Date post: | 14-Apr-2018 |
Category: |
Documents |
Upload: | rottendinkle |
View: | 213 times |
Download: | 0 times |
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 1/72
EJB notes.
E
J
BC
al
lb
a
c
k
s
(j
a
v
a
x.ej
b
p
a
c
k
a
g
e)
E
ntit
y
B
ea
n
(e
xt
e
n
ds
E
nter
pr
is
e
B
ea
n)
Def ines
7 contain
er callbacks :
1• voidsetEntit
yContext(Ent
ityContextctx)
2• voidunsetEntityContext()
3• voidejbActivate()
4• voidejbPassivate()
5• voidejbLoad
()
6• voidejbStore()
7• voidejbRemove ()
SessionBean
(extends
EnterpriseBea
n)
Defines 4
container
callbacks :
1• voidsetSessionContext(SessionContextctx)
2• voidejbActivate()
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 2/72
3• voidejbP
assivate()
4• void
ejbRemove()
S
es
sio
n
S
y
n
c
hr
o
ni
za
ti
o
n
D
ef
in
es
3
c
o
nt
ai
ner
ca
ll
b
ac
ks :
1• voidafterBegin()
2• voidbeforeCompletion()
3• voidafterCompletion(booleancommitted)
EJB API
(javax.ejb
package)
EJBHome(extends
java.rmi.Remote)
1• EJBMetaDatagetE
JBMetaData() HomeHandle getHomeHandle () // EJB1.1 or
void
remove
(Handle h)
//
invalidates
void
remove
(Object primaryKey)
//
invalidates
EJBObject
(extends
java.rmi.Rem
ote)
1• EJBHomegetEJBHome()
Handle getHandle () // Serialize
Object getPrimaryKey ()
// RemoteExcept
bean
1• booleanisIdentical(EJBObjecto)
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 3/72
voidremove(
)//invali
datesclientstu
b
E
J
B
C
o
nt
e
xt
(S
es
sio
n
C
o
nt
e
xt
,
E
nt
it
y
C
o
nt
e
xt
)
1• PrincipalgetCallerPri
ncipal() /booleanisCallerInRole(Stringname)
2• EJBHomegetEJBHome()
EJBObject getEJBObject () //
SessionC
xt Object getPrimaryKey () // EntityCon
1• voidsetRollbackO
nly() /booleangetRollbackOnly()
EJBMetaData
1• EJBHomegetEJBHome()
Class
getHomeInterfaceClass
() //
N.B. n
Class
getPrimaryKeyClass() // never
1• ClassgetRemoteInterfa
ceClass()
2• booleanisSessio
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 4/72
nboole
anisStatelessSession ()
//EJB1.1orabove
1
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 5/72
EJB Notes
List the
required
classes/interfac
es that must be
provided foran EJB
component.
Common
1• Home
interfac
e
(extend
s
javax.ej
b.EJBH
ome) -
defines
the
create
method
s (+
finders
for
Entity)
2• Remote
Interface
(extends javax.ej b.EJBO bject) -definesthe
business logicinterface
3• Bean
class -implements theEJBcallbacks,“implied” EJBcallbacks and
business
methods
4• Primar
y Keyclass – Entity
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 6/72
beansonly
Entity Beans.
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 7/72
D
es
cr
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 8/72
ip
ti
o
n
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 9/72
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 10/72
R
e
m
o
t
e
D
e
f
i
n
e
s
t
h
e
b
u
s
i
n
e
s
s
m
e
th
o
d
s
i
n
t
e
r
f
a
c
e
HomeDefines
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 11/72
the factory and
locator
methods :
interface//requiredmethods<REMOTE_IF>findByPrimaryK
ey(<PK>pk)
// optional methods
<REMOTE_IF> create (<PARAMS>)// multiple creat
allowed
<REMOTE_IF> find<METHOD_NAME> (<PARAMS>)
Collection find<METHOD_NAME> (<PARAMS>)//EJB
Enumeration find<METHOD_NAME> (<PARAMS>)
//
EJB
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 12/72
Entity
Implemen
ts
javax.ejb.
EntityBea
n
(ejbLoad
(), etc)
and the
business
methods
defined in
the Bean
remote
interface.
class Alsoimplementsthe “implied”EJB callbacksdefined in thehome interface:
<REMOTE_I
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 13/72
F>create(<PARAMS>)
becomes<PK>ejbCreate(<PARAMS>)
F
o
r
e
a
c
h
e
jbCreate (<PARAMS>)
t
h
e
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 14/72
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 15/72
NAME>(<PAR
AMS>)
becomes<P
K>
ej bFind<METHOD _ N
AME>(<PAR AMS>)
F
i
n
de
r
s
t
h
a
t
r
e
t
u
r
n
a
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 16/72
c
o
l
l
e
c
t
i
o
n
i
n
t
h
e
i
n
t
e
r
f
a
c
e
r e
t
u
r
n
a
c
o
ll
e
c
t
i
o
n
o
f
p
r
i
m
a
r
y
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 17/72
k
e
y
s
i
n
t
h
e
b
e
a
n
.
ejbCreate has
different return
values/types
depending on
the EJB version
and persistence
type :
1•EJ
B
1
.
1
,
C
M
P
:<PRIMARY_KEY
>ejbCreat
e(<PARAM
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 18/72
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 19/72
(<PARAMS>
) –
r
e
t
u
r
n
s
p
ri
m
ar
y
k
e
y
3•EJ
B1.0
,CMP:voi
dejbCr
eate(<PARAMS>
)
-(contai
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 20/72
ner k now
sPK )
T
h
e
p
r
im
a
r
y
k
e
y
r
e
t
u
r
n
e
d
b
y
e
j
b
C
r
e
a
t
e
i
s
c
a
c
h
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 21/72
e
d
i
n
th
e
E
J
B
O
b
j
ec
t
s
o
t
h
a
t
i
d
e
n
t
i
t
y
ca
n
b
e
d
e
t
e
r
m
i
n
e
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 22/72
d
o
n
a
ct
i
v
a
t
i
o
n
ejbFind
methodsthatreturna
collectionhavediff er entre
turnsde
pendingontheEJ
Bversion:
1•
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 23/72
EJ
B
1
.
1
:
if
no
m
a
t
c
h
e
s
f
o
u
n
d
,
r
e
t
u
r
n
a
n
em
p
t
y
c
o
ll
e
c
ti
o
n2•EJ
B1.0:if nom
atches
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 24/72
f ound,r
etur nnull
Primary
You can
use an existing
class (e.g.String) or
create one.
Key class
The
pr im
ar ykeyclassmust :
1•imp
le
m
e
n
t
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 25/72
j
a
v
a.
i
o
.
Se
ri
a
li
z
a
b
l
e
2•
pr o
v
i
d
e
a
d
e
f
au
l
t
c
o
n
s
t
r
u
ct
o
r
(
t
h
e
c
o
n
t
a
i
n
e
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 26/72
r
u
s
e
s
Cl
a
s
s
.
n
e
w
I
n
s
t
a
n
c
e
(
)
;
a
dd
i
t
i
o
n
a
l
c
o
ns
t
r
u
c
t
o
r
s
a
r e
a
l
l
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 27/72
o
w
e
d
)
3•o
v
e
r
r
i
d
e
h
a
sh
C
o
d
e
(
)
a
n
d
e
q
u
a
l
s
(
)
to
e
n
s
u
r
e
t
h
a
t
s
t
o
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 28/72
r
a
g
e
a
n
d
c
o
m
p
a
r
i
s
o
n
o
p
e
r
a
t
e
a
s
e
x
p
e
c
t
e
d
(
a
m
u
s
t
i
n
E
J
B
1.
1
,
a
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 29/72
s
h
o
u
l
d
i
n
E
J
B
1
.
0
)
E
J
B
1
.
1
a
l
lo
w
s
“
u
n
d
e
f
i
n
e
d
”
p
r
i
m
a
r y
k
e
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 30/72
y
s
–
c
o
de
d
g
e
n
e
r
i
ca
l
l
y
a
s
O
b
j
e
c
t
a
n
d
s
e
t
s p
e
c
i
f
i
c
a
l
l
y
b
y
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 31/72
t
h
e
d
e
pl
o
y
e
r
.
2
EJB Notes
Session Beans.
Description Remot e Defines the business methodsinterfa
ce
Home Define the factory method :
Interfa
ce(Statel ess // required method
Sessio
n
// multiple create methods are not allow
<REMOTE_IF> create ()
Bean)
Home Defines the factory methods : Interfa
ce// required methods(Statef
ul
<REMOTE_IF> create () Sessio
n <REMOTE_IF> create (<PARAMS>)
Bean)// multiple create methods are allowed, at least o
Session Implements javax.ejb.SessionBean (ejbActivate (), etc) and t
Bean the remote interface.
class Also implements the “implied” EJB callbacks defined in the SLSB : <REMOTE_IF> create () becomes void ejbCreate ( SFSB : <REMOTE_IF> create (<PARAMS>) becomes void ejb
ejbActivate () / ejbPassivate () : SLSB : these methods are meaningless, SLSB aren’t swapp
SFSB – the following types are maintained on activate/pas
EJB1.x : primitives, serializable objs, SessionContext, rem
EJB1.1 : JNDI naming contexts, home refs
Any other types must be labelled as transient or set to nul
restored
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 32/72
in ejbActivate () – e.g. on passivate, close socket client a
open
and set var.
N.B. transient fields won’t be reset on activate – they may
that used them left them as. Therefore, transient vars shoul
EJB 2.0
As of EJB2.0,local versionsare available :
1• Local
Home/
Local
interfac
es
(extend
javax.ej b.EJBL
ocalHo
me/EJB
LocalO
bject)
2• BeanS
t
i
l
l
i
m
p
l
e
m
e
n
t
ja
v
a
x
.
e
j
b
.
S
es
s
i
o
n
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 33/72
B
e
a
n
/
E
n
t
i
t
y
B
e
a
n
b
u
t
h
a
v
e
t
o
u
se
t
h
e
l
o
c
a
l
c
o
n
t
e
x
t
–
e
.
g
.
c
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 34/72
t
x
.
g
e
t
E
J
B
L
o
c
a
l
H
o
m
e
(
)
EJB2.0 also
introduces the
MessageDriven
Bean :
1• no
local/re
moteinterfac
e
2• Bean
implements
javax.ej b.MessageDrivenBean and
javax.j
ms.MessageListener
3
EJB Notes
Distinguish
between
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 35/72
stateful and
stateless
session beans
Stateful SessionBean
1• models
business
logic, processe
s,
workflow, etc.
2• associated witha singleclientfor thelife-timeof the bean.
3• maintain
s client-specificstate betweenmethodcalls – i.e. theinteraction issomewhat drawnout
4• can be
viewedas anextension/agentof theclient
5• resource
management :swapped
6• createsless
network traffic
thanstateless
– noneed to
passstate
every
time
Stateless SessionBean
1• models
a service
as a re-usable
object
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 36/72
2• associat
ed witha singleclientfor thedurationof the
methodcall.
3• no
client-specific statemaintained,state passedin as parameters
andtheresultreturned – i.e. theinteraction isshort
4• resource
management : pooled
5• more
scalable
thanstateful
as asmall
number
canservice a
large
number of
clients
Distinguish
between
session and
entity beans
“like .. a script
for a play .. and
the actors that
perform the
play .. entity
beans are the
actors and props, the
session bean is
the script”
Session Bean
1• “owned
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 37/72
” by a
singleclient
2• models
a shortlived business
process(onlylasts aslong astheclientsession;dies onsystemcrash)
Entity Bean
1• shared
by manyclients
2• obj
ect
“view
”(pr
ovides
saf e/c
ons
istent
acc
ess) of
alon
g-liv
ed/ per
sistent
busine
ssent
ity(su
rvives
a
sys
tem
crash)
3• resource
management : pooled
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 38/72
4• more re-
usable
than
session beans
Recognize
appropriateuses for entity,
stateful session
and stateless
session beansEntity Bean
1• User,
Customer,
Account, Order
Stateful session.1• Shoppin
g cart,Account
Manager
Stateless session.
1• Credit
card
authorization,
currency
converter,SocketC
lientSer
vice
State the
benefits and
costs of
container-
managed
persistence
Pros.1• producti
vity –
don’thave to
write/de bug
tediousdatabase
mappingcode
2• cleaner
code – beanisn’t boggeddownwith persiste
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 39/72
nce code
3• perform
ance – thecontainer canimpleme
ntcaching
4• po
rtability – asDBcode
ishandled bythecontainer,CMP beanscan bemovedtoot
her containersand be persist
ent(
P J C :
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 40/72
d on’ t a
gr ee
,d e
pl o
yment isn’ t
por
tabl e)
Cons.
1• portabili
ty – in
EJB1.x,deploym
ent of
CMPwasn’t
portable
2• simplisti
cmapping – inEJB1.x,CMPdidn’tsupportrelationships,dependentobjects,etc.
3• lack of control
4• legacysupport – noteverydatastore isadatabase but mostvendorsonlysupportDBmapping
4
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 41/72
EJB Notes
State the
transaction
al
behaviour
in a given
scenario
for an
enterprise
bean
method
with a
specified
transaction
al attribute
as defined
in the
deploymen
t
descriptor
BMT (Bean
Managed
Transactions).
EJB1.x : clients
can manage TX
using JTA; TXisolation level
can be set for each specific
resourcemanager, e.g.
JDBC EJB1.1 :session beans
can manage TXusing JTA and
setting<transaction-type>Bean<transaction-
type>EJB1.0 : session
& entity beanscan manage TX
using JTA andsetting the TX
attribute toTX_BEAN_MANAGED
CMT
(Container
Managed
Transactions)The
recommended
practice for
EJB is to use
CMT :
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 42/72
1• cleaner
code –
bean
isn’t
cluttere
d with
transact
ional
code
2• distribu
tedsupport
– thecontainer canorganisemultipl
eResour ceManagers
3• reusabl
e - beanscan bereusedindifferent
circumstances bychanging thedeploymentdescriptor
4• flexible
– can be
specified per method, per
bean(N.B. if anymethoduseBMP,allmust)
The
transaction
al context
(a.k.a.
scope)
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 43/72
defines
what beans
are
participatin
g in the
current
transaction
. When
using CMT
the
container
starts and
ends the
transaction
when a
transaction
al method
is called
(i.e.declared as
starting a
transaction
in the
deploymen
t
descriptor)
.
Conseque
ntly, the
transactional
context
will be
propagate
d to all
targets
(methods/
beans
used
within the
method
that
“started”
the
transactio
n).
The targets
can control
their
participatio
n in the
propagated
transaction
by setting
one of 6
transaction
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 44/72
al
attributes
in the
deployment
descriptor
(e.g.
<trans-attribute
>Required
</trans-
attribute
>) :
Attribute Description
NotSupported Current TX suspended until called method compl(TX_NOT_SUPPORTED)
Supports If caller bean part of a TX, called method/bean jo
(TX_SUPPORTS) Otherwise, called method executes as is.
Requires If caller bean part of a TX, called method/bean jo(TX_REQUIRED) Otherwise called method/bean starts a new TX (a
any other methods/beans it calls). After the calle
TX scope ends.RequiresNew Called method/bean always starts a new TX (app
(TX_REQUIRES_NEW) other methods/beans it calls). After the called mescope ends.
If caller bean part of a TX, current TX is suspendMandatory If caller bean part of a TX, called method/bean jo
(TX_MANDATORY) Otherwise called bean throws javax.transaction.T Never If caller bean part of a TX, throw RemoteExcepti
(EJB1.1 only) Other, called bean/method executes as is.TX_BEAN_MANAGED Caller bean/method creates a new TX using JTA,
(EJB1.0 only) the called method completes.
In EJB1.0
CMT, it was
possible to
control
transaction
further by
setting the
transaction
isolation levelin the
deployment
descriptor on
a per method
basis
In EJB1.1
CMT, it’s still
possible to
change the
isolation level
but it’s
container dependent.
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 45/72
5
EJB Notes
Miscellaneous
A transaction
represents a
unit-of-work
(one or more
tasks that must
all complete)
and embodies
the concept of
an exchange
between two parties. In EJB
each task is
represented as
a method so
the unit-of-
work is
represented as
one or more
method calls
on one or more
beans.
A transactionalsystem must
enforce the ACID
properties :
Propert y DescriptionAtomic All or nothing – if any task fails the transaction if rolled back; if all
committed (i.e. made Durable).Consistent The state of the system must reflect the real world. This is enforced
1. the transactional system ensures that data is Atomic, Isolated and2. the application developer ensures the system has appropriate cons
violation, referential integrity, etc.Isolated The transactional system ensures that data involved in a current tran
transactions until the current transaction completes.
The degree of isolation is controlled by setting the “isolation level”.Durable The transactional system must ensure that the data is persistent befo
to be complete – i.e. until committed, the data is still isolated.
Additionally, the transactional system ensures that the data survives
phase commit) and transaction logging.
A transactional system has to be able to deal with concurrency issues :
Issue DescriptionDirtyread TX2 reads uncommitted changes made by another TX1; if TX1
E.g. TX1 attempts to book the last seat but fails on payment; T
sold out. Non- “Lost update”repeatable
read TX1 reads; TX2 reads and updates; TX1 updates and blats over
Phantom read TX1 gets a list of seats; TX2 adds a seat; TX1 is unaware of the
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 46/72
Concurrency
issues can becontrolled using
one of 4 transaction
isolation levels :
Re
Isolation Level Dirty Re
TRANSACTION_READ_UNCOMMITTED Y
TRANSACTION_READ_COMMITTED N
TRANSACTION_REPEATABLE_READ N
TRANSACTION_SERIALIZABLE N
These isolation levels have to be viewed from the perspective of eachclient :
Isolation Level DescriptionREAD_UNCOMMITTED Reader & Writer
No locks/waiting; anything goes.Reader picks up all column changes (synched at ro
READ_COMMITTED Reader - only wants “real” data (i.e. that made durab
Writer
Wait until others have finished reading before maki
If writer gets there first, readers wait until writer has
REPEATABLE_READ Reader - Blocks writer until finished reading or wait
Writer
No updates or deletions to existing rows; insert of ro
updates / deletions to stuff writer is working on – wr
SERIALIZABLE Reader - Blocks writer until finished reading or wait
Writer
No updates, deletions or insertions except by the wri
EJB Notes
Given a
requirements
specificationdetailing
security and
flexibility
needs,
identify
architectures
that would
fulfill those
requirements
Architectures.Refer to the
“Common
Architecture”
and “Security”
documents.
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 47/72
In summary :
1• a
modula
r
architec
ture is
the
mostflexible
but
require
s more
effort
to
manage
2• securityisrequire
d at alllevelsand amodular architecturesupports this
3• Javahasgood
securitysupport – JVM,securityAPIs,etc
4• typ
ica
l
ele
me
nts
that
sup
por
t
sec
urit
y
an
d
fle
xib
ility
are
:
fire
wa
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 48/72
lls,
loa
d
bal
anc
ers,
clu
stered
ap
pli
cat
ion
ser
ver
s,
etc
5• EJB
security is
flexib
le –
declar
ative
so can
be
adjust
ed as
requir
ed;
can be
mapp
ed to
enviro
nment
specif
ics
(LDA
P,
mainf
rame,
etc.)
J2EE Security.
Within an
EJB
component
security roles
are defined - a
role is a
logical user
(e.g. admin,
customer).
When the
component is
deployed, the
role is
mapped to
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 49/72
“real” J2EE
users/groups
(e.g. PJC is
able to
assume the
admin role).
To accesssecure
resources, the
Subject (client)
must be
authenticated
and authorized :
1• Authen
tication
.
T
o
a
u
t
h
e
n
t
i
c
a
te
,
t
h
e
S
u
b
j
ec
t
m
u
s
t
p
r
e
s
e
n
t
t
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 50/72
h
e
i
r
C
r
ed
e
n
t
i
a
l
s
(
e
.
g
.
u
s
e
r
n
a
m
e/
p
a
s
s
w
o
r
d
)
to
t
h
e
c
o
n
t
a
in
e
r
.
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 51/72
If the
authent
ication
is
success
ful, the
Subject
isassociat
ed with
one or
more
Princip
al
objects.
N
.
B.
a
u
t
h
e
n
ti
c
a
ti
o
n
i
s
n
o
t
c
u
r r
e
n
tl
y
p
a
r
t
o f
t
h
e
E
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 52/72
J
B
s
p
e
cif
i
c
a
ti
o
n
–
e
. g
.
t
h
e
c
r
e
d
e
n
ti
a
l
s
m
a
y
b
e
pa
s
s
e
d
a
s
p
r
o p
e
r
ti
e
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 53/72
s
t
o
a
n
I
nit
i
a
l
C
o
n
t
e
xt,
J
A
A
S
m
a
y
b
e
u
s
e
d
,
e
t
c
.
2• Authorisation.
O
n
c
e
a
u
t
h
e
nt
i
c
a
t
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 54/72
e
d
,
t
h
e
P
r
i
n
c
i
p
a
l
(
s
)
c
a
n
b
e
c
h
ec
k
e
d
a
g
a
i
n
s
t
t
h
e
R
o
l
e
t
o
d
e
c
i
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 55/72
d
e
i
f
t
he
c
l
i
e
n
t
i
s
a
u
t
h
o
r
i
s
e
d
t
o
a
c
c
e
s
s
t
he
s
e
c
u
r
e
r
e
so
u
r
c
e
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 56/72
.
Role
based
author
isatio
n is
fully
suppo
rted
by
J2EE
–
securi
ty
constr
aints
in
web.xml,
metho
d
level
securi
ty in
EJB
deplo
yment
descri
ptor,
“runA
s” in
deplo
yment
descri
ptor.
N
.
B
.
i
n
s
t
a
n
c
e
b
a s
e
d
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 57/72
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 58/72
’
s
a
c
c
ou
n
t
)
i
s
n
’
t y
e
t
s
p
e
c
i
f
ie
d
J2EE also has
other built-in
security
features :
1• web-
tier
authent
ication
– viaHTTP
authent
ication,
FORM/
j_securi
ty_chec
k,
client
certific
ates
2•secure
communications – SSL;web-tier
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 59/72
authenticationcan useSSL for HTTP/FORMauth
3• security packages – digests,digitalsignatures,ciphers,certificates,etc.
EJB securityEJB supports
declarative
security
(programmatic
security is also
supported) by
setting the
appropriate
values in the
deployment
descriptor :<method
-permission> <ro
le-name>admin</rol
e> <metho
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 60/72
d>
<ejb-name>Account</ejb-name>
<method-name>*</method-name>
</meth
od>
</met
h
od-
permi
ssio
n>
Not very
portable at the
moment –
authentication
and “runAs”
are container
specific;
container to
container
security
propagation is
undefined.
7
EJB Notes
Identify
costs and
benefits of
using an
intermediate
data access
object
between an
entity bean
and the data
resource
Pros.
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 61/72
1• transpa
rency –
specific
s of
data
access
are
hidden
from
the
entity
bean
2• modula
r – theDAOcould
beswappe
d for another withlittledisruption totheentity
beancode
3• cleaner
code -
dataaccessfactored out sosimplifiesentity
beancode
4• reusabl
e – DAO
could be re-used ina “FastLaneReader ”
Cons.
1• only
suitable
for
BMP2• extra
code -have towriteDAO
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 62/72
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 63/72
class
modifier must be
public(abstract
, finalnot
allowed); no
finalize()
2• business&callback methodsmethod
modifier must be
public
(static,
final notallowed);
arguments must
be legalRMI
types
Exceptions
A
pp
lic
ation
ex
ce
pti
on
s
re
pr
es
en
t
busi
ne
ss
lo
gi
c
fai
lu
re
s
so
ar e
ex
pe
ct
ed
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 64/72
to
be
ret
ur
ne
d
to
the
re
m
ot
e
cli
en
t.
So
m
e
com
m
on
ap
pli
ca
tio
n
ex
ce
pti
ons
ar
e
pr
ov
id
ed
in
th
e
ja
vax.
ej
b
pa
ck
ag
e
bu
t
ca
n
also
be
us
er
-
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 65/72
de
fi
ne
d.
System
exceptions
represent systemlevel failures andare excepted to
be caught by thecontainer.
The container handles the
exception and re-
packages it asRemoteExceptio
n before
returning it to theclient.
The container
will deal with all
unchecked
exceptions – e.g. NullPointerExce
ption
B
e
a
n
m
e
th
o
d
s
c
a
n
c
a
t
c
h
e
x
c
e
p
t
i
o
n
s
a
r
er
e
-
t
h
r
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 66/72
o
w
w
i
t
h
in
a
m
e
t
h
o
d
–
e
.
g
.c
a
t
c
h
J
D
B
C
e
r
r
o
r
a
n
d
r
e
-
t
h
r
ow
a
s
E
J
B
E
x
c
e
p
ti
o
n
.
I
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 67/72
n
E
J
B
1
.
0,
m
e
t
h
o
d
s
c
ou
l
d
t
h
r
o
w
R
e
m
o
t
e
E
x
c
e
p
t
i
o
n
t
o
i
n
d
i
c
a
t
e
a
s
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 68/72
y
s
t
e
m
/
n
on
-
a
p
p
l
i
c
a
t
i
on
e
r
r
o
r
.
I
n
E
J
B
1
.
1
,
m
e
t
h
o
d
s
a
r
e
n
o
w
e
x
p
e
c
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 69/72
t
e
d
t
o
th
r
o
w
E
J
B
E
x
c
e p
t
i
o
n
(
o
r
a
n
o
t
h
e
r
R
u
n
t
i
m
e
E
x
c
e
p
t
i
o
n
)
.
H
o
w
e
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 70/72
v
e
r
,
a
l
l
o
f
t
h
e
s
a
m
pl
e
c
o
d
e
(
i
n
c
l
u
d
i
n
g
P
e
t
s
t
o
r
e
)
s
t
i
l
l
u
s
e
s
R
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 71/72
e
m
o
t
e
E
x
ce
p
t
i
o
n
.
The bean method
implementations
must match the
interfacedefinitions interms of
exceptions apartfrom : RemoteException - the container handles remote exception iss
EJBException- extends RuntimeException so doesn’t have“throws”
clause.
Method Application Exceptions
Any Application/custom exceptions
create () CreateException, DuplicateKeyException
findXXX ()
FinderException, ObjectNotFoundException (sing
remove () RemoveException
business methods, NoSuchEntityException (object has been removed
ejbLoad, ejbStore
Primary Services.
There are 7
primary services
provided by the
container :
concurrency (to
maintainsafe/consistent
access to shared
entity bean),
lifecycle
management
(pooling/swappi
ng), persistence
(CMP),
distributed
objects (EJB
uses RMI-IIOP),
naming
(JNDI canhookup to a
number of
naming
services),
transactions
7/29/2019 EJB'S
http://slidepdf.com/reader/full/ejbs 72/72
(CMT) and
security (EJB
builds on
Java2
security to
add method
level
security).
8