages the execution of enterprise beans for Java EE applications
Web container
Manages the execution of web pages, servlets, and some EJB components for Java EE applications
Application client container
Manages the execution of application client components. (Application clients and their container run on the client)
Applet container
Manages the execution of applets. Consists of a web browser and Java Plug-in running on the client together

Server implementations
WebSphere
WebLogic
JBoss
GlassFish
Reference implementation
Lightweight and extensible core
Easy-to-use Administration Console
Support clustering, load balancing
Java EE 6 support
Support latest technologies
EJB, JPA, JSF, CDI
Example

Packaging
Application delivered in
Java Archive (JAR) file
Web Archive (WAR) file
Enterprise Archive (EAR) file

Contains modules and deployment descriptors

Assemble a number of different Java EE applications using some of the same components

EJB modules
contain class files for enterprise beans and an EJB deployment descriptor. EJB modules are packaged as JAR files
Web modules
contain servlet class files, web files, supporting class files, GIF and HTML files, and a web application deployment descriptor. Web modules are packaged as JAR files with a .war (web archive) extension.
Application client modules
contain class files and an application client deployment descriptor. Application client modules are packaged as JAR files
Resource adapter modules
contain all Java interfaces, classes, native libraries, and other documentation, along with the resource adapter deployment descriptor. Resource adapter modules are packaged as JAR files with an .rar (resource adapter archive) extension.

myapp.ear
META-INF
application.xml

lib
persistence.jar
log-api.jar

business.jar
com/flexionmobile/myproject/myapp/business/DummyServiceBean.class

webapp.war

WEB-INF
classes/com/ flexionmobile/myproject/myapp/web/Dummy.class
web.xml
index.html
Confidentiality
prevent disclosure of information to unauthorized individuals/systems

Integrity
data cannot be modified undetectably

Availability
information must be available when it is needed

Authenticity
ensure data is genuine

Non-repudiation
implies one's intention to fulfill their obligations to a contract

“It means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction”

Information security
Overview
Security Mechanisms
Application-Layer Security
e.g. password hashing or encryption
Transport-Layer Security
e.g. HTTPS (HTTP over SSL/TLS)
Message-Layer Security
e.g. WSS (SOAP message signing and/or encryption)

Implementation type
Declarative security
e.g. role based access control in web or ejb deployment descriptors or using metadata annotations
Programmatic security
embedded in an application and is used to make security decisions
Message security
works with web services and incorporates security features

Peter Takacs
20/12/2013
Full transcript