Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
TOP 50 JAVA EE 7 BEST
PRACTICES
Ryan Cuprak
Michael Remijan
About Us
Ryan
• @ctjava
• rcuprak@gmail.com
• http://www.cuprak.info
• https://www.linkedin.com/in/rcuprak
Michael
• @mjre...
EJB 3 In Action 2nd Edition
Updated For
• EE 7
• EJB 3.2
Java EE 7
Concurrency
Utilities
Batch
Applications
Java
API for
JSON
Java API for
WebSocket
JSF 2.2
JSX-WS
2.2
JAX-RS
2
EL...
#1 JAX-RS: API Versioning
Version your JAX-RS with one of two approaches:
1. URL
http://ctjava.org/v2/meetings
http://ctja...
#1 JAX-RS: API Versioning (Continued…)
Approach 1: URL
Approach 2: Media Types
#1 JAX-RS: API Versioning (Continued…)
Service Moved Permanently
#2 JAX-RS: Error Handling
Provide ExceptionMappers to handle and process errors.
#2 JAX-RS: Error Handling (Continued…)
HTML content is hardly a friendly response for an API!
#2 JAX-RS: Error Handling (Continued…)
#3 JAX-RS: Caching
Tell clients to cache data!
#4 JAX-RS + Bean Validation
Use Bean Validation to check data.
#5 JAX-RS: Compress Responses
Use gzip compression for responses to reduce bandwidth.
#6 Securing RESTful Services
• Use tokens with RESTful Web Services (OWASP).
• Leverage JASPIC to setup JAAS environment.
#7 JAX-RS + EJB
• Use @Stateless and @Path together
• Pooled, thread safe, monitored
#7 JAX-RS + EJB (Continued…)
• http://localhost:4848/monitoring/domain/server/applications/WebApp
lication1/StatelessResou...
#8 JAX-RS: Asynchronous API Gateway
• Gateway calls multiple microservices asynchronously
• Combines results into a DTO
#8 JAX-RS: Async…(Continued…)
• Gateway calls multiple microservices asynchronously
• Combines results into a DTO
#9 JPA: Pagination
Use pagination for potential large result sets.
#9 JPA: Pagination (Continued…)
#10 JPA: Lazy Relationships
Avoid unnecessary queries – use Fetch on Lazy
relationships.
#10 JPA: Lazy Relationships (Continued…)
1. SELECT MEETINGID, DATE, MEETINGABSTRACT, TITLE FROM MEETING WHERE (MEETINGID
=...
#10 JPA: Lazy Relationships (Continued…)
1. SELECT t1.MEETINGID, t1.DATE, t1.MEETINGABSTRACT, t1.TITLE, t0.SPEAKERID, t0.B...
#11 JPA: Cascade
• Don’t forget cascade levels to handle child data
• cascade=ALL is equivalent to cascade={PERSIST,
MERGE...
#12 JPA: Entity Graphs
#13 JPA + DAO
Put CRUD operations into DAOs.
#14 JPA: hashcode() & equals()
The equals and hashcode are required for:
• Entity is added to a collection
• When re-attac...
#14 JPA: hashcode() & equals() Continued…
#15 JPA: Optimistic Locking
• Don’t roll your own
• Use @Version for optimistic locking: Integer
#15 JPA: Optimistic Locking (Continued…)
• Timestamp
#16 JPA: Pessimistic Locking
• PESSIMISTIC_READ, PESSIMISTIC_WRITE
• Lock timeout
HINT
#17 JPA: Mapping Inheritance
• Inheritance can have a big impact upon performance.
• Three approaches:
• Single table
• Jo...
#18 JPA L2 Cache
JPA 2 introduced the L2 Cache, use this cache for:
• Entities that are frequently read
• Entities that ar...
#18 JPA L2 Cache (Continued…)
Mark entity for L2 cache
Bypass L2 cache
#19 JPA: Persisting ENUM
• ENUM is a good case of converting data types
• Use a @Converter
#19 JPA: Persisting ENUM (Continued…)
• @Converter
• AttributeConverter<X,Y>
• X is my application, Y is the database
#20 EJB: Transaction Handling
• EJBs exist to handle transactions. Keep them at the right layer
• Don’t ignore transaction...
#21 EJB: Stateless Thread Safety
• Stateless beans are a pooled, managed resource
• Pools configurable by the application ...
#22 EJB: Asynchronous
• @Asynchronous runs in container-managed thread
• Return Future<> to get results later
• Ideal for ...
#23 EJB: Security
• Use declarative security and let the container handle it
• Avoid programmatic security
• EE servers tr...
#23 EJB: Security (Continued…)
• EE Configuration
• web.xml
• @DeclaredRoles
• @RolesAllowed
• Custom Configuration
• EE S...
#24 EJB: Avoid Lengthy Initialization
Don’t abuse startup – @PostConconstruct delays
You delay initialization of the conta...
#24 EJB: Avoid Lengthy Initialization
#25 CDI: Observers
• In-memory event processing
• Very “reactive”
• Decouple work to be done, avoids unnecessary
dependenc...
#25 CDI: Observers (Continued…)
• Fire the event
• Observers process the event
#26 CDI: Producer + Cache
• Use a producer to customize creation of an object
• Producer method is always called, so cache...
#27 CDI: Interceptors
• Limit to cross-cutting concerns
• Do not use to change business logic
• Create an annotation
#27 CDI: Interceptors
• Create the interceptor
#27 CDI: Interceptors
• Apply the interceptor
#28 CDI: Decorators
• Use to enhance or decorate existing code
• Open-close principle
• Do not use for cross-cutting conce...
#28 CDI: Decorators (Continued…)
• /WEB-INF/beans.xml
• /META-INF/beans.xml
#29 CDI: Transactions
Java EE introduced @Transactional for non-EJBs.
Pro: Easier to utilize transactions outside of EJB.
...
#30 CDI: Bean Discovery
• Java EE 7 CDI is enabled by default.
• beans.xml is no longer required as in EE 6
• Bean discove...
#31 Batch: Java EE not SE
• Think Java EE for batch, not SE
• Batch API
• Cron like schedule on EJB methods
• META-INF/bat...
#32: Batch Best Practices
• Package/deploy batch jobs separately
• Implement logic to cleanup old jobs
• Implement logic f...
#33 JAXB Primitive Data Types
anySimpleType
decimal
integer
long
int
short
byte
float double
nonPositiveInteger
negativeIn...
#34 JAXB: Date & Time Representation
• Use XMLGregorianCalendar for dates
• Avoid java.util.Date and java.util.Calendar
• ...
#35 JAXB: Annotate
Don’t let JAXB generate everything!
#36 JAX-WS: RPC vs. Document
• Four different possibilities:
• RPC/Literal
• RPC/Encoded
• Document/Literal
• Document/Enc...
#37 JAX-WS: JAXB Gotcha
• JAXB will serialize an entire object graph.
Oops!
Use either:
• DTO – Data Transfer Object
• @Xm...
#38 JAX-WS Interoperable Services
• Design service starting with the WSDL
• Create data types using XSD
• Keep data types ...
#39 SOAP Faults
• Types of SOAP faults:
• Modeled – exception explicitly thrown by business logic.
• Mapped to wsdl:fault ...
#40 JAX-WS Input/Output Processing
Use SOAP message handlers to pre/post process
messages and handle SOAP faults.
#40 JAX-WS Input/Output Processing
#41 JAX-WS Security
Specify Roles
#42 JAX-WS Large Files
Use W3C Message Transmission Optimization Mechanism
(MTOM) to handle large files.
#43 Deployment Classpath
• Are you pulling in third-party JAR files?
• Do these JAR files include Java EE annotated classe...
#44 Threading
• Never create create threads.
• Container manages resources.
#44 Threading…
Thread Factory
#45 Distributed Caches
• Don’t treat @Singleton as a “global” singleton!
• Use JCache implementation (ex. HazelCast)
Java ...
#46 Testing: Load
Load testing always at 100%?
Scenario:
• Message Driven Bean with a connection to a remote
resource.
• S...
#46 Testing Load (Continued…)
Oops, resource only leak as bean instances fluctuate!
0
5
10
15
20
25
30
35
1 2 3 4 5 6 7 8 ...
#47 Testing: Integration
Use Arquillian:
#48 Java EE Tutorial Table of Contents
• What’s in Java EE?
• 918 pages
• TOC is a great summary
• 30+ pages
• Highlights ...
#49 There are no “small” applications
• Don’t fall into these traps:
• “It’s just a simple application”
• “It only needs t...
#50 Start with an EE Server
• Because there are no “small” applications
• Start with an EE Server
Avoid filling yourWAR wi...
Join Us!
https://javaee-guardians.io
Q&A
Upcoming SlideShare
Loading in …5
×

Top 50 java ee 7 best practices [con5669]

8,189 views

Published on

JavaOne 2016
This session provides 50 best practices for Java EE 7, with examples. The best practices covered focus primarily on JPA, CDI, JAX-WS, and JAX-RS. In addition, topics involving testing and deployment are covered. This presentation points out where best practices have changed, common misconceptions, and antipatterns that should be avoided. This is a fast-paced presentation with many code samples.

Published in: Software
  • Be the first to comment

Top 50 java ee 7 best practices [con5669]

  1. 1. TOP 50 JAVA EE 7 BEST PRACTICES Ryan Cuprak Michael Remijan
  2. 2. About Us Ryan • @ctjava • rcuprak@gmail.com • http://www.cuprak.info • https://www.linkedin.com/in/rcuprak Michael • @mjremijan • mjremijan@yahoo.com • http://mjremijan.blogspot.com • http://linkedin.com/in/mjremijan
  3. 3. EJB 3 In Action 2nd Edition Updated For • EE 7 • EJB 3.2
  4. 4. Java EE 7 Concurrency Utilities Batch Applications Java API for JSON Java API for WebSocket JSF 2.2 JSX-WS 2.2 JAX-RS 2 EL 3 Servlet 3.1 Common Annotations 1.2 Interceptors 1.2 CDI 1.1 Managed Beans 1.0 EJB 3.2 Connector 1.7 JPA 2.1 JTA 1.2 JMS 2 JSP 2.3 JAXB
  5. 5. #1 JAX-RS: API Versioning Version your JAX-RS with one of two approaches: 1. URL http://ctjava.org/v2/meetings http://ctjava.org/v1/meetngs 2. Media Content or Header Param curl -H "Content-Type:application/srv-v4+json” … Return HTTP Status Codes for services moved/changed: • 301 Moved Permanently • 302 Found
  6. 6. #1 JAX-RS: API Versioning (Continued…) Approach 1: URL Approach 2: Media Types
  7. 7. #1 JAX-RS: API Versioning (Continued…) Service Moved Permanently
  8. 8. #2 JAX-RS: Error Handling Provide ExceptionMappers to handle and process errors.
  9. 9. #2 JAX-RS: Error Handling (Continued…) HTML content is hardly a friendly response for an API!
  10. 10. #2 JAX-RS: Error Handling (Continued…)
  11. 11. #3 JAX-RS: Caching Tell clients to cache data!
  12. 12. #4 JAX-RS + Bean Validation Use Bean Validation to check data.
  13. 13. #5 JAX-RS: Compress Responses Use gzip compression for responses to reduce bandwidth.
  14. 14. #6 Securing RESTful Services • Use tokens with RESTful Web Services (OWASP). • Leverage JASPIC to setup JAAS environment.
  15. 15. #7 JAX-RS + EJB • Use @Stateless and @Path together • Pooled, thread safe, monitored
  16. 16. #7 JAX-RS + EJB (Continued…) • http://localhost:4848/monitoring/domain/server/applications/WebApp lication1/StatelessResource/bean-methods/getText[.json]
  17. 17. #8 JAX-RS: Asynchronous API Gateway • Gateway calls multiple microservices asynchronously • Combines results into a DTO
  18. 18. #8 JAX-RS: Async…(Continued…) • Gateway calls multiple microservices asynchronously • Combines results into a DTO
  19. 19. #9 JPA: Pagination Use pagination for potential large result sets.
  20. 20. #9 JPA: Pagination (Continued…)
  21. 21. #10 JPA: Lazy Relationships Avoid unnecessary queries – use Fetch on Lazy relationships.
  22. 22. #10 JPA: Lazy Relationships (Continued…) 1. SELECT MEETINGID, DATE, MEETINGABSTRACT, TITLE FROM MEETING WHERE (MEETINGID = ?) 2. SELECT t1.SPEAKERID, t1.BIOGRAPHY, t1.FIRSTNAME, t1.LASTNAME FROM meeting_speakers t0, SPEAKER t1 WHERE ((t0.meetingid = ?) AND (t1.SPEAKERID = t0.speakerid))
  23. 23. #10 JPA: Lazy Relationships (Continued…) 1. SELECT t1.MEETINGID, t1.DATE, t1.MEETINGABSTRACT, t1.TITLE, t0.SPEAKERID, t0.BIOGRAPHY, t0.FIRSTNAME, t0.LASTNAME FROM SPEAKER t0, meeting_speakers t2, MEETING t1 WHERE ((t1.MEETINGID = ?) AND ((t2.meetingid = t1.MEETINGID) AND (t0.SPEAKERID = t2.speakerid))) 1 Query Not TWO!
  24. 24. #11 JPA: Cascade • Don’t forget cascade levels to handle child data • cascade=ALL is equivalent to cascade={PERSIST, MERGE, REMOVE, REFRESH, DETACH}
  25. 25. #12 JPA: Entity Graphs
  26. 26. #13 JPA + DAO Put CRUD operations into DAOs.
  27. 27. #14 JPA: hashcode() & equals() The equals and hashcode are required for: • Entity is added to a collection • When re-attaching entities to a new persistence context. Important points: • Do not use generated identifiers • Use business key equality
  28. 28. #14 JPA: hashcode() & equals() Continued…
  29. 29. #15 JPA: Optimistic Locking • Don’t roll your own • Use @Version for optimistic locking: Integer
  30. 30. #15 JPA: Optimistic Locking (Continued…) • Timestamp
  31. 31. #16 JPA: Pessimistic Locking • PESSIMISTIC_READ, PESSIMISTIC_WRITE • Lock timeout HINT
  32. 32. #17 JPA: Mapping Inheritance • Inheritance can have a big impact upon performance. • Three approaches: • Single table • Joined-tables • Table-per-class • Denormalize for better performance
  33. 33. #18 JPA L2 Cache JPA 2 introduced the L2 Cache, use this cache for: • Entities that are frequently read • Entities that are modified infrequently • Not critical if stale • L2 cache can consume large amounts of memory • ALL • NONE • ENABLE_SELECTIVE • DISABLE_SELECTIVE Are you using a default setting?
  34. 34. #18 JPA L2 Cache (Continued…) Mark entity for L2 cache Bypass L2 cache
  35. 35. #19 JPA: Persisting ENUM • ENUM is a good case of converting data types • Use a @Converter
  36. 36. #19 JPA: Persisting ENUM (Continued…) • @Converter • AttributeConverter<X,Y> • X is my application, Y is the database
  37. 37. #20 EJB: Transaction Handling • EJBs exist to handle transactions. Keep them at the right layer • Don’t ignore transactions. Default: REQUIRED • JAX-RS endpoints, database reads & performance
  38. 38. #21 EJB: Stateless Thread Safety • Stateless beans are a pooled, managed resource • Pools configurable by the application server
  39. 39. #22 EJB: Asynchronous • @Asynchronous runs in container-managed thread • Return Future<> to get results later • Ideal for wrapping JAX-RS calls • Good way to avoid any of your own threading
  40. 40. #23 EJB: Security • Use declarative security and let the container handle it • Avoid programmatic security • EE servers trust principal/roles passed between containers.
  41. 41. #23 EJB: Security (Continued…) • EE Configuration • web.xml • @DeclaredRoles • @RolesAllowed • Custom Configuration • EE Server Realm • glassfish-web.xml
  42. 42. #24 EJB: Avoid Lengthy Initialization Don’t abuse startup – @PostConconstruct delays You delay initialization of the container!
  43. 43. #24 EJB: Avoid Lengthy Initialization
  44. 44. #25 CDI: Observers • In-memory event processing • Very “reactive” • Decouple work to be done, avoids unnecessary dependencies • Create an event to fire
  45. 45. #25 CDI: Observers (Continued…) • Fire the event • Observers process the event
  46. 46. #26 CDI: Producer + Cache • Use a producer to customize creation of an object • Producer method is always called, so cache the instance
  47. 47. #27 CDI: Interceptors • Limit to cross-cutting concerns • Do not use to change business logic • Create an annotation
  48. 48. #27 CDI: Interceptors • Create the interceptor
  49. 49. #27 CDI: Interceptors • Apply the interceptor
  50. 50. #28 CDI: Decorators • Use to enhance or decorate existing code • Open-close principle • Do not use for cross-cutting concerns
  51. 51. #28 CDI: Decorators (Continued…) • /WEB-INF/beans.xml • /META-INF/beans.xml
  52. 52. #29 CDI: Transactions Java EE introduced @Transactional for non-EJBs. Pro: Easier to utilize transactions outside of EJB. Con: Mixes layers – transactions & rest etc.
  53. 53. #30 CDI: Bean Discovery • Java EE 7 CDI is enabled by default. • beans.xml is no longer required as in EE 6 • Bean discovery mode: • Annotated – only annotated classes • All – includes beans that are not annotated • None – CDI disabled • Default mode is ‘annotated’
  54. 54. #31 Batch: Java EE not SE • Think Java EE for batch, not SE • Batch API • Cron like schedule on EJB methods • META-INF/batch-jobs/processInvoices.xml
  55. 55. #32: Batch Best Practices • Package/deploy batch jobs separately • Implement logic to cleanup old jobs • Implement logic for auto-restart • Test restart and checkpoint logic • Configure database to store jobs • Configure thread pool for batch jobs • Only invoke batch jobs from logic that is secured (@Role etc.)
  56. 56. #33 JAXB Primitive Data Types anySimpleType decimal integer long int short byte float double nonPositiveInteger negativeInteger nonNegativeInteger unsigneLong positiveInteger unsignedInt unsignedInt unsignedByte
  57. 57. #34 JAXB: Date & Time Representation • Use XMLGregorianCalendar for dates • Avoid java.util.Date and java.util.Calendar • XMLGregorianCalendar • Handles long fractions of seconds – important to .NET interoperability
  58. 58. #35 JAXB: Annotate Don’t let JAXB generate everything!
  59. 59. #36 JAX-WS: RPC vs. Document • Four different possibilities: • RPC/Literal • RPC/Encoded • Document/Literal • Document/Encoded • Encoded is not supported by WS-I • Default and most commonly used is Document/Literal • Use Document/Literal • RPC/Literal: • Limited to basic XSD types • WSDL will not include types section to constrain parameters
  60. 60. #37 JAX-WS: JAXB Gotcha • JAXB will serialize an entire object graph. Oops! Use either: • DTO – Data Transfer Object • @XmlTransient
  61. 61. #38 JAX-WS Interoperable Services • Design service starting with the WSDL • Create data types using XSD • Keep data types SIMPLE • Avoid xsd:anyType • Avoid sending Null values • Use byte[] instead of String when character encoding is unknown
  62. 62. #39 SOAP Faults • Types of SOAP faults: • Modeled – exception explicitly thrown by business logic. • Mapped to wsdl:fault in WSDL file • Unmodeled – RuntimeException, represented as generic SOAPFaultException
  63. 63. #40 JAX-WS Input/Output Processing Use SOAP message handlers to pre/post process messages and handle SOAP faults.
  64. 64. #40 JAX-WS Input/Output Processing
  65. 65. #41 JAX-WS Security Specify Roles
  66. 66. #42 JAX-WS Large Files Use W3C Message Transmission Optimization Mechanism (MTOM) to handle large files.
  67. 67. #43 Deployment Classpath • Are you pulling in third-party JAR files? • Do these JAR files include Java EE annotated classes? • Are you accidently deploying web services, MDBs etc.? • Are you including container dependencies? BAD!
  68. 68. #44 Threading • Never create create threads. • Container manages resources.
  69. 69. #44 Threading… Thread Factory
  70. 70. #45 Distributed Caches • Don’t treat @Singleton as a “global” singleton! • Use JCache implementation (ex. HazelCast) Java EE Server #1 app.war SingletonBean Java EE Server #2 app.war SingletonBean
  71. 71. #46 Testing: Load Load testing always at 100%? Scenario: • Message Driven Bean with a connection to a remote resource. • Standing pool size: 3 Oops!
  72. 72. #46 Testing Load (Continued…) Oops, resource only leak as bean instances fluctuate! 0 5 10 15 20 25 30 35 1 2 3 4 5 6 7 8 9 Leak Bean Returning to standing pool size leaks resources.
  73. 73. #47 Testing: Integration Use Arquillian:
  74. 74. #48 Java EE Tutorial Table of Contents • What’s in Java EE? • 918 pages • TOC is a great summary • 30+ pages • Highlights just how much is in EE
  75. 75. #49 There are no “small” applications • Don’t fall into these traps: • “It’s just a simple application” • “It only needs to do…” • “Code it up real quick…” • EE Specification exists for a reason • Multiple users • Concurrency • Multi-threading • Transaction management • External resources • Messaging
  76. 76. #50 Start with an EE Server • Because there are no “small” applications • Start with an EE Server Avoid filling yourWAR with “EE Features” because you are not using an EE server • But Servers are “heavy-weight”? • Payara • WildFly • TomEE • Benefits • “Light-weight” • Regular updates • Great online community support
  77. 77. Join Us! https://javaee-guardians.io
  78. 78. Q&A

×