SlideShare ist ein Scribd-Unternehmen logo

Building Enterprise Apps with Spring 3.0

Als PPTX, PDF herunterladen
Abdelmonaim Remani
Abdelmonaim Remani

This document provides an overview of the Spring 3.0 and Spring MVC frameworks. It discusses how Spring can be used to build complex enterprise applications using techniques like inversion of control and dependency injection. It also summarizes the core Spring modules like Spring Core, Spring AOP, and Spring Security. Finally, it outlines an example address book application that could be built with Spring to demonstrate concepts like the model-view-controller pattern and RESTful web services.

Technologie
1 von 81
Building Enterprise Web Applications with Spring 3.0 and Spring 3.0 MVC  JavaOne 2010 By AbdelmonaimRemani abdelmonaim.remani@gmail.com
Creative Commons Attribution-NonCommercial 3.0 Unported http://creativecommons.org/licenses/by-nc/3.0/ License
Software Engineer at Overstock.com Particularly interested in technology evangelism and enterprise software development and architecture President and Founder of a number of organizations The Chico Java User Group The Chico Flex User Group, The Chico Google Technology User Group. LinkedIn http://www.linkedin.com/in/polymathiccoder Twitter http://twitter.com/polymathiccoder Who Am I?
Warning This presentation is very long and covers a lot of material
Introduction
Complex In terms of requirements Functional Non-Functional Execution Performance Reliability Security Evolution Testability Maintainability Extendibility Scalability (Horizontal and Vertical) Enterprise Application Software (EAS)
In the words of Edsger W. Dijkstra: […] The Separation of Concerns […] is yet the only available technique for effective ordering of one’s thoughts […] Artificially Reducing complexity by means of Abstraction Specific Choices of abstraction Produces a architectures Enterprise Application Software (EAS)
The Architecture Layered / N-Tiered Presentation Layer Web Layer Service Layer Persistence Layer Aspects Middleware Other Modern Enterprise Application
A Framework is an architecture A well-defined structure to solve a problem A pre-existing hierarchy to be extended Library Framework vs. Library Invoking vs. being invoked Generic vs. specific Tools Compiler, debugger, etc… Scaffolding and other utilities Etc… Frameworks
Heavyweight vs. Lightweight The need for a platform or a stack (JEE as example) The ability to load in-demand necessary components The memory footprint The build size Deployment ease Etc… Frameworks
The Spring Framework
Application Framework Java Other implementations are available (Spring .NET) Open-Source Lightweight Non-Invasive (POJO Based) Extendible A platform with well-defined extension points for other frameworks By Rod Johnson Expert One-on-One J2EE Design and Development, 2002 J2EE without EJB, 2004 Became the De facto standard of Java Enterprise Applications What is Spring?
20 Modules Spring Source: Spring 3.0.x Framework Reference http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html
Wrappers for most popular frameworks Allowing injection of dependencies into standard implementation Struts JSF Apache Tapestry Etc… Full Integration with the JEE stack Libraries
The Address Book
The Address Book from polymathic-coder.com A web application for Contact management The Address Book
Details: As a user I should be able to view, add, delete, and edit personal contacts data on my address book including: First Name Last Name Email Phone Number Image Primary Actors: Regular user / Administrator Assumptions: The user is authenticated and has proper privileges to access the Contact Management Area Access is granted both through the web interface and a RESTful API Functional RequirementsUse Case 1 - Contact Management
Business Rules A First Names are required Phone Numbers must be valid US phone numbers Emails must be valid Functional RequirementsUse Case 1 - Contact Management
Details: As an administrator I should be able to view, add, delete, and edit the user data including: Username Password Role (Regular or Administrator) Whether the account is enabled or not Email Primary Actors: Administrator Assumptions: The user is authenticated and has proper privileges to access the User Administration Area Access is granted through the web interface Functional RequirementsUse Case 2 - User Management
Business Rules Username is required and must be unique Passwords must be complex (The should contains at least 1 lowercase letter, 1 uppercase letter, 1 digit, and 1 special character) Emails must be valid An email must be sent to the newly created user Functional RequirementsUse Case 2 - User Management
Details: As an administrator I should be able to view audit and health check reports Primary Actors: Administrator Assumptions: The user is authenticated and has proper privileges to access the Reporting Area Access is granted through the web interface The reports are periodically generated by the system Functional RequirementsUse Case 3 - Reporting
RBAC (Role-based access control) Authentication Form-based Http Basic Authorization Security Roles Regular User Access to personal contact management area Administrators Access to personal contact management area Access to user administration area Access to reporting area Access Control No Rules Transport Security Not required Non-Functional Requirements Security
Spring Core
The problem: Acquiring Resources via Instantiation of a concrete class Using a static method of a singleton factory Using a Directory Services API that allows for discovery and lookup (JNDI for example) Etc.. Creates hard dependencies Coupled code is hard to reuse (DRYness) Painful Unit Testing Inversion of Control
The Solution: Coding against Interfaces Inversion of Control: Dependency Injection Reflectively supply external dependency at runtime The Hollywood principle: “Don’t call us, we’ll call you” Wait a minute this a lot of work! Spring to the rescue Inversion of Control
Container  POJO Configuration Metadata XML-Based Annotation-Based Java-based Spring Core Source: Spring 3.0.x Framework Reference http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html
JSR 330 – Dependency Injection for Java JSR 330 @Inject @Named Spring Annotations @Autowire @Qualifier JSR 250 -  Common Annotations javax.annotation JSR 299 – Contexts and Dependency Injection Scopes and contexts: javax.context Dependency injection service: javax.inject Framework integration SPI: javax.inject.manager Event notification service: javax.event
Used to mark a class that fulfills a role or a stereotype Stereotyped classes can be automatically detected Spring Stereotypes @Component @Repository @Service @Controller Stereotypical Spring
Domain Model
Domain Model
A model of the “concepts” involved in the system and their relationships Anemic Domain Model POJOs (Plain Old Java Objects) or VOs (Value Objects) Clear separation between logic and data Parallel object hierarchies are evil Metadata is interpreted depending on the context as the object moves across the layers of the application Object-Relational mapping to persistent entities Validation Marshaling / Un-marshaling Etc… Domain Model
Ensuring the correctness of data based on a set predefined rules JSR 303 - Bean Validation Source: Hibernate Validator Reference Guide 4.1.0.Final http://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/
javax.validation Reference Implementation: Hibernate Validator JSR 303 - Bean Validation Source: Hibernate Validator Reference Guide 4.1.0.Final http://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/
Instantiation (Items 1 & 2 of Josh Bloch’s Effective Java) Static Factories Telescoping Provide builders Override the default implementations of hashCode(), toString(), and equals(Object) methods Use Pojomatic at http://pojomatic.sourceforge.net/ Be aware of any circular dependency in your model Versioning @Version of JSR 317 – JPA 2.0 Domain Model
Persistence Layer
A logical encapsulation of classes and interfaces whose responsibilities fall within the scope of: Create, Read, Update, and Delete (CRUD) operations on persistence storage mechanisms such as file systems and Database Management Systems (DBMS) Interacting with Message-Oriented Middleware (MOM) infrastructures or Message Transfer Agents (MTA) such as JMS or mail servers Persistence Layer
javax.persistence Reference Implementation EclipseLink Primer A persistence entity is a POJO whose state is persisted to a table in a relational database according to predefined ORM metadata An entity is managed by an Entity Manager Do we still need a Persistence Layer? Highlights Support for JSR 303 validation JSR 317 – JPA 2.0
Beans Stereotyped with @Repository Enables exception translation to a consistent exception hierarchy Run-time exceptions and do not have to be declared or caught Use JPA annotations to inject EntityManager and EntityManagerFactory @PersistenceContext @PersistenceUnit Follow a convention (I suggest CRUD) Declaring transaction semantics @Transactional Spring Data Access / Integration
Java Mail API javax.mail Spring Helpers for various Templating Engines Velocity FreeMarker Spring Data Access / Integration
Testing JUnit Take advantage of what JUnit 4.7 has to offer (Explore Theories, Rules, Etc…) Libraries DbUnithttp://www.dbunit.org/ Dumpster http://quintanasoft.com/dumbster/ Consider HADES http://redmine.synyx.org/projects/show/hades Persistence Layer
Service Layer
A logical encapsulation of classes and interfaces that provide the system functionality consolidating Units of work. Service layer classes should be: Transactional Stateless Beans Stereotyped with @Service Follow a convention (I suggest VADER) Service Layer
Web Layer
A logical encapsulation of classes and interfaces whose responsibilities fall within the scope of: Navigational logic Rendering page views in the proper order As simple as mapping a single URL to a single page As complex as a full work flow engine Web concerns (Request variables, session variables, HTTP methods, HTTP response codes, Etc…) should be separated from business logic Web Layer
Two types of Web Frameworks Request / Response Web Frameworks Wrap the Servlet API Adopt push model Compile result Push it out to be rendered in a view Struts, Spring MVC, Etc… Component Web Frameworks Dot only hide the Servlet API Event-driven component JSF, Tapestry, Etc… Web Layer
Spring MVC
Request / Response Web Frameworks A Front Controller Pattern One Dispatcher servlet Application Contexts Application Context Web Application Context Spring MVC
The promise Non-invasiveness Fully annotation-driven No extension of framework classes No overriding methods Controllers Beans (Spring Managed-POJOs) Stereotyped with @Controller Spring MVC - Controllers
Mapping Rules @RequestMapping By Path HTTP method Query Parameters Request Headers Spring MVC - Controllers
Handler Methods Parameters are request inputs Request data @RequestParam @PathVariable @RequestHeader @CookieValue Command Objects (Domain Objects) Injection of standard objects Automatic Type Conversion Custom Type Conversion JSR 303 Support @Valid Exposing reference data to the views @ModelAttribute Spring MVC - Controllers
RESTfulSpring MVC 3.0
Representational State Transfer Architectural Style Identifiable Resources Everything is a resource accessible URI Uniform Interface based on HTTP methods GET /contacts reads all contacts GET /contacts/1 reads the contact whose id is 1 POST /contacts creates a contact PUT /contacts/1 updates the contact whose id is 1 DELETE /contacts/1 deletes the contact whose id is 1 RESTful Architecture
Architectural Style Resource Representations Multiple data representation (MIME types) can be specified Request Accept HTTP header field or file extension Response Content-Type HTTP header field Stateless Conversion No session Scalable Loosely coupled RESTful Architecture
Annotations @RequestMapping @PathVariable @RequestBody @ResponceBody Spring OXM (Object-XML Mapping) Marshaling / Unmarshaling RESTful Spring
Presentation Layer
“Deciding to use Velocity or XSLT in place of an existing JSP is primarily a matter of configuration” Spring 3.0 Documentation View technologies JSP & JSTL Tiles Velocity FreeMarker XSLT JasperReports Etc… Spring MVC - Views
Views are rendered based on handler methods return @ResponseBody or ResponseEntity<T> Many HttpMessageConverters StringHttpMessageConverter Jaxb2RootElementHttpMessageConverter MappingJacksonHttpMessageConverter AtomFeed/RssChannelHttpMessageConverter Etc… Register your own String View Resolver and a View Spring MVC - Views
View Resolvers InternalResourceViewResolver ContentNegotiatingViewResolver BeanNameViewResolver JasperReportsViewResolver TilesViewResolver Etc… Spring MVC - Views
JSP & JSTL Spring Tag Library Spring Form Tag Library Refer to spring-form.tld Themes Overall look-and-feel of your application A collection of style sheets and images <spring:theme /> Theme resolvers I18N Spring MVC - Views
Spring Web Flow For Web Application that are More dynamic Non-linear without arbitrary end points Spring Portlet MVC A JSR 168 compliant Portlet environnent Large web application composed with subcomponents on the same web page Spring MVC Complements
Aspects
Spring AOP
OOP creates a hierarchical object model by nature Cross cutting concerns Are not necessarily a part of the application logic Occur across the object hierarchy in unrelated parts Examples Logging Security Transaction management Etc… Aspect-Oriented Programming
The Problem Code Tangling No Cohesion Code Scattering Not DRY The Solution Aspect Oriented Programming AspectJ Modulation of Aspects and weaving into the application code Aspect Oriented Programming
Spring AOP Java based AOP Framework Built on top of AspectJ Interception based Spring APO
Joint Point A point in the execution of the program Point Cut An expression that selects one or more joint point AspectJ Expression Language Advice The code to be weaved at a joint point Aspect Point Cut + Advice AOP Terminology
Annotations Before AfterReturning AfterThrowing After Around Types of Advices
Spring Security
Authentication the verification of the user identity Authorization Permissions granted to the identified user Access Control By arbitrary conditions that may depend to Attributes of clients Temporal and Local Condition Human User Detection Other Channel or Transport Security Encryption Security Terminology
Realm A Defined the authentication policy User A defined individual in the Application Server Group A defined classification of users by common traits in the Application Server. Role An abstract name of the permissions to access a particular set of resources in an application Security Terminology
Spring Security JAAS (Java Authentication and Authorization Service) jGuard Apache Shiro Available Frameworks
Security is your responsibility Features: It is not the standard No class loader authorization capabilities Simple configuration Portable across containers Customizable and extendable Pluggable authentication and web request URI security Support method interception, Single Sign-On, and Swing clients Spring Security
Authentication Form-Based Basic Digest LDAP NTLM (NT LAN Manager) SSO (Single Sign-On) JA-SIG CAS Open ID Atlassian Crowd SiteMinder X.509 Authentication
Mechanisms Interact with the user Providers Check credentials Bundles details in a Thread Local security context holder Repositories Store roles and profile info In Memory JDBC LDAP Etc… Authentication
Web Authorization URL-Based Which URL patterns and HTTP methods are allowed to be accessed by which role Method Authorization Reusable Protocol Agnostic Uses AOP Annotations Support JSR 250 Spring @Secured Spring Security EL Authorization
Other
Job Scheduling Bulk Processing Integration Etc… Other
If you are interested in The full-source code of the Address Book Application A Step-By-Step tutorial Possibly a screen cast Go to http://bit.ly/ad4VGh Support Material
The Silicon Valley Spring User Group http://www.meetup.com/sv-sug
Q & A
Thank You!

Empfohlen

How RESTful Is Your REST?
How RESTful Is Your REST?How RESTful Is Your REST?
How RESTful Is Your REST?Abdelmonaim Remani
 
Introduction To Building Enterprise Web Application With Spring Mvc
Introduction To Building Enterprise Web Application With Spring MvcIntroduction To Building Enterprise Web Application With Spring Mvc
Introduction To Building Enterprise Web Application With Spring MvcAbdelmonaim Remani
 
Rest web service
Rest web serviceRest web service
Rest web serviceHamid Ghorbani
 
Spring aop
Spring aopSpring aop
Spring aopHamid Ghorbani
 
Exploring Maven SVN GIT
Exploring Maven SVN GITExploring Maven SVN GIT
Exploring Maven SVN GITPeople Strategists
 
J2ee seminar
J2ee seminarJ2ee seminar
J2ee seminarSahil Kukreja
 
Hibernate notes
Hibernate notesHibernate notes
Hibernate notesRajeev Uppala
 
Introduction to Ibatis by Rohit
Introduction to Ibatis by RohitIntroduction to Ibatis by Rohit
Introduction to Ibatis by RohitRohit Prabhakar
 

Empfohlen

How RESTful Is Your REST?
How RESTful Is Your REST?How RESTful Is Your REST?
How RESTful Is Your REST?Abdelmonaim Remani
 
Introduction To Building Enterprise Web Application With Spring Mvc
Introduction To Building Enterprise Web Application With Spring MvcIntroduction To Building Enterprise Web Application With Spring Mvc
Introduction To Building Enterprise Web Application With Spring MvcAbdelmonaim Remani
 
Rest web service
Rest web serviceRest web service
Rest web serviceHamid Ghorbani
 
Spring aop
Spring aopSpring aop
Spring aopHamid Ghorbani
 
Exploring Maven SVN GIT
Exploring Maven SVN GITExploring Maven SVN GIT
Exploring Maven SVN GITPeople Strategists
 
J2ee seminar
J2ee seminarJ2ee seminar
J2ee seminarSahil Kukreja
 
Hibernate notes
Hibernate notesHibernate notes
Hibernate notesRajeev Uppala
 
Introduction to Ibatis by Rohit
Introduction to Ibatis by RohitIntroduction to Ibatis by Rohit
Introduction to Ibatis by RohitRohit Prabhakar
 
Hibernate Advance Interview Questions
Hibernate Advance Interview QuestionsHibernate Advance Interview Questions
Hibernate Advance Interview QuestionsRudra Garnaik, PMI-ACP®
 
Java j2ee interview_questions
Java j2ee interview_questionsJava j2ee interview_questions
Java j2ee interview_questionsppratik86
 
J2ee
J2eeJ2ee
J2eeShaharyar khan
 
J2EE Architecture Explained
J2EE Architecture ExplainedJ2EE Architecture Explained
J2EE Architecture ExplainedAdarsh Kr Sinha
 
Dh2 Apps Training Part2
Dh2 Apps Training Part2Dh2 Apps Training Part2
Dh2 Apps Training Part2jamram82
 
Devoid Web Application From SQL Injection Attack
Devoid Web Application From SQL Injection AttackDevoid Web Application From SQL Injection Attack
Devoid Web Application From SQL Injection AttackIJRESJOURNAL
 
J2ee architecture
J2ee architectureJ2ee architecture
J2ee architectureErencan Özkan
 
Innovate2011 Keys to Building OSLC Integrations
Innovate2011 Keys to Building OSLC IntegrationsInnovate2011 Keys to Building OSLC Integrations
Innovate2011 Keys to Building OSLC IntegrationsSteve Speicher
 
Complete java syllabus 7448062045 Yesdo Sddd
Complete java syllabus 7448062045 Yesdo SdddComplete java syllabus 7448062045 Yesdo Sddd
Complete java syllabus 7448062045 Yesdo SdddYesdo Softindia Pvt Ltd
 
Unit 1st and 3rd notes of java
Unit 1st and 3rd notes of javaUnit 1st and 3rd notes of java
Unit 1st and 3rd notes of javaNiraj Bharambe
 
Lecture 8 Enterprise Java Beans (EJB)
Lecture 8 Enterprise Java Beans (EJB)Lecture 8 Enterprise Java Beans (EJB)
Lecture 8 Enterprise Java Beans (EJB)Fahad Golra
 
J2EE Introduction
J2EE IntroductionJ2EE Introduction
J2EE IntroductionPatroklos Papapetrou (Pat)
 
Hibernate complete notes_by_sekhar_sir_javabynatara_j
Hibernate complete notes_by_sekhar_sir_javabynatara_jHibernate complete notes_by_sekhar_sir_javabynatara_j
Hibernate complete notes_by_sekhar_sir_javabynatara_jSatya Johnny
 
AMF Testing Made Easy! DeepSec 2012
AMF Testing Made Easy! DeepSec 2012AMF Testing Made Easy! DeepSec 2012
AMF Testing Made Easy! DeepSec 2012Luca Carettoni
 
Java J2EE
Java J2EEJava J2EE
Java J2EESandeep Rawat
 
Spring User Guide
Spring User GuideSpring User Guide
Spring User GuideMuthuselvam RS
 
Best Practices for JSF, Gameduell 2013
Best Practices for JSF, Gameduell 2013Best Practices for JSF, Gameduell 2013
Best Practices for JSF, Gameduell 2013Edward Burns
 
Spring Framework Rohit
Spring Framework RohitSpring Framework Rohit
Spring Framework RohitRohit Prabhakar
 
Security Issues in HTML 5
Security Issues in HTML 5Security Issues in HTML 5
Security Issues in HTML 5Wasif Altaf
 
Core java interview questions
Core java interview questionsCore java interview questions
Core java interview questionsRohit Singh
 
Yii Framework Security
Yii Framework SecurityYii Framework Security
Yii Framework SecurityIlko Kacharov
 
Java J2EE Interview Question Part 2
Java J2EE Interview Question Part 2Java J2EE Interview Question Part 2
Java J2EE Interview Question Part 2Mindsmapped Consulting
 

Weitere ähnliche Inhalte

Was ist angesagt?

Java j2ee interview_questions
Java j2ee interview_questionsJava j2ee interview_questions
Java j2ee interview_questionsppratik86
 
J2EE Architecture Explained
J2EE Architecture ExplainedJ2EE Architecture Explained
J2EE Architecture ExplainedAdarsh Kr Sinha
 
Dh2 Apps Training Part2
Dh2 Apps Training Part2Dh2 Apps Training Part2
Dh2 Apps Training Part2jamram82
 
Devoid Web Application From SQL Injection Attack
Devoid Web Application From SQL Injection AttackDevoid Web Application From SQL Injection Attack
Devoid Web Application From SQL Injection AttackIJRESJOURNAL
 
Innovate2011 Keys to Building OSLC Integrations
Innovate2011 Keys to Building OSLC IntegrationsInnovate2011 Keys to Building OSLC Integrations
Innovate2011 Keys to Building OSLC IntegrationsSteve Speicher
 
Complete java syllabus 7448062045 Yesdo Sddd
Complete java syllabus 7448062045 Yesdo SdddComplete java syllabus 7448062045 Yesdo Sddd
Complete java syllabus 7448062045 Yesdo SdddYesdo Softindia Pvt Ltd
 
Unit 1st and 3rd notes of java
Unit 1st and 3rd notes of javaUnit 1st and 3rd notes of java
Unit 1st and 3rd notes of javaNiraj Bharambe
 
Lecture 8 Enterprise Java Beans (EJB)
Lecture 8 Enterprise Java Beans (EJB)Lecture 8 Enterprise Java Beans (EJB)
Lecture 8 Enterprise Java Beans (EJB)Fahad Golra
 
Hibernate complete notes_by_sekhar_sir_javabynatara_j
Hibernate complete notes_by_sekhar_sir_javabynatara_jHibernate complete notes_by_sekhar_sir_javabynatara_j
Hibernate complete notes_by_sekhar_sir_javabynatara_jSatya Johnny
 
AMF Testing Made Easy! DeepSec 2012
AMF Testing Made Easy! DeepSec 2012AMF Testing Made Easy! DeepSec 2012
AMF Testing Made Easy! DeepSec 2012Luca Carettoni
 
Best Practices for JSF, Gameduell 2013
Best Practices for JSF, Gameduell 2013Best Practices for JSF, Gameduell 2013
Best Practices for JSF, Gameduell 2013Edward Burns
 
Security Issues in HTML 5
Security Issues in HTML 5Security Issues in HTML 5
Security Issues in HTML 5Wasif Altaf
 
Core java interview questions
Core java interview questionsCore java interview questions
Core java interview questionsRohit Singh
 

Was ist angesagt? (20)

Hibernate Advance Interview Questions
Hibernate Advance Interview QuestionsHibernate Advance Interview Questions
Hibernate Advance Interview Questions
 
Java j2ee interview_questions
Java j2ee interview_questionsJava j2ee interview_questions
Java j2ee interview_questions
 
J2ee
J2eeJ2ee
J2ee
 
J2EE Architecture Explained
J2EE Architecture ExplainedJ2EE Architecture Explained
J2EE Architecture Explained
 
Dh2 Apps Training Part2
Dh2 Apps Training Part2Dh2 Apps Training Part2
Dh2 Apps Training Part2
 
Devoid Web Application From SQL Injection Attack
Devoid Web Application From SQL Injection AttackDevoid Web Application From SQL Injection Attack
Devoid Web Application From SQL Injection Attack
 
J2ee architecture
J2ee architectureJ2ee architecture
J2ee architecture
 
Innovate2011 Keys to Building OSLC Integrations
Innovate2011 Keys to Building OSLC IntegrationsInnovate2011 Keys to Building OSLC Integrations
Innovate2011 Keys to Building OSLC Integrations
 
Complete java syllabus 7448062045 Yesdo Sddd
Complete java syllabus 7448062045 Yesdo SdddComplete java syllabus 7448062045 Yesdo Sddd
Complete java syllabus 7448062045 Yesdo Sddd
 
Unit 1st and 3rd notes of java
Unit 1st and 3rd notes of javaUnit 1st and 3rd notes of java
Unit 1st and 3rd notes of java
 
Lecture 8 Enterprise Java Beans (EJB)
Lecture 8 Enterprise Java Beans (EJB)Lecture 8 Enterprise Java Beans (EJB)
Lecture 8 Enterprise Java Beans (EJB)
 
J2EE Introduction
J2EE IntroductionJ2EE Introduction
J2EE Introduction
 
Hibernate complete notes_by_sekhar_sir_javabynatara_j
Hibernate complete notes_by_sekhar_sir_javabynatara_jHibernate complete notes_by_sekhar_sir_javabynatara_j
Hibernate complete notes_by_sekhar_sir_javabynatara_j
 
AMF Testing Made Easy! DeepSec 2012
AMF Testing Made Easy! DeepSec 2012AMF Testing Made Easy! DeepSec 2012
AMF Testing Made Easy! DeepSec 2012
 
Java J2EE
Java J2EEJava J2EE
Java J2EE
 
Spring User Guide
Spring User GuideSpring User Guide
Spring User Guide
 
Best Practices for JSF, Gameduell 2013
Best Practices for JSF, Gameduell 2013Best Practices for JSF, Gameduell 2013
Best Practices for JSF, Gameduell 2013
 
Spring Framework Rohit
Spring Framework RohitSpring Framework Rohit
Spring Framework Rohit
 
Security Issues in HTML 5
Security Issues in HTML 5Security Issues in HTML 5
Security Issues in HTML 5
 
Core java interview questions
Core java interview questionsCore java interview questions
Core java interview questions
 

Ähnlich wie Building Enterprise Apps with Spring 3.0

Yii Framework Security
Yii Framework SecurityYii Framework Security
Yii Framework SecurityIlko Kacharov
 
Java J2EE Interview Questions Part 2
Java J2EE Interview Questions Part 2Java J2EE Interview Questions Part 2
Java J2EE Interview Questions Part 2javatrainingonline
 
IRJET- Lightweight MVC Framework in PHP
IRJET- Lightweight MVC Framework in PHPIRJET- Lightweight MVC Framework in PHP
IRJET- Lightweight MVC Framework in PHPIRJET Journal
 
Railsplitter: Simplify Your CRUD
Railsplitter: Simplify Your CRUDRailsplitter: Simplify Your CRUD
Railsplitter: Simplify Your CRUDFlurry, Inc.
 
Software Architecture in Architecture design .ppt
Software Architecture in Architecture design .pptSoftware Architecture in Architecture design .ppt
Software Architecture in Architecture design .pptguruswamyd785
 
Design patterns fast track
Design patterns fast trackDesign patterns fast track
Design patterns fast trackBinu Bhasuran
 
College information management system.doc
College information management system.docCollege information management system.doc
College information management system.docKamal Acharya
 
IRJET- A Review On - Controlchain: Access Control using Blockchain
IRJET- A Review On - Controlchain: Access Control using BlockchainIRJET- A Review On - Controlchain: Access Control using Blockchain
IRJET- A Review On - Controlchain: Access Control using BlockchainIRJET Journal
 
Introduction to Java Enterprise Edition
Introduction to Java Enterprise EditionIntroduction to Java Enterprise Edition
Introduction to Java Enterprise EditionAbdalla Mahmoud
 
Repository Pattern in MVC3 Application with Entity Framework
Repository Pattern in MVC3 Application with Entity FrameworkRepository Pattern in MVC3 Application with Entity Framework
Repository Pattern in MVC3 Application with Entity FrameworkAkhil Mittal
 
Introduction to ejb and struts framework
Introduction to ejb and struts frameworkIntroduction to ejb and struts framework
Introduction to ejb and struts frameworks4al_com
 
Spring training
Spring trainingSpring training
Spring trainingTechFerry
 
Case Study For Data Governance Portal
Case Study For Data Governance PortalCase Study For Data Governance Portal
Case Study For Data Governance PortalMike Taylor
 
Introduction To CodeIgniter
Introduction To CodeIgniterIntroduction To CodeIgniter
Introduction To CodeIgniterschwebbie
 

Ähnlich wie Building Enterprise Apps with Spring 3.0 (20)

Yii Framework Security
Yii Framework SecurityYii Framework Security
Yii Framework Security
 
Java J2EE Interview Question Part 2
Java J2EE Interview Question Part 2Java J2EE Interview Question Part 2
Java J2EE Interview Question Part 2
 
Java J2EE Interview Questions Part 2
Java J2EE Interview Questions Part 2Java J2EE Interview Questions Part 2
Java J2EE Interview Questions Part 2
 
Struts Ppt 1
Struts Ppt 1Struts Ppt 1
Struts Ppt 1
 
Struts
StrutsStruts
Struts
 
IRJET- Lightweight MVC Framework in PHP
IRJET- Lightweight MVC Framework in PHPIRJET- Lightweight MVC Framework in PHP
IRJET- Lightweight MVC Framework in PHP
 
Railsplitter: Simplify Your CRUD
Railsplitter: Simplify Your CRUDRailsplitter: Simplify Your CRUD
Railsplitter: Simplify Your CRUD
 
Software Architecture in Architecture design .ppt
Software Architecture in Architecture design .pptSoftware Architecture in Architecture design .ppt
Software Architecture in Architecture design .ppt
 
Design patterns fast track
Design patterns fast trackDesign patterns fast track
Design patterns fast track
 
College information management system.doc
College information management system.docCollege information management system.doc
College information management system.doc
 
IRJET- A Review On - Controlchain: Access Control using Blockchain
IRJET- A Review On - Controlchain: Access Control using BlockchainIRJET- A Review On - Controlchain: Access Control using Blockchain
IRJET- A Review On - Controlchain: Access Control using Blockchain
 
Struts N E W
Struts N E WStruts N E W
Struts N E W
 
Introduction to Java Enterprise Edition
Introduction to Java Enterprise EditionIntroduction to Java Enterprise Edition
Introduction to Java Enterprise Edition
 
Lecture 10.pptx
Lecture 10.pptxLecture 10.pptx
Lecture 10.pptx
 
Oracle Identity Manager Basics
Oracle Identity Manager BasicsOracle Identity Manager Basics
Oracle Identity Manager Basics
 
Repository Pattern in MVC3 Application with Entity Framework
Repository Pattern in MVC3 Application with Entity FrameworkRepository Pattern in MVC3 Application with Entity Framework
Repository Pattern in MVC3 Application with Entity Framework
 
Introduction to ejb and struts framework
Introduction to ejb and struts frameworkIntroduction to ejb and struts framework
Introduction to ejb and struts framework
 
Spring training
Spring trainingSpring training
Spring training
 
Case Study For Data Governance Portal
Case Study For Data Governance PortalCase Study For Data Governance Portal
Case Study For Data Governance Portal
 
Introduction To CodeIgniter
Introduction To CodeIgniterIntroduction To CodeIgniter
Introduction To CodeIgniter
 

Mehr von Abdelmonaim Remani

The Economies of Scaling Software
The Economies of Scaling SoftwareThe Economies of Scaling Software
The Economies of Scaling SoftwareAbdelmonaim Remani
 
The Rise of NoSQL and Polyglot Persistence
The Rise of NoSQL and Polyglot PersistenceThe Rise of NoSQL and Polyglot Persistence
The Rise of NoSQL and Polyglot PersistenceAbdelmonaim Remani
 
The Art of Metaprogramming in Java
The Art of Metaprogramming in Java The Art of Metaprogramming in Java
The Art of Metaprogramming in Java Abdelmonaim Remani
 
Introduction To Rich Internet Applications
Introduction To Rich Internet ApplicationsIntroduction To Rich Internet Applications
Introduction To Rich Internet ApplicationsAbdelmonaim Remani
 

Mehr von Abdelmonaim Remani (6)

The Eschatology of Java
The Eschatology of JavaThe Eschatology of Java
The Eschatology of Java
 
The Economies of Scaling Software
The Economies of Scaling SoftwareThe Economies of Scaling Software
The Economies of Scaling Software
 
The Rise of NoSQL and Polyglot Persistence
The Rise of NoSQL and Polyglot PersistenceThe Rise of NoSQL and Polyglot Persistence
The Rise of NoSQL and Polyglot Persistence
 
The Art of Metaprogramming in Java
The Art of Metaprogramming in Java The Art of Metaprogramming in Java
The Art of Metaprogramming in Java
 
Le Tour de xUnit
Le Tour de xUnitLe Tour de xUnit
Le Tour de xUnit
 
Introduction To Rich Internet Applications
Introduction To Rich Internet ApplicationsIntroduction To Rich Internet Applications
Introduction To Rich Internet Applications
 

Kürzlich hochgeladen

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 

Kürzlich hochgeladen (20)

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 

Building Enterprise Apps with Spring 3.0

  • 1. Building Enterprise Web Applications with Spring 3.0 and Spring 3.0 MVC  JavaOne 2010 By AbdelmonaimRemani abdelmonaim.remani@gmail.com
  • 2. Creative Commons Attribution-NonCommercial 3.0 Unported http://creativecommons.org/licenses/by-nc/3.0/ License
  • 3. Software Engineer at Overstock.com Particularly interested in technology evangelism and enterprise software development and architecture President and Founder of a number of organizations The Chico Java User Group The Chico Flex User Group, The Chico Google Technology User Group. LinkedIn http://www.linkedin.com/in/polymathiccoder Twitter http://twitter.com/polymathiccoder Who Am I?
  • 4. Warning This presentation is very long and covers a lot of material
  • 6. Complex In terms of requirements Functional Non-Functional Execution Performance Reliability Security Evolution Testability Maintainability Extendibility Scalability (Horizontal and Vertical) Enterprise Application Software (EAS)
  • 7. In the words of Edsger W. Dijkstra: […] The Separation of Concerns […] is yet the only available technique for effective ordering of one’s thoughts […] Artificially Reducing complexity by means of Abstraction Specific Choices of abstraction Produces a architectures Enterprise Application Software (EAS)
  • 8. The Architecture Layered / N-Tiered Presentation Layer Web Layer Service Layer Persistence Layer Aspects Middleware Other Modern Enterprise Application
  • 9. A Framework is an architecture A well-defined structure to solve a problem A pre-existing hierarchy to be extended Library Framework vs. Library Invoking vs. being invoked Generic vs. specific Tools Compiler, debugger, etc… Scaffolding and other utilities Etc… Frameworks
  • 10. Heavyweight vs. Lightweight The need for a platform or a stack (JEE as example) The ability to load in-demand necessary components The memory footprint The build size Deployment ease Etc… Frameworks
  • 12. Application Framework Java Other implementations are available (Spring .NET) Open-Source Lightweight Non-Invasive (POJO Based) Extendible A platform with well-defined extension points for other frameworks By Rod Johnson Expert One-on-One J2EE Design and Development, 2002 J2EE without EJB, 2004 Became the De facto standard of Java Enterprise Applications What is Spring?
  • 13. 20 Modules Spring Source: Spring 3.0.x Framework Reference http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html
  • 14. Wrappers for most popular frameworks Allowing injection of dependencies into standard implementation Struts JSF Apache Tapestry Etc… Full Integration with the JEE stack Libraries
  • 16. The Address Book from polymathic-coder.com A web application for Contact management The Address Book
  • 17. Details: As a user I should be able to view, add, delete, and edit personal contacts data on my address book including: First Name Last Name Email Phone Number Image Primary Actors: Regular user / Administrator Assumptions: The user is authenticated and has proper privileges to access the Contact Management Area Access is granted both through the web interface and a RESTful API Functional RequirementsUse Case 1 - Contact Management
  • 18. Business Rules A First Names are required Phone Numbers must be valid US phone numbers Emails must be valid Functional RequirementsUse Case 1 - Contact Management
  • 19. Details: As an administrator I should be able to view, add, delete, and edit the user data including: Username Password Role (Regular or Administrator) Whether the account is enabled or not Email Primary Actors: Administrator Assumptions: The user is authenticated and has proper privileges to access the User Administration Area Access is granted through the web interface Functional RequirementsUse Case 2 - User Management
  • 20. Business Rules Username is required and must be unique Passwords must be complex (The should contains at least 1 lowercase letter, 1 uppercase letter, 1 digit, and 1 special character) Emails must be valid An email must be sent to the newly created user Functional RequirementsUse Case 2 - User Management
  • 21. Details: As an administrator I should be able to view audit and health check reports Primary Actors: Administrator Assumptions: The user is authenticated and has proper privileges to access the Reporting Area Access is granted through the web interface The reports are periodically generated by the system Functional RequirementsUse Case 3 - Reporting
  • 22. RBAC (Role-based access control) Authentication Form-based Http Basic Authorization Security Roles Regular User Access to personal contact management area Administrators Access to personal contact management area Access to user administration area Access to reporting area Access Control No Rules Transport Security Not required Non-Functional Requirements Security
  • 24. The problem: Acquiring Resources via Instantiation of a concrete class Using a static method of a singleton factory Using a Directory Services API that allows for discovery and lookup (JNDI for example) Etc.. Creates hard dependencies Coupled code is hard to reuse (DRYness) Painful Unit Testing Inversion of Control
  • 25. The Solution: Coding against Interfaces Inversion of Control: Dependency Injection Reflectively supply external dependency at runtime The Hollywood principle: “Don’t call us, we’ll call you” Wait a minute this a lot of work! Spring to the rescue Inversion of Control
  • 26. Container  POJO Configuration Metadata XML-Based Annotation-Based Java-based Spring Core Source: Spring 3.0.x Framework Reference http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html
  • 27. JSR 330 – Dependency Injection for Java JSR 330 @Inject @Named Spring Annotations @Autowire @Qualifier JSR 250 -  Common Annotations javax.annotation JSR 299 – Contexts and Dependency Injection Scopes and contexts: javax.context Dependency injection service: javax.inject Framework integration SPI: javax.inject.manager Event notification service: javax.event
  • 28. Used to mark a class that fulfills a role or a stereotype Stereotyped classes can be automatically detected Spring Stereotypes @Component @Repository @Service @Controller Stereotypical Spring
  • 31. A model of the “concepts” involved in the system and their relationships Anemic Domain Model POJOs (Plain Old Java Objects) or VOs (Value Objects) Clear separation between logic and data Parallel object hierarchies are evil Metadata is interpreted depending on the context as the object moves across the layers of the application Object-Relational mapping to persistent entities Validation Marshaling / Un-marshaling Etc… Domain Model
  • 32. Ensuring the correctness of data based on a set predefined rules JSR 303 - Bean Validation Source: Hibernate Validator Reference Guide 4.1.0.Final http://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/
  • 33. javax.validation Reference Implementation: Hibernate Validator JSR 303 - Bean Validation Source: Hibernate Validator Reference Guide 4.1.0.Final http://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/
  • 34. Instantiation (Items 1 & 2 of Josh Bloch’s Effective Java) Static Factories Telescoping Provide builders Override the default implementations of hashCode(), toString(), and equals(Object) methods Use Pojomatic at http://pojomatic.sourceforge.net/ Be aware of any circular dependency in your model Versioning @Version of JSR 317 – JPA 2.0 Domain Model
  • 36. A logical encapsulation of classes and interfaces whose responsibilities fall within the scope of: Create, Read, Update, and Delete (CRUD) operations on persistence storage mechanisms such as file systems and Database Management Systems (DBMS) Interacting with Message-Oriented Middleware (MOM) infrastructures or Message Transfer Agents (MTA) such as JMS or mail servers Persistence Layer
  • 37. javax.persistence Reference Implementation EclipseLink Primer A persistence entity is a POJO whose state is persisted to a table in a relational database according to predefined ORM metadata An entity is managed by an Entity Manager Do we still need a Persistence Layer? Highlights Support for JSR 303 validation JSR 317 – JPA 2.0
  • 38. Beans Stereotyped with @Repository Enables exception translation to a consistent exception hierarchy Run-time exceptions and do not have to be declared or caught Use JPA annotations to inject EntityManager and EntityManagerFactory @PersistenceContext @PersistenceUnit Follow a convention (I suggest CRUD) Declaring transaction semantics @Transactional Spring Data Access / Integration
  • 39. Java Mail API javax.mail Spring Helpers for various Templating Engines Velocity FreeMarker Spring Data Access / Integration
  • 40. Testing JUnit Take advantage of what JUnit 4.7 has to offer (Explore Theories, Rules, Etc…) Libraries DbUnithttp://www.dbunit.org/ Dumpster http://quintanasoft.com/dumbster/ Consider HADES http://redmine.synyx.org/projects/show/hades Persistence Layer
  • 42. A logical encapsulation of classes and interfaces that provide the system functionality consolidating Units of work. Service layer classes should be: Transactional Stateless Beans Stereotyped with @Service Follow a convention (I suggest VADER) Service Layer
  • 44. A logical encapsulation of classes and interfaces whose responsibilities fall within the scope of: Navigational logic Rendering page views in the proper order As simple as mapping a single URL to a single page As complex as a full work flow engine Web concerns (Request variables, session variables, HTTP methods, HTTP response codes, Etc…) should be separated from business logic Web Layer
  • 45. Two types of Web Frameworks Request / Response Web Frameworks Wrap the Servlet API Adopt push model Compile result Push it out to be rendered in a view Struts, Spring MVC, Etc… Component Web Frameworks Dot only hide the Servlet API Event-driven component JSF, Tapestry, Etc… Web Layer
  • 47. Request / Response Web Frameworks A Front Controller Pattern One Dispatcher servlet Application Contexts Application Context Web Application Context Spring MVC
  • 48. The promise Non-invasiveness Fully annotation-driven No extension of framework classes No overriding methods Controllers Beans (Spring Managed-POJOs) Stereotyped with @Controller Spring MVC - Controllers
  • 49. Mapping Rules @RequestMapping By Path HTTP method Query Parameters Request Headers Spring MVC - Controllers
  • 50. Handler Methods Parameters are request inputs Request data @RequestParam @PathVariable @RequestHeader @CookieValue Command Objects (Domain Objects) Injection of standard objects Automatic Type Conversion Custom Type Conversion JSR 303 Support @Valid Exposing reference data to the views @ModelAttribute Spring MVC - Controllers
  • 52. Representational State Transfer Architectural Style Identifiable Resources Everything is a resource accessible URI Uniform Interface based on HTTP methods GET /contacts reads all contacts GET /contacts/1 reads the contact whose id is 1 POST /contacts creates a contact PUT /contacts/1 updates the contact whose id is 1 DELETE /contacts/1 deletes the contact whose id is 1 RESTful Architecture
  • 53. Architectural Style Resource Representations Multiple data representation (MIME types) can be specified Request Accept HTTP header field or file extension Response Content-Type HTTP header field Stateless Conversion No session Scalable Loosely coupled RESTful Architecture
  • 54. Annotations @RequestMapping @PathVariable @RequestBody @ResponceBody Spring OXM (Object-XML Mapping) Marshaling / Unmarshaling RESTful Spring
  • 56. “Deciding to use Velocity or XSLT in place of an existing JSP is primarily a matter of configuration” Spring 3.0 Documentation View technologies JSP & JSTL Tiles Velocity FreeMarker XSLT JasperReports Etc… Spring MVC - Views
  • 57. Views are rendered based on handler methods return @ResponseBody or ResponseEntity<T> Many HttpMessageConverters StringHttpMessageConverter Jaxb2RootElementHttpMessageConverter MappingJacksonHttpMessageConverter AtomFeed/RssChannelHttpMessageConverter Etc… Register your own String View Resolver and a View Spring MVC - Views
  • 58. View Resolvers InternalResourceViewResolver ContentNegotiatingViewResolver BeanNameViewResolver JasperReportsViewResolver TilesViewResolver Etc… Spring MVC - Views
  • 59. JSP & JSTL Spring Tag Library Spring Form Tag Library Refer to spring-form.tld Themes Overall look-and-feel of your application A collection of style sheets and images <spring:theme /> Theme resolvers I18N Spring MVC - Views
  • 60. Spring Web Flow For Web Application that are More dynamic Non-linear without arbitrary end points Spring Portlet MVC A JSR 168 compliant Portlet environnent Large web application composed with subcomponents on the same web page Spring MVC Complements
  • 63. OOP creates a hierarchical object model by nature Cross cutting concerns Are not necessarily a part of the application logic Occur across the object hierarchy in unrelated parts Examples Logging Security Transaction management Etc… Aspect-Oriented Programming
  • 64. The Problem Code Tangling No Cohesion Code Scattering Not DRY The Solution Aspect Oriented Programming AspectJ Modulation of Aspects and weaving into the application code Aspect Oriented Programming
  • 65. Spring AOP Java based AOP Framework Built on top of AspectJ Interception based Spring APO
  • 66. Joint Point A point in the execution of the program Point Cut An expression that selects one or more joint point AspectJ Expression Language Advice The code to be weaved at a joint point Aspect Point Cut + Advice AOP Terminology
  • 67. Annotations Before AfterReturning AfterThrowing After Around Types of Advices
  • 69. Authentication the verification of the user identity Authorization Permissions granted to the identified user Access Control By arbitrary conditions that may depend to Attributes of clients Temporal and Local Condition Human User Detection Other Channel or Transport Security Encryption Security Terminology
  • 70. Realm A Defined the authentication policy User A defined individual in the Application Server Group A defined classification of users by common traits in the Application Server. Role An abstract name of the permissions to access a particular set of resources in an application Security Terminology
  • 71. Spring Security JAAS (Java Authentication and Authorization Service) jGuard Apache Shiro Available Frameworks
  • 72. Security is your responsibility Features: It is not the standard No class loader authorization capabilities Simple configuration Portable across containers Customizable and extendable Pluggable authentication and web request URI security Support method interception, Single Sign-On, and Swing clients Spring Security
  • 73. Authentication Form-Based Basic Digest LDAP NTLM (NT LAN Manager) SSO (Single Sign-On) JA-SIG CAS Open ID Atlassian Crowd SiteMinder X.509 Authentication
  • 74. Mechanisms Interact with the user Providers Check credentials Bundles details in a Thread Local security context holder Repositories Store roles and profile info In Memory JDBC LDAP Etc… Authentication
  • 75. Web Authorization URL-Based Which URL patterns and HTTP methods are allowed to be accessed by which role Method Authorization Reusable Protocol Agnostic Uses AOP Annotations Support JSR 250 Spring @Secured Spring Security EL Authorization
  • 76. Other
  • 77. Job Scheduling Bulk Processing Integration Etc… Other
  • 78. If you are interested in The full-source code of the Address Book Application A Step-By-Step tutorial Possibly a screen cast Go to http://bit.ly/ad4VGh Support Material
  • 79. The Silicon Valley Spring User Group http://www.meetup.com/sv-sug
  • 80. Q & A

Hinweis der Redaktion

  1. Enterprise applications dealcomplex problems.This complexity manifests itself inThe ramification of their functional requirementsThe intricacy of their non-functional requirementsThe latter can be classified asThe ones that are related to the execution of the application (such as performance, reliability, and security)The ones that pertain to its evolution (such as testability, maintainability, extensibility, and scalability whether it is horizontal or vertical)
  2. Here I am using the termsseparation of concerns and abstraction interchangeably, which is not necessarily not true. Separation of concerns is a form abstraction.Abstraction manifested by modularization, encapsulation, etc… within the OOP paradigmReducing complexity is artificial because the complexity of the problem remains the same no matter what abstraction we apply to deal itIf you contemplate on Dijkstra’s quote
  3. Established the fact that EAS is far more complex to fit in a monolithic The terms tier and layer are used loosely (logical/physical)As you move up to the next level of abstraction, the lower level serves as a platform to the one on top of itMiddleware: RPC, WS, MOM, or as sophisticated as an ESB or a full blown SOA
  4. Tradeoff: Since it is done at runtime, no static type checking
  5. Spring Web FlowAllows web apps to act like state machinesEvents are raised to change to statesSpring Portlet MVCShared StateSSO and User authentication and authorization
  6. AspectJ vs. Spring AOPAspectJ uses Byte code modification for code weavingSpring AOP uses dynamic proxies for code weavingInterception removes the need for compilation or load-time weavingBut only allows for public or protected method execution at a join point
  7. Access control is like a gate that is either closed or open under certain conditions and designated to certain people only
  8. Compare to JAASSimple configuration compared with .policy whose authors still need to be trustedNot all the containers implement JAAS-based authorization
  9. BasicHTTP Standard (Pop-up)HTTPS is used for EncryptionDigest: S-HTTPSSL is designed to establish a secure connection, whereas S-HTTP is designed to send individual messages securely