:::: MENU ::::

Companies Increasingly Need the Internet to Compete

Through the next decade, most business transactions will be conducted over the Internet. To make this work on a grand scale, standards are critical. The success of JEE is important because it ensures that the Internet is the most cost-effective medium to use for promoting the services of a business. Conducting business with a user-friendly, reliable, speedy, and attractive set of web pages supported by reliable back-end business logic will make the difference between success and failure in the enterprise business.
The entire business must be Internet enabled. The business site must engage the customers and enable them to conduct transactions without the necessity of human interaction. Moreover, it will feed the organization’s “fulfillment” engine as well as provide a place to go for post-transaction services.
Corporations will need architects to anchor development standards such as JEE to facilitate the construction of websites. These sites will communicate the business objectives of their clients, whether they want to direct functionality to local, national, or international markets.
Development roles are now more important than ever. The architect must work together with other technical and graphic design personnel to ensure that the web pages not only meet the business’s needs but that they also maintain a perfect balance between performance and professional graphics work. The design of each component must follow a standard such as JEE to ensure that the end product looks professional, loads faster, and effectively communicates the company’s business objectives to the world.

How to synchronize List, Set and Map elements?

Collections Java class provides methods to make List, Set or Map elements as synchronized:

public static List synchronizedList(List l){}

public static Set synchronizedSet(Set s){}

public static SortedSet synchronizedSortedSet(SortedSet s){}

public static Map synchronizedMap(Map m){}

public static SortedMap synchronizedSortedMap(SortedMap m){}

Here, you can find one example that uses synchronizedList

 Get Synchronized List from Java ArrayList example
 This java example shows how to get a synchronized list from Java ArrayList using
 synchronizedList method of Collections class.
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
public class GetSynchronizedListFromArrayListExample {
 public static void main(String[] args) {
 //create an ArrayList object
 ArrayList arrayList = new ArrayList();
 Java ArrayList is NOT synchronized. To get synchronized list from
 ArrayList use
 static void synchronizedList(List list) method of Collections class.
 List list = Collections.synchronizedList(arrayList);
 Use this list object to prevent any unsynchronized access to original
 ArrayList object.

OO – Principles

When you are working on analysis, design and coding stuff, specifically on technologies like Java, it is important some aspects which you must keep in mind. These guidelines are useful and needful in order to create your architectures and designs by using the best practices such as follow design patterns as well of using OO principles. If you want to spend some minutes on OO Principles, please spend that time on the next page.

OO – Principles

JAX-RS Implementations

When you are going to start any kind of implementation by using JAX-RS, it’s important to keep in mind that version is the right to integrate with your current needs. Next, you will have a brief description about the main three JAX-RS implementations on the market:

Jersey – It is the open source reference implementation of JAX-RS. Jersey is built, assembled, and installed using Maven. The main project site, https://jersey.java.net/, contains a download button that links to instructions on how to get started with Jersey, its prerequisites, and links to samples. Jersey is also shipped with the application server GlassFish.

Apache CXF – It is a popular open source web services framework. It was originally just a SOAP stack, but they recently added support for JAX-RS. The CXF philosophy is that different web service styles can coexist. You’ll see a lot of this when you use the framework to write your RESTful web services. Apache CXF has a few nice extensions to JAX-RS that I’d like to point out.

JBoss RESTEasy – It is Red Hat’s implementation of JAX-RS and is the project I lead and run at Red Hat. It is licensed under the GNU Lesser General Public License (LGPL) and can be used in any environment that has a servlet container. Many of its features overlap with other JAX-RS implementations, so I’ll highlight only distinguishing features Here.

Authentication & Authorization in JAX-RS

While authentication is about establishing and verifying user identity, authorization is about permissions. Is my user allowed to perform the operation it is invoking? None of the standards-based Internet authorization protocols discussed so far deals with authorization. The server and application know the permissions for each user and do not need to share this information over a communication protocol. This is why authorization is the domain of the server and application.

JAX-RS relies on the servlet and Java EE specifications to define how authorization works. Authorization is performed in Java EE by associating one or more roles with a given user and then assigning permissions based on that role. While an example of a user might be “Bill” or “Monica,” roles are used to identify a group of users, for instance, “adminstrator,” “manager,” or “employee.” You do not assign access control on a peruser basis, but rather on a per-role basis.

To enable authentication, you need to modify the WEB-INF/web.xml deployment descriptor of the WAR file your JAX-RS application is deployed in. Authorization is enabled through XML or by applying annotations to your JAX-RS resource classes. To see how all this is put together, let’s do a simple example. We have a customer database
that allows us to create new customers by posting an XML document to the JAX-RS resource located at the URI /customers. We want to secure our customer service so that only administrators are allowed to create new customers.

The <login-config> element defines how we want our HTTP requests to be authenticated for our entire deployment. The <auth-method> subelement can be BASIC, DIGEST, or CLIENT_CERT. These values correspond to Basic, Digest, and Client Certificate authentication, respectively.

The <login-config> element doesn’t turn on authentication. By default, any client can access any URL provided by your web application with no constraints. To enforce authentication, you must specify a URL pattern you want to secure. In our example, we use the <url-pattern> element to specify that we want to secure the /customers URL.

The <http-method> element says that we only want to secure POST requests to this URL. If we leave out the <http-method> element, all HTTP methods are secured. In our example, we only want to secure POST requests, so we must define the <httpmethod> element.

Next, we have to specify which roles are allowed to POST to /customers. In the web.xml file example, we define an <auth-constraint> element within a <securityconstraint>.