2. Agenda
What are the problems in managing state?
How do they manifest themselves?
Why is managing state so difficult?
How would you solve them on your own?
How could a framework help?
What is Seam?
How does Seam manage state?
How does Seam compare to other stateful frameworks?
What is seam-gen?
3. What is conversational state?
State is the data involved at any point during process
execution.
Think of instance variables storing data over different instance
method calls.
Some processes cannot exist in a single request/
response lifecycle, but need to be thought of as a
conversation.
A process is either stateful or not!
Some occur over a period of time, or take a while to complete.
Some cannot be completed in just one step.
Some involve complex interactions with other pieces of the
system.
4. How Healthy Is Your State Management?
Ever had problems with...?
The back button
New browser windows or tabs
General data inconsistencies
Stale data in pageflows
Database
Logs
6. Session Bloat
HttpSession attributes are an easy way to store state
data between requests
There is no mechanism to clean data from the Session
Early in development, this may not be a problem.
Late in development, this will be a problem!
7. Concurrency Issues
Conflicts over editing objects, session attributes, etc.
Think of two clients trying to edit the same object
concurrently, e.g. Version Control
AJAX finer-grained requests can cause more problems
8. The Redundant Posts Problem
Consider a client issuing multiple posts
Common DoS vulnerability
Javascript form.submit() from an onclick event handler
Clicking the “Back” and resubmitting a form
What if this submitted a payment? Is it ever acceptable
to submit redundant payments?
9. The Multiple Browser Windows Problem
Using session scoped attributes to store state between
requests is dangerous
A new browser window hijack the state of the previous
browser window
Two browser windows doing different things with the
same session attribute is bad!
10. Treating the symptoms vs. Curing the disease
Some of our treatment options are useful, but can’t we
get a little help from a framework?
Problem space is purely technical in nature
Time spent solving these problems is NOT time well-
spent to a paying business customer
Any proactive approach will pay for itself in savings later
Worst case, you can’t use a framework to help you –
let’s explore treatment options
11. Treating Session Bloat
Without proper state management, most applications
develop session bloat.
Hard to replicate/reproduce – even harder to solve
Only option is to reduce the session’s size
Really points to a lack of conversation
12. Treating Concurrency Problems
Clients’ changes conflict – which one wins?
Higher probability of conflict when transactions span
multiple requests
Follow Martin Fowler’s Offline-Locking Patterns
Pessimistic Offline-Locking – Lock/Wait
Assumes conflicts are common
Not desirable from a performance perspective!
Optimistic Offline-Locking – Copy, Edit, Merge
Assumes conflicts are rare
More conflicts = more merges
User experience tradeoff
13. Treating Redundant Posts
Javascript solutions are not the way to go!
Use the Synchronizer Token pattern
For sensitive data submission, use the Redirect After
Post pattern
Can’t return a 200/OK -- the browser will cache the Post!
14. Treating Multiple Window Heartburn
We need the concept of a workspace
Organizes tasks and what data they are operating on
Prefix or suffix on session attributes
State machine to tell which actions are valid
This is not easy to implement on your own!
15. Why are these problems so hard to solve?
The technologies we use were not designed to handle
stateful web applications
HTTP is a connectionless, stateless protocol
Session IDs/Cookies
Large numbers of clients arriving/leaving unexpectedly
The browser navigation model aggravates concurrency and
synchronization issues
AJAX techniques make state management harder
Most MVC frameworks don’t address these problems
The diagnosis – current frameworks lack features to
manage conversational state
16. Where do we need a framework’s help?
The concept of a conversation.
Scopes conversational state rather than storing state in session
attributes
Provides more transaction-oriented features like freeing
resources when complete
Managing pageflows
Handling starting new conversations when:
A conversation doesn’t exist
A new browser window opens
17. Seam Cures State Management Problems!
What is it?
Java EE 5 “Meta” framework
Gavin King’s new brainchild
Stitches together new Java EE 5 Specs
JSR 127 - JSF
Sychronizer Token is baked in
You can specify a redirect on a JSF Navigation Rule
JSR 220 - EJB 3.0
Makes development much easier
Seam gives you constructs to properly manage state
“out of the box”
Takes heed of lightweight principles
18. Seam’s Approach
Seam exposes a richer context model
Two more contexts added to Servlet API contexts
Seam Components
Annotated POJO that encapsulates state data
Have a specific lifetime by binding to a context
Seam Conversation Context
@Name(“payment”)
@Scope(CONVERSATION)
context Payment“payment”
variable
float amount
#{payment.amount}
Seam Component
19. Seam Components
Add a few Seam annotations to your POJO
You have a Seam component!
Access it in JSF
Use it in jBPM
Bind it to a context
PDF/Email generation
Use EJB3/JPA annotations on your POJO
Or write your own!
Atomic unit for state management
20. Let’s take a peek at a Seam component
... and jump over to Eclipse
21. Uniform, POJO Based Component Model
Container Managed Services
Transaction/security management
Persistence Context management
Annotated POJOs
Inherently unit testable/injectable
No need for separate domain/presentation components
Annotations!
Minimize XML configuration
No JSF Managed Beans!
“Configuration by exception”
Clean DI metadata
Drastically reduces the amount of configuration overhead
22. Bind Components to Contexts
@Scope binds your component to a context
Method level annotations control your process
@Begin starts a process (conversation, process)
@End ends process associated with the current
thread
23. Seam Contexts
(Stateless)
Event
Page
Conversation
Context Search Order
Session
Business process
Application
24. Seam’s Conversation Context
Melding of three concepts/scenarios:
Implementing the idea of a “workspace” in Struts
“Application Transaction with Optimistic Semantics”
Providing a construct for executing a “workflow task”
Abstracts the difficulty in managing state
Provides more powerful mechanisms than simple “get/
set”
Integration of JSF and jBPM event handling mechanisms
“Bijection” of components (more in a minute)
25. Conversations, continued
Most useful for tasks that span multiple requests
Each request is bound to a temporary conversation
When spanning multiple requests, a conversation is
“promoted” to long-running with @Begin
Each conversation executes serially as its requests arrive
Use a SFSB and bind to conversation scope
Conversations may be nested
Discrete life span (will timeout)
Configuration change can store state on the client side
26. Keeping track of conversations
You’ll notice a cid request parameter
Seam tacks this on and keeps track of it
Needed to implement workspace functionality
Allows for conversations happening in different tabs/
windows to work in isolation
Helps Seam handle starting, stalling, restarting, nesting
any long-running conversation
27. Bijection
Dependency injection works great for stateless
components, but Seam focuses on stateful components
Essentially we need an aliasing mechanism from context
variables to instance variables on components
Wires components together
Dramatically cleans your action code
No more getAttribute() calls at the beginning
No more setAttribute() calls at the end
28. Bijection
Seam’s bijection allows stateful components to be:
Contextual - wider contexts can reach into narrower contexts to
assemble stateful components
Bidirectional
Context variables can be injected into component instance
variables
You can “outject” your instance variables back into context
variables
Dynamic - occurs on every invocation of a component!
Just remember two annotations: @In and @Out
29. Hey! You forgot about Concurrency!
Conversations run serially per request
Optimistic Locking is pretty trivial to add with Seam
This isn’t really a Seam feature, it’s a JPA feature
Add @Version or @Timestamp to a property on your
component that needs concurrent access
If someone changes it “underneath” you (ticks the
timestamp or version column in the database) then a
OptimisticLockException is thrown.
Catch and direct to an appropriate “merge” page.
You can add optimistic locking easily to any EJB
managed transaction as well.
30. Comparisons to other WASM frameworks
BEA/Beehive Pageflow Controllers
Current state of the pageflow lives in a session attribute
Only one can be active at a time (no multiple browser support!)
Can be nested, but rules are different
Can be “longLived”, but lives the full length of your session
Spring Pageflow
Only true rival to Seam in terms of conversational state
management
Planned to be a plug-in integration to Struts 2.0/Spring MVC
Other frameworks assume you know all of this stuff, and
how to handle it the right way on your own!
Seam guides you toward proper usage
31. Other Features
We’ve only seen the tip of the iceberg
EL/Annotations are a powerful 1-2 combo!
JSF Presentation
iText PDF Generation
Email Templates
Log Statements
jBPM - Business Process
jPDL - Pageflow
AJAX/Remoting Layer
Security
Lots of cool integration work still going on
Support on major application servers
32. Extras
Helpful Links
Seam Wiki Home - http://wiki.jboss.org/wiki/Wiki.jsp?page=JBossSeam
Seam Home - http://www.jboss.com/products/seam
Seam Docs - http://docs.jboss.com/seam/latest/reference/en/html/index.html
Seam Forum - http://jboss.com/index.html?module=bb&op=viewforum&f=231
JPA - http://www.hibernate.org/hib_docs/annotations/reference/en/html/entity.html
References and Further Reading
Synchronizer Token -
http://www.javaworld.com/javaworld/javatips/jw-javatip136.html
Redirect After Post -
http://www.theserverside.com/tt/articles/article.tss?l=RedirectAfterPost
Optimistic Offline Lock -
http://www.martinfowler.com/eaaCatalog/optimisticOfflineLock.html
Pessimistic Offline Lock -
http://www.martinfowler.com/eaaCatalog/pessimisticOfflineLock.html