SlideShare uma empresa Scribd logo

Java EE Services

Abdalla Mahmoud
Abdalla Mahmoud
Tecnologia
1 de 9
Baixar para ler offline
Java EE Services 1 By: Abdalla Mahmoud . Contents Java EE Services ................................................................................. 1 Contents ........................................................................................... 1 1. Introduction ................................................................................... 3 2. Resource Management .................................................................... 3 2.1. Resource Pooling ....................................................................... 3 2.2. Activation/Deactivation Mechanism .............................................. 3 3. Java Naming and Directory Service ................................................... 3 4. Security Services ............................................................................ 4 4.1. Declarative Security .................................................................. 4 4.1. Defining a Security Domain ........................................................ 4 4.2.1. Business Components ............................................................. 5 4.2.2. Web Components ................................................................... 7 4.2.2.1. Login Page ....................................................................... 7 4.2.2.2. Error Page........................................................................ 7 4.2.2.3. Deployment Descriptor ...................................................... 8 4.2.2.4. JBoss-Specific Deployment Descriptor .................................. 8 5. Transaction Service......................................................................... 9 1. http://www.abdallamahmoud.com. 1
2
1. Introduction Java EE platform provides a mature environment for deploying enterprise components that are managed by the application server. The application is responsible for providing those components with common requirements needed in most enterprise applications. We are going to discuss some of the services provided by a typical Java EE applicaiton server. 2. Resource Management Resource management is the primary responsibility of the application server. It can manage thousands (and even millions) of objects and components without a great requirement of memory space! This is implemented by the application server using two main techniques: 2.1. Resource Pooling Resource pooling is a technique used to manage non client-specific components. A resource pool is a collection of many identical instances of the same class. When a client requests a reference to a component of a specific type, the application server returns a reference to any free component from its resource pool. The instance is reserved to the client as long as it uses it. Other clients will not get a reference to this instance and will get a reference to other instances from the instance pool until it get released. This technique can satisfies dozens of users simultaneously using a smaller number of instances, depending on the low probability of actual concurrent usage. If actual concurrent usage exceeded available instances, more instances are created and added to the pool, depending on the application server's implementation behavior. Stateless-session beans, message-driven beans, and data sources are managed using resource pooling technique. 2.2. Activation/Deactivation Mechanism Activation/Deactivation mechanism is a technique used to manage client-specific components. When a client requests a reference to a component of a specific type, the application server instantiates an object from the class and returns its reference to the client. The component is active in memory as long as the client actually uses it. If the client stopped using the component for a long period of time, the application server deactivates the component by serializing it in some persistent storage. Once the client get back using the component, the application server activates the component again by deserializing it again to the memory from the persistent storage and makes it active to resume interacting with the client. 3. Java Naming and Directory Service Resource naming is another primary responsibility of the application server. It provides an implementation to the Java Naming and Directory Service specification by Sun Microsystem, which is a system of a logical repository of names associated with references to different resources. Clients can access the service using the Java Naming and Directory Interface APIs (JNDI). 3
4. Security Services2 Security is a primary requirement in any application. It's another responsibility of the application server. Java EE uses declarative security model that can be used with Java EE components using some configurations. 4.1. Declarative Security Declarative security model introduces the concept of roles. A role is an abstract class of users. Users can be defined and associated with specific roles declaratively using configuraiton files. Services in Java EE components can be declared to be accessible only for some roles. Users should login first before using secured services. The following sections show how can we use security services using JBoss application server for both, business and web components. 4.1. Defining a Security Domain A security domain is a collection of security configurations assigned a specific name. Security domains can be defined by adding XML elements to the file C:jbossserverdefaultconflogin.config.xml as follows: file: C:jbossserverdefaultconflogin.config.xml ... <application-policy name ="foo"> <authentication> <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required"> <module-option name="usersProperties"> props/foo-users.properties </module-option> <module-option name="rolesProperties"> props/foo-roles.properties </module-option> </login-module> </authentication> </application-policy> ... </policy> Users are defined in C:jbossserverdefaultconfpropsfoo-users.properties. It's a user per-line file. Each line consist of the username followed by = and its password. 2. All written examples use JBoss-specific features. 4
file: C:jbossserverdefaultconfpropsfoo-users.properties abdalla=abdallapass ahmed=ahmedpass Roles are defined in C:jbossserverdefaultconfpropsfoo-roles.properties. It's a user/role per-line file. Each line consist of the username followed by = and its associated roles. file: C:jbossserverdefaultconfpropsfoo-roles.properties abdalla=admin ahmed=employee 4.2.1. Business Components Securing a business component is simple and straightforward. Here is a sample business component before and after securing: Before Securing file: mypackMyEJB.java package mypack ; import javax.ejb.* ; @Stateless public class MyEJB implements MyEJBRemote { public void foo() { System.out.println("foo() invoked.") ; } public void protectedMethod() { System.out.prtinln("protectedMethod() invoked!") ; } public void protectedMethod2() { System.out.prtinln("protectedMethod() invoked!") ; } } After Securing file: mypackMyEJB.java package mypack ; 5
import javax.ejb.* ; import javax.annotation.security.* ; import org.jboss.ejb3.annotation.SecurityDomain; @Stateless @SecurityDomain ("foo") public class MyEJB implements MyEJBRemote { public void foo() { System.out.println("foo() invoked.") ; } @RolesAllowed({"admin"}) public void protectedAdmin() { System.out.prtinln("protectedAdmin() invoked!") ; } @RolesAllowed({"employee"}) public void protectedEmployee() { System.out.prtinln("protectedEmployee() invoked!") ; } } Remote clients should login first before using the component, as follows: file: Client.java import javax.naming.* ; import mypack.MyEJBRemote ; import org.jboss.security.client.* ; public class Client { public static void main(String[] args) throws Exception{ SecurityClient client = SecurityClientFactory.getSecurityClient(); client.setSimple("abdalla", "abdallapass"); client.login(); InitialContext ctx = new InitialContext() ; MyEJBRemote r = (MyEJBRemote) ctx.lookup("MyEJB/remote") ; r.doAdmin() ; } } 6
4.2.2. Web Components Securing web components requires a login and error page, with additional declarations in the web.xml file. Here is a sample web application of two web components (protectedPage1.jsp, protectedPage2.jsp) before and after securing: 4.2.2.1. Login Page file: login.html <html> <head> <title>Login Page</title> </head> <body> <font size='5' color='blue'>Please Login</font><hr> <form action='j_security_check' method='post'> Name: <input type='text' name='j_username'> Password: <input type='password' name='j_password' size='8'/> <input type='submit' value='login'> </form> </body> </html> 4.2.2.2. Error Page file: error.html <html> <head> <title>Error!</title> </head> <body> <font size='4' color='red'> The username and password you supplied are not valid. </font> Click <a href='/webapp/login.html'>here</a> to retry login. </body> </html> 7
4.2.2.3. Deployment Descriptor file: WEB-INFweb.xml <?xml version="1.0" encoding="UTF-8"?> <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/ xml/ns/javaee/web-app_2_5.xsd"> <!-- Defines a security constraint element --> <security-constraint> <web-resource-collection> <web-resource-name>A Protected Page</web-resource-name> <url-pattern>/protected-page.jsp</url-pattern> <url-pattern>/protected-page2.jsp</url-pattern> </web-resource-collection> <auth-constraint> <role-name>admin</role-name> </auth-constraint> </security-constraint> <!-- Defines the login mechanism --> <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/login.html</form-login-page> <form-error-page>/error.jsp</form-error-page> </form-login-config> </login-config> <security-role> <role-name>admin</role-name> </security-role> </web-app> 4.2.2.4. JBoss-Specific Deployment Descriptor The JBoss-specific deployment descriptor is used to specify's JBoss-specific configurations for the web applicaiton. It's located in WEB-INF/jboss-web.xml. We will add this file to declare the security domain associated with this web applicaiton. 8
file: WEB-INF/jboss-web.xml <?xml version="1.0" encoding="UTF-8"?> <jboss-web> <security-domain>java:/jaas/foo</security-domain> </jboss-web> 5. Transaction Service Transactions are required in most enterprise applications. A transaction is an atomic operation that should be performed completely. Some operations may fail to complete for some reasons, most common is exceptions. Operation may have affected state before the exception occurs, which puts the system in an illegal state. The solution is to undo all changes made in the period between starting the operation and the exception occurrence. Fortunately, all business operations are invoked within the scope of a transaction initiated by the application server. If the invocation could not be completed for a reason or another, all state manipulations will be rolled back. 9

Recomendados

Claims based authentication in share point 2010 .new
Claims based authentication in share point 2010 .newClaims based authentication in share point 2010 .new
Claims based authentication in share point 2010 .newRavikantChaturvedi
 
Moodle andoffice365withadfs
Moodle andoffice365withadfsMoodle andoffice365withadfs
Moodle andoffice365withadfsHeo Gòm
 
Introduction to jsf 2
Introduction to jsf 2Introduction to jsf 2
Introduction to jsf 2yousry ibrahim
 
Oracle BPM 11g Lesson 2
Oracle BPM 11g Lesson 2Oracle BPM 11g Lesson 2
Oracle BPM 11g Lesson 2Rakesh Gujjarlapudi
 
Contextual Dependency Injection for Apachecon 2010
Contextual Dependency Injection for Apachecon 2010Contextual Dependency Injection for Apachecon 2010
Contextual Dependency Injection for Apachecon 2010Rohit Kelapure
 
Lecture 8 Enterprise Java Beans (EJB)
Lecture 8 Enterprise Java Beans (EJB)Lecture 8 Enterprise Java Beans (EJB)
Lecture 8 Enterprise Java Beans (EJB)Fahad Golra
 
Actor Model Import FlexConnector for Database
Actor Model Import FlexConnector for DatabaseActor Model Import FlexConnector for Database
Actor Model Import FlexConnector for Databaseprotect724rkeer
 
Federated RBAC: Fortress, OAuth2 (Oltu), JWT, Java EE, and JASPIC
Federated RBAC: Fortress, OAuth2 (Oltu), JWT, Java EE, and JASPICFederated RBAC: Fortress, OAuth2 (Oltu), JWT, Java EE, and JASPIC
Federated RBAC: Fortress, OAuth2 (Oltu), JWT, Java EE, and JASPICJohnSmithto
 

Recomendados

Claims based authentication in share point 2010 .new
Claims based authentication in share point 2010 .newClaims based authentication in share point 2010 .new
Claims based authentication in share point 2010 .newRavikantChaturvedi
 
Moodle andoffice365withadfs
Moodle andoffice365withadfsMoodle andoffice365withadfs
Moodle andoffice365withadfsHeo Gòm
 
Introduction to jsf 2
Introduction to jsf 2Introduction to jsf 2
Introduction to jsf 2yousry ibrahim
 
Oracle BPM 11g Lesson 2
Oracle BPM 11g Lesson 2Oracle BPM 11g Lesson 2
Oracle BPM 11g Lesson 2Rakesh Gujjarlapudi
 
Contextual Dependency Injection for Apachecon 2010
Contextual Dependency Injection for Apachecon 2010Contextual Dependency Injection for Apachecon 2010
Contextual Dependency Injection for Apachecon 2010Rohit Kelapure
 
Lecture 8 Enterprise Java Beans (EJB)
Lecture 8 Enterprise Java Beans (EJB)Lecture 8 Enterprise Java Beans (EJB)
Lecture 8 Enterprise Java Beans (EJB)Fahad Golra
 
Actor Model Import FlexConnector for Database
Actor Model Import FlexConnector for DatabaseActor Model Import FlexConnector for Database
Actor Model Import FlexConnector for Databaseprotect724rkeer
 
Federated RBAC: Fortress, OAuth2 (Oltu), JWT, Java EE, and JASPIC
Federated RBAC: Fortress, OAuth2 (Oltu), JWT, Java EE, and JASPICFederated RBAC: Fortress, OAuth2 (Oltu), JWT, Java EE, and JASPIC
Federated RBAC: Fortress, OAuth2 (Oltu), JWT, Java EE, and JASPICJohnSmithto
 
Spring by rj
Spring by rjSpring by rj
Spring by rjShree M.L.Kakadiya MCA mahila college, Amreli
 
Lec5 ecom fall16_modified7_november16
Lec5 ecom fall16_modified7_november16Lec5 ecom fall16_modified7_november16
Lec5 ecom fall16_modified7_november16Zainab Khallouf
 
Ejb3 Presentation
Ejb3 PresentationEjb3 Presentation
Ejb3 PresentationSaurabh Raisinghani
 
Javabeans .pdf
Javabeans .pdfJavabeans .pdf
Javabeans .pdfRajkiran Mummadi
 
EJB3 Basics
EJB3 BasicsEJB3 Basics
EJB3 BasicsEmprovise
 
IBM Connections 4.5 User Data Propagation.
IBM Connections 4.5 User Data Propagation.IBM Connections 4.5 User Data Propagation.
IBM Connections 4.5 User Data Propagation.michele buccarello
 
Custom RBAC - Can I Do That?
Custom RBAC - Can I Do That? Custom RBAC - Can I Do That?
Custom RBAC - Can I Do That? Lance Bragstad
 
Javaeetutorial6
Javaeetutorial6Javaeetutorial6
Javaeetutorial6David Rajah Selvaraj
 
Obiee 11g security creating users groups and catalog permissions
Obiee 11g security creating users groups and catalog permissionsObiee 11g security creating users groups and catalog permissions
Obiee 11g security creating users groups and catalog permissionsRavi Kumar Lanke
 
Ucs rbac aaa-backu-ps
Ucs rbac aaa-backu-psUcs rbac aaa-backu-ps
Ucs rbac aaa-backu-psKrunal Shah
 
Gym Management System User Manual
Gym Management System User ManualGym Management System User Manual
Gym Management System User ManualDavid O' Connor
 
Asp interview Question and Answer
Asp interview Question and Answer Asp interview Question and Answer
Asp interview Question and Answer home
 
Java Web Programming [1/9] : Introduction to Web Application
Java Web Programming [1/9] : Introduction to Web ApplicationJava Web Programming [1/9] : Introduction to Web Application
Java Web Programming [1/9] : Introduction to Web ApplicationIMC Institute
 
Ejb3.1 for the starter
Ejb3.1 for the starterEjb3.1 for the starter
Ejb3.1 for the startershohancse
 
Authorization in asp
Authorization in aspAuthorization in asp
Authorization in aspOPENLANE
 
ASP.NET Lecture 5
ASP.NET Lecture 5ASP.NET Lecture 5
ASP.NET Lecture 5Julie Iskander
 
Entity beans in java
Entity beans in javaEntity beans in java
Entity beans in javaAcp Jamod
 
Enable seo friendly url in websphere portal
Enable seo friendly url in websphere portalEnable seo friendly url in websphere portal
Enable seo friendly url in websphere portalmichele buccarello
 
Configuring kerberos based sso in weblogic
Configuring kerberos based sso in weblogicConfiguring kerberos based sso in weblogic
Configuring kerberos based sso in weblogicHarihara sarma
 
Websphere portal theme menu framework
Websphere portal theme menu frameworkWebsphere portal theme menu framework
Websphere portal theme menu frameworkmichele buccarello
 
Servlets
ServletsServlets
ServletsAbdalla Mahmoud
 
IBM_Participation_4
IBM_Participation_4IBM_Participation_4
IBM_Participation_4Jatinder Bhola
 

Mais conteúdo relacionado

Mais procurados

Lec5 ecom fall16_modified7_november16
Lec5 ecom fall16_modified7_november16Lec5 ecom fall16_modified7_november16
Lec5 ecom fall16_modified7_november16Zainab Khallouf
 
IBM Connections 4.5 User Data Propagation.
IBM Connections 4.5 User Data Propagation.IBM Connections 4.5 User Data Propagation.
IBM Connections 4.5 User Data Propagation.michele buccarello
 
Custom RBAC - Can I Do That?
Custom RBAC - Can I Do That? Custom RBAC - Can I Do That?
Custom RBAC - Can I Do That? Lance Bragstad
 
Obiee 11g security creating users groups and catalog permissions
Obiee 11g security creating users groups and catalog permissionsObiee 11g security creating users groups and catalog permissions
Obiee 11g security creating users groups and catalog permissionsRavi Kumar Lanke
 
Ucs rbac aaa-backu-ps
Ucs rbac aaa-backu-psUcs rbac aaa-backu-ps
Ucs rbac aaa-backu-psKrunal Shah
 
Gym Management System User Manual
Gym Management System User ManualGym Management System User Manual
Gym Management System User ManualDavid O' Connor
 
Asp interview Question and Answer
Asp interview Question and Answer Asp interview Question and Answer
Asp interview Question and Answer home
 
Java Web Programming [1/9] : Introduction to Web Application
Java Web Programming [1/9] : Introduction to Web ApplicationJava Web Programming [1/9] : Introduction to Web Application
Java Web Programming [1/9] : Introduction to Web ApplicationIMC Institute
 
Ejb3.1 for the starter
Ejb3.1 for the starterEjb3.1 for the starter
Ejb3.1 for the startershohancse
 
Authorization in asp
Authorization in aspAuthorization in asp
Authorization in aspOPENLANE
 
Entity beans in java
Entity beans in javaEntity beans in java
Entity beans in javaAcp Jamod
 
Enable seo friendly url in websphere portal
Enable seo friendly url in websphere portalEnable seo friendly url in websphere portal
Enable seo friendly url in websphere portalmichele buccarello
 
Configuring kerberos based sso in weblogic
Configuring kerberos based sso in weblogicConfiguring kerberos based sso in weblogic
Configuring kerberos based sso in weblogicHarihara sarma
 
Websphere portal theme menu framework
Websphere portal theme menu frameworkWebsphere portal theme menu framework
Websphere portal theme menu frameworkmichele buccarello
 

Mais procurados (20)

Spring by rj
Spring by rjSpring by rj
Spring by rj
 
Lec5 ecom fall16_modified7_november16
Lec5 ecom fall16_modified7_november16Lec5 ecom fall16_modified7_november16
Lec5 ecom fall16_modified7_november16
 
Ejb3 Presentation
Ejb3 PresentationEjb3 Presentation
Ejb3 Presentation
 
Javabeans .pdf
Javabeans .pdfJavabeans .pdf
Javabeans .pdf
 
EJB3 Basics
EJB3 BasicsEJB3 Basics
EJB3 Basics
 
IBM Connections 4.5 User Data Propagation.
IBM Connections 4.5 User Data Propagation.IBM Connections 4.5 User Data Propagation.
IBM Connections 4.5 User Data Propagation.
 
Custom RBAC - Can I Do That?
Custom RBAC - Can I Do That? Custom RBAC - Can I Do That?
Custom RBAC - Can I Do That?
 
Javaeetutorial6
Javaeetutorial6Javaeetutorial6
Javaeetutorial6
 
Obiee 11g security creating users groups and catalog permissions
Obiee 11g security creating users groups and catalog permissionsObiee 11g security creating users groups and catalog permissions
Obiee 11g security creating users groups and catalog permissions
 
Ucs rbac aaa-backu-ps
Ucs rbac aaa-backu-psUcs rbac aaa-backu-ps
Ucs rbac aaa-backu-ps
 
Gym Management System User Manual
Gym Management System User ManualGym Management System User Manual
Gym Management System User Manual
 
Asp interview Question and Answer
Asp interview Question and Answer Asp interview Question and Answer
Asp interview Question and Answer
 
Java Web Programming [1/9] : Introduction to Web Application
Java Web Programming [1/9] : Introduction to Web ApplicationJava Web Programming [1/9] : Introduction to Web Application
Java Web Programming [1/9] : Introduction to Web Application
 
Ejb3.1 for the starter
Ejb3.1 for the starterEjb3.1 for the starter
Ejb3.1 for the starter
 
Authorization in asp
Authorization in aspAuthorization in asp
Authorization in asp
 
ASP.NET Lecture 5
ASP.NET Lecture 5ASP.NET Lecture 5
ASP.NET Lecture 5
 
Entity beans in java
Entity beans in javaEntity beans in java
Entity beans in java
 
Enable seo friendly url in websphere portal
Enable seo friendly url in websphere portalEnable seo friendly url in websphere portal
Enable seo friendly url in websphere portal
 
Configuring kerberos based sso in weblogic
Configuring kerberos based sso in weblogicConfiguring kerberos based sso in weblogic
Configuring kerberos based sso in weblogic
 
Websphere portal theme menu framework
Websphere portal theme menu frameworkWebsphere portal theme menu framework
Websphere portal theme menu framework
 

Destaque

Introduction to Java Enterprise Edition
Introduction to Java Enterprise EditionIntroduction to Java Enterprise Edition
Introduction to Java Enterprise EditionAbdalla Mahmoud
 
Introduction to jsf2
Introduction to jsf2Introduction to jsf2
Introduction to jsf2Rajiv Gupta
 
Overview of the AngularJS framework
Overview of the AngularJS framework Overview of the AngularJS framework
Overview of the AngularJS framework Yakov Fain
 
CBSE XII Database Concepts And MySQL Presentation
CBSE XII Database Concepts And MySQL PresentationCBSE XII Database Concepts And MySQL Presentation
CBSE XII Database Concepts And MySQL PresentationGuru Ji
 

Destaque (9)

Servlets
ServletsServlets
Servlets
 
IBM_Participation_4
IBM_Participation_4IBM_Participation_4
IBM_Participation_4
 
JavaServer Pages
JavaServer PagesJavaServer Pages
JavaServer Pages
 
Persistence
PersistencePersistence
Persistence
 
Introduction to Java Enterprise Edition
Introduction to Java Enterprise EditionIntroduction to Java Enterprise Edition
Introduction to Java Enterprise Edition
 
Introduction to jsf2
Introduction to jsf2Introduction to jsf2
Introduction to jsf2
 
Overview of the AngularJS framework
Overview of the AngularJS framework Overview of the AngularJS framework
Overview of the AngularJS framework
 
CBSE XII Database Concepts And MySQL Presentation
CBSE XII Database Concepts And MySQL PresentationCBSE XII Database Concepts And MySQL Presentation
CBSE XII Database Concepts And MySQL Presentation
 
eCertificate-JAVA-2
eCertificate-JAVA-2eCertificate-JAVA-2
eCertificate-JAVA-2
 

Semelhante a Java EE Services

Spring security4.x
Spring security4.xSpring security4.x
Spring security4.xZeeshan Khan
 
SpringBootCompleteBootcamp.pptx
SpringBootCompleteBootcamp.pptxSpringBootCompleteBootcamp.pptx
SpringBootCompleteBootcamp.pptxSUFYAN SATTAR
 
Meteor Meet-up San Diego December 2014
Meteor Meet-up San Diego December 2014Meteor Meet-up San Diego December 2014
Meteor Meet-up San Diego December 2014Lou Sacco
 
Java secure development part 3
Java secure development part 3Java secure development part 3
Java secure development part 3Rafel Ivgi
 
Oracle Human Capital Management Setup Document
Oracle Human Capital Management Setup DocumentOracle Human Capital Management Setup Document
Oracle Human Capital Management Setup DocumentRajendra Gudla
 
Jboss Exploit
Jboss ExploitJboss Exploit
Jboss Exploitdrkimsky
 
User id installation and configuration
User id installation and configurationUser id installation and configuration
User id installation and configurationAlberto Rivai
 
Spring security jwt tutorial toptal
Spring security jwt tutorial toptalSpring security jwt tutorial toptal
Spring security jwt tutorial toptaljbsysatm
 
Server side programming bt0083
Server side programming bt0083Server side programming bt0083
Server side programming bt0083Divyam Pateriya
 
LvivPy - Flask in details
LvivPy - Flask in detailsLvivPy - Flask in details
LvivPy - Flask in detailsMax Klymyshyn
 
Summer industrial trainingnew
Summer industrial trainingnewSummer industrial trainingnew
Summer industrial trainingnewVignesh Ramesh
 
Spring data jpa are used to develop spring applications
Spring data jpa are used to develop spring applicationsSpring data jpa are used to develop spring applications
Spring data jpa are used to develop spring applicationsmichaelaaron25322
 
Developing Dynamic PeopleSoft Field Security Applications:A PeopleSoft Develo...
Developing Dynamic PeopleSoft Field Security Applications:A PeopleSoft Develo...Developing Dynamic PeopleSoft Field Security Applications:A PeopleSoft Develo...
Developing Dynamic PeopleSoft Field Security Applications:A PeopleSoft Develo...guest96f6c68d
 
Introduction to ejb and struts framework
Introduction to ejb and struts frameworkIntroduction to ejb and struts framework
Introduction to ejb and struts frameworks4al_com
 
Building enterprise web applications with spring 3
Building enterprise web applications with spring 3Building enterprise web applications with spring 3
Building enterprise web applications with spring 3Abdelmonaim Remani
 

Semelhante a Java EE Services (20)

Oracle ADF Case Study
Oracle ADF Case StudyOracle ADF Case Study
Oracle ADF Case Study
 
Spring security4.x
Spring security4.xSpring security4.x
Spring security4.x
 
SpringBootCompleteBootcamp.pptx
SpringBootCompleteBootcamp.pptxSpringBootCompleteBootcamp.pptx
SpringBootCompleteBootcamp.pptx
 
Struts
StrutsStruts
Struts
 
Meteor Meet-up San Diego December 2014
Meteor Meet-up San Diego December 2014Meteor Meet-up San Diego December 2014
Meteor Meet-up San Diego December 2014
 
Java secure development part 3
Java secure development part 3Java secure development part 3
Java secure development part 3
 
Oracle Human Capital Management Setup Document
Oracle Human Capital Management Setup DocumentOracle Human Capital Management Setup Document
Oracle Human Capital Management Setup Document
 
Jboss Exploit
Jboss ExploitJboss Exploit
Jboss Exploit
 
Synopsis
SynopsisSynopsis
Synopsis
 
User id installation and configuration
User id installation and configurationUser id installation and configuration
User id installation and configuration
 
Spring security jwt tutorial toptal
Spring security jwt tutorial toptalSpring security jwt tutorial toptal
Spring security jwt tutorial toptal
 
Server side programming bt0083
Server side programming bt0083Server side programming bt0083
Server side programming bt0083
 
LvivPy - Flask in details
LvivPy - Flask in detailsLvivPy - Flask in details
LvivPy - Flask in details
 
20.1 creating functions_part_20.1
20.1 creating functions_part_20.120.1 creating functions_part_20.1
20.1 creating functions_part_20.1
 
Summer industrial trainingnew
Summer industrial trainingnewSummer industrial trainingnew
Summer industrial trainingnew
 
Sap basis and_security_administration
Sap basis and_security_administrationSap basis and_security_administration
Sap basis and_security_administration
 
Spring data jpa are used to develop spring applications
Spring data jpa are used to develop spring applicationsSpring data jpa are used to develop spring applications
Spring data jpa are used to develop spring applications
 
Developing Dynamic PeopleSoft Field Security Applications:A PeopleSoft Develo...
Developing Dynamic PeopleSoft Field Security Applications:A PeopleSoft Develo...Developing Dynamic PeopleSoft Field Security Applications:A PeopleSoft Develo...
Developing Dynamic PeopleSoft Field Security Applications:A PeopleSoft Develo...
 
Introduction to ejb and struts framework
Introduction to ejb and struts frameworkIntroduction to ejb and struts framework
Introduction to ejb and struts framework
 
Building enterprise web applications with spring 3
Building enterprise web applications with spring 3Building enterprise web applications with spring 3
Building enterprise web applications with spring 3
 

Último

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 

Último (20)

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 

Java EE Services

  • 1. Java EE Services 1 By: Abdalla Mahmoud . Contents Java EE Services ................................................................................. 1 Contents ........................................................................................... 1 1. Introduction ................................................................................... 3 2. Resource Management .................................................................... 3 2.1. Resource Pooling ....................................................................... 3 2.2. Activation/Deactivation Mechanism .............................................. 3 3. Java Naming and Directory Service ................................................... 3 4. Security Services ............................................................................ 4 4.1. Declarative Security .................................................................. 4 4.1. Defining a Security Domain ........................................................ 4 4.2.1. Business Components ............................................................. 5 4.2.2. Web Components ................................................................... 7 4.2.2.1. Login Page ....................................................................... 7 4.2.2.2. Error Page........................................................................ 7 4.2.2.3. Deployment Descriptor ...................................................... 8 4.2.2.4. JBoss-Specific Deployment Descriptor .................................. 8 5. Transaction Service......................................................................... 9 1. http://www.abdallamahmoud.com. 1
  • 2. 2
  • 3. 1. Introduction Java EE platform provides a mature environment for deploying enterprise components that are managed by the application server. The application is responsible for providing those components with common requirements needed in most enterprise applications. We are going to discuss some of the services provided by a typical Java EE applicaiton server. 2. Resource Management Resource management is the primary responsibility of the application server. It can manage thousands (and even millions) of objects and components without a great requirement of memory space! This is implemented by the application server using two main techniques: 2.1. Resource Pooling Resource pooling is a technique used to manage non client-specific components. A resource pool is a collection of many identical instances of the same class. When a client requests a reference to a component of a specific type, the application server returns a reference to any free component from its resource pool. The instance is reserved to the client as long as it uses it. Other clients will not get a reference to this instance and will get a reference to other instances from the instance pool until it get released. This technique can satisfies dozens of users simultaneously using a smaller number of instances, depending on the low probability of actual concurrent usage. If actual concurrent usage exceeded available instances, more instances are created and added to the pool, depending on the application server's implementation behavior. Stateless-session beans, message-driven beans, and data sources are managed using resource pooling technique. 2.2. Activation/Deactivation Mechanism Activation/Deactivation mechanism is a technique used to manage client-specific components. When a client requests a reference to a component of a specific type, the application server instantiates an object from the class and returns its reference to the client. The component is active in memory as long as the client actually uses it. If the client stopped using the component for a long period of time, the application server deactivates the component by serializing it in some persistent storage. Once the client get back using the component, the application server activates the component again by deserializing it again to the memory from the persistent storage and makes it active to resume interacting with the client. 3. Java Naming and Directory Service Resource naming is another primary responsibility of the application server. It provides an implementation to the Java Naming and Directory Service specification by Sun Microsystem, which is a system of a logical repository of names associated with references to different resources. Clients can access the service using the Java Naming and Directory Interface APIs (JNDI). 3
  • 4. 4. Security Services2 Security is a primary requirement in any application. It's another responsibility of the application server. Java EE uses declarative security model that can be used with Java EE components using some configurations. 4.1. Declarative Security Declarative security model introduces the concept of roles. A role is an abstract class of users. Users can be defined and associated with specific roles declaratively using configuraiton files. Services in Java EE components can be declared to be accessible only for some roles. Users should login first before using secured services. The following sections show how can we use security services using JBoss application server for both, business and web components. 4.1. Defining a Security Domain A security domain is a collection of security configurations assigned a specific name. Security domains can be defined by adding XML elements to the file C:jbossserverdefaultconflogin.config.xml as follows: file: C:jbossserverdefaultconflogin.config.xml ... <application-policy name ="foo"> <authentication> <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required"> <module-option name="usersProperties"> props/foo-users.properties </module-option> <module-option name="rolesProperties"> props/foo-roles.properties </module-option> </login-module> </authentication> </application-policy> ... </policy> Users are defined in C:jbossserverdefaultconfpropsfoo-users.properties. It's a user per-line file. Each line consist of the username followed by = and its password. 2. All written examples use JBoss-specific features. 4
  • 5. file: C:jbossserverdefaultconfpropsfoo-users.properties abdalla=abdallapass ahmed=ahmedpass Roles are defined in C:jbossserverdefaultconfpropsfoo-roles.properties. It's a user/role per-line file. Each line consist of the username followed by = and its associated roles. file: C:jbossserverdefaultconfpropsfoo-roles.properties abdalla=admin ahmed=employee 4.2.1. Business Components Securing a business component is simple and straightforward. Here is a sample business component before and after securing: Before Securing file: mypackMyEJB.java package mypack ; import javax.ejb.* ; @Stateless public class MyEJB implements MyEJBRemote { public void foo() { System.out.println("foo() invoked.") ; } public void protectedMethod() { System.out.prtinln("protectedMethod() invoked!") ; } public void protectedMethod2() { System.out.prtinln("protectedMethod() invoked!") ; } } After Securing file: mypackMyEJB.java package mypack ; 5
  • 6. import javax.ejb.* ; import javax.annotation.security.* ; import org.jboss.ejb3.annotation.SecurityDomain; @Stateless @SecurityDomain ("foo") public class MyEJB implements MyEJBRemote { public void foo() { System.out.println("foo() invoked.") ; } @RolesAllowed({"admin"}) public void protectedAdmin() { System.out.prtinln("protectedAdmin() invoked!") ; } @RolesAllowed({"employee"}) public void protectedEmployee() { System.out.prtinln("protectedEmployee() invoked!") ; } } Remote clients should login first before using the component, as follows: file: Client.java import javax.naming.* ; import mypack.MyEJBRemote ; import org.jboss.security.client.* ; public class Client { public static void main(String[] args) throws Exception{ SecurityClient client = SecurityClientFactory.getSecurityClient(); client.setSimple("abdalla", "abdallapass"); client.login(); InitialContext ctx = new InitialContext() ; MyEJBRemote r = (MyEJBRemote) ctx.lookup("MyEJB/remote") ; r.doAdmin() ; } } 6
  • 7. 4.2.2. Web Components Securing web components requires a login and error page, with additional declarations in the web.xml file. Here is a sample web application of two web components (protectedPage1.jsp, protectedPage2.jsp) before and after securing: 4.2.2.1. Login Page file: login.html <html> <head> <title>Login Page</title> </head> <body> <font size='5' color='blue'>Please Login</font><hr> <form action='j_security_check' method='post'> Name: <input type='text' name='j_username'> Password: <input type='password' name='j_password' size='8'/> <input type='submit' value='login'> </form> </body> </html> 4.2.2.2. Error Page file: error.html <html> <head> <title>Error!</title> </head> <body> <font size='4' color='red'> The username and password you supplied are not valid. </font> Click <a href='/webapp/login.html'>here</a> to retry login. </body> </html> 7
  • 8. 4.2.2.3. Deployment Descriptor file: WEB-INFweb.xml <?xml version="1.0" encoding="UTF-8"?> <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/ xml/ns/javaee/web-app_2_5.xsd"> <!-- Defines a security constraint element --> <security-constraint> <web-resource-collection> <web-resource-name>A Protected Page</web-resource-name> <url-pattern>/protected-page.jsp</url-pattern> <url-pattern>/protected-page2.jsp</url-pattern> </web-resource-collection> <auth-constraint> <role-name>admin</role-name> </auth-constraint> </security-constraint> <!-- Defines the login mechanism --> <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/login.html</form-login-page> <form-error-page>/error.jsp</form-error-page> </form-login-config> </login-config> <security-role> <role-name>admin</role-name> </security-role> </web-app> 4.2.2.4. JBoss-Specific Deployment Descriptor The JBoss-specific deployment descriptor is used to specify's JBoss-specific configurations for the web applicaiton. It's located in WEB-INF/jboss-web.xml. We will add this file to declare the security domain associated with this web applicaiton. 8
  • 9. file: WEB-INF/jboss-web.xml <?xml version="1.0" encoding="UTF-8"?> <jboss-web> <security-domain>java:/jaas/foo</security-domain> </jboss-web> 5. Transaction Service Transactions are required in most enterprise applications. A transaction is an atomic operation that should be performed completely. Some operations may fail to complete for some reasons, most common is exceptions. Operation may have affected state before the exception occurs, which puts the system in an illegal state. The solution is to undo all changes made in the period between starting the operation and the exception occurrence. Fortunately, all business operations are invoked within the scope of a transaction initiated by the application server. If the invocation could not be completed for a reason or another, all state manipulations will be rolled back. 9