1. Where is the data verification?
Data verification is divided into verification of pure data types and verification of business rules.
The former has no restrictions on business rules, all places where "approaching client" (such as: delegation) is suitable, not in Bean, saving JNDI find, RMI traffic, and (possibly) the cost of additional business logic . The latter resolves the business-specific error requires access to the use of additional entities and session beans and database access, which must be processed through JNDI and RMI transactions, so put it in the bean. All RMI traffic should be local when the verification is placed at this layer of the application; most application servers will use the Optimization of the VM to make the bean- to -bean interaction is extremely fast. You can also avoid JNDI access because many Beans have shown the associated bean's main (HOME) interface. In addition, your business delegate has handled all necessary data format validations.
Summary: When deciding where to place the verification code, it is important to distinguish between two authentication types. Data verification is a much simpler verification type than business verification. General experience is to make it as close as possible to clients. It is more complicated for business-specific verification and usually requires several different transactions to complete. Such validation should be placed in the EJB layer, where it can use existing processes as much as possible.
Source: http://www-900.ibm.com/developerWorks/cn/java/J-EJB1217/index.shtml
Date: 09/07 / 04am
