Java EE Connector Architecture 1.6 (JSR 322) Technology


Published on

A detailed overview presentation on Java EE Connector Architecture 1.6 (JSR 322) Technology that was released recently as part of Java EE 6.

See for the announcement and for the JSR.

This presentation was originally delivered in JavaOne 2009, San Francisco and has detailed presentation notes.

Published in: Technology
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • - The J2EE Connector Architecture 1.0 defines a standard architecture for connecting to heterogeneous enterprise information systems (EIS), such as enterprise resource planning (ERP), mainframe transaction processing and database systems from the J2EE platform. The architecture defines a set of scalable, secure, and transactional mechanisms that describe the integration of enterprise information systems to an application server and enterprise applications. This architecture enables an enterprise information system (EIS) vendor to provide a resource adapter for its EIS that can be plugged into any application server that supports the J2EE Connector Architecture.
  • - A connection management contract that enables an application server to pool connections to an underlying EIS, and enables application components to connect to an EIS. This leads to a scalable application environment that can support a large number of clients requiring access to EISs. - A transaction management contract between the transaction manager and an EIS that supports transactional access to EIS resource managers. This contract enables an application server to use a transaction manager to manage transactions across multiple resource managers. This contract also supports transactions that are managed internal to an EIS resource manager without the necessity of involving an external transaction manager. - A security contract that enables secure access to an EIS. This contract provides support for a secure application environment that reduces security threats to the EIS and protects valuable information resources managed by the EIS.
  • - The purpose of the J2EE Connector Architecture 1.5 specification is to address areas in J2EE Connector Architecture 1.0 where further support has been requested by the Connector expert group and the public. The areas this specification intends to address include the following: * Asynchronous integration with EISs Connector Architecture 1.0 supports a synchronous request/reply model from a J2EE server to an EIS. This specification will add support for bi-directional, asynchronous interactions between a J2EE server and resource adapters. This feature may require enhancement of the existing Connector system contracts and addition of new system contracts. * ? JMS Provider Pluggability This specification will define a standard architecture to integrate a JMS provider into a J2EE server. This feature will enable one or more JMS providers to be plugged into any J2EE server that supports the J2EE Connector Architecture 1.5. This feature may require enhancement of the existing Connector system contracts and addition of new system contracts.
  • - A lifecycle management contract that allows an application server to manage the lifecycle of a resource adapter. This contract provides a mechanism for the application server to bootstrap a resource adapter instance during its deployment or application server startup, and to notify the resource adapter instance during its undeployment or during an orderly shutdown of the application server. - A work management contract that allows a resource adapter to do work (monitor network endpoints, call application components, etc.) by submitting Work instances to an application server for execution. The application server dispatches threads to execute submitted Work instances. This allows a resource adapter to avoid creating or managing threads directly, and allows an application server to efficiently pool threads and have more control over its runtime environment. The resource adapter can control the security context and transaction context with which Work instances are executed.
  • Final date: Dec 10, 2009
  • Let's start with one of the most important changes we are making in this version of the specification – ease of developement
  • The goal of the API is to simplify the development of resource adapter implementations for programmers who are just starting with resource adapters, or developing resource adapters of small to medium complexity. The existing Connector APIs remain available for use in resource adapters that require them and resource adapter implementations written to those APIs may be used in conjunction with components written to the new Connector 1.6 APIs.
  • - Deployment descriptors are an alternative to annotations - override annotation metadata through DD - Dds may be sparse - development of RA can be done in mixed mode form – ie that some parts of the RA metadata can be expressed in annotations and some via ra.xml - new attribute metadata-complete in ra.xml to indicate whether annotations needs to be processed in the archive - these annotations are defined in javax.resource.spi package
  • - component defining annotation - defines a resource adapter. The JavaBean annotated with @Connector is required to implement ResourceAdapter interface. - atmost one javabean in annotation discovery scope can be annotated with @Connector - defaults for a lot of connector related metadata defined in the spec and the user only needs to provide what is specialized for his usecase - Providing an @Connector annotated JavaBean is optional. A ResourceAdapter javabean is only needed if access to the bootstrapcontext is needed or If inbound communication is supported etc - A simple RA that doesn't support transactions is shown in this slide. Notice how easy it is to specify a ResourceAdapter JavaBean
  • - Connection definition defines a set of connection interfaces and classes pertaining to a particular outbound connection type - ConnectionDefinition annotation can specify such a connection definition - this annotation can be placed only on classes that implement the ManagedConnectionFactory interface
  • - Contains configuration information related to inbound connectivity from an EIS - Not necessary to implement ActivationSpec interface - Example showcases use of JSR 303 (Bean Validation) annotation to express validation constraints. Other artifacts that can use JSR 303 are: ResourceAdapter, ManagedConnectionFactory, ActivationSpec, Administered Objects. - Example also demonstrates auto discover of configuration properties by the container. In this case, the property “length”(getter/setter elided for brevity) is auto-discovered by the container as a configuration property - @ConfigProperty may be also be used to provide additional metadata like supportsDynamicUpdates, Confidential etc.
  • Demonstrate the mail connector sample from the glassfish v3 samples. Show the resource adapter implementation code to demonstrate EoD through use of metadata annotations*checkout*/glassfish-samples/ws/javaee6/connectors/apps/mailconnector/docs/index.html And
  • Back to major features of the specification
  • - Earlier referred to as “inflow context”. Has now been renamed to “Work Context” as it is not tied to Message Inflow alone as the earlier name implied. - A contract between a resource adapter and the application server that allows the RA to control the execution context of a Work instance that is being submitted for execution. - The contract is generic so that the RA can flow in different types of contextual information such as Security, Conversation context, availability/QoS hints etc. - AS allows RA to provide richer contextual information while still having control over concurrent behavior - this new contract remains backward compatible with the current Work submission and context assignment contracts - the spec defines standard contracts for Transaction, Security and Hints propagation
  • High level design model, describes the flow of WorkContext from the RA to the AS during Work submission
  • Notice how the WorkContext interface is generic enough to allow definition of custom work contexts be AS and RA
  • Run through the sequence diagram to describe flow
  • See required-work-context, BootstrapContext.isContextSupported and WorkContextLifecycleListener for more information on the last bullet item
  • For this example, we could use the Connector 1.5 Execution context to flow in transaction information but if additional context information needs to be passed, WorkContextProvider is the right choice
  • Notice that there is no change in Work submission
  • Notice that the only change is in providing contextual information. Based on the usecase, additional Work Contexts could be added to the Work.
  • Let's now look at another standardized WorkContext, the SecurityContext, that enables propagation of security information from the EIS to the AS during Work submission
  • - It is critical in EAI that all interactions between AS and RA are secure. - Resource adapters typically employ transport and message level security. - End-to-End application level security wasn't possible before. - When a Work instance was executed or a message was delivered to a Message Endpoint, it was executed in a unknown or default security context. (For example, there was no MessageDrivenContext.getCallerPrincipal() before!)
  • In addition to the above goals: -Portable across multiple EISs that use different security mechanisms
  • JSR-196: pluggable authentication for Java EE. Allows authentication modules of 3 rd party providers to be integrated with Java EE containers and establish authentication identities in the container
  • - RA provides a custom concrete implementation of SecurityContext during Work submission and this sets up the security context for the Work being submitted - CallbackHandler implementation provided by the AS. This supports a variety of JSR 196 Callbacks such as CallerPrincipalCallback, GroupPrincipalCallback, PasswordValidationCallback - serviceSubject: AS credentials - executionSubject: RA populates the Subject to represent the identity executing the Work or delivering the message to the Message Endpoint
  • Case 1: RA reusing the AS security policy domain. AS may use the Principals set by the RA using CallerPrincipalCallback and GroupPrincipalCallback as-is.
  • - Samples discussing Case 1 and 2 are in the spec.
  • Case 2: - EIS and AS use different security policy domain. Principals provided by the RA needs to be mapped. - For instance, AS may use basicpassword and EIS may use Kereberos. Mapping from one to another needed prior to establishing the security context. - Such a Principal Mapping Service is not defined in the spec. The AS provides a proprietary mechanism to enable such a mapping. - The CallbackHandler transparently handles this translation. - RA unaware of deployment environment and hence is unaware of Case 1 or Case 2 deployment. - Bunch of optimizations, not covered in this talk in the interest of time, is detailed in the spec.
  • A bunch of other changes that don't fall into the above 3 major themes are also made in this version of the specification. Let's look at them briefly.
  • 1. RA may determine at runtime the level of transaction support it can provide. Usecase: JDBC resource adapters that can determine their level of support only after connecting to the configured database instance. MCF needs to implement an optional interface to indicate it provides the transaction support level at runtime 2a. Allows a Work Manager to distribute Work processing to other WorkManagers – for instance: a cluster of AS instances that load balances Work processing among themselves 2b. ability to pass Quality of Service hints to a Work Manager. Some standard hints such as LongRunningWork defined in the spec.
  • 1. Range or limits, mandatory properties etc could be specified through JSR 303 on MCF, ResourceAdapter, ActivationSpec, AdministeredObject 2. Like “EJB Lite” in Java EE 6 , minimum set of requirements for a connector container is defined so that it can be used in a non-classic(Full) profile. For instance: Message Inflow, JSR 303 support is optional
  • Java EE Connector Architecture 1.6 (JSR 322) Technology

    1. 1. Java TM EE Connector Architecture 1.6 Technology (JSR 322) Sivakumar Thyagarajan and Binod PG Sun Microsystems TS-4733
    2. 2. Presentation Goal Learn about the new features planned for the Java TM EE Connector Architecture 1.6 technology
    3. 3. Agenda Introduction Connector 1.6 themes Ease of Development (EoD) features Generic Work Context Security Inflow Miscellaneous improvements Resources and Summary Q & A
    4. 4. Agenda Introduction Connector 1.6 themes Ease of Development (EoD) features Generic Work Context Security Inflow Miscellaneous improvements Resources and Summary Q & A
    5. 5. Java EE Connector Architecture Overview
    6. 6. Connector Architecture 1.0 Capabilities Outbound communication Mechanism for Java EE components to connect to external systems Connection Management: Lifecycle, Pooling, Sharing Security Contract Exporting Transaction and Security Context to EIS
    7. 7. Connector 1.5 (JSR 112) Introduction Final Release Nov 2003 Part of J2EE (Java 2 Enterprise Edition) 1.4 Major themes Asynchronous Integration with EISs Enabled bi-directional asynchronous interactions with EIS JMS Provider Pluggability
    8. 8. Connector Architecture 1.5 Capabilities Lifecycle Management Inbound Messaging Mechanism for EIS to call Message Endpoints (MDBs) Import transaction context from EIS Work Management
    9. 9. Connector 1.6 Specification Introduction Work in progress by the expert group of JSR 322 Part of Java EE 6 Progress so far Filed JSR in Dec 2007 Early Draft Review: July 2008 Public Review: Nov 2008 Proposed Final Draft (PFD) available from Feb 2009 Final dates to be aligned with Java EE 6
    10. 10. Connector 1.6 Specification Major Themes Driven by community and Connector EG feedback Themes Generic Work Context mechanism Security Context Inflow during Message Delivery and Work Submission Ease of Development (EoD) Misc. improvements to the specification Disclaimer: APIs/Features shown in this presentation are as per the PFD version of the specification. Subject to change with feedback.
    11. 11. Agenda Introduction Connector 1.6 themes Ease of Development (EoD) features Generic Work Context Security Inflow Miscellaneous improvements Resources and Summary Q & A
    12. 12. Ease of Development (EoD) Goal and approach Goal to simplify the development of RAs for programmers who are either just starting with Connector technology or developing RAs of small to medium complexity Approach Align with the EoD approach adopted by EJB/JPA Make extensive use of Java language annotations Reduce the need for a descriptor (ra.xml), better defaults Allow sparse descriptors, mixed-mode development etc.
    13. 13. Ease of Development Metadata annotations @Connector @AuthenticationMechanism @SecurityPermission @ConfigProperty Automatic discovery of configuration properties @ConnectionDefinition, @ConnectionDefinitions @Activation @AdministeredObject
    14. 14. Ease of Development @Connector sample usage Optionally provide a ResourceAdapter class Required only if RA supports inbound, requires lifecycle callbacks, access to BootstrapContext etc //A simple resource adapter that does not support transactions @ Connector () public class MailResourceAdapter implements ResourceAdapter { // Define common configuration properties. //... other methods }
    15. 15. Ease of Development @ConnectionDefinition sample usage //A simple ManagedConnectionFactory implementation that is part of //a connection definition, could be defined as follows @ ConnectionDefinition(connectionFactory=CF. class , connectionFactoryImpl=CFImpl. class , connection=Conn. class , connectionImpl=ConnImpl. class ) public class ManagedConnectionFactoryImpl implements ManagedConnectionFactory { //... }
    16. 16. Ease of Development @Activation sample usage @ Activation() public class MyActivationSpec { //Use of Bean Validation annotations to express //validation requirements @ Size(min=5, max=5) private int length ; //... other methods }
    17. 17. Ease of Development Demo time ! Demonstration: mail-connector sample Showcase the ease of development features Compare the same resource adapter developed in Connector 1.5 and 1.6 Deploy on Java EE 6 RI (Project GlassFish v3)
    18. 18. Agenda Introduction Connector 1.6 themes Ease of Development (EoD) features Generic Work Context Security Inflow Miscellaneous improvements Resources and Summary Q & A
    19. 19. Generic Work Context Rationale A generic mechanism for the RA to propagate other contextual info from EIS during message delivery or Work submission Examples: Security, Conversational Context, Availability/QoS etc Enables an application server to support new message inflow and delivery schemes provides a richer Contextual Work execution environment to the RA
    20. 20. Generic Work Context Design Model RA submits a Work that implements WorkContextProvider Before calling run on the Work instance, WorkManager iterates through the Collection of WorkContext s provided by the Work instance Establishes Context based on the WorkContext
    21. 21. Generic Work Context WorkContextProvider and WorkContext interface package; public interface WorkContextProvider { List<WorkContext> getWorkContexts(); } package; public interface WorkContext { String getName(); String getDescription(); }
    22. 22. Generic Work Context Context assignment sequence diagram
    23. 23. Generic Work Context Features Compatible with the Connector 1.5 Work submission and context assignment model Independent of the Connector Work Management contract Standardized TransactionContext, SecurityContext and HintsContext RA can require the AS to support, check if the AS supports, and get lifecycle notifications during the assignment of a WorkContext
    24. 24. Generic Work Context Standardized WorkContext s public class TransactionContext extends ExecutionContext implements WorkContext { public TransactionContext(Xid xid) { ... } public TransactionContext( Xid xid, long timeout){ ... } public String getName(){ return &quot;TransactionContext&quot; ; } ... other methods } public abstract class SecurityContext implements WorkContext { public String getName(){ return &quot;SecurityContext&quot; ; } .... other SecurityContext related methods }
    25. 25. Generic Work Context Sample usage Scenario A business use-case requires that the work done by the application components, during a message inflow, be automatically enlisted as part of the imported transaction . Solution Use the new TransactionContext to propagate transaction information from the EIS to the MessageEndpoint as part of the Work instance performing the message delivery
    26. 26. Generic Work Context Sample usage – ResourceAdapter implementation public class MyResourceAdapterImpl implements ResourceAdapter { ... public void start(BootstrapContext ctx) { bootstrapCtx = ctx; } ... { WorkManager workManager = myRA.bootstrapCtx.getWorkManager(); workManager.submitWork( new MyWork()); ... } }
    27. 27. Generic Work Context Sample usage – Work implementation public class MyWork implements Work, WorkContextProvider { void release(){ ..} List<WorkContext> getWorkContexts() { TransactionContext txIn = new TransactionContext(xid); List<WorkContext> icList = new ArrayList<WorkContext>(); icList.add(txIn); // Add additional WorkContext s return icList; } void run(){ // Deliver message to MessageEndpoint ; } }
    28. 28. Agenda Introduction Connector 1.6 themes Ease of Development (EoD) features Generic Work Context Security Inflow Miscellaneous improvements Resources and Summary Q & A
    29. 29. Security Inflow Rationale Security inflow context absent in Connectors 1.5 Resource adapters not being able to deliver end-to-end application level security while executing a task in a Work instance delivering a message to a MessageEndpoint
    30. 30. Security Inflow Goals Enable an end-to-end security model for Java EE application-EIS integration Support the execution of a Work instance in the context of an established identity. Support the propagation of Principal information from an EIS to a MessageEndpoint during message inflow
    31. 31. Security Inflow Design Model A standard WorkContext , SecurityContext that may be provided by the RA while submitting a Work for execution AS establishes security context for the MessageEndpoint / Work during context assignment Leverage the work done in JSR 196: Java Authentication Service Provider Interface for Containers RA uses the various JSR-196 Callbacks to establish caller identity
    32. 32. Security Inflow SecurityContext abstract class package; import; import; public abstract class SecurityContext implements WorkContext { //Establish caller identity through the use of JSR196 Callbacks public abstract void setupSecurityContext( CallbackHandler handler, Subject executionSubject, Subject serviceSubject); }
    33. 33. Security Inflow Security Context establishment – sequence diagram
    34. 34. Security Inflow Caller Identity inflow scenarios Based on whether the Caller identity is part of the AS security domain Case 1 : RA flows-in an identity in the AS’s security policy domain: AS may just use the initiating principal from the RA as the caller principal Case 2 : RA flows- in an identity belonging to the EIS’ security domain: A translation from one domain to the other needs to be performed.
    35. 35. Security Inflow Security Context establishment – Case 1
    36. 36. Security Inflow Security Context establishment – Case 2
    37. 37. Agenda Introduction Connector 1.6 themes Ease of Development (EoD) features Generic Work Context Security Inflow Miscellaneous improvements Resources and Summary Q & A
    38. 38. Miscellaneous improvements Transaction Management Specification of Transaction Support Level at Runtime Work Management Distributed Work Processing HintsContext Message Inflow createMessageEndpoint timeouts Retryable exceptions
    39. 39. Miscellaneous improvements Bean Validation integration (JSR 303) Standalone Connector Environment Configuration Property processing range specification through JSR 303 dynamic reconfiguration and confidential params support Classloading requirements clarified scenarios where deployed standalone RARs must be made visible to applications
    40. 40. Agenda Introduction Connector 1.6 themes Ease of Development (EoD) features Generic Work Context Security Inflow Miscellaneous improvements Resources and Summary Q & A
    41. 41. Resources – To learn more & get started JSR 322 page Download proposed final draft spec and send comments to [email_address] Reference implementation at Download and try GlassFish v3 – Java EE 6 release Try Connector 1.6 samples as part of GlassFish v3 and build new 1.6 resource adapters Blogs Siva: Binod:
    42. 42. Summary Part of Java EE 6 and reference implementation available through GlassFish v3 Simplifies resource adapter development Adds powerful new capabilities to assign contexts during Work execution and Message delivery Enhances enterprise application integration capabilities in Java EE 6
    43. 43. Agenda Introduction Connector 1.6 themes Generic Work Context Security Inflow Ease of Development (EoD) features Miscellaneous improvements Resources and Summary Q & A
    44. 44. Sivakumar Thyagarajan and Binod PG [email_address] Sun Microsystems