Embed Size (px)
Citation preview
Professional Oracle Weblogic Server
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xxiiiChapter 1: Building Web Applications in WebLogic . . . . . . . . . . . . . . . . . . . . . . . . . . 1Chapter 2: Choosing a Web Application Architecture . . . . . . . . . . . . . . . . . . . . . . . 31Chapter 3: Designing an Example Java EE Application . . . . . . . . . . . . . . . . . . . . . . 55Chapter 4: Building an Example Web Application . . . . . . . . . . . . . . . . . . . . . . . . . . . 73Chapter 5: Packaging and Deploying WebLogic Web Applications . . . . . . . . . 125Chapter 6: Building Enterprise JavaBeans in WebLogic Server . . . . . . . . . . . . . 155Chapter 7: Building an Example EJB Application. . . . . . . . . . . . . . . . . . . . . . . . . . . 227Chapter 8: Packaging and Deploying WebLogic Applications . . . . . . . . . . . . . . 265Chapter 9: Developing and Deploying Web Services . . . . . . . . . . . . . . . . . . . . . . . 301Chapter 10: Using WebLogic JMS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 363Chapter 11: Using WebLogic Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 443Chapter 12: Administering and Deploying Applications in WebLogic
Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 519Chapter 13: Optimizing WebLogic Server Performance . . . . . . . . . . . . . . . . . . . . 643Chapter 14: Development Environment Best Practices . . . . . . . . . . . . . . . . . . . . 691Chapter 15: Production Environment Best Practices . . . . . . . . . . . . . . . . . . . . . . 727Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 759
Patrick f01.tex V3 - 08/27/2014 5:14pm Page iii
Professional
Oracle WebLogic Server
Robert PatrickGregory Nyberg
Philip Astonwith Josh Bregman and Paul Done
Wiley Publishing, Inc.
Patrick f01.tex V3 - 08/27/2014 5:14pm Page iv
ProfessionalOracle WebLogicServerPublished byWiley Publishing, Inc.10475 Crosspoint BoulevardIndianapolis, IN 46256www.wiley.com
Copyright © 2010 by Wiley Publishing, Inc., Indianapolis, Indiana
Published simultaneously in Canada
ISBN: 978-0-470-48430-2
Manufactured in the United States of America
10 9 8 7 6 5 4 3 2 1
No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means,electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorizationthrough payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the PermissionsDepartment, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or onlineat http://www.wiley.com/go/permissions.
Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties withrespect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, includingwithout limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales orpromotional materials. The advice and strategies contained herein may not be suitable for every situation. This workis sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professionalservices. If professional assistance is required, the services of a competent professional person should be sought. Neitherthe publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or Web site isreferred to in this work as a citation and/or a potential source of further information does not mean that the author orthe publisher endorses the information the organization or Web site may provide or recommendations it may make.Further, readers should be aware that Internet Web sites listed in this work may have changed or disappeared betweenwhen this work was written and when it is read.
For general information on our other products and services please contact our Customer Care Department within theUnited States at (877) 762-2974, outside the United States at (317) 572-3993 or fax (317) 572-4002.
Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be availablein electronic books.
Library of Congress Control Number: 2009930280
Trademarks: Wiley, the Wiley logo, Wrox, the Wrox logo, Wrox Programmer to Programmer, and related trade dressare trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and othercountries, and may not be used without written permission. Oracle is a registered trademark of Oracle Corporationand/or its affiliates. All other trademarks are the property of their respective owners. Wiley Publishing, Inc., is notassociated with any product or vendor mentioned in this book.
Patrick f01.tex V3 - 08/27/2014 5:14pm Page v
To Chintana and Tony–For their patience, love, and support.
— Robert
For my Father–A good man I should have known better.
— Greg
To all who have worked to make WebLogic Server what it is today,and to those dreaming about its future.
— Philip
Patrick f01.tex V3 - 08/27/2014 5:14pm Page vi
Patrick f02.tex V3 - 08/28/2014 6:09pm Page vii
About the Authors
Robert Patrick is a VP in Oracle’s Fusion Middleware Development organization, responsible for ateam of Solution Architects (known as the A-Team) covering EMEA, APAC, and Latin America engage-ments. Robert has over 16 years experience in the design and development of distributed systems, andhe specializes in designing and troubleshooting large, high performance, mission-critical systems builtwith various middleware technologies. Prior to joining Oracle, Robert spent 7 1
2 years working for BEASystems (most recently as their Deputy CTO) where he spent most of his time advising Fortune 1000companies how to best apply middleware technology to solve their business problems. He has writ-ten papers, magazine articles, and was one of the co-authors of the previous edition of Mastering BEAWebLogic Server (Wiley, 2003) as well as speaking at various industry conferences.
Greg Nyberg has over 20 years of experience in the design and development of object-oriented sys-tems and specializes in large mission-critical systems using WebLogic Server. Mr. Nyberg is one of theco-authors of the previous edition of Mastering BEA WebLogic Server (Wiley, 2003) and is the author ofthe book WebLogic Server 6.1 Workbook for Enterprise JavaBeans, 3rd Edition (O’Reilly & Associates, 2002).Mr. Nyberg has spoken to local and national users’ groups on a variety of topics over the last decade,focusing on pragmatic approaches to Enterprise Java architecture and team development. Mr. Nyberg iscurrently Senior Development Engineer, IT, at Carlson Hotels Worldwide, and is responsible for applica-tion development and technical architecture.
Philip Aston has specialized in WebLogic Server since joining BEA Professional Services in 2000. Hecurrently works for Oracle’s SOA Consulting team in the UK. Philip is hands-on with customers mostdays, helping them to extract the best value from their investment in WebLogic Server. Philip is thedeveloper of The Grinder, a popular Java load-testing tool, is co-author of J2EE Performance Testing withBEA WebLogic Server (Expert Press 2002, APress 2003), and has also written for the WebLogic DevelopersJournal and BEA dev2dev (now part of the Oracle Technology Network).
Contributing Authors
Josh Bregman has nearly 15 years experience architecting Java and Java EE-based security and iden-tity management solutions. Josh is a Consulting Solutions Architect at Oracle where he advises Oracleand its key customers on technology, architecture, and implementation best practices. Prior to joiningOracle, Josh worked at BEA Systems for 3 years as the Enterprise Security Specialist for the Americas.In this role, Josh worked with customers to develop security solutions for WebLogic Server and relatedBEA technologies. Before joining BEA, Josh worked at Netegrity/CA for 5 years where he designedand developed a number of Java based security products, including IdentityMinder and SiteMinderApplication Server Agents for BEA WebLogic Server and IBM WebSphere. Josh has also held engineer-ing positions at GTE/Verizon Labs and IBM Global Services. Josh holds a B.A. in Mathematics fromthe University of Rochester and had spoken at a number of industry conferences including the RSAConference and Oracle Open World. Josh is the also the author of the Oracle Fusion Security blog athttp://fusionsecurity.blogspot.com.
Paul Done joined BEA Professional Services in early 2005, having worked for the previous 6 years forother J2EE Application Server vendors (SilverStream, Novell eXtend). He is now an Oracle Middlewareconsultant based in the UK, following Oracle’s acquisition of BEA. This is Paul’s second spell at Oracle,having worked in Oracle Product Development in the ’90s, developing Oracle’s Designer 2000 product.Paul specializes in Oracle’s WebLogic Server, Service Bus and JRockit JVM technologies. He also is thedeveloper of an open source monitoring tool for WebLogic, called ‘DomainHealth,’ and is a contributorto articles on Dev2Dev and Oracle Technology Network (OTN).
Patrick f02.tex V3 - 08/28/2014 6:09pm Page viii
Patrick f03.tex V3 - 08/28/2014 6:09pm Page ix
CreditsExecutive EditorRobert Elliott
Project EditorChristopher J. Rivera
Technical EditorsPrasanth PallamreddyMatthew ShinnRyan EberhardTom BarnesWill HopkinsNaresh RevanuruDerek Sharpe
Production EditorEric Charbonneau
Copy EditorKim Cofer
Editorial DirectorRobyn B. Siesky
Editorial ManagerMary Beth Wakefield
Production ManagerTim Tate
Vice President and Executive Group PublisherRichard Swadley
Vice President and Executive PublisherBarry Pruett
Associate PublisherJim Minatel
Project Coordinator, CoverLynsey Stanford
ProofreaderJen Larsen, Word One
IndexerJack Lewis
Cover Photo© Ryan McVay / Digital Vision / Getty Images
Patrick f03.tex V3 - 08/28/2014 6:09pm Page x
Patrick f04.tex V3 - 08/28/2014 6:09pm Page xi
Acknowledgments
The authors would like to thank the many people who helped to create this book:
❑ To our editor, Robert Elliott, thank you for your patience and support.
❑ To our project editor, Christopher Rivera, thank you for juggling the crazy timelines and last-minute edits and helping us craft a strong, readable book.
❑ To the many people who helped review the technical content and provided assistance alongthe way, our heartfelt thanks. Special thanks to Duncan Mills, David Ezzio, Mike Lehmann,Robyn Chan, Steve Harris, and Ted Farrell for their strong support and encouragement. Thanksto our technical reviewers: Prasanth Pallamreddy, Steven Liu, Matt Shinn, Ryan Eberhard, WillHopkins, Tom Barnes, Naresh Revanuru, Ballav Bihani, and Derek Sharpe. Thanks also to SalGambino, Dongbo Xiao, Craig Perez, Dave Felts, Jeff Tancill, Raja Mukherjee, Michael Chen,Dave Cabelus, Greg Stachnick, Doug Clark, Gordon Yorke, Peter Bower, Loren Konkus, ShaunPei, Josh Dorr, Raj Inamdar, Alex Somogyi, Sandeep Shrivastava, and the many other Oracleengineers for their assistance in helping us understand the finer points of WebLogic Server andtroubleshooting out examples. This book owes its success to these fine people.
I would like to thank my wife, Chintana, for her patience these last few months. Special thanks to Gregand Phil for making this book possible and putting up with my constant changes and delays. Thanksalso to Josh and Paul who really made the Security and Web Services chapters what they are. Withoutthe four of you, this book would have never happened.
— Robert Patrick
I would like to thank my wife, Meredith, for her patience these last few months. Not as long as the firsttime around, but quite an ordeal nonetheless. Special thanks also to Robert for agreeing to be lead authorand for never compromising on the quality, accuracy, or completeness. You are very good at what youdo! Finally, I am forever grateful for the blessings in my life and I know from whom they come. All thingsare possible.
— Greg Nyberg
I would like to thank Robert and Greg for inviting me to join this project, and for allowing me to win oneor two of the battles.
— Philip Aston
Patrick f04.tex V3 - 08/28/2014 6:09pm Page xii
Patrick ftoc.tex V3 - 09/21/2009 4:39pm Page xiii
Contents
Introduction xxiii
Chapter 1: Building Web Applications in WebLogic 1
Java Servlets and JSP Key Concepts 1Characteristics of Servlets 1Characteristics of JavaServer Pages 7
Web Application Best Practices 13Ensure Proper Error Handling 13Use JSTL Tags to Reduce Scriptlet Code 15Use Custom Tags for Selected Behaviors 19Use Servlet Filtering for Common Behaviors 22Creating Excel Files Using Servlets and JSP Pages 26Viewing Generated Servlet Code 30
Chapter Review 30
Chapter 2: Choosing a Web Application Architecture 31
Architecture Key Concepts 31Java EE Application Tiers 31Model-View-Controller Architecture 32Common Java EE Design Patterns 33
Presentation-Tier Architecture Selection 33Presentation-Tier Requirements 34Other Architecture Considerations 45
Candidate Presentation-Tier Architectures 46JSP-Centric Architecture 46Servlet-Centric Architecture: Struts 48Servlet-Centric Architecture: Spring MVC 50
Chapter Review 53
Chapter 3: Designing an Example Java EE Application 55
Application Requirements 55Business Domain Models 56
Patrick ftoc.tex V3 - 09/21/2009 4:39pm Page xiv
Contents
Presentation Requirements 57Web Application Architecture 59Presentation Approach 60
Self-Assembly 61Master Page Assembly 64External View Assembly with Tiles Framework 66
Business-Tier Interfaces 67Controllers Call Business Services 68Controllers Populate Forms for JSPs 69Updates Require Explicit Service Calls 71Relationships in Presentation Components 71
Chapter Review 72
Chapter 4: Building an Example Web Application 73
Overview of Application Components 73Constructing the Application Skeleton 75Constructing the User Site Components 76
Reservation Information Components 76Core Reservation Process Components 79Targeted Offers Components 103
Construction of Administration Site Components 105Authentication/Authorization Components 105Property Maintenance Components 108
Chapter Review 123
Chapter 5: Packaging and Deploying WebLogic Web Applications 125
Packaging Web Applications 125Web Application Directory Structure 126Web Application Descriptor Files 128Precompiling JSP Components 137Creating an Exploded Web Application 139Creating a Web Application Archive File 144
Deploying Web Applications 145Automatic Deployment 145WebLogic Deployer Utility and Ant Task 148WebLogic Console Deployment 150Creating Required Users and Groups for BigRez.com 152
Chapter Review 153
xiv
Patrick ftoc.tex V3 - 09/21/2009 4:39pm Page xv
Contents
Chapter 6: Building Enterprise JavaBeans in WebLogic Server 155
EJB Technology Overview 155EJB 3.0 156
The Spring Framework 157EJB Component Types 157
Stateless Session Beans 158Stateful Session Beans 159Message-Driven Beans 161Interceptors 162
The Java Persistence API 163JPA History 163JPA Concepts 165A JPA Sample 166Applying JPA 189
WebLogic Server EJB Container 189EJB Container Basics 190EJB Lifecycle in WebLogic Server 190
General WebLogic Server EJB Features 192EJB Deployment/Redeployment 192Dynamic EJB Compilation 192EJB Remote Business Interfaces and JNDI 193References between EJBs 195
Session Bean Features 201Stateless Session EJB Pooling 201Stateful Session EJB Cache Management 202In-Memory Replication for Stateful Session EJBs 204Handles to Session Beans 207Idempotent Methods 207
Message-Driven Bean Features 208OpenJPA and Kodo Features 209
The Kodo Deployment Descriptor 209Fetch Groups 210Eager Fetching 212Optimistic Locking Version Strategies 212Large Result Sets 215Second-level Caching 217Controlling Flush Behavior 219Managed Inverses 219
xv
Patrick ftoc.tex V3 - 09/21/2009 4:39pm Page xvi
Contents
Mixed Inheritance Strategies 220Prepared Statement Caching 220
Deployment Descriptors or Annotations? 221Deployment Plans 222Annotations, Descriptors, Plans, and Dependency Injection 223
Chapter Review 225
Chapter 7: Building an Example EJB Application 227
Business Layer Requirements 227Business Logic Requirements 228Object-Relational Mapping Requirements 230Data Access Requirements 234Other Business Layer Requirements 235Review of Business Layer Requirements 235
Business Layer Architecture Options 235SLSBs and the Session Facade Requirements 236Stateless Session EJBs with JDBC 237Stateless Session EJBs with EJB 2.1 CMP Entity Beans 238Stateless Session EJBs with JPA 242
The bigrez.com Implementation 244Database Schema 245Domain Model 247Services 252Unit Tests 258Adding Optimistic Locking 259
Using TopLink instead of Kodo 260Why Would You Want to Use TopLink? 260Changes to bigrez.com to use TopLink 260
Chapter Review 264
Chapter 8: Packaging and Deploying WebLogic Applications 265
Creating an EJB Archive File 265EJB Deployment Descriptors 266
Packaging JPA Persistence Units 273Enterprise Applications 274
Enterprise Application Directory Structure 277Enterprise Application Descriptor Files 278Exploded Deployments 282Bundled Libraries 284Shared Java EE Libraries and Optional Packages 286Other Types of Modules 287
xvi
Patrick ftoc.tex V3 - 09/21/2009 4:39pm Page xvii
Contents
Customizing Classloading 289Packaging bigrez.com 291Deploying Applications 294
Creating Required Services 295Automatic Deployment and weblogic.Deployer 297WebLogic Console Deployment 298
Chapter Review 298
Chapter 9: Developing and Deploying Web Services 301
Summarizing Web Services Standards 301Creating Web Services with WebLogic Server 303
Web Services Container Architecture 303Developing Web Services for WebLogic Server 304Developing Web Service Clients 318
Moving Past the Basics 322Using JAX-RPC 322Understanding Style and Use 323Influencing which Operation to Invoke 325Creating More Dynamic Web Services 327Using Web Service Handlers 334Using SOAP Attachments 338Implementing Stateful Web Services 342Implementing Asynchronous Web Services 343Customizing Mappings between Java and XML 346
Using Web Services Security 348Defining Security Policies 349Transport-level Security 350Message-level Security 352Web Service Security Configuration 358
Adding Web Services to bigrez.com 359Chapter Review 361
Chapter 10: Using WebLogic JMS 363
JMS Key Concepts 363Understanding the Messaging Models 363Reviewing the JMS API 364
The WebLogic JMS Provider 370Understanding WebLogic JMS Servers 370Clustering WebLogic JMS 371WebLogic JMS Clients 380Configuring WebLogic JMS 383
xvii
Patrick ftoc.tex V3 - 09/21/2009 4:39pm Page xviii
Contents
WebLogic JMS Application Design 398Choosing a Destination Type 398Locating Destinations 399Choosing the Appropriate Message Type 400Compressing Large Messages 402Selecting a Message Acknowledgment Strategy 403Designing Message Selectors 404Choosing a Message Expiration Strategy 407Handling Poison Messages 409Handling Message Ordering Issues 412Using Transactions 417Using Multicast Sessions 419Handling Request/Reply Style Message Exchange 420
WebLogic JMS Application Programming 424Using WebLogic JMS with Servlets and EJBs 424Consuming Asynchronous Messages on the Server 427
External JMS Providers 432Understanding the Messaging Bridge 433Understanding the Store-and-Forward Service 434Using Message-Driven Beans 436Mapping External JMS Objects to WebLogic JNDI 437Integrating Oracle Advanced Queuing 438Choosing an Integration Strategy 440
Chapter Review 441
Chapter 11: Using WebLogic Security 443
WebLogic Security Overview 443Administration 447
WebLogic Security Framework 449Embedded LDAP Server 450Security Realms and Providers 453
Using External Security Stores 465Managing External LDAP Authentication 465Managing RDBMS Authentication 467
Setting Up SSL/TLS 469Overview of SSL and X.509 Certificates 469Obtaining X.509 Certificates 470Configuring One-Way SSL 472Configuring Two-Way SSL 474Debugging SSL Problems 477
Writing Security-Aware Java Clients 478
xviii
Patrick ftoc.tex V3 - 09/21/2009 4:39pm Page xix
Contents
Writing Java Clients That Use JAAS 479Writing Java Clients That Use SSL 482
Managing Application Security 487Application Security Models 487Setting Up Java EE Application Security 488Setting Up WebLogic Server Application Security 496Booting WebLogic Server 500
Single Sign-On 501Security Assertion Markup Language (SAML) 501Setting Up Cross Domain Security and Single Sign-On 510Custom Authentication Providers 516
Chapter Review 517
Chapter 12: Administering and Deploying Applications in WebLogic Server 519
WebLogic Architecture Key Concepts 519Domain Architecture 519WebLogic Server Architecture 521WebLogic Server Clustering Architecture 530Admin Server 538Node Manager 541
WebLogic Administration Key Concepts 542Server States 542Server Self-Health Monitoring 544Network Channels 545
Configuring a WebLogic Server Domain 547Setting Up a New Domain 549Configuring Servers 551Configuring the Cluster 553Configuring Network Channels 557Setting Up the Node Manager 560Operating System Configuration 566Java Virtual Machine Configuration 567Web Server Plug-in Configuration 567Administration Port and Channel Configuration 572Configuring Applications for WebLogic Server 575
Monitoring WebLogic Server Applications 595Using the WebLogic Scripting Tool 595Using the Deprecated Command-Line Administration Tool 600Monitoring with the WebLogic Console 601Programmatic Monitoring with JMX 603Monitoring via SNMP 607
xix
Patrick ftoc.tex V3 - 09/21/2009 4:39pm Page xx
Contents
Managing WebLogic Server Applications 615Troubleshooting Application Issues 615Versioning Applications 628Managing Failure Conditions 630
Chapter Review 641
Chapter 13: Optimizing WebLogic Server Performance 643
Overview of System Performance 644Reviewing the Core Principles 644Tuning a WebLogic Server-Based Application 645
Performance Best Practices 665Designing for Performance 665Understanding Web Container Best Practices 667Understanding EJB Container Best Practices 670Applying Database Access Best Practices 672
Troubleshooting Performance Problems 677Preparing for Troubleshooting 678Bottleneck Identification and Correction 678Problem Resolution 680Common Application Server Performance Problems 682Java Stack Traces 684
Chapter Review 689
Chapter 14: Development Environment Best Practices 691
Defining Required Hardware and Software 692Sharing a Database Server 693
Installing WebLogic Server Software 695Creating and Configuring a WebLogic Server Domain 696
Development Project Structure 697Streamlining the Development Cycle 698
Split Directory Development 698FastSwap 700
Establishing a Build Process 701Continuous Integration 702Code Inspection and Reporting Tools 704
Integrated Development Environments 704Prerequisites 705Configuring Eclipse for bigrez.com 705Configuring JDeveloper for bigrez.com 711Debugging with an IDE 714
Creating a Unit Testing Infrastructure 715
xx
Patrick ftoc.tex V3 - 09/21/2009 4:39pm Page xxi
Contents
The Importance of Unit Testing 716The JUnit Testing Framework 717Out-of-Container Testing 719Testing Web Interfaces 722Web Services 724Performance and Concurrency Testing 725
Chapter Review 726
Chapter 15: Production Environment Best Practices 727
Deployment Strategies 727Evaluating Deployment Strategies 728Server Deployment Strategies 729Single-Site Deployment Strategies 731Multiple Site Deployment Strategies 737Designing Multiple-Site WebLogic Clusters 738Implementing Clusters That Span Multiple Sites 741Implementing One Cluster per Site 743
Global and Local Traffic Management 745Using Load Balancers 745Using Local Load Balancers with WebLogic Server 747Using Global Load Balancers with WebLogic Server 748
Production Security Strategies 749Understanding Application Data Flow 749Understanding Firewall Layouts 750Using a Connection Filter 751Locking Down Web Applications 753Examining Other Security Considerations 754Using SSL Hardware Acceleration 756
Chapter Review 757
Index 759
xxi
Patrick ftoc.tex V3 - 09/21/2009 4:39pm Page xxii
Patrick f05.tex V3 - 08/28/2014 6:09pm Page xxiii
I n t roduc t ion
Professional Oracle WebLogic Server is different from other books about WebLogic Server and Java EEtechnologies.
First, it is an advanced-level book designed to complement the Oracle online documentation and otherintroductory books on Java EE and WebLogic Server technologies, providing intermediate- to advanced-level developers, architects, and administrators with in-depth coverage of key Java EE development anddeployment topics. We skip the basic material, avoid duplicating basic references or information easilyobtained elsewhere, and focus on information and techniques not available anywhere else. Written by ateam of Oracle insiders and experts in the development of enterprise-class Java EE applications, this bookstarts where other books and references stop.
Second, this is a book with an opinion. Rather than simply articulating the options available to solve agiven problem and leaving it up to you to decide, we share our thought process and give you concreterecommendations and best practices for use in your own application-development and administrationefforts. Different design solutions, architectures, construction techniques, deployment options, and man-agement techniques are presented and explained — but we do not stop there. We go on and explain thebenefits of a given alternative and when to use it. We want you to understand not just how things can bedone, but also how they should be done.
Finally, the primary example application built and described in these pages is a realistic, complex applica-tion that highlights many of the features of Java EE technologies in general and Oracle WebLogic Server11g in particular. The example application leverages key technologies such as JSP, Spring MVC, EJB3.0, JPA, JMS, and Web Services to demonstrate their use, and the text walks you through each decisionmade during the design, development, and deployment of the application to assist you in making similardecisions in your own efforts.
Who This Book Is ForProfessional Oracle WebLogic Server is not intended to be a primer or introductory book on Java EEtechnologies or the WebLogic Server environment. Written as an advanced-level book with minimalcoverage of basic concepts, this book is for experienced developers and WebLogic Server administratorslooking to take their knowledge of these technologies to the next level.
What This Book CoversThis book is focused on Java EE development, deployment, and administration using the latest releaseof Oracle WebLogic Server, 11g. Many of the technologies, frameworks, deployment techniques, andmanagement tools described in the book require this version of WebLogic Server and the latest versionsof the Java EE environment and various libraries and frameworks. The primary example application builtin the book, bigrez.com, also requires WebLogic Server 11g.
Patrick f05.tex V3 - 08/28/2014 6:09pm Page xxiv
Introduction
That said, the authors do not subscribe to the newer-is-always-better school of technology. Where itmakes sense, tried-and-true versions of Java EE frameworks and libraries are used in the examples ifthese choices meet our requirements and get the job done.
The following is a partial list of the technologies and frameworks described, compared, and used (or notused) in this book and its examples:
❑ EJB 3.0, JPA, OpenJPA, Kodo, TopLink
❑ Java 6, Spring 2.5 MVC, Jakarta Struts 1.2, JSP 2.0, Tiles 2.0
❑ JMS 1.1, SOAP 1.1, JAX-WS 2.1
❑ JAAS, SAML 1.1 and 2.0, XACML, SSL, TLS 1.0, JSSE
❑ JMX, SNMP, WLST, WLDF
How This Book Is StructuredProfessional Oracle WebLogic Server is organized around three key themes:
❑ Walking you through the design, construction, and deployment of a realistic example applica-tion.
❑ Discussing advanced topics and best practices in areas such as security, administration, perfor-mance tuning, and configuration of WebLogic Server environments.
❑ Providing you with best practices for developing, deploying, and managing your own WebLogicServer applications.
The first 10 chapters focus on the first theme, and the next 5 target the second theme; best practices are afocus throughout the entire book. Here is a brief description of each chapter to help you understand thescope and organization of the book:
Chapter 1 reviews key web application concepts and technologies and then discusses advancedtopics such as JSTL, the expression language, custom tags, and servlet filtering.
Chapter 2 examines the presentation-tier requirements that drive web application architectures,compares three different candidate architectures, and makes specific recommendations to help youchoose an appropriate architecture for your WebLogic Server application.
Chapter 3 details the design of the presentation tier of a fairly large and complex Java EE applica-tion. Topics include alternative page assembly techniques, business-tier interfaces, and the require-ments of the example application that led to the chosen design.
Chapter 4 walks through the construction of the Spring MVC– and JSP-based example web appli-cation. Construction techniques unique to WebLogic Server are emphasized along with the compo-nents and techniques resulting from the choice of presentation approach, web application architec-ture, and business-tier interaction techniques.
Chapter 5 discusses the steps required to package and deploy a WebLogic Server web applicationwith an emphasis on WebLogic Server–specific techniques and best practices.
Chapter 6 examines options and best practices for implementing Enterprise JavaBeans (EJB) andrelated persistence technologies in WebLogic Server 11g. After a brief review of EJB technology,
xxiv
Patrick f05.tex V3 - 08/28/2014 6:09pm Page xxv
Introduction
the focus turns to the JPA persistence specification and the OpenJPA and Kodo implementations.The final half of the chapter then discusses key EJB-related features in WebLogic Server 11g andexplains how best to leverage them in your development efforts.
Chapter 7 walks through the design and construction of the business tier of the example appli-cation started in Chapters 1–4, highlighting key concepts and best practices. Candidate business-tier architectures are first identified and examined in light of a representative set of business-tierrequirements. Next, the techniques required to implement the chosen EJB architecture are coveredin detail to highlight implementation details and best practices. Finally, the chosen JPA implemen-tation (Kodo) is swapped out in favor of an alternative implementation (TopLink) to show the easewith which this can be done.
Chapter 8 discusses the steps required to package and deploy WebLogic Server enterprise applica-tions. The basic structures of EJB modules and enterprise applications are reviewed, techniques forpackaging JPA persistent units are discussed, Ant-based build processes are presented, options forpackaging enterprise applications are compared, and deployment techniques for WebLogic Serverdevelopment environments are examined.
Chapter 9 reviews web services technology, describes WebLogic Server 11g support for web ser-vices, and presents key best practices related to web services. Example web services are createdusing WebLogic Server utilities, advanced web services features in WebLogic Server are discussed,and a web service is built to interface with the primary example program in the book.
Chapter 10 presents information and best practices related to the WebLogic Server JMS imple-mentation. Topics include JMS clustering and high availability, the various JMS client options,WebLogic JMS provider configuration, JMS application design considerations, building applica-tions that leverage WebLogic JMS, and integrating with external JMS providers.
Chapter 11 covers important topics related to WebLogic Server security, including the WebLogicServer Security Service, the WebLogic Security Framework and its built-in providers, integratingwith external authentication providers, setting up secure client-server and server-to-servercommunication, managing application security, and configuring WebLogic Server for singlesign-on.
Chapter 12 focuses on WebLogic Server administration and the architecture of the WebLogicServer product. This is not a users’ guide to the administration console, but rather an in-depth lookat the internal architecture of WebLogic Server, a discussion of important administrative conceptssuch as server health states and network channels, and a thorough treatment of the configuration,monitoring, and management of WebLogic Server and WebLogic Server–based applications.
Chapter 13 presents best practices for delivering and troubleshooting scalable high-performancesystems. It includes a discussion of core principles and strategies for scalable Java EE systems, acollection of important design patterns and best practices that affect performance and scalability,and steps and techniques you can use to improve performance and solve scalability issues in yoursystems.
Chapter 14 rounds out the discussion of development-related best practices with recommenda-tions in key areas related to the development environment. Topics include development envi-ronment hardware and software, proper installation of WebLogic Server in the developmentenvironment, organizing your project directory structure, establishing a build process, choosingappropriate development tools, and creating a unit testing infrastructure for your project.
Chapter 15 discusses strategies and best practices for deploying WebLogic Server applications ina production environment, focusing on production deployment strategies, global traffic manage-ment solutions, and production security best practices.
xxv
Patrick f05.tex V3 - 08/28/2014 6:09pm Page xxvi
Introduction
What You Need to Use This BookThe examples and best practices in this book are based on Oracle’s WebLogic Server 11g applicationserver, available from the Oracle download site at http://otn.oracle.com/. Download and install thisproduct if you plan to build and deploy any of the example applications.
The WebLogic Server 11g installer includes a version of Eclipse suitable for viewing and editing theexample code. Alternatively, you may prefer to use Oracle JDeveloper 11g, or another Java developmenttool. Chapter 14 contains full details about how to install and configure Eclipse and JDeveloper.
Finally, the main example program in this book assumes that you have a copy of the Oracle RDBMSavailable in your environment. We used the full Oracle Database 10g. Oracle Database 11g, or the 10gExpress Edition (also known as Oracle XE) should also work fine. See the Oracle download site athttp://otn.oracle.com/database for a trial copy of the database software.
Source CodeAs you work through the examples in this book, you may choose either to type in all the code manually orto use the source code files that accompany the book. All of the source code used in this book is availablefor download at www.wrox.com. Once at the site, simply locate the book’s title (either by using the Searchbox or by using one of the title lists) and click the Download Code link on the book’s detail page to obtainall the source code for the book.
Because many books have similar titles, you may find it easiest to search by ISBN; this book’s ISBN is978-0-470-48430-2.
Once you download the code, just decompress it with your favorite compression tool. Alternately, youcan go to the main Wrox code download page at www.wrox.com/dynamic/books/download.aspx to seethe code available for this book and all other Wrox books.
ErrataWe make every effort to ensure that there are no errors in the text or in the code. However, no one isperfect, and mistakes do occur. If you find an error in one of our books, like a spelling mistake or faultypiece of code, we would be very grateful for your feedback. By sending in errata you may save anotherreader hours of frustration and at the same time you will be helping us provide even higher qualityinformation.
To find the errata page for this book, go to www.wrox.com and locate the title using the Search box or oneof the title lists. Then, on the book details page, click the Book Errata link. On this page you can view allerrata that has been submitted for this book and posted by Wrox editors. A complete book list includinglinks to each book’s errata is also available at www.wrox.com/misc-pages/booklist.shtml.
If you don’t spot ‘‘your’’ error on the Book Errata page, go to www.wrox.com/contact/techsupport.shtml and complete the form there to send us the error you have found. We’ll check the information and,if appropriate, post a message to the book’s errata page and fix the problem in subsequent editions ofthe book.
xxvi
Patrick f05.tex V3 - 08/28/2014 6:09pm Page xxvii
Introduction
Online AppendixWithin the text of this book, the authors occasionally refer you to online information available at sites likehttp://otn.oracle.com/ and http://java.sun.com/ to supplement the discussions within this book.The authors found that in many cases the desired reference URLs were both long — making them nearlyimpossible to type accurately — and had a tendency to change over time as documentation was modifiedand expanded. For this reason, actual addresses for additional reference material are not included in thistext. Instead, an online Appendix available at www.wrox.com/ compiles and organizes all referencedURLs by chapter. The text itself refers to these links by number, e.g., Link 3-1. If you are interested inlocating and reading online reference information mentioned in the text, download the online Appendixfrom www.wrox.com/ and use the addresses found therein.
p2p.wrox.comFor author and peer discussion, join the P2P forums at p2p.wrox.com. The forums are a web-basedsystem for you to post messages relating to Wrox books and related technologies and interact with otherreaders and technology users. The forums offer a subscription feature to e-mail you topics of interest ofyour choosing when new posts are made to the forums. Wrox authors, editors, other industry experts,and your fellow readers are present on these forums.
At http://p2p.wrox.com you will find a number of different forums that will help you not only as youread this book, but also as you develop your own applications. To join the forums, just follow these steps:
1. Go to p2p.wrox.com and click the Register link.
2. Read the terms of use and click Agree.
3. Complete the required information to join as well as any optional information you wish toprovide and click Submit.
4. You will receive an e-mail with information describing how to verify your account and com-plete the joining process.
You can read messages in the forums without joining P2P but in order to post your own messages, youmust join.
Once you join, you can post new messages and respond to messages other users post. You can readmessages at any time on the Web. If you would like to have new messages from a particular forume-mailed to you, click the Subscribe to this Forum icon by the forum name in the forum listing.
For more information about how to use the Wrox P2P, be sure to read the P2P FAQs for answers toquestions about how the forum software works as well as many common questions specific to P2P andWrox books. To read the FAQs, click the FAQ link on any P2P page.
xxvii
Patrick f05.tex V3 - 08/28/2014 6:09pm Page xxviii
