Presentation is loading. Please wait.

Presentation is loading. Please wait.

Message-Driven Beans and EJB Security Lesson 4B / Slide 1 of 37 J2EE Server Components Objectives In this lesson, you will learn about: Identify features.

Published byReynold Fisher Modified over 8 years ago

Similar presentations

Presentation on theme: "Message-Driven Beans and EJB Security Lesson 4B / Slide 1 of 37 J2EE Server Components Objectives In this lesson, you will learn about: Identify features."— Presentation transcript:

1 Message-Driven Beans and EJB Security Lesson 4B / Slide 1 of 37 J2EE Server Components Objectives In this lesson, you will learn about: Identify features of message-driven beans Explain the life cycle of message-driven beans Identify steps to create message-driven beans Create applications using message-driven bean Secure EJB applications

2 Message-Driven Beans and EJB Security Lesson 4B / Slide 2 of 37 J2EE Server Components Pre-assessment Questions 1.Which ACID property of a transaction ensures that data loss does not occur when a network or a system failure occurs? a.atomicity b.consistency c.isolation d.durability

3 Message-Driven Beans and EJB Security Lesson 4B / Slide 3 of 37 J2EE Server Components Pre-assessment Questions (Contd.) 2.Which ACID property allows multiple transactions to read from or write to a database, one at a time? a.atomicity b.consistency c.isolation d.durability 3.Which transaction attribute specifies that a bean method must always be part of an existing transaction? a.Mandatory b.Required c.RequiresNew d.Supports

4 Message-Driven Beans and EJB Security Lesson 4B / Slide 4 of 37 J2EE Server Components Pre-assessment Questions (Contd.) 4.What is the responsibility of the bean provider? a.Rolls back the transaction. b.Generates an application error. c.Throws the exceptions, java.rmi.RemoteException or javax.ejb.EJBException, depending on whether the client is remote or local, respectively. d.Enables a JTA transaction to invoke a method in a stateful session bean even if the method has closed the connection to the database.

5 Message-Driven Beans and EJB Security Lesson 4B / Slide 5 of 37 J2EE Server Components Pre-assessment Questions 5.Which constant declared in the javax.transaction.Status interface specifies that the current transaction is preparing for transaction commit? a.STATUS_PREPARING b.STATUS_ACTIVE c.STATUS_COMMITTING d.STATUS_PREPARED

6 Message-Driven Beans and EJB Security Lesson 4B / Slide 6 of 37 J2EE Server Components Solutions to Pre-assessment Questions 1.d. durability 2.c. isolation 3.a. Mandatory 4.d. Enables a JTA transaction to invoke a method in a stateful session bean even if the method has closed the connection to the database. 5.a. STATUS_PREPARING

7 Message-Driven Beans and EJB Security Lesson 4B / Slide 7 of 37 J2EE Server Components Introducing Message-Driven Beans Provide asynchronous messaging between two Java components. Uses Java Message Service (JMS) Application Programming Interface (API) to receive messages from the components. Introducing JMS JMS API allows Java programs to send and receive messages. Difference between JMS and RMI

8 Message-Driven Beans and EJB Security Lesson 4B / Slide 8 of 37 J2EE Server Components Introducing Message-Driven Beans (Contd.) Advantages of JMS API are: Better performance Reliability Multiple Messaging JMS API supports two types of messaging techniques: Publish/Subscribe (Pub/Sub) Point-to-Point (PTP)

9 Message-Driven Beans and EJB Security Lesson 4B / Slide 9 of 37 J2EE Server Components Introducing Message-Driven Beans (Contd.) Features of Message-Driven Beans They are stateless because they do not store the state of the client. Instances are stored in a shared pool and EJB container can use any instance from this pool to receive and process the incoming message. They cannot return values or throw exceptions to the client. They can be declared as durable or non durable JMS consumers.

10 Message-Driven Beans and EJB Security Lesson 4B / Slide 10 of 37 J2EE Server Components Introducing Message-Driven Beans (Contd.) Life Cycle of Message-Driven Beans

11 Message-Driven Beans and EJB Security Lesson 4B / Slide 11 of 37 J2EE Server Components Introducing Message-Driven Beans (Contd.) Ready Stage Message-driven bean instance remains in the pool to service the messages sent by the clients. To add a new message-driven bean instance to the pool, EJB container performs the following steps: Call the setMessageDrivenContext () method to pass the context object to a message-driven bean instance. Call the ejbCreate () method of the instance to initialize the message-driven bean.

12 Message-Driven Beans and EJB Security Lesson 4B / Slide 12 of 37 J2EE Server Components Introducing Message-Driven Beans (Contd.) Does Not Exist Stage Message-driven bean is permanently removed from the message- driven bean pool. The onMessage() method is called whenever a message is received from the client.

13 Message-Driven Beans and EJB Security Lesson 4B / Slide 13 of 37 J2EE Server Components Introducing Message-Driven Beans (Contd.) Methods in a Message-Driven Bean setMessageDrivenContext(MessageDrivenContext) ejbCreate() onMessage(Message) ejbRemove()

14 Message-Driven Beans and EJB Security Lesson 4B / Slide 14 of 37 J2EE Server Components Introducing Message-Driven Beans (Contd.) The setMessageDrivenContext(MessageDrivenContext) Method Receives a MessageDrivenContext object setRollbackOnly() : Declares that the current transaction should be rolled back. getRollbackOnly() : Checks whether the current transaction is declared for rollback or not. getUserTransaction(): Returns the javax.transaction.UserTransaction interface that enables you to retrieve information about a transaction and manage it.

15 Message-Driven Beans and EJB Security Lesson 4B / Slide 15 of 37 J2EE Server Components Introducing Message-Driven Beans (Contd.) The ejbCreate() Method Creates a new message-driven bean. You can also pass arguments in the ejbCreate() method to initialize a message-driven bean instance. The ejbRemove() Method Destroys a message-driven bean and releases all the resources associated with it. Throws the exception, EJBException, to handle errors that occur during the removal of a message-driven bean.

16 Message-Driven Beans and EJB Security Lesson 4B / Slide 16 of 37 J2EE Server Components Introducing Message-Driven Beans (Contd.) The onMessage(Message) Method Implements the business logic in a message-driven bean. Accepts the incoming message as an argument of the Message class type.

17 Message-Driven Beans and EJB Security Lesson 4B / Slide 17 of 37 J2EE Server Components Introducing Message-Driven Beans (Contd.) Deployment descriptor of Message-Driven Bean Various tags in a message-driven bean are:

18 Message-Driven Beans and EJB Security Lesson 4B / Slide 18 of 37 J2EE Server Components Introducing Message-Driven Beans (Contd.) Responsibilities of the Bean Provider and the EJB Container Provider The code of a message-driven bean class should fulfill the following criteria: Should implement the javax.ejb.MessageDrivenBean and javax.jms.MessageListener interfaces. Should be defined as a public class. However, it cannot be defined as the final or abstract class. Should contain one constructor that takes no arguments. Should implement the ejbCreate(), ejbRemove(), and onMessage() methods.

19 Message-Driven Beans and EJB Security Lesson 4B / Slide 19 of 37 J2EE Server Components Introducing Message-Driven Beans (Contd.) Responsibilities of the Bean Provider and the EJB Container Provider The code of a message-driven bean class should fulfill the following criteria: Should implement the javax.ejb.MessageDrivenBean and javax.jms.MessageListener interfaces. Should be defined as a public class. However, it cannot be defined as the final or abstract class. Should contain one constructor that takes no arguments. Should implement the ejbCreate(), ejbRemove(), and onMessage() methods.

20 Message-Driven Beans and EJB Security Lesson 4B / Slide 20 of 37 J2EE Server Components Creating Message-Driven Beans Creating Java File to Implement a Message-driven Bean Contains the code to implement the business logic of a message-driven bean. The following code snippet shows the onMessage() method in the MessageListener interface: public interface javax.jms.MessageListener { public void onMessage(Message message); }

21 Message-Driven Beans and EJB Security Lesson 4B / Slide 21 of 37 J2EE Server Components Creating Message-driven Beans (Contd.) Compiling and Deploying a Message-driven Bean Compiled using the javac compiler. Deployed in J2EE1.4 Application Server using the deploytool utility. The Enterprise Bean Wizard of the deploytool utility is used to deploy a message-driven bean. Accessing Message-driven Beans Application clients are stand-alone Java programs that can send JMS compatible messages to the message driven beans. Web-based clients are the Java components, such as JSP and servlets, which are run on a Web browser to access the message-driven beans.

22 Message-Driven Beans and EJB Security Lesson 4B / Slide 22 of 37 J2EE Server Components Creating Message-driven Beans (Contd.) Handling Exceptions in a Message-Driven Bean Condition for Exception EJB Container’s Handling Action Message-driven bean method is declared with the Required container- managed transaction attribute and a system exception occurs during the method execution. EJB container saves the system exception into the log file and performs the rollback of the current transaction. EJB container also removes the current message-driven bean instance.

23 Message-Driven Beans and EJB Security Lesson 4B / Slide 23 of 37 J2EE Server Components Creating Message-driven Beans (Contd.) Condition for Exception EJB Container’s Handling Action Message-driven bean method is declared with the NotSupported container-managed transaction attribute and a system exception occurs during the method execution. EJB container saves the exception into the log file and removes the current message-driven bean instance from EJB container.

24 Message-Driven Beans and EJB Security Lesson 4B / Slide 24 of 37 J2EE Server Components Demonstration-Implementing Message-driven Beans Problem Statement Nancy is developing an application that will be used by a client to send JMS-compliant messages to the server. The application needs to store the received messages in a server log file. Nancy needs to use a message-driven bean for developing this application.

25 Message-Driven Beans and EJB Security Lesson 4B / Slide 25 of 37 J2EE Server Components Demonstration-Implementing Message-driven Beans (Contd.) Solution To solve the problem, perform the following tasks: 1.Create the message-driven bean class. 2.Create the application client. 3.Create the JMS connection factory resource. 4.Create the JMS destination resource. 5.Create the physical destination. 6.Package the message-driven bean. 7.Creating the application client JAR file. 8.Configure the bean JAR file and client JAR module. 9.Deploy the application. 10.Test the application.

26 Message-Driven Beans and EJB Security Lesson 4B / Slide 26 of 37 J2EE Server Components Securing EJB Applications Overview of EJB Security A J2EE server provides two methods to implement security, which are authorization and authentication. Authorization Refers to the process where the J2EE server controls the access to the methods in an enterprise bean. Declarative: Involves using EJB container to grant or deny the permission for accessing the methods. Programmatic: Involves explicitly writing the code for granting or denying permissions.

27 Message-Driven Beans and EJB Security Lesson 4B / Slide 27 of 37 J2EE Server Components Securing EJB Applications (Contd.) Authentication Used to control access to the components in an application. The ways of classifying clients: Users Groups Realms Roles

28 Message-Driven Beans and EJB Security Lesson 4B / Slide 28 of 37 J2EE Server Components Securing EJB Applications (Contd.) Specifying EJB Security Requirements in Deployment Descriptor The application assembler defines the security roles in the deployment descriptor to allow specific clients to access the resources. The code snippet to define a security role in the deployment descriptor is: This role includes the customers of a bank. The role allows the customers to view and update their information. Customer

29 Message-Driven Beans and EJB Security Lesson 4B / Slide 29 of 37 J2EE Server Components Securing EJB Applications (Contd.) Accessing EJB Caller Security Context Bean provider uses the getCallerPrincipal() and the isCallerInRole() methods of the javax.ejb.EJBContext interface to retrieve information about a caller. The getCallerPrincipal() method returns an implementation of the java.security.Principal interface. The getName() method of the java.security.principal interface is used to retrieve the name of the caller.

30 Message-Driven Beans and EJB Security Lesson 4B / Slide 30 of 37 J2EE Server Components Securing EJB Applications (Contd.) Responsibilities for Implementing Security Bean provider Application Assembler Deployer EJB container System administrator

31 Message-Driven Beans and EJB Security Lesson 4B / Slide 31 of 37 J2EE Server Components Securing EJB Applications (Contd.) Responsibilities of the Bean Provider Use either programmatic or declarative method to specify the security attributes of an enterprise bean. Specify the names of the security roles in the tag of the deployment descriptor.

32 Message-Driven Beans and EJB Security Lesson 4B / Slide 32 of 37 J2EE Server Components Securing EJB Applications (Contd.) Responsibilities of the Application Assembler Defining the security roles, which have the permission to access the resources in an enterprise bean application. Defining the method permissions for accessing the methods in the home and the component interface of an enterprise bean. Linking the security role names in the tag to the role names specified in the tag of the deployment descriptor. Specifying the methods that need to be authorized prior to their invocation by the container. Specifying the methods that cannot be accessed by including them in the tag in the deployment descriptor.

33 Message-Driven Beans and EJB Security Lesson 4B / Slide 33 of 37 J2EE Server Components Securing EJB Applications (Contd.) Responsibilities of the Deployer Defining method permission for those methods that are neither present in the tag nor associated with any security role. Matching the security attributes specified in the deployment descriptor to their corresponding security domains, where the application deploys.

34 Message-Driven Beans and EJB Security Lesson 4B / Slide 34 of 37 J2EE Server Components Securing EJB Applications (Contd.) Responsibilities of EJB container Providing deployment tools to the deployer. Throwing the exceptions, java.rmi.RemoteException and javax.ejb.EJBException. Allowing the deployer to state whether the caller identity obtained from the getCallerPrincipal() method. Responsibilities of the System Administrator Creating a new user account. Adding a user account to a specific group. Removing a user account from a specific group. Deleting user account. Managing the security principals.

35 Message-Driven Beans and EJB Security Lesson 4B / Slide 35 of 37 J2EE Server Components Practice-Implementing Message- driven Bean to Receive Messages Problem Statement The management of Blue Valley organization wants to implement messaging system in their organization. Robert, a software developer, is assigned the task of developing the messaging application. He needs to create a message-driven bean that receives JMS-compliant messages from a client application and stores them in the server log file.

36 Message-Driven Beans and EJB Security Lesson 4B / Slide 36 of 37 J2EE Server Components Summary In this lesson, you learned: EJB  2.0 specification introduces a new type of bean known as message-driven beans. Message-driven beans are used for asynchronous messaging between two components of an EJB application. Message-driven beans act as the consumers of the messages that are sent by the clients capable of sending JMS-compatible messages. Message-driven beans contain a single business method, onMessage(), which is invoked on receiving a message. Message-driven bean contains the life cycle methods: ejbRemove(), ejbCreate(), and setMessageDrivenContext(). The life cycle of a message-driven bean consists of two stages, Does Not Exist and Ready.

37 Message-Driven Beans and EJB Security Lesson 4B / Slide 37 of 37 J2EE Server Components Summary (Contd.) The deployment descriptor of a message-driven bean is an XML file that specifies various features of the message-driven bean to the container. EJB security process involves allowing only authorized users to access the resources and applications. J2EE server provides two types of security, authentication and authorization. Application assembler defines the security roles that allow a client to access the resources. The application assembler uses the tag to define the security roles and the methods associated with each security role, in the deployment descriptor. Bean provider uses the getCallerPrincipal() and isCallerInRole() methods to check whether the current client has the right to perform the operation or not.

Download ppt "Message-Driven Beans and EJB Security Lesson 4B / Slide 1 of 37 J2EE Server Components Objectives In this lesson, you will learn about: Identify features."

Similar presentations

11 Copyright © 2005, Oracle. All rights reserved. Creating the Business Tier: Enterprise JavaBeans.

11 Copyright © 2005, Oracle. All rights reserved. Creating the Business Tier: Enterprise JavaBeans.
Transactions Celsina Bignoli Motivations Atomic operations –Group of operation that must all succeed or all fail Network or machine.

Transactions Celsina Bignoli Motivations Atomic operations –Group of operation that must all succeed or all fail Network or machine.
Approaches to EJB Replication. Overview J2EE architecture –EJB, components, services Replication –Clustering, container, application Conclusions –Advantages.

Approaches to EJB Replication. Overview J2EE architecture –EJB, components, services Replication –Clustering, container, application Conclusions –Advantages.
6/1/20151 Luca Simone Software Engineering 2 a.a. 2001/2002.

6/1/20151 Luca Simone Software Engineering 2 a.a. 2001/2002.
1 Softsmith Open Learning - EJB 21-Nov-2008. 2 Enterprise Java Beans Introduction –Application ServerApplication Server –Java 2 Enterprise EditionJava.

1 Softsmith Open Learning - EJB 21-Nov Enterprise Java Beans Introduction –Application ServerApplication Server –Java 2 Enterprise EditionJava.
Distributed System Using Java 2 Enterprise Edition (J2EE) B.Ramamurthy.

Distributed System Using Java 2 Enterprise Edition (J2EE) B.Ramamurthy.
Enterprise Applications & Java/J2EE Technologies Dr. Douglas C. Schmidt Professor of EECS.

Enterprise Applications & Java/J2EE Technologies Dr. Douglas C. Schmidt Professor of EECS.
Copyright W. Howden1 Lecture 19: Intro to O/O Components.

Copyright W. Howden1 Lecture 19: Intro to O/O Components.
Java 2 Platform, Enterprise Edition (J2EE). Source: Computer, August 2000 J2EE and Other Java 2 Platform Editions.

Java 2 Platform, Enterprise Edition (J2EE). Source: Computer, August 2000 J2EE and Other Java 2 Platform Editions.
JMS Java Message Service Instructor Professor: Charles Tappert By Student: Amr Fouda.

JMS Java Message Service Instructor Professor: Charles Tappert By Student: Amr Fouda.
J2EE Security and Enterprise Java Beans Mrunal G. Dhond Department of Computing and Information Sciences Master of Science, Final Defense February 26,

J2EE Security and Enterprise Java Beans Mrunal G. Dhond Department of Computing and Information Sciences Master of Science, Final Defense February 26,
ECSE 6780- Software Engineering 1I - 1 - HO 7 © HY 2012 Lecture 7 Publish/Subscribe.

ECSE Software Engineering 1I HO 7 © HY 2012 Lecture 7 Publish/Subscribe.
Version # Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 Sponsored by the U.S. Department of Defense © 1999 by Carnegie.

Version # Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by the U.S. Department of Defense © 1999 by Carnegie.
Version # Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 Sponsored by the U.S. Department of Defense © 1999 by Carnegie.

Version # Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by the U.S. Department of Defense © 1999 by Carnegie.
CS 483 Enterprise and Web Application Programming

CS 483 Enterprise and Web Application Programming
Chapter 10 EJB Concepts of EJB Three Components in Creating an EJB Starting/Stopping J2EE Server and Deployment Tool Installation and Configuration of.

Chapter 10 EJB Concepts of EJB Three Components in Creating an EJB Starting/Stopping J2EE Server and Deployment Tool Installation and Configuration of.
Distributed Multitiered Applications The J2EE platform uses a multitiered distributed application model. Application logic is divided into components 1.

Distributed Multitiered Applications The J2EE platform uses a multitiered distributed application model. Application logic is divided into components 1.
EJB. Component Characteristics An enterprise Bean typically contains business logic that operates on the enterprise’s data. An enterprise Bean’s instances.

EJB. Component Characteristics An enterprise Bean typically contains business logic that operates on the enterprise’s data. An enterprise Bean’s instances.
1 J2EE Components. 2 Application Servers relieve the programming burden for business distributed components. They provide support for system level services.

1 J2EE Components. 2 Application Servers relieve the programming burden for business distributed components. They provide support for system level services.
1 Session Bean Chuyên đề Lập trình Java & J2EE Chương 14 Biên soạn: Th.S Nguyễn văn Lành.

1 Session Bean Chuyên đề Lập trình Java & J2EE Chương 14 Biên soạn: Th.S Nguyễn văn Lành.

Similar presentations

Ads by Google