J2EE performance layer design thinking

According to the status of the system or the error, the display may be modified according to the environment of the system, according to the environment of the system. For example, if the user uses a single CPU hardware device, some devices using multiple CPUs can be not displayed.

Access to configure control resource To limit a customer directly access a special view, you can configure that the performance layer can only access these resources through internal resources, such as a servlet controller using RequestDispatcher. In addition, you can also use the security technology built in the web container, according to servlet2.2 or later. Safety restrictions are defined in the configuration description file called Web.xml (deployment descriptor).

The authentication method of BASIC and FORM-BASD is also described in the servlet specification. Here we don't intend to repeat this specification, you can go to the following URL to see the details of the current specification (http://java.sun.com/products/servlet/index.html). You have understood what is used when joining security restrictions on your app, we briefly discuss this issue and introduce how to configure it and all-or-nothing protection. Finally, we describe a simple and common way as all-or-nothing protection to limit access to a resource. The security restriction protection resource application may be configured in a secure limit, and this security restriction allows the use of programmed methods to control access according to the user's role. Resources can be accessed by certain characters and disable other roles. In addition, a portion of a view can also be restricted to access according to the role of the user. If some resources are completely prohibited from all direct browser requests, such as those mentioned above All-OR-Nothing scenarios, these resources can only allow access to some security roles, and these security roles are not assigned to any one. This will only be disabled from all browsers from accessing all browsers as long as this security role is not assigned. Example 3.3 is part of a web.xml configuration file that defines a secure role to limit direct browser access. The name of the role is "Sensitive", the name of the restricted resource is sensitive1.jsp, sensitive2.jsp, and sensitive3.jsp. These customers cannot directly access these JSP pages unless a user or group is assigned to the "SENSITIVE" role. However, due to the internal requests are not limited by these security, the requests for processing by a servlet controller will be guided to these Limited pages, so they can access these JSP pages indirectly. Finally, it is important to note that there is a substantive phenomenon in this area when the products of different manufacturers are implemented in the Servlet 2.2 version. However, the server that supports servlet2.3 does not have this compatibility issue. Example 3.3 Provides all-or-nothing control by dissemination of security roles

SensitiveResources A Collection of Sensitive Resources / trade / jsp / InternaaCcess / sensitive1.jsp / trade / jsp / interfaceAlaccess / sensitive2.jsp / trade / jsp / interfaceAlaccess / sensitive3.jsp get post sensitive Setting up resource protection There is a simple and common way to limit a customer directly accessing a resource, such as JSP. As with the example of 3.3, this method does not need to modify any configuration files. This method just needs to place resources in the web application / web-inf / directory. For example, to prevent the browser directly from accessing a view called Info.jsp, we assume that this file is a web application that belongs to the securityissues. We can put the JSP file in the following subdirectory: / scrub projectues/web-inf/internalAccessonly/info.jsp. For the / web-inf / directory and their subdirectories are prohibited from being accessed directly from the browser, INFO.JSP can also be accessed directly. However, if you need, a controller servlet can still be guided to this resource. This control uses all-or-nothing mode because resources configured in this way are completely prohibited from directly accessing them.

Duplicate Form Submit users When using a browser, you can use the back button frequently, so it is possible to repeat the form they have submitted, which will bring a duplication of transaction processing. Similarly, a user may also press the stop button before receiving a confirmation page, then submit the same form again. For these situations, we want to track and prohibit these repetitions, we can use a control servlet to provide a control point to solve this problem.

Synchronizer (OR DVU) token This policy is to resolve duplicate Form submission issues. A synchronized marker is set in the session of a user and is included in each Form returned to the customer. When the Form is submitted, the synchronization tag in the Form is compared to the synchronization tag in the session. These two tags should be the same when Form is submitted. If the tag is different, then the Form will prohibit submission, and an error will return to the user. When the user submits an FORM, if you press the back button in the browser and try to resubmit the same form, the mark will do not match. On the other hand, if the two tag values ​​match, then we can confirm that the entire process is correct. In this case, the tag value in the session will be modified to a new value while allowing the FORM to be submitted. You can also use this policy to control direct access to some pages, just as described in the above resource protection. For example, suppose a user collects a page A of an application to a favorites, while the page A is only allowed to access by page B and C. When the user accesses the page A directly through the favorites, the access order of the page is incorrect, so that the synchronization tag will be in a state in which it is not synchronized, or it does not exist at all. No matter what, the access is banned. Verification usually we all want to verify at the client and server. Although the client's verification process does not have a professional, it can provide a high-level check, such as whether a field in the Form is empty. The server-side verification is usually much larger. Although in one application, both types of processing are appropriate, but it is not recommended to use only the client authentication. One of the main reasons why the client's verification is the use of the client's script language, users can use them at any time to skip these scripts. It is not intended to discuss verification strategies in detail. We just mention here that this is a question that needs to be considered when designing the system. If you want to know more deeply, you can refer to existing literature. Verification of the client verification input is performed on the client. Usually this operation is performed by embedded script code, such as JavaScript. It has been mentioned above, the client's verification is a supplement to the server-side verification, but it should not be used independently. Verification of the server-side verification input is performed on the server. There are several typical strategies to be used as server-side authentication. These strategies are Form-Centric Validation and Validation Based on Abstract Types (based on abstract type authentication). FORM-CENTRIC VALIDATION FORM-CENTRIC VALIDATION The policy forces an application contains many ways to verify the status of the Form. Typically, these methods are overlap in terms of logic they include, which is not conducive to reuse and modularization. One verification method is related to a particular form of Form, there is no common code to handle common operations, such as required fields or only the fields of numbers. In this case, when a field is used in a plurality of different forms and is a required field, it is handled independently in the application. This strategy is relatively easy, and the efficiency is also high, but it will bring repetitive code when the application becomes large. To provide a more flexible, reusable and easy-to-maintain method, the data model should make greater abstraction. This method is the "verification according to the abstraction type, the example 3.4 is shown in the example 3.4 of Form-Centric verification.

Example 3.4 Form-Centric Validation / ** If the first name or last name fields were left blank, then an error will be returned to client. With this strategy, these checks for the existence of a required field are duplicated. If this valid- ation logic were abstracted into a separate component, it could be reused across forms (see Validation Based on Abstract Types strategy) ** / public Vector validate () {Vector errorCollection = new Vector (); if ((firstname == null) | (firstname.trim.length () <1)) ErrorCollection.addelement ("firstname required"); if (LastName == Null) || (Lastname.trim.length ()) ErrorColction.addelement (" Lastname Required "); Return ErrorCollection;} Abstract class verification This method can be applied to the client or server, but it is best to apply on the server side in a browser or thin client-based environment. The input and restriction information is abstracted in the model state and put it in a universal architecture. This reduces the application logic of the model's verification and the application of the model, thereby reducing their coupling. Model verification is performed by comparing metadata and restrictions and model status. The metadata and limits of the model can usually be accessed by some simple data storage, such as an attribute file. The advantage of this method is the system more common because it separates the status and restricted information by the application logic. For example, there is a logic of component or subsystem package authentication, including determining whether a string is empty, a number of inputs in a range, or a string formatted to some way. When different application components need to verify different aspects of a model, each component does not need to write their own verification code. Instead, use centralized verification techniques. Centralized verification techniques can be set by some ways, such as programming, some generators, or usually declared, using configuration files, etc. This verification technology is more common, it focuses on the status of the model and its needs, and is independent of the other parts of the application. One disadvantage to use this method is that efficiency and performance are affected, and usually more common methods, although more powerful, it is difficult to understand and maintain. The following is an example. A configuration file using XML describes a variety of verification, such as "required fields", "requires all of the numbers", etc. In addition, each verified management class can be designed. Finally, a shot corresponds to the value of the HTML table and a particularly verification. Verify that an example code for a particular field is shown in Example 3.5. Example 3.5 Validation Based on Abstract Types

//firstnamestring="dan"//mfieldname="form1.firstname"validator.getInstance( ).validate (FirstNameString, FormfieldName); Helper Properties - Integrity and Consistency JavaBean Helper class is usually used to save a customer request transmission Come over the middle state. The JSP running engine provides a technology that automatically copys these parameter values ​​by a servlet request object to the properties of these JavaBean Helper objects. The JSP syntax is as follows: The above statement tells the JSP engine to copy all the matching parameter values ​​to a JavaBean's corresponding attribute (this JavaBean's name is "Helper "), As shown in Example 3.6. Example 3.6 Helper Properties - a Simple JavaBean Helper

public class Helper {private String first; private String last; public String getFirst () {return first;} public void setFirst (String aString) {first = aString;} public String getLast () {return last;} public void setLast (String {Last = astring;}} So how do you match? If the name and type of a request parameter are, like the properties of Helper Beans, they think they are matched. It is usually compared to the type of each parameter and the name of the name of each bean property and the type of the setter method of the bean property. Although this skill is very simple, it can produce some confusing things. First, pay attention to if the value of the request parameter is empty, how will it be? Many developers may think that when an REQUEST parameter is an empty string, if it and a bean property match, the bean property will receive an empty String value or NULL. In this case, the result is no modification of the matching bean property. Also, since the JavaBean Helper object is a cross-multiple request reuse, this vague approach will make the data value is incorrect and incorrect. Figure 3.1 shows the problems that will bring this skill.

************** Figure 3.1 *************** Request 1 contains a parameter value name "first" and "Last", and These values ​​set the corresponding bean properties. Request 2 only contains a value of the "Last" parameter, so only one of the parameters in the bean, and the value of the "first" parameter has no change. It is not set to an empty field string or NULL, which is because there is no value in the requesting parameters. As shown in Figure 3.1, if the value of the bean does not have a manual reset between the request, this is inconsistent with the problem. When designing your app, another question to consider is how the HTML FORM interface is handled when the project in the Form is not selected. For example, when an Form has multiple Checkbox, the value of the server is not emptied when no checkbox is selected. When the Request object is generated by this interface, there is no corresponding Checkbox parameter in the Request object. Therefore, these Checkbox-related parameter values ​​will not be sent to the server side (complete HTML specification, see http://www.w3.org/). Since there is no parameter value to transmit to the server, as described above, when using , the matching bean property will remain unchanged. In this case, the application will have inconsistent and incorrect data values ​​unless the developer manually modifies these values. A simple solution is to reset the status value of all javabeans between each request. The parameter value is copied to a JavaBean's corresponding attribute (this JavaBean's name is "helper"), as shown in Example 3.6. Examples 3.6 Helper Properties - A Simple JavaBean Helperpublic class Helper {private String first; private String last; public String getFirst () {return first;} public void setFirst (String aString) {first = aString;} public String getLast () {return Last;} public void setlast (string astring) {last = astring;}} So how do you match? If the name and type of a request parameter are, like the properties of Helper Beans, they think they are matched. It is usually compared to the type of each parameter and the name of the name of each bean property and the type of the setter method of the bean property. Although this skill is very simple, it can produce some confusing things. First, pay attention to if the value of the request parameter is empty, how will it be? Many developers may think that when an REQUEST parameter is an empty string, if it and a bean property match, the bean property will receive an empty String value or NULL. In this case, the result is no modification of the matching bean property. Also, since the JavaBean Helper object is a cross-multiple request reuse, this vague approach will make the data value is incorrect and incorrect. Figure 3.1 shows the problems that will bring this skill.

************** Figure 3.1 *************** Request 1 contains a parameter value name "first" and "Last", and These values ​​set the corresponding bean properties. Request 2 only contains a value of the "Last" parameter, so only one of the parameters in the bean, and the value of the "first" parameter has no change. It is not set to an empty field string or NULL, which is because there is no value in the requesting parameters. As shown in Figure 3.1, if the value of the bean does not have a manual reset between the request, this is inconsistent with the problem. When designing your app, another question to consider is how the HTML FORM interface is handled when the project in the Form is not selected. For example, when an Form has multiple Checkbox, the value of the server is not emptied when no checkbox is selected. When the Request object is generated by this interface, there is no corresponding Checkbox parameter in the Request object. Therefore, these Checkbox-related parameter values ​​will not be sent to the server side (complete HTML specification, see http://www.w3.org/). Since there is no parameter value to transmit to the server, as described above, when using , the matching bean property will remain unchanged. In this case, the application will have inconsistent and incorrect data values ​​unless the developer manually modifies these values. A simple solution is to reset the status value of all javabeans between each request. Guidelines, including design issues, refactoring, and patterns, provide further information and better options. We will not discuss each bad habit very deeply. Here is just a point until, and interested can continue to study. A Summary Code Problem Summary Customized Tag Helper can be included at the top of the JSP view to perform access control and other types of checks. If a large number of views contain similar helper references, maintaining these code will become very difficult because modifications can happen in multiple places. Workaround: Modify the control code, use a Controller and related Command Helpers. When you need to include similar control code in multiple places, such as only part of the JSP view is required to prohibit some users from accessing this job through a reusable Helper class. The data structure of the commercial layer exposed the performance layer data structure, such as HTTPSERVLETREQUEST, should be limited to the performance layer. If these details are placed in the business layer or other layers, they will increase the coupling between the layers, which reduces the reuse of available services. If a business service method accepts an HTTPSERVLETREQUEST type parameter, this service is used to encapsulate their request status to an HttpservletRequest object. In addition, the service of the business layer needs to be known to interact with the data structure of these performance layers, so that the code of the business layer is complex and increases the coupling between the layers. Workaround: Do not allow the data structure of the performance layer to share, but a copy-related state to a more common data structure and share it. You can also choose to separate the relevant state in the performance layer data structure, as a separate parameter sharing. Data Structure Problem Data Problem Data Problem in the Domain Objects The request processing data structure and domain object sharing, such as HTTPSERVLETREQUEST, which will unnecessarily add two different aspects of the application.