Advanced Java 2 Development for Enterprise Applications

Clifford Berg is Vice President and CTO of Digital Focus, a leading systems integrator for Internet-based and Java technologies. He writes the popular Java Q&A column in Dr. Dobbs Journal.

1. The Java Project Lifecycle.


Introduction. Risk Management. Rules for Success. Deciding How to Focus Development: Features vs Modules. Components Contain Components. Task Granularity. Organizing a Project Team. Project Roles. Configuration Management and Change Control in More Detail. The Phases of Development. Requirements Gathering. Logical Design, Requirements Development, and Prototyping. Detailed Design. Walkthroughs. The Testing Process. Acceptance Testing. The Importance of Continuity. More CM Issues. Versions, Releases, and Builds. Module Evolution and Derived Modules. Prototype Branch Threads. Reuse of Modules as Custom Builds. Putting the CM Process Together. Documenting a Design. UML—A Universal Modeling Language. What Should a Java Design Spec Contain? The Object (Class) Model. Properties and Messages. Design Tools. Coding. Compiling and Development Environments. Optimization. Developing Coding Standards. Platform-Independent Building and Deployment. The SDK Toolkit. The Need for a Platform-Independent Build Process. Using a Repository. Only Check In Code that Compiles. Synchronize Before You Check In. Organizing Source and Build Components. External Teams and Shared Builds. Third-Party Products. Workstations. Creating a Release. Integration Testing and Deployment.



2. Resources, Components, and Packaging.


Resource Files and Internationalization. Characters. Converting from Other Latin-Character-Mapped Representations. Multinational Font Support. Locales. Formatting and Parsing of Localized Values. Resources. Resource Bundles. Runtime Configurable Resources. Parameterized Resources. Keyboard Entry. JavaBeans. What Are JavaBeans? How JavaBeans Work. What You Should Implement. Bean Design. JavaBeans Metainformation—“BeanInfo.” Packaging. Instantiating a Bean. Bound and Constrained Properties. Property Editors. Customizers. Understanding JavaBeans Event Dispatching. BeanContexts. JAR Files. Signed JAR Files. Signing with JDK 1.1. Signing with Java 2. Packages Are Field-Replaceable Units. Creating an Executable JAR File. Referencing Other Included Items. Sealing a JAR File.



3. Threads in Server Applications.


Java Threads vs System Threads. Creating and Starting a Thread. Reentrancy. Adding Synchronization. Synchronized Code Can Be Preempted. Synchronized Methods in Package Java. Threads of Execution Are Independent of Thread Object Instances. Thread Groups. The wait() and notify() Methods. Waiting for Another Thread to Terminate: The join() Method. Thread States. Handling External System Interrupts. Avoiding Thread Deadlock. A Simple Multithreaded Server Application. Implementing a Thread Pool. A Producer-Consumer Thread Pool Model. A Thread Assignment Model. Implementing a Thread-Based Service Scheduler. Thread-Local Variables.



4. Java Security.


Data Encryption, Keys, and Certificates. Symmetric Key Encryption. Public Key Encryption. Asymmetric Keys for Authentication. Message Digests. Asymmetric Key Algorithms. Import and Export Laws. Java Security Providers. Encryption Algorithms Included with the Java APIs. Overview of X.509 Certificates. Obtaining a Server Certificate. Key Management. Smartcards and Embedded Keys. Obtaining a Certificate. Secure Communication Protocols. The Secure Socket Layer (SSL) Protocol. Transport Layer Security (TLS). Interpreting Cipher Suite Names. Use of HTTPS (HTTP/SSL or HTTP/TLS) URLs. The Java Security Model: Protecting the Local System. What Could a Malicious Applet Do Without Security Management in Place? The Sandbox Model. Locally Installed Application Code. The Extensions Framework. Class Loaders. The Policy File. Policy File Syntax. Implementing a Customized Policy. Using Thread Groups to Segregate Rights within a VM. Authorization and Access Control. The Java Authentication and Authorization Service (JAAS).



5. Java Network Programming and Internet Server Protocols.


Writing Your Own Protocol. Understanding Java Networking. Sockets and Server Sockets. The Socket Class. The ServerSocket Class. The TCP Reset Problem. How TCP Applications Assign Ports. Firewall Issues. Overview of Software Firewalls. SOCKS. Application Proxies. Proxy Configurations and Where to Put Your Application. The Mechanics of Passing Through a Firewall. Internet Server Protocols. HTTP. java.net.Authenticator. LDAP. FTP. SNMP and the Java Management API (JMAPI). SMTP, IMAP, and POP.



6. Java Database Connectivity.


Using JDBC. Two-Tier vs Three-Tier. What Is a “Thin Client?” JDBC Driver Types. Driver Comparisons. High Performance Driver Features. JDBC Compliance. Loading a Driver. JDBC from an Application. JDBC from an Applet. Connecting to a Database. Displaying Database MetaData. Result Sets: Making a Simple Query. Cursors. Joins and Outer Joins. Statements that Don't Return a ResultSet. Prepared Statements. For Large (BLOB and CLOB) Parameters. Dates and Times. Data Type Mappings. Functions. Callable Statements. Transactions. Isolation Levels Defined by JDBC. Deadlock Detection and Response. Asynchronous Execution. Handling Connection Loss. Dealing with the Time Delay of Connecting to a Database. The Problems with “Active” Controls. Unicode Support. Sorting and Comparing Unicode Using the Collator and CollationKey Classes. Searching with LIKE. Representing Decimal and Monetary Data Types. Creating Incremental Queries. Is Java Year 2000-Compliant? JDBC 2. Result Sets. Batch Updates. New Types. Type Maps. Java Objects. Use of JNDI. Other Additions. Connection Pools and Distributed Transactions. SQLJ (aka J/SQL). Basic Syntax. Creating a Connection. Improved Support for Cursors—Iterators. Stored Procedures. Installing SQLJ Stored Procedures. OUT Parameters. Deployment. Persistent Object Databases. Why Use a Persistent Object Database? How ODBMSs Work. The ODMG Object Model. An Example: Creating a Persistent Database Application. Serializing or Externalizing Database References; Interdatabase References. Building an Object Database Application Server. Evolution and Enterprise Integration. Network Implementations. Concurrency and Performance. Replication and Scalability. Multiple Client Connections. Finding Objects. Storing Persistent Object References Inside of Controls. Initial Instantiation of Control Objects. Object/Relational (“Blend”) Persistence Mapping Products. Logical Object Transaction Models. Transaction Boundaries. Defining Objects by Composition. Saving Change History. Views. Garbage Collection of Resources Assigned to Voided Objects. Database Locking and Isolation. Understanding Transaction Isolation. The Importance of Locking Data You Have Read. Implementing Pessimistic Locking. Implementing Optimistic Locking. Checkout-based Locking (Application-based Write Locking). Defining the Transaction Layer. Multidatabase Transactions. Cleaning Up Partially Completed Logical Transaction Remnants. Forward Cache Designs. Using Events for Database Client Notification.



7. Distributed Computing Protocols and APIs.


JNDI. Retrieving Entries. Referrals. Delegation. Storing Entries. Implementing References. Storing (Binding) Java Objects in LDAP Using JNDI. JNDI over a Secure Connection. Achieving Provider Independence. Using a Directory for Object Management. Remote Method Invocation. Object Serialization. How RMI Works. Passing or Returning Objects by Reference and by Value. Basic RMI. Implementing the Server Object. Making Callbacks and Local Object Resolution. Codebase Issues. Remote Reflection. Automatic Invocation. How RMI Assigns Server Ports. Object Reference Issues. Security Permissions that Need to be Enabled. Controlling Port Numbers and Network Adapter Selection. Creating Custom RMI Sockets. Creating a Registry with Custom Sockets. HTTP Tunnelling. Servants Behind a Firewall. Implementing Secure RMI. RMI Java Properties. Storing Remote References in LDAP. Java and CORBA. CORBA Overview. ORBs. The Object Adapter. Stubs and Skeletons. Repositories. How CORBA Sends Information over the Wire: GIOP and IIOP. IDL. The IDL-to-Java Mapping. RMI vs CORBA. How a Program Finds CORBA Objects. Using a Naming Service. Storing IIOP References in LDAP. CORBA Object Activation. Object Cleanup. Connection Models. Object Management. Using CORBA with Castanet. Implementing Secure ORB Connections. RMI-over-IIOP. Passing Objects by Value. Messaging. End-to-End QOS. Java Message Service. CORBA Event Service. CORBA Messaging Service. Mainframe Transaction Gateways. XML. The XML Syntax. Encoding Semantic Rules. Message Transport. Message Generation. Message Processing. The Document Object Model. XML Standards. Distributed Transactions. The Java Transaction API (JTA). Overview. Two-Phase Commit Protocols. Transaction Coupling. Thread Association with Transaction Context. Mixing of Global and Local Transactions. The Platform Layers. Normal Usage Scenario. How It Works. Data Resources. OO Transactional Data Resources: OTMs. Propagation of Transaction Context to Another Server. JTS and OTS. The JTS Packages. Direct Context Management. Indirect Context Management. Propagating Transaction Context.



8. Server Frameworks and Architectures.


Servlets. Security. Servlets as Gateways to Application Servers. Invoking a Servlet. The Servlet Programming Interface. Example: The Customer Manager Servlet. Testing and Deployment. Retrieving GET and POST Data. Class Loader Issues. State Management. When Session State Is Large. User-Specific Profiles and Authentication. Reentrancy. Multiple UI Frames and Concurrency. Servlet Design. Mixing and Matching Servlet Servers and EJB Servers. Deploying Servlets. Where to Run a Servlet Server. JavaServer Pages. The Enterprise JavaBeans Framework. Client, Server, and Data Resource. Transaction Management. How It Works. Session Bean vs Entity Bean. Beans Are Components. Runtime Synchronization. Deployment. Passivation. Context. Authentication and Security. Integration with CORBA Security. Adding Application-Specific Authorization. What You Write, and What the Tools Generate. Comparing EJB References. What to Deploy with Client Applications. Persistence Mechanism. Persistified References. Embedded References to Other Enterprise JavaBeans. Runtime Concurrency Issues. Transaction Association. Bean Demarcated Transactions. Client Demarcated Transactions (Transactional Clients). Exceptions. Some Exception Scenarios for EJB Clients. Different Patterns of Enterprise JavaBean Use. Tradeoffs Between Heavy EJB Clients and Thin EJB Clients. EJB (User) Session and Persistent Database Session Association. The Double Interface Pattern to Provide Strong Typing of Your Implementation and Entity Interface. Writing a Utility Layer to Handle Complex Data Relationships. Session Beans for Encapsulating Application Processes. Session Beans as Entity Factories. Don't Invoke Methods on “This.” Passing Entities by Value. A More Comprehensive Example. Running CORBA from Inside an EJB; Accessing Beans from CORBA Servants. Storing EJB References in an LDAP Server. Multiple EJB Server Tiers. Initiating Calls from the Inside. Java 2 Enterprise Edition. Electronic Commerce Server Applications. The Electronic Commerce Process. Handling Payment. Scaling Multitier Java Applications. Understanding the Overhead of Each Tier. Scalability of Servlet Sessions vs EJB Sessions. Lookups and Reconnects. Some Session Profile Scenarios. Configuration and Server Resources. Running Web and Application Servers (and Other Servers Too) on the Same Machine. Running Multiple Application Server Instances on a Server. Bean Lookup and Identification; Load Balancing and Clustering. DNS-Based Load Balancing vs Network-Based Load Balancing. Clustering. Load-Balancing Algorithms. Visibility of Failures to Clients. Accessing Non-Clustered Resources; Pinning an Object to a Server. Benchmarking a Configuration. Building a Scalable Architecture.



Index.