You are previewing Enterprise AJAX: Strategies for Building High Performance Web Applications.
O'Reilly logo
Enterprise AJAX: Strategies for Building High Performance Web Applications

Book Description

"The core technologies of Ajax are quite straightforward; the hard part is applying them in the real world. Fortunately, the authors have been putting Ajax into practice since long before the term ‘Ajax’ was even coined. Enterprise AJAX offers excellent coverage of issues rarely explained to date, but frequently encountered by enterprise developers—including architecting of Ajax applications, and how to deal with such concerns as usability, security, and reliability."
-DR. MICHAEL MAHEMOFF, PH.D. author of Ajax Design Patterns (AjaxPatterns.org)

"Just when you thought you knew all you need to know about Ajax, Dave, Alexei, and Andre force open your cranium and unload a dumptruck full of Enterprise Ajax techniques, best practices, and hard-earned expert insight onto your brain. If you want to mix some serious Ajax into your serious business applications, the solid information and advice you get from this book will let you do so with confidence."
-BRENT ASHLEY, Web Developer and Ajax Pioneer

"I can’t think of any better authors for a book on Enterprise AJAX. The book is sure to be a valuable reference for developers the world over working on the next generation of web applications."
-MATT MCKENZIE, Software development manager, LiveCycle, Adobe Systems Inc.

"A great resource for writing quality, enterprise-level JavaScript."
-CHRISTIAN VAN EEDEN, Senior Application Specialist, Schenker DB Logistics

BUILD RELIABLE, SCALABLE, ENTERPRISE-CLASS WEB APPLICATIONS WITH AJAX
Writing for enterprise developers, architects, and user interface specialists, the authors explain why AJAX offers such great promise in large-scale development. Next, they systematically introduce today’s key AJAX techniques and components.

You'll walk through developing frameworks for building AJAX applications that combine data tables, Web forms, charts, search, and filtering: the very systems businesses depend on in CRM, ERP, BI, and beyond. Then, building on this strong foundation, the authors identify proven AJAX architectural patterns, and present case studies drawn from actual .NET and Java AJAX applications. Coverge includes

  • Using AJAX to implement Model-View-Controller (MVC) in the browser

  • Encapsulating user interface functionality to facilitate code reuse and reduce cross-browser development problems

  • Overcoming the unique security challenges associated with AJAX Web applications

  • Optimizing AJAX usability: the "back" button, caching, bookmarking, offline usage, and beyond


  • From security to scalability to project risk, this is the only book to cover all the issues facing AJAX developers in the enterprise. Whether you’re migrating legacy HTML interfaces or building new applications from scratch, you’ll find it absolutely indispensable.

    ABOUT THE WEBSITE
    www.enterpriseajax.com contains code samples, case studies, tutorials, live demos, and other AJAX resources.

    ABOUT THE AUTHORS
    David Johnson has many years of experience with AJAX-related technologies. He is co-founder and CTO of Nitobi, producer of a component library designed to speed AJAX development. Johnson has written widely for print and online publications, including JavaWorld.com and XML.com.  Alexei White is Product Manager at Nitobi. Andre Charland, co-founder, President, and CEO of Nitobi, is an experienced Internet software developer.

    Table of Contents

    1. Copyright
    2. Preface
      1. Why Do You Need This Book?
      2. Who Is This Book For?
      3. What’s In Store
      4. Support/Feedback
    3. Acknowledgments
    4. About the Authors
    5. 1. AJAX and Rich Internet Applications
      1. The Changing Web
        1. Sore Points of Traditional Web Applications
        2. AJAX Painkillers
      2. AJAX in the Enterprise
      3. Drivers for AJAX Adoption
        1. Usability
          1. Fire and Forget
          2. Virtual Desktop
          3. Context Switching
        2. Network Utilization
        3. Data Centricity
        4. Incremental Skills, Tools, and Technologies Upgrade
        5. Server Agnosticism
      4. What About the Application?
        1. AJAX Technologies
        2. Programming Patterns
      5. AJAX Alternatives
        1. XUL
        2. XAML
        3. Java Applets and Web Start
        4. Adobe Flash, Flex, and Apollo
        5. OpenLaszlo
      6. Summary
      7. Resources
    6. 2. AJAX Building Blocks
      1. JavaScript
        1. JavaScript Types
        2. Closures
        3. Object-Oriented JavaScript
          1. Public Members
          2. Private Members
        4. Prototype Property
        5. OOP and Inheritance
        6. Mutability
        7. Threading
        8. Error Handling
        9. Namespacing
      2. Document Object Model
        1. Fundamentals
        2. Manipulating the DOM
      3. Cascading StyleSheets
        1. Inheritance and the Cascade
          1. Style Origin
          2. Specificity
          3. Order
        2. Inline Styles
        3. StyleSheets
          1. ID
          2. Contextual
          3. Pseudo
          4. Class and Attribute
        4. Dynamic Styles
          1. Style Object
          2. Class Attribute
          3. StyleSheet Object
      4. Events
        1. Event Flow
        2. Event Binding
          1. Inline Events
          2. Programmatic Event Handler Definition
          3. Event Registration
        3. Cross-Browser Events
        4. The Event Object
      5. Client-Server Messaging
        1. XMLHttpRequest Basics
          1. XHR Factory Pattern
          2. Asynchronous Requests
          3. The Server Response
          4. Sending Data to the Server
        2. Dealing with Data
          1. XML
          2. JavaScript Object Notation
      6. Summary
      7. Resources
    7. 3. AJAX in the Web Browser
      1. Component-Based AJAX
        1. Incremental AJAX
        2. Impact on the Server
      2. HTML Standards
        1. Document Type Definitions
        2. Box Models
      3. Bootstrapping AJAX Components
        1. The Onload Event
          1. Being a Good Neighbor
          2. Mixing Content and Functionality
        2. Browser Tricks
          1. Script Placement
          2. DOMContentLoaded
          3. Deferring Scripts
          4. Quirky Results
      4. Model—View—Controller
        1. View
        2. Controller
        3. Model
      5. AJAX MVC
        1. AJAX Model
        2. AJAX View
        3. AJAX Controller
        4. Aspect-Oriented JavaScript
      6. Summary
      7. Resources
    8. 4. AJAX Components
      1. Imperative Components
      2. Declarative Components
        1. Server-Side Declarative Programming
        2. Declarative Google Map
        3. Alternative Approaches
      3. Custom Declarative Component
        1. Behavior Component
        2. Declarative Component
          1. Databinding
            1. Internet Explorer Databinding
            2. XForms Databinding
          2. Templating
        3. The Declaration
      4. Building the Component
        1. Basic Functionality
        2. Connecting to the Server
        3. Closing the Loop
      5. Summary
      6. Resources
    9. 5. Design to Deployment
      1. Design
        1. Modeling AJAX
        2. Applying the Model-View-Controller Pattern
        3. Preempt Performance Problems
      2. Prototyping
        1. Wireframing
          1. Modeling Interactions with the Interesting Moments Matrix
          2. Using PowerPoint (or Equivalent) to Model Interactions
          3. Using Visio to Model Interactions
          4. Using Fireworks/Illustrator to Finalize Interaction Design
        2. Verifying Design Decisions
          1. Benchmarking
          2. JavaScript
          3. Data
            1. Resources
            2. XML and XSLT
            3. JSON
          4. DOM and CSS
          5. AJAX Compromise
      3. Testing
        1. Test-Driven Development
          1. Unit Testing
            1. JSUnit
          2. Functional Testing
          3. Regression Testing
            1. Smoke Test
            2. Implementation
          4. Browser Testing
          5. Manual Testing
          6. Continuous Integration
        2. Debugging
          1. Venkman
          2. MS Script Debugger
          3. Firebug
          4. Microsoft Developer Toolbar
          5. Fiddler
          6. Safari
      4. Deployment
        1. JavaScript Compression
          1. Code Minimization and Obfuscation
          2. GZip or Deflate Compression
            1. Apache File Compression
            2. IIS File Compression
          3. Expected Results
        2. Image Merging
        3. Protecting Intellectual Property
        4. Documentation
      5. Summary
      6. Resources
    10. 6. AJAX Architecture
      1. N-Tiered Architecture: From 1 to n Tiers
      2. Asynchronous Messaging
      3. Polling
      4. Server Push
        1. Comet
      5. Tracking Requests
      6. Caching: Approaching Data
      7. Basic Caching
      8. Caching in the Component
      9. Caching in the Browser
      10. Caching on the Server
      11. Caching in the Database
        1. MySQL
        2. MS SQL Server
        3. Oracle
      12. Updating the Server Model: Concurrency
        1. Pessimistic Locking
        2. Read-Only Locking
        3. Optimistic Locking
        4. Conflict Identification
        5. Conflict Resolution
        6. Automated Conflict Resolution
      13. Throttling
        1. Client
        2. Server
      14. Scaling
        1. Load Balancing and Clustering
          1. Application Servers
          2. Database Servers
        2. AJAX Scaling Issues
      15. Offline AJAX
      16. Firefox Offline Storage
      17. Internet Explorer userData Offline Storage
      18. Using Flash Client Storage
      19. Offline AJAX and Concurrency
      20. Summary
      21. Resources
        1. REST and Web Services
        2. Caching
        3. Database Performance
        4. Offline AJAX
    11. 7. Web Services and Security
      1. Web Services
      2. Web Service Protocols
        1. Representational State Transfer
        2. XML Remote Procedure Call
        3. Web Services
          1. Reusability
          2. Contracts
          3. Loose Coupling and Autonomy
          4. Abstraction
          5. Composability
          6. Statelessness
          7. Discoverability
        4. Choosing the Right Tool
          1. Existing Architecture
          2. Scalability
          3. Interoperability
          4. End Users
      3. SOAP on the Client
        1. IBM Web Services JavaScript Library
        2. Firefox
        3. Internet Explorer
      4. Cross Domain Web Services
        1. Server Proxy
        2. URL Fragment Identifiers
        3. Flash Cross Domain XML
        4. Script Injection
      5. Security
      6. Security Concerns with AJAX
      7. Cross-Domain Vulnerabilities
        1. Cross-Site Scripting
          1. Cross-Site Attack Signature
          2. Filtering User Input
          3. Positive Filtering
          4. Never Trust the User
        2. Cross-Site Request Forgery
          1. Prevention
        3. JavaScript Hijacking
          1. Prevention
      8. SQL Injection
        1. Prepared Statements
        2. Stored Procedures
        3. XPath Injection
      9. Data Encryption and Privacy
      10. Firewalls
      11. Summary
      12. Resources
    12. 8. AJAX Usability
      1. Common Problems
        1. The Back Button and Bookmarking
          1. What’s Wrong with the Back Button
          2. What Should Be in the Browser History?
          3. The Solution
            1. Technique 1: The Hash Method
            2. Technique 2: The iFrame Method
            3. Technique 3: Don’t Use AJAX for Navigation
            4. Solving for Safari
        2. Page Weight
          1. Is Page Weight a Problem?
          2. Managing the Issue
            1. Favor Interface Usability over Page Weight
            2. Take Advantage of Caching
            3. Reduce File Count
            4. Optimize JavaScript
            5. gZIP JavaScript and CSS
        3. Auto-Commit
          1. To Commit or Not to Commit
          2. Rules of Thumb
            1. Clearly Label Permanent Actions
            2. Shield the Irreversible
      2. Accessibility
        1. Identifying Users with Accessibility Needs
        2. JavaScript and Web Accessibility
        3. Screen Readers and Accessibility
        4. What Not to Do for Screen Readers
          1. Just Provide Graceful Degradation
          2. Please Come Back with Screen Reader Brand X
        5. A JAWS-Compliant AJAX Interaction
          1. How JAWS Works
          2. Reading Dynamic Content in JAWS
        6. Keyboard Accessibility
          1. Remember JAWS Keystrokes
          2. Use Common Sense
      3. Usability Testing
      4. Quick-and-Dirty Testing
        1. Recruiting Participants
        2. Designing and Running Tests
      5. Software-Assisted Testing
        1. Tools for Testing Usability
        2. General Tips for Software-Assisted Testing
      6. Summary
      7. Resources
        1. The Back Button
        2. Usability Testing
    13. 9. User Interface Patterns
      1. Display Patterns
        1. Animation Patterns
          1. Drag and Drop
          2. Progress Bars
          3. Throbbers/Activity Indicators
          4. Color Change and Fading
          5. Rollovers
      2. Interactivity Patterns
        1. Basic Interactivity Patterns
          1. In-Place Editing
          2. Drill-Down/Master-Detail
          3. Live Search
          4. Live Form
      3. Summary
      4. Resources
        1. Drag-and-Drop Resources
        2. Progress Bar Resources
        3. Activity Indicator Resources
        4. Color-Fade Resources
        5. In-Place Editing Resources
        6. Drill-Down Resources
        7. Live-Searching Resources
        8. Live-Forms Resources
    14. 10. Risk and Best Practices
      1. Sources of Risk
        1. Technical Risks
        2. Cultural/Political Risks
        3. Marketing Risks
      2. Technical Risks
        1. Reach
        2. Browser Capabilities
        3. Maintenance
        4. Forward-Compatibility
          1. Firefox 3.0
          2. Safari 3.0
          3. Internet Explorer 8 (IE “Next”)
          4. Opera 10
        5. Third-Party Tools Support and Obsolescence
      3. Cultural and Political Risks
        1. End Users’ Expectations
        2. Trainability
        3. Legal
          1. Section 508
          2. Telecommunications Act
          3. ADA
      4. Marketing Risks
        1. Search Engine Accessibility
        2. Reach
        3. Monetization
      5. Risk Assessment and Best Practices
        1. Use a Specialized AJAX Framework or Component
          1. AJAX Framework and Component Suite Examples
        2. Progressive Enhancement and Unobtrusive JavaScript
        3. Google Sitemaps
        4. Visual Cues and Affordances
        5. Avoid Gold Plating
        6. Plan for Maintenance
        7. Adopt a Revenue Model the Works
          1. Cost-per-Mille (Cost per Impression) Model Guidelines
          2. Cost-per-Click Model Guidelines
          3. Cost-per-Visitor Guidelines
        8. Include Training as Part of the Application
      6. Summary
      7. Resources
        1. Search Engine Optimization
        2. Statistics
        3. Roadmaps
        4. Screen Capture Tools
    15. 11. Case Studies
      1. U.S. Department of Defense Re-Arms with Web 2.0
        1. Background
        2. The Challenge
        3. The Solution
        4. Technologies Used
        5. The Outcome
      2. Agrium Integrates AJAX into Operations
        1. Background
        2. The Challenge
        3. The Solution
        4. Technologies Used
        5. The Outcome
      3. AJAX Aides International Transportation and Logistics Firm
        1. Background
        2. The Challenge
        3. The Solution
        4. Technologies Used
        5. The Outcome
      4. Summary
      5. Resources
    16. A. The OpenAjax Hub
      1. The Key Feature: The Hub’s Publish/Subscribe Manager
        1. An Example
        2. Future Toolkit Support for the OpenAjax Hub