Introduction To Building Enterprise Web Application With Spring Mvc

  • 5,760 views
Uploaded on

This the perfect introduction for people who have absolutely no experience with the Spring framework. The session adopts a learn-by-example approach and takes the form of a practical hands-on-lab with …

This the perfect introduction for people who have absolutely no experience with the Spring framework. The session adopts a learn-by-example approach and takes the form of a practical hands-on-lab with a lot of live coding. Attendees will be presented with a sample web application and various use-case scenarios, they will build an actual Spring MVC web application backed by a MySQL database end-to-end, They will Test it, and deploy it on an Apache TomCat web server. The basics of the Spring framework, design patterns, and best practices will be picked up by example along the way. Covered topics include: Inversion of Control (Dependency Injection), Spring MVC, Spring DAO, Spring ORM (iBatis), Aspect Oriented Programming in Spring, Basic Web Security, and the Mail API. Bring your laptop! Prerequisites: Familiarity with the architecture of Java web application and its technologies (Servlets, JSP, Java EL, JSTL, etc... )

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
5,760
On Slideshare
0
From Embeds
0
Number of Embeds
2

Actions

Shares
Downloads
48
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Introduction to Building Enterprise Web Application with Spring MVC
    By Abdelmonaim Remani
    abdelmonaim.remani@gmail.com
    Polymathic-coder.com
    Silicon Valley Code Camp v 4.0
  • 2. Enterprise Application
    Complex
    Functional Requirements
    Non-Functional Requirements
    Execution
    Performance
    Reliability
    Security
    Evolution
    Testability
    Maintainability
    Extensibility
    Scalability (Horizontal and Vertical)
  • 3. Modern Enterprise Application
    The Architecture
    N-Tier Application
    Presentation Layer
    Micro-Architecture (Commands, Valuators, etc..)
    MVC Pattern
    Service / Business Layer
    Data Access Layer
    Naked Objects Pattern
    Data
    Middleware
    Resource Lookup
    • Service locator pattern
    • 4. Implicit Invocation
    • 5. Cross-Cutting Concerns
    Aspect Oriented Programming
  • 6. Frameworks
    An Architecture
    A well defined structure to solve a problem
    Library
    Framework vs. Library
    Invoking you vs. Being Invoked
    Generic vs. Specific
    Tools
    Compiler, Debugger, Etc…
    Scaffolding and other utilities
    Etc…
  • 7. Frameworks
    Heavyweight vs. Lightweight
    The need for a platform or a stack (JEE as an example)
    The ability to load in-demand the only the necessary components
    The memory footprint
    The build size
    Deployment ease
    Etc…
  • 8. The Spring Framework
  • 9. What is Spring?
    Application Framework
    Java
    Other Implementations are available (Spring .NET)
    Open-Source
    Lightweight
    POJO Based
    By Rod Johnson
    Expert One-on-One J2EE Design and Development in, 2002
    2EE without EJB, 2004
    Becoming the De Facto Standard of Java Enterprise Applications
  • 10. Features: Inversion Control
    The Problem
    Resource acquiring via
    Static method of a singleton factory
    Instantiation of an concrete class
    Directory Services API that allows for discorery and lookup (For example JNDI)
    Hard Dependencies are created
    Problems with reusing code with hard dependencies
    Painful Unit Testing in isolation
  • 11. Features: Inversion Control
    • The solution
    Use parameterized classes
    Dependencies are decoupled from classes
    By Coding against interfaces
    Inversion of Control: Dependency Injection
    The Hollywood Principle “Don't call us, we'll call you.“
    Wait a minute this a lot of work!
    Spring to the rescue
  • 12. The Tradeoff
    Resource injection is done at runtime
    Usually done using reflection
    No static type checking
  • 13. Features: Agility
    If you read the Agile Manifesto, Agile is for the most part for a technical prospective
    Frequent deliverables
    Ability and ease of refactoring
    Decoupling , DRY, and TDD are key makes’em easier
  • 14. Features: AOP
    OOP creates a hierarchical object model by nature
    Cross cutting concerns
    are not necessary part of the application logic
    Occur across the object model in unrelated parts
    Logging
    Security
    Transaction management
    Etc…
    AOP (Aspect Oriented Programming)
    Modularization of cross cutting concerns
  • 15. Features: Libraries
    POJO Wrappers for most popular frameworks
    Allowing injection of dependencies into the standard implementation
    Struts
    JSF
    Apache Tapestry
    Etc…
    Full support of JEE
    Integration with other frameworks
  • 16. Features: Other
    Source: http://www.developersbook.com/spring/images/SpringFrameworkModules.PNG
  • 17. Spring Core
  • 18. Spring Core
    All you need to know is:
    The Container
    The Bean Factory
    Manage bean instances (POJOs)’ life cycle
    Configuring their dependencies
    Etc…
    Can be used a partially compliant EJB3 Container
    Spring Pitchfork
  • 19. Spring MVC
  • 20. Spring MVC
    A Front Controller Pattern
    Dispatcher
    Request Routing
    Controllers are Spring beans (Managed POJOs)
    No session scope for scalability
  • 21. Spring MVC
    Views
    JSP, JSF, Flex
    Controllers
    Many types
    Custom controllers
    Model
    Service Layer
    DAO for persistence
    JDBC and ORM (Hibernate, iBATIS, etc...)
  • 22. Spring MVC Complements
    Spring Web Flow
    For Web Application that are
    More dynamic
    Non-linear without arbitrary end points
    Spring Portlet MVC
    A JSR 168 compliant Portlet environnent
    Large web application composed with subcomponents on the same web page
  • 23. Spring SecurityFormally Known As Acegi
  • 24. Code Time!
  • 25. Spring Security (Acegi)
  • 26. Security Terminology
    Authentication
    the verification of the user identity
    Authorization
    Permissions granted to the identified user
    Access Control
    By arbitrary conditions that may depend to
    Attributes of clients
    Temporal and Local Condition
    Human User Detection
    Other
    Channel or Transport Security
    Encryption
  • 27. Security Terminology
    Realm
    A Defined the authentication policy
    User
    A defined individual in the Application Server
    Group
    A defined classification of users by common traits in the Application Server.
    Role
    An abstract name of the permissions to access a particular set of resources in an application
  • 28. Available Frameworks
    Spring Security
    Former Acegi
    JAAS (Java Authentication and Authorization Service)
    jGuard
    Apache Shiro
  • 29. Spring Security
    Security is your responsibility
    Features:
    It is not the standard
    No class loader authorization capabilities
    Simple configuration
    Portable across containers
    Customizable and extendable
    Pluggable authentication and web request URI security
    Support method interception, Single Sign-On, and Swing clients
  • 30. Authentication
    Authentication
    Form-Based
    Basic
    Digest
    LDAP
    NTLM (NT LAN Manager)
    SSO (Single Sign-On)
    JA-SIG CAS
    Open ID
    Atlassian Crowd
    SiteMinder
    X.509
  • 31. Authentication
    Mechanisms
    Interact with the user
    Providers
    Check credentials
    Bundles details in a Thread Local security context holder
    Repositories
    Store roles and profile info
    In Memory
    JDBC
    LDAP
    Etc…
  • 32. Authorization
    Web Authorization
    URL-Based
    Which URL patterns and HTTP methods are allowed to be accessed by which role
    The rules are top-down with most specific at the top
    Paths are in Ant format by default
    Method authorization
    Reusable
    Protocol Angostic
    Uses AOP
    Annotations Support
    JSR 250
    Spring @Secured
    Spring Security 2.5 EL
    Support for Instance-based XML
  • 33. Spring AOP
  • 34. Cross Cutting Concerns
    Logging
    Transaction Management
    Security
    Cashing
    Some Business Logic
    Etc…
  • 35. Aspect Oriented Programming
    The Problem
    Code Tangling
    No Cohesion
    Code Scattering
    Not DRY
    The Solution
    Aspect Oriented Programming
    AspectJ
    Modulation in Aspects and weaving into the application code
  • 36. Spring APO
    Spring AOP
    Java based AOP Framework
    Built on top of AspectJ
    Interception based
  • 37. AOP Terminology
    Joint Point
    A point in the execution of the program
    Point Cut
    An expression that selects one or more joint point
    AspectJ Expression Language
    Advice
    The code to be weaved at a joint point
    Aspect
    Point Cut + Advice
  • 38. Types of Advices
    Annotations
    Before
    AfterReturning
    AfterThrowing
    After
    Around
  • 39. Q & A
  • 40. Thank You!