You are previewing Java EE 6 Cookbook for Securing, Tuning, and Extending Enterprise Applications.
O'Reilly logo
Java EE 6 Cookbook for Securing, Tuning, and Extending Enterprise Applications

Book Description

"

Packed with comprehensive recipes to secure, tune, and extend your Java EE applications with this book and ebook.

  • Secure your Java applications using Java EE built-in features as well as the well-known Spring Security framework

  • Utilize related recipes for testing various Java EE technologies including JPA, EJB, JSF, and Web services

  • Explore various ways to extend a Java EE environment with the use of additional dynamic languages as well as frameworks

  • A learn-by-example based approach that focuses on key concepts to provide the foundation to solve real world problems

In Detail

Java Platform, Enterprise Edition is a widely used platform for enterprise server programming in the Java programming language.

This book covers exciting recipes on securing, tuning and extending enterprise applications using a Java EE6 implementation.

The book starts with the essential changes in Java EE 6. Then we will dive into the implementation of some of the new features of the JPA 2.0 specification, and look at implementing auditing for relational data stores. There are several additional sections that describe some of the subtle issues encountered, tips, and extension points for stating your own JPA application, or extending an existing application.

We will then look into how we can enable security for our software system using Java EE built-in features as well as using the well-known Spring Security framework. We will then look at recipes on testing various JavaEE technologies including JPA, EJB, JSF, and Web services.

Next we will explore various ways to extend a Java EE environment with the use of additional dynamic languages as well as frameworks.

The book then covers recipes that touch on the issues, considerations and options related to extending enterprise development efforts into mobile application development.

At the end of the book, we will cover managing enterprise application deployment and configuration, and recipes that will help you debug problems and enhance the performance of your applications.

"

Table of Contents

  1. Java EE 6 Cookbook for Securing, Tuning, and Extending Enterprise Applications
    1. Java EE 6 Cookbook for Securing, Tuning, and Extending Enterprise Applications
    2. Credits
    3. About the Author
    4. Acknowledgement
    5. About the Reviewers
    6. www.PacktPub.com
      1. Support files, eBooks, discount offers and more
        1. Why Subscribe?
        2. Free Access for Packt account holders
        3. Instant Updates on New Packt Books
    7. Preface
      1. What this book covers
      2. What you need for this book
      3. Who this book is for
      4. Conventions
      5. Reader feedback
      6. Customer support
        1. Downloading the example code
        2. Errata
        3. Piracy
        4. Questions
    8. 1. Out with the Old, In with the New
      1. Introduction
      2. Pruning old APIs
        1. Pruning JAX-RPC
          1. Why was it marked for deletion?
          2. What has replaced this specification?
          3. See also
        2. Pruning JAXR
          1. Why was it marked for deletion?
          2. What has replaced this specification?
          3. See also
        3. Pruning EJB Entity (CMP)
          1. Why was it marked for deletion?
          2. What has replaced this specification?
          3. See also
        4. Pruning Java EE application deployment
          1. Why was it marked for deletion?
          2. What has replaced this specification?
          3. See also
        5. Pruning EE Management
          1. Why was it marked for deletion?
          2. What has replaced this specification?
          3. See also
      3. In with the new
        1. Lighter
        2. The metadata and common annotations
        3. See also
      4. Implementing Java Contexts and Dependency Injection (CDI)
        1. @Qualifier
        2. @Inject
        3. @Named
        4. @Scope
        5. See also
      5. Understanding the EJB 3.1 specification
        1. @Stateless
        2. @EJB
        3. @Remote
        4. @Singleton
        5. @Asynchronous
        6. See also
      6. Understanding the JPA 2.0 specification
        1. @ElementCollection
        2. @CollectionTable
        3. Pessimistic locking
        4. Criteria API
          1. String-based criteria
          2. Strongly-typed criteria
        5. Additional JPQL
        6. See also
      7. Understanding the JAX-RS 1.1 specification
        1. @Path
        2. HTTP Methods
        3. @Produces
        4. @Consumes
        5. See also
      8. Understanding the Servlet 3.0 specification
        1. @WebServlet
        2. @WebFilter
        3. @WebInitParam
        4. @WebListener
        5. Web fragments
        6. Asynchronous servlet processing
        7. See also
      9. Understanding the WebBeans 1.0 specification
        1. See also
      10. Understanding the JSF 2.0 specification
        1. @ManagedBean
        2. @ResourceDependency
        3. @ListenerFor
        4. @FacesConverter
        5. @FacesValidator
        6. See also
      11. Understanding Bean Validation
        1. Getting ready
        2. How to do it...
        3. There's more...
          1. Timezone and locale
        4. See also
      12. Understanding profiles
        1. See also
    9. 2. Enterprise Persistence
      1. Introduction
      2. Understanding @CollectionTable
        1. Getting ready
        2. How to do it...
        3. How it works...
          1. Aggregate mappings
        4. See also
      3. Auditing previous JPA Operations
        1. Getting ready
        2. How to do it...
        3. How it works...
        4. There's more...
          1. Pre- and post-lifecycle hooks
        5. See also
      4. Auditing historical JPA Operations
        1. Getting ready
        2. How to do it...
        3. How it works...
          1. EclipseLink Customizers
          2. Caching and security
          3. aboutTo*(*) versus pre*(*) and post*(*)
          4. Common database user ID, and managing auditing and security in the application
        4. See also
      5. Profiling and testing JPA Operations
        1. Getting ready
        2. How to do it...
        3. How it works...
        4. There's more...
          1. Inspections tab
          2. Note about unit testing
        5. See also
    10. 3. Security
      1. Introduction
        1. Security and Java EE containers
        2. Java EE deployment descriptors
        3. See also
      2. Performing authentication in Java EE
        1. Getting ready
        2. How to do it...
        3. How it works...
        4. See also
      3. Authorization in Java EE
        1. Getting ready
        2. How to do it...
        3. How it works...
        4. See also
      4. Enforcing security in Enterprise Applications
        1. Getting ready
        2. How to do it...
        3. How it works...
        4. There's more...
        5. See also
      5. Programmatic security and annotations in Java EE
        1. Getting ready
        2. How to do it...
        3. How it works...
        4. There's more...
          1. Using annotation and deployment descriptors together
        5. See also
      6. Securely signing JAR artefacts
        1. Getting ready
        2. How to do it...
        3. How it works...
        4. There's more...
          1. See also
      7. Configuring Linux firewall rules
        1. Getting ready
        2. How to do it...
          1. Precautions during testing
          2. Web server configuration
          3. Application server configuration
          4. Redirecting traffic
        3. See also
      8. Securely obfuscating Java byte-code
        1. Getting ready
        2. How to do it...
        3. How it works...
        4. There's more...
          1. Deobfuscating artefacts
          2. GZipping log files
          3. SHA-1, MD5 MANFEST.mf for all artefact entries
        5. See also
      9. Minification and obfuscation of web resources
        1. Getting ready
        2. How to do it...
        3. There's more...
          1. Running by the command line
          2. Running by means of Ant Java task
        4. See also
    11. 4. Enterprise Testing Strategies
      1. Introduction
      2. Remote debugging of Java EE applications
        1. Getting ready
        2. How to do it...
        3. How it works...
          1. Adding JVM debug options with Ant
          2. Starting Gradle in debug mode
          3. Adding debug options to JAVA_OPTS
        4. See Also
      3. Testing JPA with DBUnit
        1. Getting ready
          1. DDL generation
        2. How to do it...
          1. Step 1: Imports
          2. Step 2: Attributes
            1. Null Primary Key Filter
            2. Lifecycle methods
            3. <dataset>
            4. <dataset> ordering
          3. Step 3: Unit testing
        3. There's more...
          1. Multiple databases
        4. See also
      4. Using Mock objects for testing
        1. Getting ready
        2. How to do it...
          1. Step 1:
          2. Step 2:
          3. Step 3:
          4. Step 4:
          5. Step 5:
          6. Step 6:
        3. How it works...
        4. There's more...
          1. Mocking all object types
          2. Simulating service delays
          3. Partial Mocking
            1. Step 1:
            2. Step 2:
            3. Step 3:
            4. Step 4:
            5. Step 5:
          4. Mocking exception scenarios
          5. Mocking methods returning void
          6. Multiple interactions with a Mock
          7. Ensuring Mocks called in order
          8. Mocking static methods
            1. Step 1:
            2. Step 2:
            3. Step 3:
            4. Step 4:
            5. Step 5:
          9. Mocking private methods
            1. Step 1:
            2. Step 2:
            3. Step 3:
            4. Step 4:
            5. Step 5:
        5. See also
      5. Testing HTTP endpoints with Selenium
        1. Getting ready
          1. Dependencies
          2. Application server
          3. JUnit
          4. Selenium
        2. How to do it...
        3. How it works...
        4. There's more...
          1. WebDriver integration
        5. See also
      6. Testing JAX-WS and JAX-RS with soapUI
        1. Getting ready
        2. How to do it...
          1. Testing RESTful services
          2. Testing SOAP services
        3. There's more...
          1. Testing with Mock services
          2. Extending soapUI capabilities with Groovy
            1. Getting ready
            2. How to do it...
        4. Writing output to file
        5. See also
    12. 5. Extending Enterprise Applications
      1. Introduction
      2. Integrating Groovy into Enterprise Applications
        1. Getting ready
        2. How to do it...
        3. How it works...
          1. Interchanging Java and Groovy in unit tests
        4. See also
      3. Integrating Jython into Enterprise Applications
        1. Getting ready
        2. How to do it...
        3. How it works...
        4. See also
      4. Integrating Scala into Enterprise Applications
        1. Getting ready
        2. How to do it...
        3. There's more...
          1. Interchanging Java and Scala in unit tests
        4. See also
      5. Weaving AspectJ advice into Enterprise Applications
        1. Cross-cutting concerns
        2. Advice
        3. Pointcut
        4. Aspect
        5. Joinpoint
        6. Weaving
        7. Getting ready
        8. How to do it...
        9. How it works...
        10. See also
      6. Weaving AspectJ advice into existing libraries
        1. Getting ready
        2. How to do it...
        3. How it works...
        4. There's more...
        5. See also
      7. Adding advice with CDI Decorators
        1. Getting ready
          1. Component interface
          2. Delegate class
          3. Decorator class
        2. How to do it...
          1. Component interface
          2. Delegate class
          3. Decorator class
          4. How it works...
          5. There's more...
          6. See also
      8. Adding advice with CDI Interceptors
        1. Getting ready
            1. Target class
            2. Annotation marker
            3. Interceptor class
            4. Interceptor metadata annotations
        2. How to do it...
          1. Target class
          2. Annotation marker
          3. Interceptor class
        3. How it works...
        4. There's more...
        5. See also
    13. 6. Enterprise Mobile Device Integration
      1. Introduction
      2. Evaluating mobile framework projects
        1. Mobile-web frameworks
          1. Mobile-web framework projects
          2. PROs
          3. CONs
        2. Native code generators
          1. Native code generator projects
          2. PROs
          3. CONs
        3. Native web runtime (NWR)
          1. Native web runtime (NWR) projects
          2. PROs
          3. CONs
        4. See also
      3. Native application considerations
        1. Development considerations
          1. iOS
            1. Written in Objective-C
            2. IDE
        2. Other considerations
          1. iOS
            1. Build automation
            2. Deployment
          2. Android
            1. Build automation
            2. Deployment
        3. Distribution considerations
          1. iOS
            1. Certificates
            2. Screenshots
            3. Distribution cost
            4. Other distribution considerations
          2. Android
            1. Screenshots
            2. Distribution cost
        4. See also
      4. Leveraging mobile design tools
        1. Design and mock-ups
          1. Android designer
            1. MIT App Inventor
            2. DroidDraw
            3. Online designers
            4. iPlotz
            5. iPhoneMock-up
            6. ThemeRoller
          2. Additional design resources
        2. There's more...
          1. Android Screenshots and Screen Capture
          2. iPhone screen capture
        3. See also
      5. Testing mobile-web applications with online emulators
        1. Getting ready
        2. How to do it...
        3. See also
      6. Setting up a local Apache environment
        1. Getting ready
        2. How to do it...
        3. How it works...
        4. There's more...
          1. Stopping XAMPP
          2. Upgrading Tomcat 7
          3. Accessing Tomcat applications through Apache
          4. Changing the installation PATH
        5. See also
      7. Native SDK development considerations
        1. IDE considerations
          1. Eclipse IDE
          2. IntelliJ IDEA
        2. AppCode
        3. Build management considerations
          1. Ant
          2. Maven
          3. Other build tools
        4. See also
    14. 7. Deployment and Configuration
      1. Introduction
        1. The Java Management Extensions
      2. Java EE configuration with CDI
        1. Getting ready
        2. How to do it...
        3. There's more...
        4. See also
      3. Java EE configuration with Groovy
        1. Getting ready
        2. How to do it...
        3. How it works...
        4. There's more...
          1. Switch statements
        5. See also
      4. Enabling remote JMX on Tomcat server
        1. Getting ready
          1. JMX library
          2. JMX listener
        2. How to do it...
          1. Linux / OS X / Unix configuration
          2. Windows configuration
        3. How it works...
        4. There's more...
          1. Password file
          2. Access file
          3. Startup script
          4. Cacls Windows utility
        5. See also
      5. Enabling JMX over SSL on Tomcat server
        1. Getting ready
          1. SSL keystore
          2. SSL JMX configuration
        2. How to do it...
          1. Enabling VisualVM logging
        3. See also
      6. Enabling remote JMX on GlassFish server
        1. Getting ready
          1. JMX configuration
        2. How it works...
        3. There's more...
          1. Password file
          2. Access file
          3. JVM options
            1. How it works...
        4. See also
      7. Enabling JMX over SSL on GlassFish server
        1. Getting ready
          1. SSL keystore
          2. SSL JMX configuration
          3. Enabling secure administration
        2. How to do it...
          1. Enabling VisualVM logging
        3. See also
      8. Using JRebel for rapid redeployment
        1. Getting ready
        2. How to do it...
          1. JRebel plugin configuration
          2. IntelliJ Tomcat run configuration
          3. Intellij keymap
        3. How it works...
        4. There's more...
          1. Manual configuration
          2. Plugins
        5. See also
      9. Managing VisualVM application repository configuration
        1. Getting ready
        2. How to do it...
          1. Backup
          2. Restore
        3. How it works...
        4. There's more...
          1. Windows
          2. Linux / OS X
        5. See also
    15. 8. Performance and Debugging
      1. Introduction
      2. Profiling memory with jVisualVM
        1. Getting ready
        2. How to do it...
        3. How it works...
          1. Java memory types
            1. Java stack
            2. Java permanent generation
            3. Java heap
          2. Running jVisualVM from anywhere
        4. See also
      3. Using jstatd to enable Visual GC
        1. Getting ready
        2. How to do it...
          1. Running jstatd as a Windows service
          2. Windows service wrappers
          3. Preventing JVM process termination
        3. See also
      4. Profiling applications with Netstat
        1. Getting ready
          1. Process
          2. Thread
          3. Considerations
          4. Client problem space
          5. Server problem space
          6. Socket states
        2. How to do it...
          1. Netstat tools
            1. NetStat Agent
            2. TCPView
        3. See also
      5. Profiling TCP connections with TCPMon
        1. Getting ready
        2. How to do it...
        3. There's more...
        4. See also
      6. Monitoring application and server performance with Munin
        1. Getting ready
        2. How to do it...
          1. Configuration
          2. Restart service
        3. There's more...
          1. Monitoring Tomcat
        4. See also
      7. Debugging HTTP connections with HTTP Debugger
        1. Getting ready
        2. How to do it...
        3. There's more...
        4. See also