1 / 54

A DBA Perspective to J2EE

A DBA Perspective to J2EE. Debu Panda Principal Product Manager Oracle Application Server Development http://radio.weblogs.com/0135826/ . Impedance Mismatch. I love my objects and beans. I love my tables. Developer. DBA. Agenda. Application Server Overview J2EE Overview

keon
Download Presentation

A DBA Perspective to J2EE

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A DBA Perspective to J2EE Debu PandaPrincipal Product Manager Oracle Application Server Development http://radio.weblogs.com/0135826/

  2. Impedance Mismatch I love my objects and beans I love my tables Developer DBA

  3. Agenda • Application Server Overview • J2EE Overview • Persistence Options and related concerns • Entity Bean Lifecycle for the DBAs • Messaging and Advanced Queuing • J2EE Security and OID/Single Sign On • Additional Resources and Next Steps

  4. What is An application Server • Middleware between users and database systems • Provides frameworks for building and deploying applications • Security • Transactions • Business Intelligence • Self-service Portal • Web Services • Caching and Hi-Availability • Increasingly Application Servers are becoming an O/S for servers ! • Major Players: Oracle, BEA, IBM

  5. Enterprise Portal Any Data Source Web Services Wireless & Mobile B2B Integration Business Services Framework Business Intelligence Application Integration Oracle Application Server 10g Integrated Middleware Platform Management & Security Clustering &Caching Rapid Application Development

  6. Mind boggling J2EE JSP Servlet JDBC JTA EJB JMS JNDI JCA J2EE

  7. What is J2EE? • Java 2 Enterprise Edition (J2EE) • Platform to build scalable and portable applications in Java • Relies on a number of Java specifications • Servlets, JSPs, EJB, JMS, JDBC, JTA, JNDI, etc. • DBAs care most about JDBC,JTA and EJB • JDBC – Java APIs for Database access • JTA – Java APIs to manage transactions • EJB – Enterprise JavaBeans • Oracle Application Server Containers for J2EE (OC4J) is J2EE 1.4 compliant

  8. Database Develop J2EE Applications with Oracle Application Server Servlets JSP OHS http EJBs (Session, Entity, MDBs) Browser EJB Client RMI JNDI JMS JCA JAAS Java Mail JTA JDBC CORBA Client RMI-over-IIOP J2EE Container Java VM Oracle Application Server

  9. What is a J2EE Container • J2EE applications run in a special environment called a J2EE Container/Server • Oracle’s container is named OracleAS Containers for J2EE (OC4J) EJB Container Web Container Interfaces Client EJB Bean Servlet/JSP Home J2EE Server

  10. Client Tier Web Tier Business Tier EIS Tier Database and Legacy Systems Web BrowserApplets JSP PagesServlets Enterprise JavaBeans Application Clients J2EE Architecture JDBC / J2CA

  11. What is JDBC • Standard API for accessing relational databases from Java • Issue SQL statements • Call server-side procedural logic • Conceptually similar to ODBC

  12. JDBC Driver • Translates JDBC method calls to vendor-specific database commands • Implements interfaces defined in the java.sql and javax.sql packages • Can also provide a vendor’s extensions to the JDBC standard Database Database commands JDBC calls Driver Database

  13. Oracle JDBC Drivers Remote Database Oracle Database Thin Driver (Type IV) Java Engine Java Sockets Server-Side Thin Driver Java Sockets SQL Engine PL/SQL Engine Server-Side Internal Driver OCI Driver (Type II) KPRB C Library OCI C Library

  14. Sample JDBC URLs for Oracle • Thin driver: • OCI driver: • Server-Side internal driver: jdbc:oracle:thin:@<host>:<port>:<SID> jdbc:oracle:thin:@dbdev.acme.com:1521:ORCL jdbc:oracle:oci:@<TNSNAMES entry> jdbc:oracle:oci:@dbdev jdbc:oracle:kprb:

  15. Connecting to the Database Connect Issue statement Process results Close • Register the driver • Connect to the database DriverManager.registerDriver (new oracle.jdbc.OracleDriver()); Connection conn = DriverManager.getConnection ("jdbc:oracle:thin:@myhost:1521:orcl", "scott", "tiger");

  16. JNDI API LDAP CORBA/COS RMI DNS File System JNDI Lookup Database JDBC Connection JNDI Data Sources • Newer way to access connection information • More flexible, portable than hard-coding URLs • Look up connection details by logical name • Typical for J2EE applications Context ctx = new InitialContext(); OracleDataSource ods = (OracleDataSource)ctx.lookup("jdbc/TestDB"); Connection conn = ods.getConnection();

  17. Connection Pooling and Caching • Reuse an existing physical connection • Closing the connection releases it back to be reused • Useful for stateless applications • Maintaining a set of Pooled Connections is called Connection Caching JDBC Connection Database PooledConnection PooledConnection PooledConnection Connection Caching

  18. Java Servlets and JSP Pages • Server-side Java components • Reside in the J2EE Web Tier • Dynamic Web content generation

  19. Java Servlets • Fundamental Java API for Internet Communication • Typically HTML generation • Can also deliver other datatypes including binary – XML, WML, GIF… • Foundation for JavaServer Pages

  20. Java Servlet Example public class HelloServlet extends HttpServlet { public void doGet(HttpServletRequest request,HttpServletResponse response) throws ServletException, IOException { PrintWriter out =response.getWriter(); out.setContentType(“text/html”); out.println("<html><body>"); out.println(”<h1>Hello There!</h1>"); out.println("</body></html>"); out.close(); }

  21. JavaServer Pages • HTML pages with embedded Java • In contrast to servlets (Java with embedded HTML ) • Same performance and portability benefits from servlet technology but with the ease of use of HTML • Best of both worlds for Web designers and Web developers

  22. JSP Example <HTML> <BODY> <P>Hello! <BR> Today is:<%= new java.util.Date() %> </BODY> </HTML>

  23. What is EJB • Reusable components that run inside a container • Can be accessed either • Either local and remote Java programs • CORBA compliant client • EJB Container provides support for • Persistence • Access control • Transactions

  24. Types of EJBs • Session Beans – encapsulate business logic • Transient in nature, cannot survive crash ! • Stateless – Perform a task e.g. charge a credit • Stateful – Maintains state between calls e.g. shopping cart • Entity Beans – persistent in nature • Representation of data • Two types Bean Managed Persistence (BMP), Container Managed Persistence (CMP) • Message Driven beans • A Java Message Service (JMS) listener (listens on a Topic or Queue) • Reliably consume message • Can work with Oracle Advanced Queueing

  25. Enterprise JavaBean Review OC4J EJBcontainer EJB home interface EJB home object EJB bean EJB client EJB remote object EJB remote interface JMS client Database JMS Listener MDB bean Enterprise Services Naming, Transactions, Security

  26. Entity Beans Uncovered • Represent persistent objects • Have a Primary key for unique identification • BMP requires developers to code all persistence • Use JDBC to perform persistence • CMP requires container to do the persistence based on declarations • Container does database access based on declarations by developer

  27. Customer Address id: int name: String creditRating: int id: int city: String zip: String Container Managed Relationships • Only between CMP EJBs • Supports 1-1, 1-M, and M-M • Relationships can be unidirectional or bi-directional • Relationships are persistent just like EJBs • Can have DELETE-CASCADE property *

  28. Bean constructor • ejbCreate(…) • primary key constructor • ejbSetEntityContext() • ejbPostCreate() ejbUnsetEntityContext() ejbRemove() ejbStore() EJB object stub Entity bean ejbLoad() create() Client remove() EJB Container EJB Server Entity Bean Life Cycle

  29. Entity Bean Lifecycle and database

  30. J2EE Persistence Options • J2EE standards based options are • Direct JDBC from web-tier or EJB session beans • Entity beans with Bean Managed Persistence • Entity beans with Container Managed Persistence • Additional technologies • Java-to-relational frameworks such as OracleAS TopLink • Oracle ADF (Application Development Framework)

  31. Direct Access with JDBC • Developer codes all interactions with database • Queries, inserts, updates, deletes using JDBC API • Common design pattern used – Data Access Objects • Separates persistence from business logic • Avoids putting JDBC code directly in Servlet/JSPs • Nil to low overhead from container • Developer is responsible for opening/closing resources • Transactions managed programmatically • Concurrency considerations • DBA Concerns: Review SQL

  32. Bean Managed Persistence • Using BMP • All database interactions are manually coded • Container calls your code when it performs an operation • Container still ultimately in control • Provides some implementation flexibility • Map to 1 or more tables, different storage systems • Make use of existing stored procedures • Performance perceptions and reality • Developer coded *may* be better than container generated • Inherent problem with (n + 1) SQL calls • DBA Concerns: Database schema is coded into bean, Review SQL

  33. Container Managed Persistence • Using CMP • Developer specifies persistent attributes of object • Developer specifies how entity object maps to database • All JDBC code generated by container • Container is responsible for managing persistence • Container maintains relationships between objects • Requires less code than JDBC and BMP • Choice for persistence in J2EE Applications • DBA Concerns : Many !! If you are not using Oracle Application Server

  34. CMP development and deployment Concerns • Container Managed Tables • Containers creates the tables and names those • Ask your developers to map to your schema • Container creates Primary key • If no primary key is assigned in Entity bean • OC4J names this column autoid by default • Container Managed Relationship • May create an extra table for maintaining relationship • You can use foreign key for mapping 1-M

  35. Performance Concerns • Container generates the SQL • SQL statement that can cause performance degradation by making full table scans or unnecessary joins • Unnecessary Extra SQL statements • Developers specify finder methods that can make full table scans • How to tune database for use with CMPs

  36. Optimizing CMP Entity beans for Oracle database • Reduce database operations • Use right concurrency mode and locking strategy • Tune your SQL/database

  37. Reduce Database Operations • Enforce primary key constraint at database level • Avoid extra SQL for constraint checking by container • Exploit DELETE CASCADE at database level • Container generate multiple SQL statements • Defer EJB creation to end of transaction • This avoids an extra UPDATE statement • Batch update operations to end of transaction • Exploit eager loading of relationship • Reduce round trips with pre-fetch size • Avoid N+1 problem by switching off lazy-loading

  38. Use Right Locking/Isolation Mode • Choose the right isolation level for entity beans • Avoid if possible at the bean level • COMMITTED performs better than Serializable • Choose right locking mode • Use Optimistic and Read-Only if possible • Pessimistic uses ‘SELECT FOR UPDATE’ • Avoid database calls with Read-Only patterns

  39. Database Tuning Tips for CMPs • Make sure that your finder /select method uses indexes. • Exploit statement caching by the container • Avoid findAll() on large tables as this makes full table scans • Most EJB systems are OLTP in nature so tuning redo is important • The basics of tuning any database are valid for EJBs • Use Statspack to find bottlenecks and tune your DB

  40. OracleAS Toplink – TheMost Compelling Option • Improves developer productivity by providing a flexible O-R Framework • Avoiding manual coding of interactions with database • Have years of experience in Java to Relational mapping • Can be used in any J2EE application • Servlets/JSPs / EJBs (BMP/CMP) • Reduces the load on database • Resolving the N+1 problem • By using caching data in the middle-tier and reading ‘Just In Time’ • Minimizing database calls • Utilize the features provided by databases • Respect and work with database locks

  41. DB Configurations concern • Database user passwords • Used in data-sources for connection pooling • Stored in clear text, can be encrypted ! • Changes require restart of container • OC4J uses an Oracle database for commit coordinator for 2-Phase commit • Requires a 9i database as commit coordinator • Requires database links ?

  42. Message Driven Beans • A messagedriven bean is a stateless, asynchronous bean for processing JMS messages • Exist within a pool, receive and process incoming messages from a JMS queue or topic • Invoked by the container to handle each incoming message from the queue or topic

  43. JMS and Oracle AQ • OC4J uses two JMS providers • OC4J JMS – Internal/in-memory JMS • OracleJMS – based in Oracle AQ • JMS uses • Queues – single consumer • Topics – multiple consumers • OracleJMS persists messages in AQ tables • As DBAs you have to manage these objects

  44. Security concepts • Identity management • Authentication – Is this the right guy? • Authorization – Does his/she have this privilege? • Encryption - Any body hearing?

  45. Identity Management • Programmatic vs. Declarative • Programmatic • May use a Database to store user id/passwords • May use a LDAP compliant directory like OID • Declarative • JAZN-LDAP requires OID • Oracle’s Single Sign-on uses Oracle DB/OID

  46. OID Architectural Overview OID clients LDAP OID LDAP over SSL Oracle Net connections Directory administration Oracle database

  47. Benefits of OID • OID provides: • Delegated Administration Service (DAS) • Failover in cluster configurations • Support for Oracle Real Application Clusters • Oracle Directory Integration platform, to synchronize with other enterprise repositories including third-party LDAP directories • Password policy management

  48. Security Vulnerability Database Storage Sys NAS Web Servers Application Servers A. B. C. Unprotected transaction zone!

  49. Security threats to your Database Database Storage Sys NAS Web Servers Application Servers Unprotected transaction zone! Oracle10g, 9i, DB2, some other database? Server, mainframe, or something else? NAS, SAN, etc? Regardless of where the DATA is stored and how it is stored, the DATA must be must be protected against the many threats.

More Related