CDI (Contexts and Dependency Injection) for Java, aka JSR-299 has given us a new playing field for developing Java EE applications, by providing a standardised dependency injection framework and contextual component model. The CDI specification defines a feature for "portable extensions", which allow framework developers to extend the default behaviour of the Java EE container. By providing a number of useful portable extensions, Seam 3 increases developer productivity by solving the problems common to many enterprise projects. In this talk we will look at a number of features that Seam provides, dealing with transactions and persistence, security, internationalisation, bean validation and tooling, and how you can use them to improve your productivity in the real-world to develop rich internet applications. We'll also look at some of the cool upcoming features of Seam such as social network integration, and more.
8. Portable Extensions
• One of the most exciting features in CDI
• Extend the behaviour of the Java EE platform
• Seam 3 is a collection of portable extensions
• SPI defined by the JSR-299 spec
• Easy to write
8
9. Just how easy?
3 simple steps:
• Create a new Java class
• Register the extension
• Implement the extension logic
9
10. Portable Extensions
Creating the Java class
package com.acme;
import javax.enterprise.inject.spi.Extension;
public class MyExtension implements Extension {
}
10
11. Portable Extensions
Registering the extension
• Create a file in the META-INF/services directory called
javax.enterprise.inject.spi.Extension
• It should contain the name of your class
com.acme.MyExtension
11
12. Portable Extensions
Implementing the extension logic
• Listen to events fired by the container at deployment time
• Extensions can observe these events and make changes to
the containers metadata model
• Dynamically change the default behaviour of beans,
injection points
• Implement new context types
12
13. A real world example
Seam Security
• Portable extension for CDI
• Provides authentication, identity management and
federated identity via OpenID, SAML, SSO
• Provides typesafe authorization through the use of
annotation-based metadata
13
17. The extension must:
• Match all methods annotated with a security binding type
with an authorizer method
• Add an interceptor binding to the secured method
• Throw an exception if there are any secured methods
without a matching authorizer method
17
18. Scanning the methods
ProcessAnnotatedType Event
• Fired by the container for each Java class or interface it
discovers
• We can use this event to find classes or methods annotated
with security binding types
• Our extension class can observe this event
18
19. Event observers
public class SecurityExtension implements Extension
{
public <X> void processAnnotatedType(
@Observes ProcessAnnotatedType<X> event,
final BeanManager beanManager)
{
...
}
19
20. Interceptors
• Interceptors specification part of JSR-318
• CDI builds on this specification by introducing interceptor
bindings
• Interceptor bindings are used to create a link between an
interceptor and the bean to be intercepted
20
21. Interceptor Bindings
How they work
• Create an interceptor binding annotation
• Apply it to the interceptor class
• Apply it to the method or class that you want to be
intercepted
21
22. Interceptor Bindings
Creating the binding type
@Retention(RUNTIME)
@InterceptorBinding
@Target( { TYPE, METHOD })
@interface SecurityInterceptorBinding { }
22
23. Interceptor Bindings
Applying to the Interceptor
@SecurityInterceptorBinding @Interceptor
public class SecurityInterceptor
implements Serializable {
@Inject SecurityExtension extension;
@AroundInvoke
public Object aroundInvoke(InvocationContext
invocation) throws Exception {
23
24. Interceptor Bindings
Applying it to a method
public @Model class DocumentAction {
@SecurityInterceptorBinding
public void createDocument() {
}
}
24
25. Dynamic interceptors
• Our extension can apply an interceptor binding
dynamically, at deployment time
• (Code demo - Eclipse)
25