Building enterprise web applications with spring 3
-
Upload
abdelmonaim-remani -
Category
Technology
-
view
10.725 -
download
4
description
Transcript of Building enterprise web applications with spring 3
![Page 1: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/1.jpg)
Building Enterprise Web Applications with Spring 3.0
and Spring 3.0 MVC
JavaOne 2010
ByAbdelmonaim Remani
![Page 2: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/2.jpg)
Creative Commons Attribution-NonCommercial 3.0 Unported http://creativecommons.org/licenses/by-nc/3.0/
License
![Page 3: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/3.jpg)
Software Engineer at Overstock.com Particularly interested in technology evangelism and
enterprise software development and architecture President and Founder of a number of organizations
The Chico Java User Group The Chico Flex User Group, The Chico Google Technology User Group.
LinkedIn http://www.linkedin.com/in/polymathiccoder
Twitter http://twitter.com/polymathiccoder
Who Am I?
![Page 4: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/4.jpg)
WarningThis presentation is very long and covers a lot of
material
![Page 5: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/5.jpg)
Introduction
![Page 6: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/6.jpg)
Complex In terms of requirements
Functional Non-Functional
Execution Performance Reliability Security
Evolution Testability Maintainability Extendibility Scalability (Horizontal and Vertical)
Enterprise Application Software (EAS)
![Page 7: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/7.jpg)
In the words of Edsger W. Dijkstra: […] The Separation of Concerns […] is yet the
only available technique for effective ordering of one’s thoughts […]
Artificially Reducing complexity by means of Abstraction Specific Choices of abstraction
Produces a architectures
Enterprise Application Software (EAS)
![Page 8: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/8.jpg)
The Architecture Layered / N-Tiered
Presentation Layer Web Layer Service Layer Persistence Layer
Aspects Middleware Other
Modern Enterprise Application
![Page 9: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/9.jpg)
A Framework is an architecture A well-defined structure to solve a problem A pre-existing hierarchy to be extended
Library Framework vs. Library
Invoking vs. being invoked Generic vs. specific
Tools Compiler, debugger, etc… Scaffolding and other utilities Etc…
Frameworks
![Page 10: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/10.jpg)
Heavyweight vs. Lightweight The need for a platform or a stack (JEE as
example) The ability to load in-demand necessary
components The memory footprint The build size Deployment ease Etc…
Frameworks
![Page 11: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/11.jpg)
The Spring Framework
![Page 12: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/12.jpg)
Application Framework Java
Other implementations are available (Spring .NET) Open-Source Lightweight Non-Invasive (POJO Based) Extendible
A platform with well-defined extension points for other frameworks By Rod Johnson
Expert One-on-One J2EE Design and Development, 2002 J2EE without EJB, 2004
Became the De facto standard of Java Enterprise Applications
What is Spring?
![Page 13: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/13.jpg)
20 Modules
Spring
Source: Spring 3.0.x Framework Referencehttp://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html
![Page 14: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/14.jpg)
Wrappers for most popular frameworks Allowing injection of dependencies into
standard implementation Struts JSF Apache Tapestry Etc…
Full Integration with the JEE stack
Libraries
![Page 15: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/15.jpg)
The Address Book
![Page 16: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/16.jpg)
The Address Book from polymathic-coder.com A web application for Contact management
The Address Book
![Page 17: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/17.jpg)
Details: As a user I should be able to view, add, delete, and edit personal
contacts data on my address book including: First Name Last Name Email Phone Number Image
Primary Actors: Regular user / Administrator Assumptions:
The user is authenticated and has proper privileges to access the Contact Management Area
Access is granted both through the web interface and a RESTful API
Functional RequirementsUse Case 1 - Contact Management
![Page 18: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/18.jpg)
Business Rules A First Names are required Phone Numbers must be valid US phone
numbers Emails must be valid
Functional RequirementsUse Case 1 - Contact Management
![Page 19: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/19.jpg)
Details: As an administrator I should be able to view, add, delete, and edit
the user data including: Username Password Role (Regular or Administrator) Whether the account is enabled or not Email
Primary Actors: Administrator Assumptions:
The user is authenticated and has proper privileges to access the User Administration Area
Access is granted through the web interface
Functional RequirementsUse Case 2 - User Management
![Page 20: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/20.jpg)
Business Rules Username is required and must be unique Passwords must be complex (The should
contains at least 1 lowercase letter, 1 uppercase letter, 1 digit, and 1 special character)
Emails must be valid An email must be sent to the newly created
user
Functional RequirementsUse Case 2 - User Management
![Page 21: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/21.jpg)
Details: As an administrator I should be able to view audit
and health check reports Primary Actors: Administrator Assumptions:
The user is authenticated and has proper privileges to access the Reporting Area
Access is granted through the web interface The reports are periodically generated by the
system
Functional RequirementsUse Case 3 - Reporting
![Page 22: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/22.jpg)
RBAC (Role-based access control) Authentication
Form-based Http Basic
Authorization Security Roles
Regular User Access to personal contact management area
Administrators Access to personal contact management area Access to user administration area Access to reporting area
Access Control No Rules
Transport Security Not required
Non-Functional Requirements Security
![Page 23: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/23.jpg)
Spring Core
![Page 24: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/24.jpg)
The problem: Acquiring Resources via
Instantiation of a concrete class Using a static method of a singleton factory Using a Directory Services API that allows for
discovery and lookup (JNDI for example) Etc..
Creates hard dependencies Coupled code is hard to reuse (DRYness) Painful Unit Testing
Inversion of Control
![Page 25: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/25.jpg)
The Solution: Coding against Interfaces Inversion of Control: Dependency Injection
Reflectively supply external dependency at runtime
The Hollywood principle: “Don’t call us, we’ll call you”
Wait a minute this a lot of work! Spring to the rescue
Inversion of Control
![Page 26: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/26.jpg)
Container POJO Configuration Metadata
XML-Based Annotation-Based Java-based
Spring Core
Source: Spring 3.0.x Framework Referencehttp://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html
![Page 27: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/27.jpg)
JSR 330 – Dependency Injection for Java
JSR 330 @Inject @Named
Spring Annotations @Autowire @Qualifier
JSR 250 - Common Annotations javax.annotation
JSR 299 – Contexts and Dependency Injection Scopes and contexts: javax.context Dependency injection service: javax.inject Framework integration SPI: javax.inject.manager Event notification service: javax.event
![Page 28: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/28.jpg)
Used to mark a class that fulfills a role or a stereotype
Stereotyped classes can be automatically detected
Spring Stereotypes @Component @Repository @Service @Controller
Stereotypical Spring
![Page 29: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/29.jpg)
Domain Model
![Page 30: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/30.jpg)
Domain Model
![Page 31: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/31.jpg)
A model of the “concepts” involved in the system and their relationships
Anemic Domain Model POJOs (Plain Old Java Objects) or VOs (Value Objects) Clear separation between logic and data
Parallel object hierarchies are evil Metadata is interpreted depending on the context as the
object moves across the layers of the application Object-Relational mapping to persistent entities Validation Marshaling / Un-marshaling Etc…
Domain Model
![Page 32: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/32.jpg)
Ensuring the correctness of data based on a set predefined rules
JSR 303 - Bean Validation
Source: Hibernate Validator Reference Guide 4.1.0.Finalhttp://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/
![Page 33: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/33.jpg)
javax.validation Reference Implementation: Hibernate
Validator
JSR 303 - Bean Validation
Source: Hibernate Validator Reference Guide 4.1.0.Finalhttp://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/
![Page 34: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/34.jpg)
Instantiation (Items 1 & 2 of Josh Bloch’s Effective Java) Static Factories Telescoping Provide builders
Override the default implementations of hashCode(), toString(), and equals(Object) methods Use Pojomatic at http://pojomatic.sourceforge.net/
Be aware of any circular dependency in your model Versioning
@Version of JSR 317 – JPA 2.0
Domain Model
![Page 35: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/35.jpg)
Persistence Layer
![Page 36: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/36.jpg)
A logical encapsulation of classes and interfaces whose responsibilities fall within the scope of: Create, Read, Update, and Delete (CRUD)
operations on persistence storage mechanisms such as file systems and Database Management Systems (DBMS)
Interacting with Message-Oriented Middleware (MOM) infrastructures or Message Transfer Agents (MTA) such as JMS or mail servers
Persistence Layer
![Page 37: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/37.jpg)
javax.persistence Reference Implementation EclipseLink Primer
A persistence entity is a POJO whose state is persisted to a table in a relational database according to predefined ORM metadata
An entity is managed by an Entity Manager Do we still need a Persistence Layer?
Highlights Support for JSR 303 validation
JSR 317 – JPA 2.0
![Page 38: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/38.jpg)
Beans Stereotyped with @Repository Enables exception translation to a consistent exception
hierarchy Run-time exceptions and do not have to be declared or caught
Use JPA annotations to inject EntityManager and EntityManagerFactory @PersistenceContext @PersistenceUnit
Follow a convention (I suggest CRUD) Declaring transaction semantics
@Transactional
Spring Data Access / Integration
![Page 39: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/39.jpg)
Java Mail API javax.mail Spring Helpers for various Templating Engines
Velocity FreeMarker
Spring Data Access / Integration
![Page 40: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/40.jpg)
Testing JUnit
Take advantage of what JUnit 4.7 has to offer (Explore Theories, Rules, Etc…)
Libraries DbUnit http://www.dbunit.org/ Dumpster http://quintanasoft.com/dumbster/
Consider HADES http://redmine.synyx.org/projects/show/hades
Persistence Layer
![Page 41: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/41.jpg)
Service Layer
![Page 42: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/42.jpg)
A logical encapsulation of classes and interfaces that provide the system functionality consolidating Units of work. Service layer classes should be: Transactional Stateless
Beans Stereotyped with @Service Follow a convention (I suggest VADER)
Service Layer
![Page 43: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/43.jpg)
Web Layer
![Page 44: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/44.jpg)
A logical encapsulation of classes and interfaces whose responsibilities fall within the scope of: Navigational logic
Rendering page views in the proper order As simple as mapping a single URL to a single page As complex as a full work flow engine
Web concerns (Request variables, session variables, HTTP methods, HTTP response codes, Etc…) should be separated from business logic
Web Layer
![Page 45: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/45.jpg)
Two types of Web Frameworks Request / Response Web Frameworks
Wrap the Servlet API Adopt push model
Compile result Push it out to be rendered in a view
Struts, Spring MVC, Etc… Component Web Frameworks
Dot only hide the Servlet API Event-driven component JSF, Tapestry, Etc…
Web Layer
![Page 46: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/46.jpg)
Spring MVC
![Page 47: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/47.jpg)
Request / Response Web Frameworks A Front Controller Pattern
One Dispatcher servlet Application Contexts
Application Context Web Application Context
Spring MVC
![Page 48: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/48.jpg)
The promise Non-invasiveness Fully annotation-driven No extension of framework classes
No overriding methods
Controllers Beans (Spring Managed-POJOs) Stereotyped
with @Controller
Spring MVC - Controllers
![Page 49: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/49.jpg)
Mapping Rules @RequestMapping By
Path HTTP method Query Parameters Request Headers
Spring MVC - Controllers
![Page 50: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/50.jpg)
Handler Methods Parameters are request inputs
Request data @RequestParam @PathVariable @RequestHeader @CookieValue
Command Objects (Domain Objects) Injection of standard objects
Automatic Type Conversion Custom Type Conversion
JSR 303 Support @Valid
Exposing reference data to the views @ModelAttribute
Spring MVC - Controllers
![Page 51: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/51.jpg)
RESTful Spring MVC 3.0
![Page 52: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/52.jpg)
Representational State Transfer Architectural Style
Identifiable Resources Everything is a resource accessible URI
Uniform Interface based on HTTP methods GET /contacts reads all contacts GET /contacts/1 reads the contact whose id is 1 POST /contacts creates a contact PUT /contacts/1 updates the contact whose id is 1 DELETE /contacts/1 deletes the contact whose id is 1
RESTful Architecture
![Page 53: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/53.jpg)
Architectural Style Resource Representations
Multiple data representation (MIME types) can be specified Request
Accept HTTP header field or file extension Response
Content-Type HTTP header field
Stateless Conversion No session
Scalable Loosely coupled
RESTful Architecture
![Page 54: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/54.jpg)
Annotations @RequestMapping @PathVariable @RequestBody @ResponceBody
Spring OXM (Object-XML Mapping) Marshaling / Unmarshaling
RESTful Spring
![Page 55: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/55.jpg)
Presentation Layer
![Page 56: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/56.jpg)
“Deciding to use Velocity or XSLT in place of an existing JSP is primarily a matter of configuration” Spring 3.0 Documentation
View technologies JSP & JSTL Tiles Velocity FreeMarker XSLT JasperReports Etc…
Spring MVC - Views
![Page 57: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/57.jpg)
Views are rendered based on handler methods return @ResponseBody or ResponseEntity<T>
Many HttpMessageConverters StringHttpMessageConverter Jaxb2RootElementHttpMessageConverter MappingJacksonHttpMessageConverter AtomFeed/RssChannelHttpMessageConverter Etc…
Register your own String
View Resolver and a View
Spring MVC - Views
![Page 58: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/58.jpg)
View Resolvers InternalResourceViewResolver ContentNegotiatingViewResolver BeanNameViewResolver JasperReportsViewResolver TilesViewResolver Etc…
Spring MVC - Views
![Page 59: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/59.jpg)
JSP & JSTL Spring Tag Library Spring Form Tag Library
Refer to spring-form.tld Themes
Overall look-and-feel of your application A collection of style sheets and images <spring:theme /> Theme resolvers
I18N
Spring MVC - Views
![Page 60: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/60.jpg)
Spring Web Flow For Web Application that are
More dynamic Non-linear without arbitrary end points
Spring Portlet MVC A JSR 168 compliant Portlet environnent Large web application composed with
subcomponents on the same web page
Spring MVC Complements
![Page 61: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/61.jpg)
Aspects
![Page 62: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/62.jpg)
Spring AOP
![Page 63: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/63.jpg)
OOP creates a hierarchical object model by nature Cross cutting concerns
Are not necessarily a part of the application logic Occur across the object hierarchy in unrelated parts Examples
Logging Security Transaction management Etc…
Aspect-Oriented Programming
![Page 64: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/64.jpg)
The Problem Code Tangling
No Cohesion Code Scattering
Not DRY The Solution
Aspect Oriented Programming AspectJ
Modulation of Aspects and weaving into the application code
Aspect Oriented Programming
![Page 65: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/65.jpg)
Spring AOP Java based AOP Framework Built on top of AspectJ Interception based
Spring APO
![Page 66: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/66.jpg)
Joint Point A point in the execution of the program
Point Cut An expression that selects one or more joint point AspectJ Expression Language
Advice The code to be weaved at a joint point
Aspect Point Cut + Advice
AOP Terminology
![Page 67: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/67.jpg)
Annotations Before AfterReturning AfterThrowing After Around
Types of Advices
![Page 68: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/68.jpg)
Spring Security
![Page 69: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/69.jpg)
Authentication the verification of the user identity
Authorization Permissions granted to the identified user
Access Control By arbitrary conditions that may depend to
Attributes of clients Temporal and Local Condition Human User Detection Other
Channel or Transport Security Encryption
Security Terminology
![Page 70: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/70.jpg)
Realm A Defined the authentication policy
User A defined individual in the Application Server
Group A defined classification of users by common traits in
the Application Server. Role
An abstract name of the permissions to access a particular set of resources in an application
Security Terminology
![Page 71: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/71.jpg)
Spring Security JAAS (Java Authentication and Authorization
Service) jGuard
Apache Shiro
Available Frameworks
![Page 72: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/72.jpg)
Security is your responsibility Features:
It is not the standard No class loader authorization capabilities Simple configuration Portable across containers Customizable and extendable Pluggable authentication and web request URI security Support method interception, Single Sign-On, and
Swing clients
Spring Security
![Page 73: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/73.jpg)
Authentication Form-Based Basic Digest LDAP NTLM (NT LAN Manager) SSO (Single Sign-On)
JA-SIG CAS Open ID Atlassian Crowd SiteMinder X.509
Authentication
![Page 74: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/74.jpg)
Mechanisms Interact with the user
Providers Check credentials Bundles details in a Thread Local security context holder
Repositories Store roles and profile info
In Memory JDBC LDAP Etc…
Authentication
![Page 75: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/75.jpg)
Web Authorization URL-Based
Which URL patterns and HTTP methods are allowed to be accessed by which role
Method Authorization Reusable
Protocol Agnostic Uses AOP Annotations Support
JSR 250 Spring @Secured Spring Security EL
Authorization
![Page 76: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/76.jpg)
Other
![Page 77: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/77.jpg)
Job Scheduling Bulk Processing Integration Etc…
Other
![Page 78: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/78.jpg)
If you are interested in The full-source code of the Address Book
Application A Step-By-Step tutorial Possibly a screen cast
Go to
http://bit.ly/ad4VGh
Support Material
![Page 79: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/79.jpg)
The Silicon Valley Spring User Group
http://www.meetup.com/sv-sug
![Page 80: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/80.jpg)
Q & A
![Page 81: Building enterprise web applications with spring 3](https://reader033.fdocuments.in/reader033/viewer/2022051313/54b3bf474a7959fc0c8b45a3/html5/thumbnails/81.jpg)
Thank You!