IBM Press: The developersWorks® Series

The IBM Press developerWorks Series represents a unique undertaking In which print books and the Web are mutually supportive. The publications in this series are complemented by their association with resources available at the developerWorks Web site on ibm.com. These resources include articles, tutorials, forums, software, and much more.

Through the use of icons, readers will be able to immediately identify a resource on developerWorks which relates to that point of the text. A summary of links appears at the end of each chapter. Additionally, you will be able to access an electronic guide of the developerWorks links and resources through ibm.com/developerworks/dwbooks that reference develperWorks Series publications, deepening the reader’s experiences.

A developerWorks book offers readers the ability to quick extend their information base beyond the book by using the deep resources of developerWorks and at the same time enables developerWorks readers to deepen their technical knowledge and skills.

For a full listing of developerWorks Series publication, please visit:ibmpressbooks.com/dwseries.

Application Architecture for WebSphere®

A Practical Approach to Building WebSphere Applications

developerWorks® Series

Joey Bernal

Image
IBM Press
Pearson plc
Upper Saddle River • Boston • Indianapolis • San Francisco
New York • Toronto • Montreal • London • Munich • Paris • Madrid
Capetown • Sydney • Tokyo • Singapore • Mexico City
ibmpressbooks.com

The author and publisher have taken care in the preparation of this book, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for incidental or consequential damages in connection with or arising out of the use of the information or programs contained herein.

U.S. Corporate and Government Sales
1-800-382-3419
[email protected].

International Sales
[email protected].

Pearson Education, Inc.
Rights and Contracts Department
501 Boylston Street, Suite 900
Boston, MA 02116
Fax (617) 671 3447

ISBN-13: 978-0-13-712926-3
ISBN-10: 0-13-712926-2

To Christiane, my better-half of 22 years who has found her cheese and fully demonstrated the philosophy of embracing change. I'm so proud of your recent graduation from nursing school and continuation toward a graduate degree—Hook 'em horns! To Daniel and Christopher, I want you to enjoy your time away at college, and know that I'm turning your rooms into a billiards room and a media room. For Julia who continues to blossom into a beautiful young woman while still appreciative of my jr. high sense of humor. And to Oliver, who is becoming an independent young gentleman and my last chance to have a fellow geek in the family. Finally, of course, to my faithful Lulu, who brings me my paper (slightly wet) every Sunday without fail, whether I want it or not.

Contents

Foreword

Acknowledgments

About the Author

Preface

Chapter 1 Application Architecture

What Is Application Architecture?

Architects and Architecture

Application Architecture and Engineering

WebSphere and IBM

IBM WebSphere Application Server

A Word about Specifications

How Close to the Specification Should I Stay with My Architecture?

WebSphere Extensions to Consider

One Size Does Not Fit All

Building Blocks of Application Architecture

Detail in Layering

A Complete Example

Layers Versus Tiers

Deployment Patterns for a Layered Architecture

Layers Versus Modules

A View Perspective on Architecture

Conclusion

References

Chapter 2 Setting a Standard

Organizational Standards and Conventions

Putting the “Engineering” in Software Engineering

Standards Documentation

Naming Standards and Conventions

Packages

Classes and Interfaces

Functions and Methods

Variables and Constants

Java Server Pages

Internal Documentation

Class Header Information

Class Methods

Getters and Setters

Inline Comments

Logging and Tracing

System.out

Using the Logger

Logging Levels

Method-Level Timers

Working with Logging and Tracing

Too Much Logging?

Why Not Use Aspects?

Exception and Error Handling

Project and Packaging File Structure

Using External Libraries

Unit Testing Requirements

What Is a Unit?

The Trouble with Web Testing

Agile Approaches

Code Completion and Review Process Requirements

Code Reviews

You Don't Have to Know Java for a Code Review

Communicating the Vision the Wiki Way

Conclusion

Reference

Chapter 3 Persistence Matters

Types of Persistence Frameworks

Object/Relational Mapping

SQL-Based Frameworks

Why Not Roll Your Own Framework?

WebSphere Data Source Resource Reference

iBATIS Framework

Implementing the Customer Class and Customer SQL Mapping

Configurating iBATIS

Adding the Spring DAO Framework

Running a Test

Transactional Thinking

EJB 3 and the Java Persistence API

Understanding the Approach

Entities with POJOs and Annotations

Entity Managers

Testing the Application

Remote Clients

Conclusion

Chapter 4 Designing the Middle Tiers

Business Logic

Another HelloWorld Example

Making the Business Layer Accessible

Getting Ready for Unit Testing

WebSphere Shared Libraries

Making the Library Visible

Mapping Shared Libraries to Class Loaders

Testing the Business Layer

Controlling Shared Libraries

Implementation Options

Business Process Layers

Conclusion

References

Chapter 5 Presentation Frameworks

Choosing a Presentation Framework

JavaServer Faces

Lifecycle Phase Listener

About the Sample Application

Masking and Conversion Errors

JSF as a Standard

IBM's JWL

Conclusion

References

Chapter 6 Investing in a Portal

Incorporating a Portal into Your Architecture

Virtual Portal Technology

Business-to-Employee (B2E) Portals

Business Process or Forms-Based Portal

Portals Versus the Web App

Role-based Navigation and Content Delivery

Security and Single Sign-on

Content Personalization

Portlet Aggregation and Composite Applications

Applications as Portlets

The Java Portlet API

Java Portlet API 2.0

Portlet Preferences

A Simple Portlet Example

Switching Modes Programmatically

Conclusion

References

Chapter 7 SOA and Web Services

Pinning Down SOA

How to Implement SOA

Service Modeling

Services as Business Functions

Other Types of Services

Managing Service Data Elements

A Commitment from the Business

Things to Consider about Web Services

Performance

Standardization

Manageability

Web Services Feature Pack for WAS

Credit Limit Service

Testing the Service

Building a New Client Application

Simple REST-Based Services

Conclusion

References

Chapter 8 Caching and Performance

Designing for Performance

Architecture Concerns

Performance Terminology

Caching Considerations

Caching Design Options

Sizing a Cache

When Not to Cache

User Session Caching

Caching in WebSphere Application Server

IBM HTTP Server and the Caching Plug-in

Using the Distributed Map

Creating a New Distributed Map

Testing the Distributed Map

HTML Fragment Caching

Monitoring the Fragment Cache

ESI Plug-in Caching

Conclusion

References

Chapter 9 Keeping Things Secure

Why Security Is Important

The Role of the Security Architect

SQL Injection Example

Protecting against SQL Injection Attacks

WebSphere Security Basics

Authenticating Application Users

Adding a Filter to the Login Process

Architecting for Security

WebSphere Single Sign-on

WebSphere Authorization

Conclusion

Chapter 10 Managing Your Applications

Managing Applications

Enforcing Architecture Adherence

Standing by Your Decisions

Documenting Libraries

Managing Organizational Process

Avoiding Common Process Malpractices

Enforcing Adherence and Reuse with Technology Solutions

Using a Registry and Repository

Project Methodology

Common Methodology Problems

Change Control Board

Conclusion

References

Appendix A Setting up the Data Sample

Getting Started

Database and Schema

Setting Up Your Data Environment

Creating the DB2 Database

Load the Classic Models Data

Creating a WebSphere Data Source

Conclusion

Appendix B Running the Examples

Chapter Code Samples

Chapter 2

Chapter 3

Chapter 4

Chapter 5

Chapter 6

Chapter 7

Chapter 8

Chapter 9

Conclusion

Index

Foreward

The late comic Rodney Dangerfield made an entire career out of stating that he never got any respect. Sometimes I think that the lot of an application architect is just as bad. They are the ones who get blamed when applications are late, when the applications don't meet all the sometimes unrealistic expectations of the users, when the application crashes (even if it was the infrastructure, and not the application that was at fault), or generally when anything else bad happens in software development. The job title “application architect” might not have all the flash of the title “enterprise architect,” but nonetheless they are the backbone of most large software development organizations. The weight of the world is on their shoulders, and it sometimes seems like a thankless job.

Let's face it—given how much an application architect is expected to master these days, his job is cut out for him. He has to understand not only the details of the application requirements, but is expected to be an expert on the facilities provided by the application server environment, a myriad of open source projects that are available to him, the development environment, and a host of other smaller details. In this book, Joey has made a concerted effort to teach people not just what application architecture entails, but more importantly, how to be a good application architect. He provides a concise roadmap to the areas that application architecture covers, and then gives real, practical advice on how to make the right choices when designing an application.

Joey begins by convincing potential architects of the benefits of a layered architecture, and then goes on to provide concrete examples of how all the layers work, with copious sample code and explanation of the pros and cons of the major decisions that have to be made in each layer. He also discusses the all-important nonfunctional requirements that go into building an application, and discusses how you can take advantage of sometimes little-known WebSphere features to meet those requirements for performance and security.

If you are currently an application architect and need to implement on WebSphere Application Server or WebSphere Portal Server, you need not only to read this book but to keep it close to your desk for when those tricky questions arise. Likewise, if you're an application developer who needs to implement a WebSphere solution, you need this book also. And finally, if you are an enterprise architect who needs to comprehend the problems faced by your application architect colleagues so that you can understand how an enterprise architecture for your entire organization should be built, you need this book too. I'm glad that Joey has written this, and trust that you'll get as much out of this as I have.

Kyle Brown
Distinguished Engineer
IBM Software Services for WebSphere

Acknowledgments

You've heard it before: A book like this doesn't get published by one person. Dozens of people work really hard to ensure that what is finally delivered to you, the reader, is of the highest quality possible. From IBM Press, Tara Woodman for navigating the IBM maze of people and permissions, and to Ellice Uffer, for her awesome marketing and blogging insights. Thanks to Katherine Bull, Kevin Howard, and Cindy Teeters from Pearson. Katherine held my virtual hand every step of the way.

Thanks to the technical reviewers Sam Pearson, Ashok Iyengar, Ron Lynn, Scott Davis, Richard Gorzela, Peter Blinstrubas, Brad Bouldin, Jim Sides, and Julia Weatherby for keeping me honest. I know how much real work you have to do, so taking the time to help on special projects means a lot. Extra special thanks to Julia, Scott, and Richard for doing double duty on some of the chapters at the last minute.

My executive sponsor within IBM for this effort was John Allessio, VP Software Services for Lotus—thank you, John, for sponsoring this work. Also thanks to my management chain, Bennie Gibson and Ken Polleck for supporting this effort and providing time here and there (albeit unofficially) to make continued progress. Many thanks to Kyle Brown for reviewing the final draft and writing the Foreword. After 7+ years at IBM I continue to be amazed by the vastness of opportunities available, and the support of management to pursue them. Too many to name are the many friends, coworkers, mentors, mentorees, managers, executives, customers, and others who I work with in my day job who provided insight and examples of how to do things right. You are why I continue to enjoy this profession after many years.

About the Author

Anthony (Joey) Bernal is an executive IT specialist with Software Services for Lotus, and a member of the WebSphere Portal Practice. Senior certified with IBM as an IT specialist, he has an extensive background in the design and development of portal and web applications. He is the coauthor of several books, including Programming Portlets 2E; Programming Portlets, the IBM Portal Solutions Guide for Practitioners; and from a previous life, Professional Site Server 3.0. He also contributes to his popular blog, WebSphere Portal in Action.

Mr. Bernal helps to lead the Software Services team in many areas, including application architecture and design, performance, and assisting clients with their cross-brand challenges that leverage WebSphere Portal. By its inherent nature of being a platform to integrate applications at the desktop, WebSphere Portal projects require significant cross-brand expertise. All WebSphere Portal projects have products from multiple brands, and many have products from all five brands in the solution. Specifically, he works to reduce the challenges presented by the cross-brand nature of WebSphere Portal projects, especially in the use of newer technologies such as the integration of WebSphere Portal with services-oriented architectures.

Prior to joining IBM, Mr. Bernal was the director of IT for an incentive and performance improvement company. Mr. Bernal was also the lead technical advisor and architect of multiple high-profile Internet and intranet applications for several Fortune 500 companies.

Preface

As we grow our skills as professional developers and architects, we tend to forget that our profession is constantly churning with new people, ideas, and technology. This churn, and the fact that software engineering is not like any other type of engineering is why we continue to build poor applications time and time again. What is a poor application? A poor application is any application that does not live up to its design in terms of performance, security, usability, or function. It should not be that hard for any of us to think back on a project we have worked on, or led, that meets this criterion.

The science of software engineering should be composed of the same rigorous set of rules and standards that other sciences have to live by. No other engineered product is released to the general public without inspection, yet software inspections take place a small fraction of the time, and at that are often cursory and incomplete.

I wrote this book because I continued to see problems in the way that customers designed and built WebSphere and WebSphere Portal applications. I was convinced that by writing some of my concerns down many of these problems would magically disappear. Well perhaps it is not that easy, but hopefully reading this text and considering some of its suggestions will help you on your way to obtaining software excellence. I have purposely written this book to be something you can sit down and read, rather than as a reference of sample patterns to be looked at when needed. The concept of application architecture embodies not only how projects are approached but also all the preparation that goes on before any coding begins. Read through this book and as you begin to understand some of the issues involved with building good applications, take that understanding and apply it to your current or next project with vigor. Just building an application is not enough; we have to strive to build good applications.

One approach with a book like this is to build up an application throughout the different chapters until you end up with a complete albeit complex example. While I think there is value in this approach, it does not often appeal to me as a reader. If I get lost in the middle of a section, then sometimes later chapters don't make as much sense. With this in mind I chose a central theme, “Classic Models,” but chose not to build a single monolithic application. Rather I just offer up bits and pieces of sample code as appropriate. I hope you find this approach useful as you drop some of the examples into your own project code.

Enjoy!

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
98.82.120.188