BEA's WebLogic is widely recognized as the de facto industry standard for developing and deploying industrial strength Java E-commerce applications. Now, there's a book that delivers authoritative guidance for J2EE application development with WebLogic. Authored by members of BEA's WebLogic project team, this book covers every aspect of real-world WebLogic J2EE development, from start to finish, through an industrial-strength case study application. The authors start by introducing BEA WebLogic and walking through deploying it. Next, you'll learn practical techniques for designing robust, high-performance J2EE applications with WebLogic; building presentation logic with WebLogic servlets and JavaServer Pages; accessing databases with JDBC; implementing transactions; and more. The accompanying CD-ROM includes all code from the book, including a complete WebAuction application, as well as a complete evaluation version of the latest version of the BEA WebLogic server.

Table of Contents:
Foreword. Preface. 1. Introduction. What Is BEA WebLogic Server? WebLogic Server Overview. The Container-Component Model. WebLogic Server Strengths: Component Support and Scalability. How to Use this Book. Road Map. Summaries. System Requirements. Supported Platforms. Software on the CD-ROM. Versions Supported. Conventions. 2. Overview of J2EE Technologies. WebLogic Server and J2EE. J2EE Technologies Covered in this Book. Presentation Logic. Java Servlets. JavaServer Pages (JSPs). WebLogic Server JavaBeans and Tag Libraries. Database and Transaction Support. Java Database Connectivity (JDBC). Java Transaction API (JTA) Support. Object Registry and Remote Method Invocation (RMI). Java Naming and Directory Interface (JNDI). Remote Method Invocation (RMI). Enterprise JavaBeans (EJBs). WebLogic Server Entity EJBs. WebLogic Server Session EJBs. WebLogic Server Message-Driven Beans. Java Message Service (JMS). JavaMail. Security. WebLogic Server's Distributed Deployment Support. About WebAuction. WebAuction Application Technology Requirements. 3. Building Presentation Logic with WebLogic Server Servlets. Introducing WebLogic Server Servlets. WebLogic Server Servlets Handle HTTP Requests. Generic Servlets. How Servlets Are Used. WebLogic Server JavaServer Pages (JSPs). Servlets or JSPs? Developing Servlets. Anatomy of a Servlet. A Basic Servlet. About the Packaging and Deployment Process. About Web Applications (.war Files). The Lifecycle of a Servlet. Handling Basic Servlet Requests. Generating the Servlet Response. Using Default Methods to Handle Web Forms. Servlets and Web Sessions. Conventional Methods for Session Tracking Are Difficult. The Servlet Specification to the Rescue. The Scope of a Session. Sessions and Servlets Example. Baking Your Own Cookies. Dealing with Users. Creating a Cookie. URL Rewriting. Custom Cookies for Personalization. Long-Term CookieServlet Example. The Web Application Package. About Web Applications. Web Application Overview. Web Archive Organization. Using Servlets with WebLogic Server Clustering. Persisting Session Information. Session Protection Performance Implications. Choosing the Right Level of Protection. Special Considerations for In-Memory Replication. Best Practices for Servlets. Be Smart About Session State. Don't Close/Terminate the Response Stream. Always Activate URL Rewriting. Session Objects Are Not Appropriate for Long-Term Data. Keep Scalability in Mind. 4. Using WebLogic Server JavaServer Pages. About WebLogic Server JSPs. Why JSP? Integrating Java Code with JSP. JSP Basics. Anatomy of a JSP. A Basic JSP Example. Running the Basic JSP Example in WebLogic Server. The Lifecycle of a JSP. Initialization. Loading and Instantiation. End of Service. JSP Page Elements. JSP Directives. Page Directives. Implicit Objects and Scripting Elements. Actions. Using Java Beans with JSPs. JSP Tags for Using Beans. Building a JavaBean into a JSP. Using JavaBean Properties. Custom Tag Libraries. Using Custom Tag Libraries in JSP. Error Pages, Comments, and Deployment Descriptors. JSP Error Page. JSP Comments. JSP Deployment Descriptor Options. Using Servlets and JSPs Together: Model View Controller. MVC Components. MVC in Web Applications. MVC Applicability. Best Practices for Debugging and Developing JSPs. Create Scripts to Take Advantage of Automatic Deployment. Base Your Development on Templates. Be Careful About Capitalization and Spacing. Turn on the Debugging Messages Using the Console. Best Practices for JSPs. Keep in Mind that JSPs Are Just Specialized Servlets. Encapsulate Complex Data and Logic in JavaBeans and Custom Tag Libraries. Always Activate and Use URL Rewriting. Use JSP Error Pages. JSPs in the WebAuction Application. browseitems.jsp. ItemBean JavaBean. Browsing the WebAuction Code. 5. Using Databases and Transactions with JDBC and JTA. WebLogic Server JDBC. Why JDBC? JDBC Drivers. Using JDBC to Read Data. Using JDBC to Update the Database. Transactions. Using the JTA Driver. WebLogic Server Multi-Database Transaction Services: JTA, XA, and 2PC. Complete WebLogic Server JTA Example. WebLogic Server and Distributed Transactions. Distributed Transactions and Standards. Using XA-Compliant Resources and JTA. Transaction Isolation Levels. Prepared Statements. Error Handling and SQL Warnings. Handling SQLException Errors. Handling SQL Warnings. Metadata. Using Metadata. Advanced Features. BLOBs and CLOBs. Best Practices for JDBC. Make Your Queries as Smart as Possible. Tune the Database. Put Initialization Code in init(). Get Your JDBC Connection from a TxDataSource or the JTS Driver. Use Batch Updates. Do In-Place Updates Where Possible. Use the Appropriate Method to Get a JDBC Connection Object. Release the JDBC Resources Appropriately. Use Autocommit Appropriately. Don't Hang onto JDBC Connections. Work in the Database If You Can. Commit or Roll Back Your Transactions as Soon as Possible. Set Your Pool Size Appropriately. Do Not Have Your Transactions Span User Input. JDBC and Transactions in the WebAuction Application. 6. Remote Method Invocation and Distributed Naming. Remote Method Invocation. Using the Remote Interface. The RMI Programming Model. Serialization. The Serializable Interface. The Remote Interface. Hand-Coding Serialization. Using RMI in Distributed Applications. Handling the Unreliable Network. Performance Implications of Cross-Network Method Calls. WebLogic RMI Optimizations. JNDI: Java's Naming Service. Using JNDI. JNDI, Security, and Identity. JNDI and Clustering. Replicated Naming Service. Understanding Conflicts in the JNDI tree. Clustered JNDI with Replicated Bindings. Clustered JNDI with Nonreplicated Bindings. JNDI Best Practices. Local Caching. Using JNDI Effectively to Increase Performance. Minimizing Frequency of Updates. Conclusion. 7. Enterprise Messaging with the Java Message Service (JMS). Benefits of JMS. Interprocess Communication. JMS Fundamentals. Connection Factories. Sample JMS Queue Producer/Consumer. Configuring JMS. Sample JMS Queue Producer/Consumer. Running the Queue Example. Sample JMS Topic Producer/Consumer. Message Producer. Synchronous Message Consumer. Asynchronous Message Consumer. Running the Topic Example. JMS Messages. JMS Header. Message Properties. Message Types. JMS Message Types. Reusing Message Objects. JMS Delivery Modes. Synchronous vs Asynchronous Receivers. Message Selectors. Durable JMS Subscriptions. Using Temporary Destinations. Message Acknowledgment. Which Acknowledgment Mode Is Right for Your Application? JMS and Transactions. Using Transacted Sessions. Using JTA Transactions with JMS. Clustering JMS. Exception Listeners. Using Multicast JMS. Configuration Changes for Multicast JMS. Using Multicast JMS Sessions. JMS Best Practices. Avoid Unneeded Features. Selection Performance Costs. Using Asynchronous Message Consumers Where Possible. Prefer JTA Transactions to Transacted Sessions. JMS Transactions and Error Handling. Conclusion. 8. Using Session Enterprise JavaBeans. Enterprise JavaBeans Overview. Basics of EJBs. Session Beans. Entity Beans. Message-Driven Beans. Stateless Session EJB Example: HelloWorld. Building the EJB Jar File. Writing a Simple EJB Client. The EJB Container. Stateless Session EJBs. Stateless Programming Model. Stateless Session Bean Clustering. Using Member Variables with Stateless Session Beans. Stateful Session EJBs. The Stateful Programming Model. Stateful Session EJB Lifecycle. Stateful Session EJBs and Clustering. Stateful Session Beans and Concurrency. Using Transactions with Session Beans. Container-Managed Transactions. Bean-Managed Transactions. EJB Security. Assigning Security Roles in the EJB Deployment Descriptors. Using Programmatic Security with EJBs. EJB Environment. Declaring Environment Variables. EJB References. Declaring EJB References. Resource Manager References. Declaring Resource Manager References. Resource Reference Advantages. Handles. HomeHandles. Cars Example. Running the Example. Best Practices. Coding Business Interfaces. Tips for Transactions. When Not to Use Stateful Session Beans. Best Practices for EJB Security. Conclusion. 9. Entity EJBs. Rationale for Entity EJBs. Entity Bean Basics. Entity Bean Components. Activation and Passivation. Home Methods and Business Methods. CMP Entity Bean Example. Container-Managed Fields. Student CMP Example. CMP. ejbCreate. ejbRemove. ejbLoad. ejbStore. Finders. ejbPostCreate. Container-Managed Entity Bean Lifecycle. Anonymous Instances. Identified Instances. Reading and Writing the Database. Introduction to CMRs. Unidirectional and Bidirectional Relationships. CMR Example. Creating the Database Tables. Mapping CMP Entity Beans to the Database. Running the Example. Writing EJB-QL for CMP Finders. CMR Programming Restrictions. BMP Entity Beans. Writing the Student BMP Entity EJB. Writing the BMP Bean Class. Best Practices for BMP Entity EJBs. Advanced Topics for Writing Entity EJBs. How to Write a Primary Key Class. Implementing hashCode. Implementing equals. Entity Bean Inheritance and Polymorphism. Inheritance Restrictions. Design Patterns for Inheritance and Polymorphism. Entity Beans and Locking. Database Concurrency. EJB Container Concurrency. Choosing a Database Concurrency Strategy. Optimizing Data Access Calls. Optimizing CMP Entity Beans. Using Read-Only Entity Beans. Designing Read-Mostly Entity Beans. Session Beans as a Wrapper for Entity Beans. Using Java Beans as Value Objects. BMP vs CMP. CMP Design Advantages. CMP Performance Advantages. Combining CMP and BMP. Stateless Session Beans vs Entity EJBs. Conclusion. 10. Using Message-Driven EJBs. Message-Driven EJB Basics. Message-Driven EJB Lifecycle. Message-Driven EJB Example. MessagePrinterBean Class. Writing Deployment Descriptors for Message-Driven EJBs. Message-Driven Beans and Concurrency. Parallel Message Dispatch. Setting max-beans-in-freepool for Message-Driven EJBs. Message Ordering. Specifying a JMS Connection Factory. Using Transactions with Message-Driven Beans. Required Transaction Attribute. NotSupported Transaction Attribute. Bean-Managed Transactions. Error Handling with the Required Transaction Attribute. Message Acknowledgment. New Customer Example. Building and Running the Example. Message-Driven EJB Advantages. Using JTA Transactions with an Asynchronous Consumer. Parallel Message Processing. Simple and Standards-Based. Conclusion. 11. Interfacing with Internet Mail Using WebLogic Server JavaMail. About Email. About Simple Mail Transport Protocol (SMTP). Mail Retrieval Protocols (POP3, IMAP). About JavaMail. The Session Class. The Message Class. The Transport Class. Mapping to Internet Addresses. Using JavaMail to Send Simple Email. Deploying MailSender.jsp. Adding Email Capability to the WebAuction Application. Where to Find More Information on JavaMail and Internet Mail. JavaMail Best Practices. Using JavaMail to Confirm Email Addresses. 12. Developing Security with WebLogic Server JNDI and JAAS. Security Technology Overview. Users and Groups. Roles and Principals. J2EE Security Programming Models. Authentication. Secure Sockets Layer (SSL). Authorization. WebLogic Server Security Realms. Creating Secure Web Applications. Declarative Security in Web Applications. Developing Form-Based Authentication. Programming to the Caching Realm in Web Applications. The Realm API. Getting an Instance of the Realm. Adding and Retrieving Users in the Realm. Adding a User to a Group. Adding and Removing Groups. NewUser.jsp Example 495 Deploying a Realm API Authentication Example Using the RDBMS Realm. Developing Browser-Based Authentication. Specifying Deployment Descriptor Web Authorization Methods. Programmatic Security in Web Applications. Programmatic Security API. Programmatic Security Example. Developing Secure Application Clients. Why Two Security Services? WebLogic Server JAAS Authentication. Using JAAS for Application Client Security. Writing JAAS Authentication Code. Using WebLogic Server JAAS Authentication. JAAS-Secured Application Client: Implementation Notes. Using WebLogic Server JNDI for Application Client Security. WebLogic Server JNDI-Based Authentication. Example: Secure Application Client Using EJB. weblogic-ejb-jar.xml. SecureBean.java 522 Deploying the Secured EJB Client. About WebLogic SSL. Symmetric Key Encryption. Digital Certificates. Certificate Authorities. Notes on SSL Encryption. WebLogic Server SSL Usage Scenarios. Web Clients: Using SSL Security. SSL Security Example. Application Clients: Using SSL Security. WebLogic Server Security Best Practices. Putting It All Together. Securing the WebAuction Application. 13. Designing the Production Deployment. Designing for Deployment. WebLogic Deployment Scenarios: Case Studies. Types of Client Software. Web Deployments: A Standard Configuration. Web Deployment Scenario #1: Commercial Web Server. Scenario #2: Using WebLogic Server as the Web Server. Using a DMZ and Firewalls in a Web Deployment. Firewalls. Integrating Web Deployments with Data Stores. Using WebLogic Server Clustering in a Web Deployment. Configuring Hardware for a Clustered Web Deployment. Clustering on a Multi-CPU Server. Hardware Specifics for Clustering. Web Application Deployment Details. Co-located Front- and Back-End Services. Web Services in the DMZ; EJB Outside. Using WebLogic Server as the Web Server. Application Deployments. Typical Application Deployment Architecture. Security Considerations in an Application Deployment. Recommended Application Deployment Architecture. Mixed Deployments. Simple Mixed Deployment Architectures. Using WebLogic Server Clustering in a Mixed Deployment. Security Considerations in a Mixed Deployment. Recommended Mixed Deployment Architecture. Application Deployment Process. Infrastructure Components in Application Deployment. Stages in Application Deployment. Best Practices for Deploying WebLogic Server. Design for Security. Test and Stage Your Application. Don't Get Too Creative. Minimize the Number of Moving Parts. 14. The WebAuction Application. Application Architecture and Design: WebAuction. WebAuction Design Goals. WebAuction Subsystems. WebAuction Interfaces. Separating the Web and Business Logic Tiers. Accessing Server-Side Business Logic from JSP Pages. JavaBeans in the Presentation Layer. The Tag Library-to-Business Logic Interface. Utility Methods. WebAuction Security. Authenticating Users. Creating New User Accounts. Business Logic Design. WebAuction Stateless Session Bean. Transaction Flow. Entity Bean Relationships. Changes Required for a Production Application. Limiting Query Results. Unique ID Generation. Internationalizing WebAuction. Database Tuning. Assembling the Application Components: WebAuction. About Enterprise Archives. Enterprise Archive Organization. Writing application.xml. Packaging the Enterprise Archive (.ear). Quick Deployment of the WebAuction Application. Deploying the WebAuction Application: In Detail. Deploying the WebAuction on Another Database. Testing the WebAuction Application. Functional Testing. Stress and Performance Testing. Understanding ExecuteThreads. 15. Capacity Planning for the WebLogic Server. Analysis of Capacity Planning. Factors Affecting Capacity. Methodology and Metrics for Capacity Planning. Setting Capacity Goals. Server Hardware Capacity Planning. A Baseline Capacity Profile. LAN Infrastructure Capacity Planning. External Connectivity Capacity Planning. Capacity Planning Best Practices. Index.