architecting routeone cas using java 2 platform ...index-of.es/java/real-world experience on... ·...
TRANSCRIPT
java.sun.com/javaone/sf
| 2004 JavaOneSM Conference | Session BUS-1983 1
Architecting RouteOne CAS Using Java™ 2 Platform, Enterprise Edition (J2EE™), WS, EAI and SSO Technologies
T N Subramaniam Ph. D., Chief ArchitectAshok Mollin, Enterprise Java Architect
RouteOne LLC. + Sun Microsystems, Inc.www.routeone.com
Real-World Experience
| 2004 JavaOneSM Conference | Session BUS-1983 2
Lessons learnt from “real-world” experience in integrating enterprises with Patterns and Web Services
What you will learn
Goal of This Talk
| 2004 JavaOneSM Conference | Session BUS-1983 3
Agenda
Introduction─ Business Background, Architecture Overview
Security ArchitectureJ2EE™ ArchitectureWeb Services ArchitectureEAI ArchitectureSummary
| 2004 JavaOneSM Conference | Session BUS-1983 4
Business Background• RouteOne LLC
─ Automotive Credit Aggregation System• Jointly owned by financial arms of:
─ DaimlerChrysler, Ford, General Motors, Toyota─ “Captives”
• End users ─ Dealers, Finance & Insurance Managers (F&I)
• Business partners ─ Credit Bureaus, Finance Sources
• Technical partners─ Sun, Cap Gemini, Covansys, IBM
Introduction
| 2004 JavaOneSM Conference | Session BUS-1983 5
Replace this…
Introduction
Dealer System
CreditBureaus
GMACSystem
BankSystem
FaxMachine
GMAC
Bank
FinanceCompany
DealerApplication
| 2004 JavaOneSM Conference | Session BUS-1983 6
Introduction… with this
Captives
Bank
FinanceCompany
Dealer System
CreditBureaus
Browser
| 2004 JavaOneSM Conference | Session BUS-1983 7
Introduction
• Requires many services─ Credit bureaus, vehicle information, account numbers
─ Web Services with SOA
• Integrate securely with different business processes─ Single Sign On with SAML
─ Asynchronous Messaging with Web Services stack
─ XML-DSIG
• Integrate with different platforms─ Open standards and open architecture
Architecture: Forces
| 2004 JavaOneSM Conference | Session BUS-1983 8
Components and Services
Single Sign On
J2EE™ Application
Persistence Store
EAI Server
MonitoringManagement
DigitalSignature
ConfigurationManagement
LoggingReporting Server
Introduction
Web Services
ExceptionHandling
Business Services
| 2004 JavaOneSM Conference | Session BUS-1983 9
IntroductionApplication Flow
Browser IdentityManager
ApplicationServer
PersistenceManager
EAIEngine
Finance Source(Captives, Bank, …)
Service Providers(Dealer System, Credit Bureaus)
DB
| 2004 JavaOneSM Conference | Session BUS-1983 10
IntroductionPersistence Views
JDO ORM
SQLPL/SQL
SQLXXML-Type
PersistenceStore
Relational View
XML ViewObject View
| 2004 JavaOneSM Conference | Session BUS-1983 11
Agenda
IntroductionSecurity Architecture
─ SAML, Single Sign On, Digital SignatureJ2EE ArchitectureWeb Services ArchitectureEAI ArchitectureSummary
SecurityJ2EE
EAIWeb Services
| 2004 JavaOneSM Conference | Session BUS-1983 12
Security Architecture
• Security Assertion Markup Language• OASIS standard• XML framework for exchanging User
Credentials• Basis for the Liberty Alliance Project• Supported by many vendors and products• Standard SSO Profiles and Bindings
─ Browser Artifact Profile, Browser POST Profile
SAML Primer
| 2004 JavaOneSM Conference | Session BUS-1983 13
Single Sign On
2. SAML artifact
4. SAML request RouteOneIdentity
Manager
3. SAML artifact
6. SAML assertion
CAS
7. Logged in
Browser
1. Logon to CAS
CaptiveSAML
Authority
5. Process SAML request
Security Architecture
| 2004 JavaOneSM Conference | Session BUS-1983 14
• XML signature (XML-Dsig)─ Digital signatures for XML documents─ W3C standard
• Provides─ Message Authenticity (Who sent this message?)─ Message Integrity (Is this what was sent?)─ Non-Repudiation (Can the sender deny sending
this message?)
• Supported by many vendors
Business Context and XML-Dsig
Security Architecture
| 2004 JavaOneSM Conference | Session BUS-1983 15
XML-DSIG Primer
Security Architecture
Copyright © 2004 O’Reilly Media, Inc.
| 2004 JavaOneSM Conference | Session BUS-1983 16
Lessons Learned
Security Architecture
• Resource Intensive• Canonicalization style
─ Inclusive or Exclusive ─ .Net and WS-Security require Exclusive!
• DSig does not define the trust process─ KeyInfo provides the hints
• Over SSL provides client-side authentication
| 2004 JavaOneSM Conference | Session BUS-1983 17
Agenda
IntroductionSecurity ArchitectureJ2EE Architecture
─ Patterns, Tiers, Struts Challenges, Aspects
Web Services ArchitectureEAI ArchitectureSummary
SecurityJ2EE
EAIWeb Services
| 2004 JavaOneSM Conference | Session BUS-1983 18
J2EE Architecture
• Front Controller• Transfer Object• Business Delegate • Session Façade• Data Access Object• View Helper
Core J2EE Patterns
| 2004 JavaOneSM Conference | Session BUS-1983 19
Presentation Tier Components
J2EE Architecture
Browser
RequestProcessor
Dispatch ActionPre
Interceptor
PostInterceptor
ActionServlet
Pre process
Post process
DynaValidatorActionForm
Validation
Transfer Object Util
Struts 1.1
JSP
| 2004 JavaOneSM Conference | Session BUS-1983 20
Business and Integration Tier Components
J2EE Architecture
BusinessDelegate
BusinessService
SessionFacade
BusinessObject
TransferObject
Data AccessObject
Data AccessObject Impl
PersistenceService
Toplink
DomainObject Util
DomainObject
Hibernate
| 2004 JavaOneSM Conference | Session BUS-1983 21
• Reduce action classes• Combine related actions• Just one Action mapping!
J2EE Architecture
<action path="/CustomerAction" type="CustomerAction"name="myActionForm" scope="request“…parameter="method"
/>
<<Abstract>>DispatchAction
CustomerActionsave()
delete()
http://.../CustomerAction.do?method=save
Struts–Dispatch Action
<< extends >>
| 2004 JavaOneSM Conference | Session BUS-1983 22
J2EE Architecture
• Extends DispatchAction• One URL per method• Different ActionMappings by method
<action path="/DeleteCustomerAction" type="org.example.CustomerAction" parameter=“delete“ …> …..
</action> <action path="/SaveCustomerAction"
type="org.example.CustomerAction”parameter="save" validate="true" …> …….
</action>
Struts–Mapping Dispatch Action
| 2004 JavaOneSM Conference | Session BUS-1983 23
J2EE Architecture
• Using an Action to Post-Process and Pre-Process
• Creates tight coupling to the navigation
B.jspsubmit forward
A.jsp Action A
D.jspC.jsp Action Bsubmit forward
Struts–Coupling Action
| 2004 JavaOneSM Conference | Session BUS-1983 24
J2EE Architecture
Action B B.jsp Action Bforward postProcess()
Action A A.jsp Action Aforward postProcess()preProcess()
preProcess()
Action with PreProcess and PostProcess methods
| 2004 JavaOneSM Conference | Session BUS-1983 25
• Using open source JFig Framework• Drivers
─ Different Components─ Environment
─Development, Integration, Production…─ Remote vs. Local Deployment─ Container vs. Standalone─ Clustering
Configuration Management–Drivers
Distributed Application Management
| 2004 JavaOneSM Conference | Session BUS-1983 26
<configuration> <include name=”base.config.xml”/><section name=”locs”>
<entry key=”instance” value=”development” /></section><section name=”paths”><entry key=”config_dir” value=”d:/[locs]{instance}/config/” />
</section> </configuration>
ConfigurationManager.getProperties(sectionName, key) JFig.getInstance().getValue(sectionName, key)
Base Configuration
EnvironmentConfiguration
JFig Config File
Distributed Application Management
<< includes >>
delegate
| 2004 JavaOneSM Conference | Session BUS-1983 27
Configuration Management–Implementation
Distributed Application Management
ConfigurationService
Remote CMLocal CM JFigFramework
Client ConfigurationData Store
ConfigurationFile
RemoteURLs
ConfigurationListener
HTTP
Clustering
| 2004 JavaOneSM Conference | Session BUS-1983 28
Monitoring and Notification–Drivers
Distributed Application Management
• Opportunity Cost─ Availability of external system
• Dynamic Application Configuration─ Profiles ─ End points
• Dynamic Application Monitoring─ Credit applications/messages in a queue─ Number of error/fault messages
| 2004 JavaOneSM Conference | Session BUS-1983 29
Distributed Application ManagementMonitoring and Notification–Implementation
JMX Master Agent
AdminModule
RMI
Application 2JMX Sub
Agent
MBean
Application 1
JMX Listener
DMZ Application
JMX ListenerHTTP
Alerts
Notifications
ManagementFramework
JMX Console
Heartbeat
Notifications
Monitoring
Monitoring
| 2004 JavaOneSM Conference | Session BUS-1983 30
Agenda
IntroductionSecurity ArchitectureJ2EE ArchitectureWeb Services Architecture
─ Document Literal, InterceptorsEAI ArchitectureSummary
SecurityJ2EE
EAIWeb Services
| 2004 JavaOneSM Conference | Session BUS-1983 31
RPC Web Services
Web Services Architecture
• Synchronous and Asynchronous• SOAP based and WSDL described• Extensible through Web Services Stack
─ Security─ Reliability
• Payload is an automotive standard─ STAR
| 2004 JavaOneSM Conference | Session BUS-1983 32
Challenges with exchange of Document/Literal
Web Services Architecture
• Pros─ Industry standards are schemas ─ Coarse grained data exchange
• Cons─ Not as widely supported as RPC/Encoded─ Tool support to generate the WSDL?
• Solution─ Define the interface with return type String─ Serialize the DOM as Base64 ─ Out of band agreement on the schema
| 2004 JavaOneSM Conference | Session BUS-1983 33
• Interceptors use Handlers to perform─ Validations ─ Digital signing ─ Auditing─ Logging
Interceptors and Handlers
Web Services Architecture
ServiceClientout
out
in
in
| 2004 JavaOneSM Conference | Session BUS-1983 34
Agenda
IntroductionSecurity ArchitectureJ2EE ArchitectureWeb Services ArchitectureEAI Architecture
─Messages, Patterns, SQLX, Shredding XMLSummary
SecurityJ2EE
EAIWeb Services
| 2004 JavaOneSM Conference | Session BUS-1983 35
EAI Architecture
• Asynchronous Document/Literal Messages─ Credit Application, Credit Decision, Text Messages,
Credit Bureau Reports
• HTTPs or MQ Series• SOAP 1.1 Envelope and Faults• Internally a series of JMS Queues
and Listeners• Messages are digitally signed (XML-DSig)
Messages
| 2004 JavaOneSM Conference | Session BUS-1983 36
Patterns
EAI Architecture
• Claim Check• Content-Based Router• Normalizer• Content Enricher• Envelope Wrapper• Message History• Messaging Mapper• Dead Letter Channel From 2 Gurus
(Hohpe & Woolf)
| 2004 JavaOneSM Conference | Session BUS-1983 37
EAI ArchitectureSQLX• SQLX group • Members include most RDBMS vendors• SQL Functions to output XML
SELECT XMLELEMENT ("person", XMLATTRIBUTES (sex AS sex), XMLFOREST (firstname || ',' || lastname AS "name", contact AS "email") )
FROM ...
<person sex=“M”><name>GKrisna</name><email>[email protected]</email></person>
| 2004 JavaOneSM Conference | Session BUS-1983 38
Shredding XML into a RDBMS
EAI Architecture
Validate SchemaXerces
Unmarshall into a Composite ObjectCastor
Persist using ORMHibernate
XML Document
RDBMS
| 2004 JavaOneSM Conference | Session BUS-1983 39
Agenda
IntroductionSecurity ArchitectureJ2EE™ ArchitectureWeb Services ArchitectureEAI ArchitectureSummary
| 2004 JavaOneSM Conference | Session BUS-1983 40
We learned how to integrate Enterprises with…• Standards-based SSO, XML-DSig• Struts and J2EE patterns• Document/Literal SOAP-RPC• EAI Patterns• Services for common Aspects
of J2EE and EAI systems
Summary
| 2004 JavaOneSM Conference | Session BUS-1983 41
Lessons learnt from “real-world” experience in integrating enterprises with Patterns and Web Services
Conclusion
| 2004 JavaOneSM Conference | Session BUS-1983 42
For More InformationFurther references…• URLs
─ http://www.corej2eepatterns.com(Core J2EE Patterns)
─ http://www.eaipatterns.com (EAI Patterns)─ http://iso-relax.sourceforge.net/JARV (JARV)─ http://www.sqlx.org (SQLX)─ http://jfig.sourceforge.net (JFig)─ http://www.oasis-open.org (OASIS)─ http://www.w3.org/TR/xmldsig-core (XML-DSig)
| 2004 JavaOneSM Conference | Session BUS-1983 43
A cast of thousands• Architect Consultants
─ Deepak Alur (Principal Engineer @ Sun and co-author of Core J2EE Patterns)
─ Paul Jatkowski (Senior Architect @ Sun)─ Bill Beshilas (Cap Gemini)
• Architects─ J2EE Application Architects (Kuna Rao, Ashok Mollin)─ Data Architect (Rekha Khandhadia)─ Web Services Architects (Siva Papineni, Kartik Ganeshan)─ Messaging Architects (Dongfan Chen)─ Application Architect (Rani Vallurupalli)─ Security Architects (Yanchou Han)
• Other architects from Sun and Cap Gemini
Acknowledgements
| 2004 JavaOneSM Conference | Session BUS-1983 44
Q&A
T N Subramaniam, [email protected]
A Mollin, [email protected]
java.sun.com/javaone/sf
| 2004 JavaOneSM Conference | Session BUS-1983 45
Real-World Experience
Architecting RouteOne CAS Using Java™ 2 Platform, Enterprise Edition (J2EE™), WS, EAI and SSO Technologies
T N Subramaniam Ph. D., Chief ArchitectAshok Mollin, Enterprise Java Architect
RouteOne LLC. + Sun Microsystems, Inc.www.routeone.com