Optimize with a SATA RAID Storage Solution
Range of capacities as low as $1250 per TB. Ideal if you currently rely on servers/disks/JBODs
Sun Microsystems invented the servlet before the other J2EE components with the intent of providing a high-performance alternative to the then ubiquitous CGI script. After the servlet came Enterprise JavaBeans (EJB) and Java Message Service (JMS), then JavaServer Pages (JSP). And eventually the Web application was formed in the shape of a WAR (Web Archive) file. This specialized JAR (Java Archive) constitutes a complete application with static and dynamic content, supporting libraries, and configuration settings. After deployment, the server adds container services, such as endpoints, security, and pooling, allowing the application to operate independently.
Enter J2EE and the EAR (Enterprise Archive) file, a bundle of deployment units wired together to form an enterprise application. The J2EE specification gives directions as to how individual components interact with respect to naming, security, transactions, and the like. Yet, while much work has been put into the individual J2EE component specifications, less attention has been given to providing services across component types. One missing facility is a user session that spans components from Web applications and J2EE clients to EJB components.
Often, application developers need such a facility when implementing other services not currently specified by J2EE. An application, for instance, that needs to provide a security audit mechanism would benefit from having an application-specific user identity ready at hand. Along the same lines, a custom security service implementing instance-based authorization could cache a set of dynamically granted roles in the session and require these as a parameter when performing programmatic security checks.
Figure 1 illustrates how different component types could need access to a shared session, in this case, containing user and role information.
Figure 1. The need for an enterprise-wide session
Authorization and audit are examples of services that cut across components and therefore must be made available to business logic, standalone clients, and Web applications alike. This article provides a possible session implementation that spans these three component types by utilizing a range of tools in tandem with existing J2EE infrastructure.
You will find all the code needed to provide the enterprise-wide session in Resources, along with a sample J2EE application that uses it. All source code has been extracted from a larger open source framework named Rampart, developed for Copenhagen County, Denmark. The entire framework should be available for download during 2005.
With the plethora of free frameworks, design patterns, and best practices around, there are numerous ways to design J2EE applications these days. For each tier, you have an abundance of options: should you choose JavaServer Faces or Velocity over Struts, employ a full-fledged EJB layer, or go with a lightweight IOC (Inversion of Control) container such as Pico or Spring? Would it be better to structure EIS (enterprise information system) access around Java Data Objects or Hibernate, or fall back to plain SQL with Java Database Connectivity? Whatever your choices, any extension to your application's overall architecture must fit with the constraints posed by the other frameworks you employ.
|Forum migration complete By Athen|
|Forum migration update By Athen|
|Create an application-wide user session for J2EE By JavaWorld|
|How to make it work via JMS By|