The IBM Press developerWorks Series represents a unique undertaking In which print books and the Web are mutually supportive. The publications in this series are complemented by their association with resources available at the developerWorks Web site on ibm.com. These resources include articles, tutorials, forums, software, and much more.
Through the use of icons, readers will be able to immediately identify a resource on developerWorks which relates to that point of the text. A summary of links appears at the end of each chapter. Additionally, you will be able to access an electronic guide of the developerWorks links and resources through ibm.com/developerworks/dwbooks that reference develperWorks Series publications, deepening the reader’s experiences.
A developerWorks book offers readers the ability to quick extend their information base beyond the book by using the deep resources of developerWorks and at the same time enables developerWorks readers to deepen their technical knowledge and skills.
For a full listing of developerWorks Series publication, please visit:ibmpressbooks.com/dwseries.
A Practical Approach to Building WebSphere Applications
developerWorks® Series
IBM Press
Pearson plc
Upper Saddle River • Boston • Indianapolis • San Francisco
New York • Toronto • Montreal • London • Munich • Paris • Madrid
Capetown • Sydney • Tokyo • Singapore • Mexico City
ibmpressbooks.com
The author and publisher have taken care in the preparation of this book, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for incidental or consequential damages in connection with or arising out of the use of the information or programs contained herein.
© Copyright 2009 by International Business Machines Corporation. All rights reserved.
Note to U.S. Government Users: Documentation related to restricted right. Use, duplication, or disclosure is subject to restrictions set forth in GSA ADP Schedule Contract with IBM Corporation.
IBM Press Program Managers: Tara Woodman, Ellice Uffer
Cover design: IBM Corporation
Associate Publisher: Greg Wiegand
Marketing Manager: Kourtnaye Sturgeon
Publicist: Heather Fox
Acquisitions Editor: Katherine Bull
Development Editor: Kevin Howard
Managing Editor: Kristy Hart
Designer: Alan Clements
Project Editor: Chelsey Marti
Copy Editor: Paula Lowell
Indexer: WordWise Publishing Services
Compositor: Gloria Schurick
Proofreader: Leslie Joseph
Manufacturing Buyer: Dan Uhrig
Published by Pearson plc
Publishing as IBM Press
IBM Press offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales, which may include electronic versions and/or custom covers and content particular to your business, training goals, marketing focus, and branding interests. For more information, please contact:
U.S. Corporate and Government Sales
1-800-382-3419
[email protected].
For sales outside the U.S., please contact:
International Sales
[email protected].
The following terms are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both: DB2, Lotus, Tivoli, WebSphere, Rational, IBM, the IBM logo, and IBM Press. Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc. in the United States, other countries, or both. Microsoft, Windows, Windows NT, and the Windows logo are trademarks of the Microsoft Corporation in the United States, other countries, or both. Linux is a registered trademark of Linus Torvalds. Intel, Intel Inside (logo), MMX, and Pentium are trademarks of Intel Corporation in the United States, other countries, or both. OSF/1 and UNIX are registered trademarks and The Open Group is a trademark of the The Open Group in the United States and other countries. Other company, product, or service names mentioned herein may be trademarks or service marks of their respective owners.
Library of Congress Cataloging-in-Publication Data
Bernal, Joey.
Application architecture for WebSphere : a practical approach to building WebSphere applications / Joey Bernal.
p. cm.
ISBN 978-0-13-712926-3
1. WebSphere. 2. Software architecture. 3. Application software—Development. I. Title.
TK5105.8885.W43B48 2008
005.1—dc22
2008035862
All rights reserved. This publication is protected by copyright, and permission must be obtained from the publisher prior to any prohibited reproduction, storage in a retrieval system, or transmission in any form or by any means, electronic, mechanical, photocopying, recording, or likewise. For information regarding permissions, write to:
Pearson Education, Inc.
Rights and Contracts Department
501 Boylston Street, Suite 900
Boston, MA 02116
Fax (617) 671 3447
ISBN-13: 978-0-13-712926-3
ISBN-10: 0-13-712926-2
Text printed in the United States on recycled paper at R.R. Donnelley in Crawfordsville, Indiana. First printing September 2008
To Christiane, my better-half of 22 years who has found her cheese and fully demonstrated the philosophy of embracing change. I'm so proud of your recent graduation from nursing school and continuation toward a graduate degree—Hook 'em horns! To Daniel and Christopher, I want you to enjoy your time away at college, and know that I'm turning your rooms into a billiards room and a media room. For Julia who continues to blossom into a beautiful young woman while still appreciative of my jr. high sense of humor. And to Oliver, who is becoming an independent young gentleman and my last chance to have a fellow geek in the family. Finally, of course, to my faithful Lulu, who brings me my paper (slightly wet) every Sunday without fail, whether I want it or not.
Chapter 1 Application Architecture
What Is Application Architecture?
Application Architecture and Engineering
IBM WebSphere Application Server
How Close to the Specification Should I Stay with My Architecture?
WebSphere Extensions to Consider
Building Blocks of Application Architecture
Deployment Patterns for a Layered Architecture
A View Perspective on Architecture
Organizational Standards and Conventions
Putting the “Engineering” in Software Engineering
Naming Standards and Conventions
Working with Logging and Tracing
Project and Packaging File Structure
Code Completion and Review Process Requirements
You Don't Have to Know Java for a Code Review
Communicating the Vision the Wiki Way
Types of Persistence Frameworks
Why Not Roll Your Own Framework?
WebSphere Data Source Resource Reference
Implementing the Customer Class and Customer SQL Mapping
Adding the Spring DAO Framework
EJB 3 and the Java Persistence API
Entities with POJOs and Annotations
Chapter 4 Designing the Middle Tiers
Making the Business Layer Accessible
Getting Ready for Unit Testing
Mapping Shared Libraries to Class Loaders
Chapter 5 Presentation Frameworks
Choosing a Presentation Framework
Chapter 6 Investing in a Portal
Incorporating a Portal into Your Architecture
Business-to-Employee (B2E) Portals
Business Process or Forms-Based Portal
Role-based Navigation and Content Delivery
Portlet Aggregation and Composite Applications
Switching Modes Programmatically
Chapter 7 SOA and Web Services
Services as Business Functions
Managing Service Data Elements
A Commitment from the Business
Things to Consider about Web Services
Web Services Feature Pack for WAS
Building a New Client Application
Chapter 8 Caching and Performance
Caching in WebSphere Application Server
IBM HTTP Server and the Caching Plug-in
Creating a New Distributed Map
Chapter 9 Keeping Things Secure
The Role of the Security Architect
Protecting against SQL Injection Attacks
Authenticating Application Users
Adding a Filter to the Login Process
Chapter 10 Managing Your Applications
Enforcing Architecture Adherence
Managing Organizational Process
Avoiding Common Process Malpractices
Enforcing Adherence and Reuse with Technology Solutions
Using a Registry and Repository
Appendix A Setting up the Data Sample
Setting Up Your Data Environment
Creating a WebSphere Data Source
Appendix B Running the Examples
The late comic Rodney Dangerfield made an entire career out of stating that he never got any respect. Sometimes I think that the lot of an application architect is just as bad. They are the ones who get blamed when applications are late, when the applications don't meet all the sometimes unrealistic expectations of the users, when the application crashes (even if it was the infrastructure, and not the application that was at fault), or generally when anything else bad happens in software development. The job title “application architect” might not have all the flash of the title “enterprise architect,” but nonetheless they are the backbone of most large software development organizations. The weight of the world is on their shoulders, and it sometimes seems like a thankless job.
Let's face it—given how much an application architect is expected to master these days, his job is cut out for him. He has to understand not only the details of the application requirements, but is expected to be an expert on the facilities provided by the application server environment, a myriad of open source projects that are available to him, the development environment, and a host of other smaller details. In this book, Joey has made a concerted effort to teach people not just what application architecture entails, but more importantly, how to be a good application architect. He provides a concise roadmap to the areas that application architecture covers, and then gives real, practical advice on how to make the right choices when designing an application.
Joey begins by convincing potential architects of the benefits of a layered architecture, and then goes on to provide concrete examples of how all the layers work, with copious sample code and explanation of the pros and cons of the major decisions that have to be made in each layer. He also discusses the all-important nonfunctional requirements that go into building an application, and discusses how you can take advantage of sometimes little-known WebSphere features to meet those requirements for performance and security.
If you are currently an application architect and need to implement on WebSphere Application Server or WebSphere Portal Server, you need not only to read this book but to keep it close to your desk for when those tricky questions arise. Likewise, if you're an application developer who needs to implement a WebSphere solution, you need this book also. And finally, if you are an enterprise architect who needs to comprehend the problems faced by your application architect colleagues so that you can understand how an enterprise architecture for your entire organization should be built, you need this book too. I'm glad that Joey has written this, and trust that you'll get as much out of this as I have.
Kyle Brown
Distinguished Engineer
IBM Software Services for WebSphere
You've heard it before: A book like this doesn't get published by one person. Dozens of people work really hard to ensure that what is finally delivered to you, the reader, is of the highest quality possible. From IBM Press, Tara Woodman for navigating the IBM maze of people and permissions, and to Ellice Uffer, for her awesome marketing and blogging insights. Thanks to Katherine Bull, Kevin Howard, and Cindy Teeters from Pearson. Katherine held my virtual hand every step of the way.
Thanks to the technical reviewers Sam Pearson, Ashok Iyengar, Ron Lynn, Scott Davis, Richard Gorzela, Peter Blinstrubas, Brad Bouldin, Jim Sides, and Julia Weatherby for keeping me honest. I know how much real work you have to do, so taking the time to help on special projects means a lot. Extra special thanks to Julia, Scott, and Richard for doing double duty on some of the chapters at the last minute.
My executive sponsor within IBM for this effort was John Allessio, VP Software Services for Lotus—thank you, John, for sponsoring this work. Also thanks to my management chain, Bennie Gibson and Ken Polleck for supporting this effort and providing time here and there (albeit unofficially) to make continued progress. Many thanks to Kyle Brown for reviewing the final draft and writing the Foreword. After 7+ years at IBM I continue to be amazed by the vastness of opportunities available, and the support of management to pursue them. Too many to name are the many friends, coworkers, mentors, mentorees, managers, executives, customers, and others who I work with in my day job who provided insight and examples of how to do things right. You are why I continue to enjoy this profession after many years.
Anthony (Joey) Bernal is an executive IT specialist with Software Services for Lotus, and a member of the WebSphere Portal Practice. Senior certified with IBM as an IT specialist, he has an extensive background in the design and development of portal and web applications. He is the coauthor of several books, including Programming Portlets 2E; Programming Portlets, the IBM Portal Solutions Guide for Practitioners; and from a previous life, Professional Site Server 3.0. He also contributes to his popular blog, WebSphere Portal in Action.
Mr. Bernal helps to lead the Software Services team in many areas, including application architecture and design, performance, and assisting clients with their cross-brand challenges that leverage WebSphere Portal. By its inherent nature of being a platform to integrate applications at the desktop, WebSphere Portal projects require significant cross-brand expertise. All WebSphere Portal projects have products from multiple brands, and many have products from all five brands in the solution. Specifically, he works to reduce the challenges presented by the cross-brand nature of WebSphere Portal projects, especially in the use of newer technologies such as the integration of WebSphere Portal with services-oriented architectures.
Prior to joining IBM, Mr. Bernal was the director of IT for an incentive and performance improvement company. Mr. Bernal was also the lead technical advisor and architect of multiple high-profile Internet and intranet applications for several Fortune 500 companies.
As we grow our skills as professional developers and architects, we tend to forget that our profession is constantly churning with new people, ideas, and technology. This churn, and the fact that software engineering is not like any other type of engineering is why we continue to build poor applications time and time again. What is a poor application? A poor application is any application that does not live up to its design in terms of performance, security, usability, or function. It should not be that hard for any of us to think back on a project we have worked on, or led, that meets this criterion.
The science of software engineering should be composed of the same rigorous set of rules and standards that other sciences have to live by. No other engineered product is released to the general public without inspection, yet software inspections take place a small fraction of the time, and at that are often cursory and incomplete.
I wrote this book because I continued to see problems in the way that customers designed and built WebSphere and WebSphere Portal applications. I was convinced that by writing some of my concerns down many of these problems would magically disappear. Well perhaps it is not that easy, but hopefully reading this text and considering some of its suggestions will help you on your way to obtaining software excellence. I have purposely written this book to be something you can sit down and read, rather than as a reference of sample patterns to be looked at when needed. The concept of application architecture embodies not only how projects are approached but also all the preparation that goes on before any coding begins. Read through this book and as you begin to understand some of the issues involved with building good applications, take that understanding and apply it to your current or next project with vigor. Just building an application is not enough; we have to strive to build good applications.
One approach with a book like this is to build up an application throughout the different chapters until you end up with a complete albeit complex example. While I think there is value in this approach, it does not often appeal to me as a reader. If I get lost in the middle of a section, then sometimes later chapters don't make as much sense. With this in mind I chose a central theme, “Classic Models,” but chose not to build a single monolithic application. Rather I just offer up bits and pieces of sample code as appropriate. I hope you find this approach useful as you drop some of the examples into your own project code.
Enjoy!
98.82.120.188