Catálogo de publicaciones - libros

In this chapter, we’ve worked through five complete filter examples covering these application domains:

Working through the code to these filters, we’ve discussed the following:

You now have five examples that you can use as the basis for your own filter implementation. You also have one versatile class, ReplaceContentOutputStream, that you can use whenever you need to wrap a response to modify its content.

You should now be fluent in filtering technology, and you should be able to apply filters to many challenges that the real world may throw at you.

We hope we’ve convinced you that security is pretty easy to add to a web application. It offers many benefits after it’s been added: customization based on role, an auditing log, and password encryption. In our experience, using container-managed security has made our development existence more enjoyable. We’ve done it programmatically by using LDAP and lots of application logic to show or hide links and to allow or deny access to pages. Even though it worked, and it worked well, it took much longer to program initially, and it was quite a nuisance to maintain. On the other hand, if you already have an authentication and authorization framework that offers you all the same benefits, you should, by all means, use it, and if it’s portable and works well, share it!

Our biggest issues with container-managed security have been related to the servlet container’s implementation of the Servlet specification. We recommend testing your application on Tomcat if you’re experiencing problems with configuring security. If your application works on Tomcat, your container might have some problems, and it’s time to do some research or write a workaround, or even to move to a different container (if that’s an option). Developing on Tomcat can be a great time-saver!

In this chapter, we covered many techniques for improving the performance of JSP applications. We discussed how to use the OSCache page-caching system to avoid regenerating a page for every incoming page request. Knowing that a database connection is an expensive operation that consumes processing time, memory, and network resources, we discussed the use of connection pooling to minimize the cost of this operation in JSP applications.

Performance and scalability are primary concerns for any JSP application. After a JSP application is deployed on a corporate intranet or on the Internet, it may become more popular than initially envisaged. If you apply the design practices discussed in this chapter, you have a much better chance of meeting your customer’s performance requirements and continuing to meet them as your user base expands. We showed you a specific performance-testing tool, Apache JMeter, which you can use during development to prove that performance and scalability requirements are being met.

As you read about JSP application frameworks in the following chapters, keep in mind what you’ve learned about designing for performance and scalability.

This chapter covered several topics related to web-application design and best practices, bringing together many of the topics you explored in the previous chapters. First, we discussed why design is important and we recapped the two major architectures for building web applications: page-centric (Model 1)and Model-View-Controller (Model 2). Then we showed how design patterns can help you design your application and described how some of the Java EE patterns can be used to build web applications based on the MVC architecture. These patterns included the following:

We then moved on to discuss some third-party frameworks such as Struts, WebWork, and Velocity.

After this, we showed how testing is an important part of web-application development and introduced unit testing and functional (or acceptance) testing. Automated testing has now really taken off with regard to web applications, and to illustrate this we discussed some of the testing tools that are now available. We then related testing back to the design aspects we presented earlier in the chapter by showing how the design of a web application can affect the ability to test it.

Finally, we covered some implementation topics, including logging, troubleshooting, and some general guidelines for building web applications.

This chapter concludes creation of the CSLA .NET framework. Over the past three chapters, you have learned how to support a wide variety of functionality to support the development of business objects. This chapter combined a wide range of capabilities, including the following:

Combined with the support for editable and read-only business objects from Chapter 3, and the data access and mobile object support from Chapter 4, these capabilities make it relatively easy to build a powerful object-oriented business layer for an application.

The remainder of the book will focus on how to use this framework to create business objects, as well as a variety of UIs for those objects, including Windows Forms, Web Forms, and Web Services.