- ホーム
- > 洋書
- > 英文書
- > Internet / General
Full Description
Architect IBM (R) WebSphere (R) Applications for Maximum Performance, Security, Flexibility, Usability, and Value Successful, high-value WebSphere applications begin with effective architecture. Now, one of IBM's leading WebSphere and WebSphere Portal architects offers a hands-on, best-practice guide to every facet of defining, planning, and implementing WebSphere application architectures. Joey Bernal shows working architects and teams how to define layered architectural standards that can be used across the entire organization, improving application quality without compromising flexibility. Bernal begins by illuminating the role of architecture and the responsibilities of the architect in WebSphere applications and SOA environments. Next, he introduces specific architectural techniques for addressing persistence, application performance, security, functionality, user interaction, and much more. Bernal presents a series of sample architectures drawn from his work with several leading organizations, demonstrating how architectures can evolve to support new layers and changing business requirements. Throughout, his techniques are specific enough to address realistic enterprise challenges, while still sufficiently high-level to be useful in diverse and heterogeneous environments.Coverage includes* Choosing persistence frameworks that serve business requirements without excessive complexity* Avoiding persistence-related problems with performance, security, or application functionality* Designing and deploying effective middle layers and dependent libraries within WebSphere Application Server* Using WebSphere mechanisms and architectural techniques to avoid common security attacks such as SQL injection* Improving performance with WebSphere Application Server caching, including Distributed Maps and Servlet/JSP fragment caching* Using presentation frameworks to provide fast, robust, and attractive user interaction* Incorporating portals that provide a standardized framework for merging multiple applicationsJoey Bernal is an Executive IT Specialist with IBM Software Services for Lotus. Senior Certified with IBM as an IT Specialist, he has an extensive background in designing and developing Web and Portal Applications. He often leads IBM teams that have assisted dozens of clients in leveraging WebSphere Portal to address architecture, design, and implementation challenges. A frequent speaker on WebSphere and portal topics, Bernal is coauthor of Programming Portlets, and hosts the developerWorks blog: WebSphere Portal in Action. Prior to joining IBM, he was Director of IT for an incentive and performance improvement company, and served as lead technical advisor and architect for high-profile Internet and intranet applications at several Fortune 500 companies. You can also visit the author's Web site at www.bernal.net.The IBM Press developerWorks (R) Series is a unique undertaking in which print books and the Web are mutually supportive. The publications in this series are complemented by resources on the developerWorks Web site on ibm.com (R). Icons throughout the book alert the reader to these valuable resources.
Contents
Foreword xixAcknowledgments xxiAbout the Author xxiiiPreface xxvChapter 1 Application Architecture 1What Is Application Architecture? 1Architects and Architecture 2Application Architecture and Engineering 7WebSphere and IBM 8IBM WebSphere Application Server 9A Word about Specifications 13How Close to the Specification Should I Stay with My Architecture? 13WebSphere Extensions to Consider 14One Size Does Not Fit All 15Building Blocks of Application Architecture 16Detail in Layering 18A Complete Example 18Layers Versus Tiers 22Deployment Patterns for a Layered Architecture 24Layers Versus Modules 27A View Perspective on Architecture 30Conclusion 31References 31Chapter 2 Setting a Standard 33Organizational Standards and Conventions 33Putting the "Engineering" in Software Engineering 34Standards Documentation 36Naming Standards and Conventions 36Packages 37Classes and Interfaces 37Functions and Methods 38Variables and Constants 38Java Server Pages 38Internal Documentation 39Class Header Information 40Class Methods 41Getters and Setters 41Inline Comments 41Logging and Tracing 42System.out 43Using the Logger 43Logging Levels 45Method-Level Timers 47Working with Logging and Tracing 49Too Much Logging? 50Why Not Use Aspects? 51Exception and Error Handling 51Project and Packaging File Structure 53Using External Libraries 54Unit Testing Requirements 55What Is a Unit? 58The Trouble with Web Testing 58Agile Approaches 59Code Completion and Review Process Requirements 59Code Reviews 60You Don't Have to Know Java for a Code Review 62Communicating the Vision the Wiki Way 62Conclusion 63Reference 64Chapter 3 Persistence Matters 65Types of Persistence Frameworks 65Object/Relational Mapping 66SQL-Based Frameworks 66Why Not Roll Your Own Framework? 66WebSphere Data Source Resource Reference 67iBATIS Framework 68Implementing the Customer Class and Customer SQL Mapping 72Configurating iBATIS 74Adding the Spring DAO Framework 76Running a Test 80Transactional Thinking 82EJB 3 and the Java Persistence API 83Understanding the Approach 84Entities with POJOs and Annotations 84Entity Managers 88Testing the Application 93Remote Clients 94Conclusion 97Chapter 4 Designing the Middle Tiers 99Business Logic 99Another HelloWorld Example 101Making the Business Layer Accessible 103Getting Ready for Unit Testing 105WebSphere Shared Libraries 107Making the Library Visible 110Mapping Shared Libraries to Class Loaders 114Testing the Business Layer 116Controlling Shared Libraries 117Implementation Options 120Business Process Layers 122Conclusion 123References 123Chapter 5 Presentation Frameworks 125Choosing a Presentation Framework 125JavaServer Faces 127Lifecycle Phase Listener 130About the Sample Application 131Masking and Conversion Errors 144JSF as a Standard 146IBM's JWL 146Conclusion 147References 148Chapter 6 Investing in a Portal 149Incorporating a Portal into Your Architecture 150Virtual Portal Technology 151Business-to-Employee (B2E) Portals 152Business Process or Forms-Based Portal 152Portals Versus the Web App 153Role-based Navigation and Content Delivery 153Security and Single Sign-on 153Content Personalization 154Portlet Aggregation and Composite Applications 154Applications as Portlets 154The Java Portlet API 156Java Portlet API 2.0 158Portlet Preferences 160A Simple Portlet Example 161Switching Modes Programmatically 168Conclusion 172References 173Chapter 7 SOA and Web Services 175Pinning Down SOA 175How to Implement SOA 177Service Modeling 177Services as Business Functions 177Managing Service Data Elements 178A Commitment from the Business 178Things to Consider about Web Services 179Performance 179Standardization 180Manageability 180Web Services Feature Pack for WAS 181Credit Limit Service 182Testing the Service 184Building a New Client Application 187Simple REST-Based Services 189Conclusion 194References 195Chapter 8 Caching and Performance 197Designing for Performance 197Architecture Concerns 198Performance Terminology 199Caching Considerations 199Caching Design Options 200Sizing a Cache 201When Not to Cache 202User Session Caching 202Caching in WebSphere Application Server 203IBM HTTP Server and the Caching Plug-in 205Using the Distributed Map 206Creating a New Distributed Map 206Testing the Distributed Map 209HTML Fragment Caching 214Monitoring the Fragment Cache 216ESI Plug-in Caching 217Conclusion 218References 218Chapter 9 Keeping Things Secure 219Why Security Is Important 219The Role of the Security Architect 221SQL Injection Example 222Protecting against SQL Injection Attacks 224WebSphere Security Basics 225Authenticating Application Users 225Adding a Filter to the Login Process 236Architecting for Security 237WebSphere Single Sign-on 238WebSphere Authorization 239Conclusion 241Chapter 10 Managing Your Applications 243Managing Applications 243Enforcing Architecture Adherence 244Standing by Your Decisions 245Documenting Libraries 245Managing Organizational Process 246Avoiding Common Process Malpractices 249Enforcing Adherence and Reuse with Technology Solutions 251Using a Registry and Repository 251Project Methodology 253Common Methodology Problems 254Change Control Board 255Conclusion 256References 257Appendix A Setting up the Data Sample 259Getting Started 259Database and Schema 260Setting Up Your Data Environment 261Creating the DB2 Database 262Load the Classic Models Data 264Creating a WebSphere Data Source 266Conclusion 275Appendix B Running the Examples 277Chapter Code Samples 277Chapter 2 278Chapter 3 278Chapter 4 278Chapter 5 278Chapter 6 279Chapter 7 279Chapter 8 279Chapter 9 280Conclusion 280Index 283
