Download presentation
Presentation is loading. Please wait.
Published byDennis Douglas Modified over 9 years ago
1
Building Enterprise Web Applications with Spring 3.0 and Spring 3.0 MVC Building Enterprise Web Applications with Spring 3.0 and Spring 3.0 MVC JavaOne 2010 By Abdelmonaim Remani abdelmonaim.remani@gmail.com
2
Creative Commons Attribution-NonCommercial 3.0 Unported http://creativecommons.org/licenses/by-nc/3.0/ http://creativecommons.org/licenses/by-nc/3.0/License
3
Software Engineer at Overstock.com Particularly interested in technology evangelism and enterprise software development and architecture President and Founder of a number of organizations The Chico Java User Group The Chico Flex User Group, The Chico Google Technology User Group. LinkedIn http://www.linkedin.com/in/polymathiccoder Twitter http://twitter.com/polymathiccoder Who Am I?
4
Warning This presentation is very long and covers a lot of material
5
Introduction
6
Complex In terms of requirements Functional Non-Functional Execution Performance Reliability Security Evolution Testability Maintainability Extendibility Scalability (Horizontal and Vertical) Enterprise Application Software (EAS)
7
In the words of Edsger W. Dijkstra: […] The Separation of Concerns […] is yet the only available technique for effective ordering of one’s thoughts […] Artificially Reducing complexity by means of Abstraction Specific Choices of abstraction Produces a architectures Enterprise Application Software (EAS)
8
The Architecture Layered / N-Tiered Presentation Layer Web Layer Service Layer Persistence Layer Aspects Middleware Other Modern Enterprise Application
9
A Framework is an architecture A well-defined structure to solve a problem A pre-existing hierarchy to be extended Library Framework vs. Library Invoking vs. being invoked Generic vs. specific Tools Compiler, debugger, etc… Scaffolding and other utilities Etc… Frameworks
10
Heavyweight vs. Lightweight The need for a platform or a stack (JEE as example) The ability to load in-demand necessary components The memory footprint The build size Deployment ease Etc… Frameworks
11
The Spring Framework
12
Application Framework Java Other implementations are available (Spring.NET) Open-Source Lightweight Non-Invasive (POJO Based) Extendible A platform with well-defined extension points for other frameworks By Rod Johnson Expert One-on-One J2EE Design and Development, 2002 J2EE without EJB, 2004 Became the De facto standard of Java Enterprise Applications What is Spring?
13
20 Modules Spring Source: Spring 3.0.x Framework Reference http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html
14
Wrappers for most popular frameworks Allowing injection of dependencies into standard implementation Struts JSF Apache Tapestry Etc… Full Integration with the JEE stack Libraries
15
The Address Book
16
The Address Book from polymathic-coder.com A web application for Contact management The Address Book
17
Details: As a user I should be able to view, add, delete, and edit personal contacts data on my address book including: First Name Last Name Email Phone Number Image Primary Actors: Regular user / Administrator Assumptions: The user is authenticated and has proper privileges to access the Contact Management Area Access is granted both through the web interface and a RESTful API Functional Requirements Use Case 1 - Contact Management
18
Business Rules A First Names are required Phone Numbers must be valid US phone numbers Emails must be valid Functional Requirements Use Case 1 - Contact Management
19
Details: As an administrator I should be able to view, add, delete, and edit the user data including: Username Password Role (Regular or Administrator) Whether the account is enabled or not Email Primary Actors: Administrator Assumptions: The user is authenticated and has proper privileges to access the User Administration Area Access is granted through the web interface Functional Requirements Use Case 2 - User Management
20
Business Rules Username is required and must be unique Passwords must be complex (The should contains at least 1 lowercase letter, 1 uppercase letter, 1 digit, and 1 special character) Emails must be valid An email must be sent to the newly created user Functional Requirements Use Case 2 - User Management
21
Details: As an administrator I should be able to view audit and health check reports Primary Actors: Administrator Assumptions: The user is authenticated and has proper privileges to access the Reporting Area Access is granted through the web interface The reports are periodically generated by the system Functional Requirements Use Case 3 - Reporting
22
RBAC (Role-based access control) Authentication Form-based Http Basic Authorization Security Roles Regular User Access to personal contact management area Administrators Access to personal contact management area Access to user administration area Access to reporting area Access Control No Rules Transport Security Not required Non-Functional Requirements Security
23
Spring Core
24
The problem: Acquiring Resources via Instantiation of a concrete class Using a static method of a singleton factory Using a Directory Services API that allows for discovery and lookup (JNDI for example) Etc.. Creates hard dependencies Coupled code is hard to reuse (DRYness) Painful Unit Testing Inversion of Control
25
The Solution: Coding against Interfaces Inversion of Control: Dependency Injection Reflectively supply external dependency at runtime The Hollywood principle: “Don’t call us, we’ll call you” Wait a minute this a lot of work! Spring to the rescue Inversion of Control
26
Container POJO Configuration Metadata XML-Based Annotation-Based Java-based Spring Core Source: Spring 3.0.x Framework Reference http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html
27
JSR 330 – Dependency Injection for Java JSR 330 @Inject @Named Spring Annotations @Autowire @Qualifier JSR 250 - Common Annotations javax.annotation JSR 299 – Contexts and Dependency Injection Scopes and contexts: javax.context Dependency injection service: javax.inject Framework integration SPI: javax.inject.manager Event notification service: javax.event
28
Used to mark a class that fulfills a role or a stereotype Stereotyped classes can be automatically detected Spring Stereotypes @Component @Repository @Service @Controller Stereotypical Spring
29
Domain Model
31
A model of the “concepts” involved in the system and their relationships Anemic Domain Model POJOs (Plain Old Java Objects) or VOs (Value Objects) Clear separation between logic and data Parallel object hierarchies are evil Metadata is interpreted depending on the context as the object moves across the layers of the application Object-Relational mapping to persistent entities Validation Marshaling / Un-marshaling Etc… Domain Model
32
Ensuring the correctness of data based on a set predefined rules JSR 303 - Bean Validation Source: Hibernate Validator Reference Guide 4.1.0.Final http://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/
33
javax.validation Reference Implementation: Hibernate Validator JSR 303 - Bean Validation Source: Hibernate Validator Reference Guide 4.1.0.Final http://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/
34
Instantiation (Items 1 & 2 of Josh Bloch’s Effective Java) Static Factories Telescoping Provide builders Override the default implementations of hashCode(), toString(), and equals(Object) methods Use Pojomatic at http://pojomatic.sourceforge.net/http://pojomatic.sourceforge.net/ Be aware of any circular dependency in your model Versioning @Version of JSR 317 – JPA 2.0 Domain Model
35
Persistence Layer
36
A logical encapsulation of classes and interfaces whose responsibilities fall within the scope of: Create, Read, Update, and Delete (CRUD) operations on persistence storage mechanisms such as file systems and Database Management Systems (DBMS) Interacting with Message-Oriented Middleware (MOM) infrastructures or Message Transfer Agents (MTA) such as JMS or mail servers Persistence Layer
37
javax.persistence Reference Implementation EclipseLink Primer A persistence entity is a POJO whose state is persisted to a table in a relational database according to predefined ORM metadata An entity is managed by an Entity Manager Do we still need a Persistence Layer? Highlights Support for JSR 303 validation JSR 317 – JPA 2.0
38
Beans Stereotyped with @Repository Enables exception translation to a consistent exception hierarchy Run-time exceptions and do not have to be declared or caught Use JPA annotations to inject EntityManager and EntityManagerFactory @PersistenceContext @PersistenceUnit Follow a convention (I suggest CRUD) Declaring transaction semantics @Transactional Spring Data Access / Integration
39
Java Mail API javax.mail Spring Helpers for various Templating Engines Velocity FreeMarker Spring Data Access / Integration
40
Testing JUnit Take advantage of what JUnit 4.7 has to offer (Explore Theories, Rules, Etc…) Libraries DbUnit http://www.dbunit.org/http://www.dbunit.org/ Dumpster http://quintanasoft.com/dumbster/http://quintanasoft.com/dumbster/ Consider HADES http://redmine.synyx.org/projects/show/hades http://redmine.synyx.org/projects/show/hades Persistence Layer
41
Service Layer
42
A logical encapsulation of classes and interfaces that provide the system functionality consolidating Units of work. Service layer classes should be: Transactional Stateless Beans Stereotyped with @Service Follow a convention (I suggest VADER) Service Layer
43
Web Layer
44
A logical encapsulation of classes and interfaces whose responsibilities fall within the scope of: Navigational logic Rendering page views in the proper order As simple as mapping a single URL to a single page As complex as a full work flow engine Web concerns (Request variables, session variables, HTTP methods, HTTP response codes, Etc…) should be separated from business logic Web Layer
45
Two types of Web Frameworks Request / Response Web Frameworks Wrap the Servlet API Adopt push model Compile result Push it out to be rendered in a view Struts, Spring MVC, Etc… Component Web Frameworks Dot only hide the Servlet API Event-driven component JSF, Tapestry, Etc… Web Layer
46
Spring MVC
47
Request / Response Web Frameworks A Front Controller Pattern One Dispatcher servlet Application Contexts Application Context Web Application Context Spring MVC
48
The promise Non-invasiveness Fully annotation-driven No extension of framework classes No overriding methods Controllers Beans (Spring Managed-POJOs) Stereotyped with @Controller Spring MVC - Controllers
49
Mapping Rules @RequestMapping By Path HTTP method Query Parameters Request Headers Spring MVC - Controllers
50
Handler Methods Parameters are request inputs Request data @RequestParam @PathVariable @RequestHeader @CookieValue Command Objects (Domain Objects) Injection of standard objects Automatic Type Conversion Custom Type Conversion JSR 303 Support @Valid Exposing reference data to the views @ModelAttribute Spring MVC - Controllers
51
RESTful Spring MVC 3.0
52
Representational State Transfer Architectural Style Identifiable Resources Everything is a resource accessible URI Uniform Interface based on HTTP methods GET /contacts reads all contacts GET /contacts/1 reads the contact whose id is 1 POST /contactscreates a contact PUT /contacts/1updates the contact whose id is 1 DELETE /contacts/1deletes the contact whose id is 1 RESTful Architecture
53
Architectural Style Resource Representations Multiple data representation (MIME types) can be specified Request Accept HTTP header field or file extension Response Content-Type HTTP header field Stateless Conversion No session Scalable Loosely coupled RESTful Architecture
54
Annotations @RequestMapping @PathVariable @RequestBody @ResponceBody Spring OXM (Object-XML Mapping) Marshaling / Unmarshaling RESTful Spring
55
Presentation Layer
56
“Deciding to use Velocity or XSLT in place of an existing JSP is primarily a matter of configuration” Spring 3.0 Documentation View technologies JSP & JSTL Tiles Velocity FreeMarker XSLT JasperReports Etc… Spring MVC - Views
57
Views are rendered based on handler methods return @ResponseBody or ResponseEntity Many HttpMessageConverters StringHttpMessageConverter Jaxb2RootElementHttpMessageConverter MappingJacksonHttpMessageConverter AtomFeed/RssChannelHttpMessageConverter Etc… Register your own String View Resolver and a View Spring MVC - Views
58
View Resolvers InternalResourceViewResolver ContentNegotiatingViewResolver BeanNameViewResolver JasperReportsViewResolver TilesViewResolver Etc… Spring MVC - Views
59
JSP & JSTL Spring Tag Library Spring Form Tag Library Refer to spring-form.tld Themes Overall look-and-feel of your application A collection of style sheets and images Theme resolvers I18N Spring MVC - Views
60
Spring Web Flow For Web Application that are More dynamic Non-linear without arbitrary end points Spring Portlet MVC A JSR 168 compliant Portlet environnent Large web application composed with subcomponents on the same web page Spring MVC Complements
61
Aspects
62
Spring AOP
63
OOP creates a hierarchical object model by nature Cross cutting concerns Are not necessarily a part of the application logic Occur across the object hierarchy in unrelated parts Examples Logging Security Transaction management Etc… Aspect-Oriented Programming
64
The Problem Code Tangling No Cohesion Code Scattering Not DRY The Solution Aspect Oriented Programming AspectJ Modulation of Aspects and weaving into the application code Aspect Oriented Programming
65
Spring AOP Java based AOP Framework Built on top of AspectJ Interception based Spring APO
66
Joint Point A point in the execution of the program Point Cut An expression that selects one or more joint point AspectJ Expression Language Advice The code to be weaved at a joint point Aspect Point Cut + Advice AOP Terminology
67
Annotations Before AfterReturning AfterThrowing After Around Types of Advices
68
Spring Security
69
Authentication the verification of the user identity Authorization Permissions granted to the identified user Access Control By arbitrary conditions that may depend to Attributes of clients Temporal and Local Condition Human User Detection Other Channel or Transport Security Encryption Security Terminology
70
Realm A Defined the authentication policy User A defined individual in the Application Server Group A defined classification of users by common traits in the Application Server. Role An abstract name of the permissions to access a particular set of resources in an application Security Terminology
71
Spring Security JAAS (Java Authentication and Authorization Service) jGuard Apache Shiro Available Frameworks
72
Security is your responsibility Features: It is not the standard No class loader authorization capabilities Simple configuration Portable across containers Customizable and extendable Pluggable authentication and web request URI security Support method interception, Single Sign-On, and Swing clients Spring Security
73
Authentication Form-Based Basic Digest LDAP NTLM (NT LAN Manager) SSO (Single Sign-On) JA-SIG CAS Open ID Atlassian Crowd SiteMinder X.509 Authentication
74
Mechanisms Interact with the user Providers Check credentials Bundles details in a Thread Local security context holder Repositories Store roles and profile info In Memory JDBC LDAP Etc… Authentication
75
Web Authorization URL-Based Which URL patterns and HTTP methods are allowed to be accessed by which role Method Authorization Reusable Protocol Agnostic Uses AOP Annotations Support JSR 250 Spring @Secured Spring Security EL Authorization
76
Other
77
Job Scheduling Bulk Processing Integration Etc… Other
78
If you are interested in The full-source code of the Address Book Application A Step-By-Step tutorial Possibly a screen cast Go to http://bit.ly/ad4VGh Support Material
79
The Silicon Valley Spring User Group http://www.meetup.com/sv-sug
80
Q & A
81
Thank You!
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.