A typical multi-tier applications involved a front end, middle-tier server,
and backend servers. The front end could be a server (web server)
that is a client to the middle-tier server. Typically, a web browser
is used as the client to communicate with the web server for multi-tier
applicaitons on the net.
Tier 2 Servers
Web/Proxy Server
Web server is an Internet server which communicates with clients via
Hyper Text Transfer Protocol (HTTP). There are more than 20 web
servers on the market. The most popular one is a freeware version
named
Apache. Attached is the latest Web
servers survey from
Netcraft:
Developer 01/03 % 02/03 % Change
Apache 22,045,420 62.23 22,492,327 62.72 0.49
Microsoft 9,739,590 27.49 9,687,454 27.01 -0.48
Zeus 736,744 2.08 768,951 2.14 0.06
SunONE 471,942 1.33 428,004 1.19 -0.14
SunONE (a.k.a. Netscape)
Netscape includes Enterprise Server FastTrack, Commerce,
Communications, Netsite-Commerce & Netsite-Communications.
Doesn't work on Linux. It runs on all major Unix boxes and NT.
It does not come with OS and it allows to install into designated
directory that you prefer.
IIS
Microsoft IIS includes IIS, IIS-W, PWS-95, and PWS. IIS comes with NT and you
may install it into a designated directory that you prefer after
installing NT.
Apache
Apache was originally based on code and ideas found
NCSA httpd 1.3 (early 1995). It has evolved
into a far superior system which can surpass
almost any other web server in
terms of functionality, efficiency and speed. In
addition, it has been ported to Win32 environment, BS2000/OSD
on an IBM 390-compatible processor and AS 400. Open Linux2.3
installs Apache under /home/apache. It is easy to compile
and install the
latest version of Apache with
Apache-XML (Extensible Meta Language) parser to
handle
XML. Typically Apache
is installed under /usr/local/apache.
Apache has a
Jserv project for providing servlet and
RMI capability.
Server Directory Layout and Configuration
Directory Layout
- bin: httpd, startup script and other utilities
- cgi-bin: default cgi program directory
- conf: configuration files
- htdocs: documentation root or home page top directory
- icons: images used in htdocs
- include: header files for making web server, i.e. httpd
- libexec: shared objects which include runtime library and modules
- logs: big brother's holder
- man: manual
- proxy: when compiled with --enable-module=proxy
Configuration (httpd.conf)
ServerRoot "/usr/local/apache"
# Dynamic Shared Object (DSO) Support
LoadModule servletexec_module libexec/mod_servletexec.so
Port 80
User nobody
Group nobody
ServerAdmin root@1sa11.bitmotel.com
ServerName 1sa11.bitmotel.com
DocumentRoot "/usr/local/apache/htdocs"
Options Indexes FollowSymLinks ExecCGI
< Directory >
Options FollowSymLinks ExecCGI
AllowOverride None
< /Directory >
ScriptAlias /cgi-bin/ "/usr/local/apache/cgi-bin/"
AddHandler cgi-script .cgi
Virtual Host
< VirtualHost www.smallco.com >
ServerAdmin webmaster@mail.smallco.com
DocumentRoot /groups/smallco/www
ServerName www.smallco.com
ErrorLog /groups/smallco/logs/error_log
TransferLog /groups/smallco/logs/access_log
< /VirtualHost >
Redirect / http://www.apache.org/
Apache Modules
Apache has been designed with
'modular' architecture in mind. Meaning that
adding new functions to the server is possible.
- mod_proxy:
This module allows Apache to act as a caching-proxy server.
The proxy fetches the document and returns it to the client.
Like your browser, proxy server
keeps a copy of the document fetched to
reduce Internet traffic. This also improves
response time to the user. Most importantly, companies use proxy
servers to keep track of which URLs that you download. Corporations
typically sets up a firewall to allow the proxy server
connecting to the Internet without exposing inside networks.
The most popular proxy-caching freeware is
Squid, which
keeps caches DNS lookups,
meta data and especially hot objects cached in RAM.
Browser can be configured
with auto-proxy and manual-proxy.
In auto-proxy, proxy server uses Java script to designate a proxy server
or to assign direct connection.
Reverse proxy allows the public
to access your company's web servers that are not directly
accessible from the Internet. (documentation of internal web servers
will be fetched and saved on the reverse proxy)
- mod_ssl:
openSSL is a free implementation of Netscape's Secure Socket Layer.
When a connection starts, certificates are checked and a new session key
is agreed between the client and server. (via public key encryption)
- mod_cgi: provides
CGI capability (default).
suEXEC: provide users the ability to run CGI and SSI
programs under "uid" different from the id of the calling
web-server. (i.e. nobody) Refer to effective uid/gid in
session1.
- mod_jserv: Java engine for supporting
servlet. There are commercial Java engines such as
Java server, and
Jrun which provide server side Java program
functionality as CGI.
Application Servers: EJB
Application servers work hand in hand with web servers. The
most noticeable technology is
EJB which is a
specification published by Sun.
Steps of a typical Web application
Zope is a free, open source application server. Although it is not
an EJB technology, it is getting popular
in the Linux platform because of its attractive cost
and features.
- Database Integration
- Content Management
- Application Development
- Web to Objects
- Client (e.g. browser) invokes Web server's servlet via http.
- Servlet calls EJB components (See next graphics for more details)
- Transact with legacy systems (handled by EJB container or beans)
- Generate response in html (Select JSP or not)
EJB's main advantage is to provide the service framework for
developers of application servers, transaction process monitors,
object request brokers, and database management systems.
Architecture of EJB
- Server
- Container (handles transaction and manage database connection pool)
- Component, also called "bean" (not an object)
The EJB server is the core of EJB architecture. It provides
transaction, naming (via JNDI), persistence services, and
managing EJB containers.
(Note: Some vendors do not distinguish server from container.)
The competing products are:
Major EJB components are:
- Home Interface
serves as a factory for EJB objects. Client (e.g. servlet)
uses JNDI to retrieve Home Object reference. It then uses home interface
to generate (or destroy) EJB objects.
- Remote Interface
serves the public face of EJBeans. Client goes
through remote interface which uses
RMI/IIOP (Remote Method Invocation over Internet Inter-Orb Protocol).
- EJB object
is the container-generated implementation of the remote
interface. It is a network-aware intermediary (proxy) between the client
and EJB beans. The client uses EJB object to invoke the
business methods of an instance by delegating request to bean.
- The Enterprise Bean Instance:
A bean instance is a Java object instance of an enterprise bean class.
It contains business logic implementation of the methods defined
in the remote interface.
Note: Session beens are categorized into stateful and stateless.
To conserve resource, EJB containers exploit OS's virtual memory
concept to swap in (activation) and swap out (passivation)
stateful session beans. For stateless session beans, the
container could pool only a few beans to serve
thousands of clients.
Note: A client specifies lookup for either a container-managed
or a bean-managed persistence. With container-managed persistence,
some database access logic are done by the container.
(such as database table, column, and connection pool name are
specified in the deployment descriptor file in XML format.)
Developers are free from worrying about the the plumbing
and concentrate on business logic.
For bean-managed persistence, the database
connection and SQL are done by the entity EJBeans developed
by the EJB programmers.
- The Deployment descriptor
A deployment descriptor specifies the middleware requirements of
a bean. It provides information to the container about how to manage
a bean. (such as bean's life-cycle, transaction, persistence and security
needs.) Some vendors are using or migrating to XML for the
deployment descriptor.
Feature
|
Supported
through
|
| Component
model |
- Session beans
- Entity beans
|
| Object
Persistence |
- Entity beans (EJB containers)
|
| Transaction
management |
- JTS/JTA
javax.jts.UserTransaction- Can be vendor-proprietary
|
| Exception
handling |
|
| Security |
java.security- Security-related methods in
javax.ejb.EJBContext
- Deployment descriptor properties
(Java security ACLs,
RunAs properties)
|
| Naming and
directory service |
- Java Naming and Directory
Interface (JNDI)
|
| Wire protocol |
- RMI/JRMP
- IIOP (via CORBA mapping)
- (Any other distributed protocol)
|
| Support for
CORBA |
- CORBA mapping (ejb.idl)
- CORBA services
|
| Attribute-based programming |
- Deployment descriptor file
|
| Deployment |
|
EJB feature list
Java Transaction Service
JTS specifies the implementation of a Transaction Manager
which supports the Java Transaction API (JTA) 1.0 Specification
and implements the Java mapping of the
OMG Object Transaction Service (OTS) 1.1.
JTS uses the standard CORBA ORB/TS interfaces and Internet
Inter-ORB Protocol (IIOP) for transaction context propagation
between JTS Transaction Managers. Every enterprise bean
must have a transaction attribute setting in the deployment
descriptor. The available attributes are:
- TX_BEAN_MANAGED: via begin, commit, and abort statements
- TX_NOT_SUPPORTED: not involve in transaction
- TX_REQUIRED: always run in transaction
- TX_SUPPORTS: if client has a transaction running: yes. Otherwise: no.
- TX_MANDATOR: a transaction must be running when bean is called
Java Message Service
JMS is an API for accessing enterprise
messaging systems. Many
vendors have application server supports JMS such as
MQSeries by IBM.
Publish-Subscribe Model
Publishers produce messages into a queue that is consumed
by subscribers, for instance, a stock quote. With
XML, JMS can use
Extensible Stylesheet Language (XSL)
to re-format portable data for different subscribers, such as HTML
and RTF.
Point-to-Point Model
It is one-to-one relationship between sender and receiver. The
sender and receiver can be a one-way or a two-way relationship. In
a two-way relationship, one party sends a message and
expects to receive a message in return.
JMS Clients
- Use JNDI to locate administrative objects.
- Create a JMS connection via ConnectionFactory object
- Established sessions via Connection
- Generate Producers and Consumers with session and Destinations objects.
- Do your own things.
XML
XML is a universal standard for structuring content in
e-documents. It is a well-formated and
structured ASCII text without proprietary data format.
XML is capable of defining new markup languages (such as
defining your own tags) without the limitation of HTML. With Document
Type Definition (DTD), the rules of XML document can be established
and validated to achieve portability. Documentation
in a heterogeneous organization may not have the same format.
With DTD, all the organizations involved can agree upon the
documentation structures using XML/DTD to exchange
information. XML is used in EJB deployment descriptor
for providing declarative information about the enterprise beans
which may contain transaction requirements and information
for application server to perform SQL onto database servers.
In addition, the Extensible Style-sheet Language (XSL), the Simple API
for XML (SAX), the Document Object Model, and
the Extensible Linking Language (XLL) are important languages
that empower XML with programming and GUI presentation
capabilities. With the portable data and portable code features, it
makes XML to be a base for portable objects. E-commerce will
depend on XML to describe orders, transactions, inventory, and billing.
Summary
Many EJB vendors have built their servers on top of CORBA. OMG, however,
is working on EJB components in 3.0 specifications. As a result, this
will further confuse the market/industry for selecting a distributed
computing environment not to mention Microsoft
DCOM/MTS technology.
Given the momentum and two heavy weight vendors (Sun and IBM)
as the major driving force, EJB certainly positions itself to
take over the lead in the distributed environment (CORBA's complexity
is another reason). In particular, Java programmers are on the rise
and will provide the main resource for EJB.
There are, however, issues concerning enterprise
beans compatibilities. Different EJB
servers may not communicate with each other
since EJB is only a specifications.
Not all the vendors will comply with the optional
technologies.
EJB is still a relatively new technology. (most of
the vendors have released their products about 6 months to 1 year old).
Overall, the success
stories about companies adopting EJB will validate
EJB's role in the complicated middleware market.
References:
How to Set Up and Maintain a Web Site
CA
ModSSL
SeamLess Web
IBM WebSphere
eServer
EJB Resources
The state of Java middleware, Part 2: Enterprise JavaBeans
Evaluating Enterprise JavaBean Application Servers
Apache - The Definitive Guide by Ben and Peter Laurie
EJB Tutorials
Introduction to XML
Practical XML with Linux
Developers Tools
Corba
Corba FAQs
Apache for E-commerce
SSI
Appache Installation
Integrating with PHP
PPTP Server
App-Serv
CGI
Apache Wirelss
Apache with Suexec
Cgi-lib
History of Web
Installation of a Secure Web Server
Security design for Application Protocols
AYR
Certificate
Shopping Cart
DHCP
PoPTop
VPN
FUDforum