Application Architecture for WebSphere

Architect IBM® WebSphere® Applications for Maximum Performance, Security, Flexibility, Usability, and Value Successful, high-value WebSphere applications begin with effective architecture. Now, one of IBM’s leading WebSphere and WebSphere Portal architects offers a hands-on, best-practice guide to every facet of defining, planning, and implementing WebSphere application architectures. Joey Bernal shows working architects and teams how to define layered architectural standards that can be used across the entire organization, improving application quality without compromising flexibility.

Bernal begins by illuminating the role of architecture and the responsibilities of the architect in WebSphere applications and SOA environments. Next, he introduces specific architectural techniques for addressing persistence, application performance, security, functionality, user interaction, and much more.

Bernal presents a series of sample architectures drawn from his work with several leading organizations, demonstrating how architectures can evolve to support new layers and changing business requirements. Throughout, his techniques are specific enough to address realistic enterprise challenges, while still sufficiently high-level to be useful in diverse and heterogeneous environments.

Coverage includes

• Choosing persistence frameworks that serve business requirements without excessive complexity

• Avoiding persistence-related problems with performance, security, or application functionality

• Designing and deploying effective middle layers and dependent libraries within WebSphere Application Server

• Using WebSphere mechanisms and architectural techniques to avoid common security attacks such as SQL injection

• Improving performance with WebSphere Application Server caching, including Distributed Maps and Servlet/JSP fragment caching

• Using presentation frameworks to provide fast, robust, and attractive user interaction

• Incorporating portals that provide a standardized framework for merging multiple applications

Joey Bernal is an Executive IT Specialist with IBM Software Services for Lotus. Senior Certified with IBM as an IT Specialist, he has an extensive background in designing and developing Web and Portal Applications. He often leads IBM teams that have assisted dozens of clients in leveraging WebSphere Portal to address architecture, design, and implementation challenges. A frequent speaker on WebSphere and portal topics, Bernal is coauthor of Programming Portlets, and hosts the developerWorks blog: WebSphere Portal in Action. Prior to joining IBM, he was Director of IT for an incentive and performance improvement company, and served as lead technical advisor and architect for high-profile Internet and intranet applications at several Fortune 500 companies. You can also visit the author’s Web site at www.bernal.net.

The IBM Press developerWorks® Series is a unique undertaking in which print books and the Web are mutually supportive. The publications in this series are complemented by resources on the developerWorks Web site on ibm.com®. Icons throughout the book alert the reader to these valuable resources.

Foreword xix

Acknowledgments xxi

About the Author xxiii

Preface xxv

Chapter 1 Application Architecture 1

What Is Application Architecture? 1

Architects and Architecture 2

Application Architecture and Engineering 7

WebSphere and IBM 8

IBM WebSphere Application Server 9

A Word about Specifications 13

How Close to the Specification Should I Stay with My Architecture? 13

WebSphere Extensions to Consider 14

One Size Does Not Fit All 15

Building Blocks of Application Architecture 16

Detail in Layering 18

A Complete Example 18

Layers Versus Tiers 22

Deployment Patterns for a Layered Architecture 24

Layers Versus Modules 27

A View Perspective on Architecture 30

Conclusion 31

References 31

Chapter 2 Setting a Standard 33

Organizational Standards and Conventions 33

Putting the “Engineering” in Software Engineering 34

Standards Documentation 36

Naming Standards and Conventions 36

Packages 37

Classes and Interfaces 37

Functions and Methods 38

Variables and Constants 38

Java Server Pages 38

Internal Documentation 39

Class Header Information 40

Class Methods 41

Getters and Setters 41

Inline Comments 41

Logging and Tracing 42

System.out 43

Using the Logger 43

Logging Levels 45

Method-Level Timers 47

Working with Logging and Tracing 49

Too Much Logging? 50

Why Not Use Aspects? 51

Exception and Error Handling 51

Project and Packaging File Structure 53

Using External Libraries 54

Unit Testing Requirements 55

What Is a Unit? 58

The Trouble with Web Testing 58

Agile Approaches 59

Code Completion and Review Process Requirements 59

Code Reviews 60

You Don’t Have to Know Java for a Code Review 62

Communicating the Vision the Wiki Way 62

Conclusion 63

Reference 64

Chapter 3 Persistence Matters 65

Types of Persistence Frameworks 65

Object/Relational Mapping 66

SQL-Based Frameworks 66

Why Not Roll Your Own Framework? 66

WebSphere Data Source Resource Reference 67

iBATIS Framework 68

Implementing the Customer Class and Customer SQL Mapping 72

Configurating iBATIS 74

Adding the Spring DAO Framework 76

Running a Test 80

Transactional Thinking 82

EJB 3 and the Java Persistence API 83

Understanding the Approach 84

Entities with POJOs and Annotations 84

Entity Managers 88

Testing the Application 93

Remote Clients 94

Conclusion 97

Chapter 4 Designing the Middle Tiers 99

Business Logic 99

Another HelloWorld Example 101

Making the Business Layer Accessible 103

Getting Ready for Unit Testing 105

WebSphere Shared Libraries 107

Making the Library Visible 110

Mapping Shared Libraries to Class Loaders 114

Testing the Business Layer 116

Controlling Shared Libraries 117

Implementation Options 120

Business Process Layers 122

Conclusion 123

References 123

Chapter 5 Presentation Frameworks 125

Choosing a Presentation Framework 125

JavaServer Faces 127

Lifecycle Phase Listener 130

About the Sample Application 131

Masking and Conversion Errors 144

JSF as a Standard 146

IBM’s JWL 146

Conclusion 147

References 148

Chapter 6 Investing in a Portal 149

Incorporating a Portal into Your Architecture 150

Virtual Portal Technology 151

Business-to-Employee (B2E) Portals 152

Business Process or Forms-Based Portal 152

Portals Versus the Web App 153

Role-based Navigation and Content Delivery 153

Security and Single Sign-on 153

Content Personalization 154

Portlet Aggregation and Composite Applications 154

Applications as Portlets 154

The Java Portlet API 156

Java Portlet API 2.0 158

Portlet Preferences 160

A Simple Portlet Example 161

Switching Modes Programmatically 168

Conclusion 172

References 173

Chapter 7 SOA and Web Services 175

Pinning Down SOA 175

How to Implement SOA 177

Service Modeling 177

Services as Business Functions 177

Managing Service Data Elements 178

A Commitment from the Business 178

Things to Consider about Web Services 179

Performance 179

Standardization 180

Manageability 180

Web Services Feature Pack for WAS 181

Credit Limit Service 182

Testing the Service 184

Building a New Client Application 187

Simple REST-Based Services 189

Conclusion 194

References 195

Chapter 8 Caching and Performance 197

Designing for Performance 197

Architecture Concerns 198

Performance Terminology 199

Caching Considerations 199

Caching Design Options 200

Sizing a Cache 201

When Not to Cache 202

User Session Caching 202

Caching in WebSphere Application Server 203

IBM HTTP Server and the Caching Plug-in 205

Using the Distributed Map 206

Creating a New Distributed Map 206

Testing the Distributed Map 209

HTML Fragment Caching 214

Monitoring the Fragment Cache 216

ESI Plug-in Caching 217

Conclusion 218

References 218

Chapter 9 Keeping Things Secure 219

Why Security Is Important 219

The Role of the Security Architect 221

SQL Injection Example 222

Protecting against SQL Injection Attacks 224

WebSphere Security Basics 225

Authenticating Application Users 225

Adding a Filter to the Login Process 236

Architecting for Security 237

WebSphere Single Sign-on 238

WebSphere Authorization 239

Conclusion 241

Chapter 10 Managing Your Applications 243

Managing Applications 243

Enforcing Architecture Adherence 244

Standing by Your Decisions 245

Documenting Libraries 245

Managing Organizational Process 246

Avoiding Common Process Malpractices 249

Enforcing Adherence and Reuse with Technology Solutions 251

Using a Registry and Repository 251

Project Methodology 253

Common Methodology Problems 254

Change Control Board 255

Conclusion 256

References 257

Appendix A Setting up the Data Sample 259

Getting Started 259

Database and Schema 260

Setting Up Your Data Environment 261

Creating the DB2 Database 262

Load the Classic Models Data 264

Creating a WebSphere Data Source 266

Conclusion 275

Appendix B Running the Examples 277

Chapter Code Samples 277

Chapter 2 278

Chapter 3 278

Chapter 4 278

Chapter 5 278

Chapter 6 279

Chapter 7 279

Chapter 8 279

Chapter 9 280

Conclusion 280

Index 283

Anthony (Joey) Bernal is an executive IT specialist with Software Services for Lotus, and a member of the WebSphere Portal Practice. Senior certified with IBM as an IT specialist, he has an extensive background in the design and development of portal and web applications. He is the coauthor of several books, including Programming Portlets 2E; Programming Portlets, the IBM Portal Solutions Guide for Practitioners; and from a previous life, Professional Site Server 3.0. He also contributes to his popular blog, WebSphere Portal in Action.

Mr. Bernal helps to lead the Software Services team in many areas, including application architecture and design, performance, and assisting clients with their cross-brand challenges that leverage WebSphere Portal. By its inherent nature of being a platform to integrate applications at the desktop, WebSphere Portal projects require significant cross-brand expertise. All WebSphere Portal projects have products from multiple brands, and many have products from all five brands in the solution. Specifically, he works to reduce the challenges presented by the cross-brand nature of WebSphere Portal projects, especially in the use of newer technologies such as the integration of WebSphere Portal with services-oriented architectures.

Prior to joining IBM, Mr. Bernal was the director of IT for an incentive and performance improvement company. Mr. Bernal was also the lead technical advisor and architect of multiple high-profile Internet and intranet applications for several Fortune 500 companies.

Your opinions count

Be the first to review this product. Write your review now.