Free since 2005 · No login required
AT

Academic Tutorials

Learn at your own pace
site-mobile-top-banner · 320x50

Using EJB to Implement Services

Added 31 Jul 2008

  • An EJB can be implemented as a coarse-grained session façade that encapsulates the business logic to be used as a Web service.
  • Web Services should be stateless and Stateless EJBs can be pooled for optimum application runtime performance.
  • Transactions can be managed declaratively by the EJB container.
  • With EJB the EJB 3.0 specification entity beans, which really never caught on in the developer community, have been replaced with JPA. Java Persistence API provides a simplified, light-weight, OR mapping framework.
  • Stateless EJB may be exposed as Web services using the metadata annotations defined in JSR 181 (Web Services Metadata for the Java Platform).
  • An EJB can be enabled to use XML Signatures or Encryption. Alternatively, WebSphere (WAS) 5.1 supports WS-Security; WAS 6 supports WS-Security "approved" spec level.
  • For WAS 5.0, which is going out of service in September 2006, SSL and basic auth is available. With basic auth, m ethod-level security can be enabled declaratively with an EJB using Java 2 Security and JAAS (Java Authorization and Authentication Service). LDAP or OS repository can be used to contain the DIT (Directory Information Tree) for user RBAC (Role-based Access Control).
  • An EJB can be implemented using either RPC-style or document-style Web services. RPC-style Web services are more efficient and behave more like a standard business object. Document style is more flexible because you can use schema.

Implications

SOA within most organization’s architectures is really at a stage where Web (HTTP) servers were in the early days of internet-style computing. In those days, architects were trying to find ways to use Web servers either for serving static pages or basic reporting. In a similar fashion, today’s architects are introducing Web services either for looking up reference data or other basic computing constructs.

To look at SOA any different than the other distributed object models previously mentioned is a rookie mistake. Technological advance in computer technology is much more fluid than it appears in that a new technology in many cases borrows from and improves on an existing related technology. The new feature within Web services is that it is a distributed technology engineered for the Internet. Essentially, there are application requirements where SOA makes senses and application requirements were it is inappropriate.