In this section, we examine the best uses for each of the various components of the JEE web technology stack. Almost all the components can be used to tackle any presentation/flow control/business logic problem, but the specifics of JSPs, Servlets, JSF, and so on mean that they each are better-suited to specific scenarios, as detailed here.
JSPs and Servlets—Standard Uses
JSPs handle the presentation of data to the end user. They should contain no business logic. A good rule of thumb is to minimize or eliminate entirely all Java code from JSPs and replace it instead with either EL, the JSTL, or a custom/third-party tag. This guideline tends to reinforce the role of JSPs as the V in MVC—that is, the View.
The standard uses for JSF are the same as for JSP. As an architect, you are faced with a choice: either continue to use JSP with JSTL and a good MVC framework, or use JSF. They do the same thing. Also, they are not mutually exclusive. It is perfectly possible to add tags to a JSP page that represent a specific JSF UI component, resulting in a hybrid solution. JSF garnered a significant amount of bad press when it first launched (as have many 1.0 implementations of specifications in the JEE platform), but it has matured since then. Many architects, however, simply see no need for it and prefer JSP with JSTL and EL.
As intimated earlier, a significant proportion (exact figures are not available and indeed vary by industry vertical) of all JEE applications in existence today are deployed using only a web container—that is, they do not use EJBs. This class of JEE application is termed web-centric.
The current version of the exam tests this concept in detail. As a JEE architect, you are perfectly entitled to stipulate that EJBs not be used in your design, but you must clearly understand why that decision is mandated and the impact of that decision on your developers as they implement the business logic. The exam tests this concept by presenting you with a set of scenarios. Scenarios that have a strong messaging, transaction, or security management component are all candidates where an EJB-centric implementation is warranted and indeed necessary. (Let's be blunt—choosing EJB is the right answer.) Scenarios where ease of development is key, where an existing application is already web-centric, or where transactions are not key to the business (read-only or read-mostly) mean that you should choose a web-centric answer from those provided in the exam.
There are some stand-out reasons where using EJB is simply not warranted. The most straight-forward example is a standard Create, Read, Update, and Delete (CRUD) application built using Struts to organize and control the presentation and business logic tiers, and Hibernate plus a DAO access layer to implement the persistence tier. Assuming that there are no asynchronous messaging requirements or JMS queues or topics to access, and that the functionality contained in the web container for concurrency control, security, and session management is sufficient, then the right decision is to adopt a web-centric approach.
Now, let's consider an alternative scenario. You work for XYZ Bank, a large multinational bank with investment and retail operations, which has invested significant amounts of capital into a transactional system based on mainframe technology over the last thirty years. Ensuring system reliability and security are paramount; there is absolutely no room for data corruption from edge conditions, such as the lost update or optimistic locking going wrong. If the system enters into an unknown state because of a technology failure, not only will the system need to be brought back within 10 minutes in order to avoid a service-level agreement (SLA) breach, the relevant regulatory authorities must also be notified and a full system audit will be enforced. As the solution architect, do you believe that using only the web container segment of the JEE platform is sufficient to meet the non-functional requirements detailed here?
We would answer this rhetorical question as follows: It is possible to fulfill the preceding scenario using only a web framework, but we would not be comfortable in doing so. Many aspects of the EJB framework lend themselves very well to this type of deployment; choosing to use only a web framework will essentially force you, as the architect, into replicating in your code the reliability and availability characteristics that already exist in the core JEE platform. This is not a good use of your time and will result in a buggier implementation that needs to be maintained moving forward.
Let's reconsider the bank scenario laid out in the previous section. Looking at the business requirements, we can see that they translate into non-functional requirements (NFRs) focusing on system correctness, reliability, and security. In this scenario, and answering the question posed in the last section, assuming that the internal bank systems can be accessed by a non-EJB solution, it is possible to achieve a solution that will meet the NFRs using only a web-centric solution. But, and this is the key point, you will need to commit your team to writing entire modules of custom code to replace features that you get from an EJB container for free. In addition, it is likely that you will also need to take advantage of vendor-specific libraries/mechanisms to implement these modules. That is the key point. In the scenarios examined here, there is no right or wrong answer—just more correct and less correct. And that is the key role of an architect: to examine the possible solutions and select the most correct solution, taking into account the vagaries of the known set of business requirements.
Rationale for Choosing Between EJB-Centric and Web-Centric Implementations
As you may have gathered from the two preceding sections, neither we, nor indeed the exam, believe that a web-centric or an EJB-centric architecture is always right or always wrong. The decision to select one over the other is based purely on an impassionate review of the facts relating to a specific project. In order of decreasing importance, the pertinent facets to consider are as follows:
- Transaction requirements—The more onerous, the bigger the reason to select EJB.
- Security requirements—Again, the more onerous, the bigger the reason to select EJB.
- Messaging requirements—Need to integrate with an asynchronous messaging system—Again, if present, a clear reason to select message-driven beans (MDBs); that is, the EJB-centric approach.
- Ease of development.
- Existing team skills or existing project implementation.
The last four facets listed are not reasons in themselves that will conclusively force you to choose one approach over the other; indeed, the waters have been muddied in recent JEE releases for each. The primary focus for EJB 3.0 (and continued in 3.1) is improving the ease of development. As you will see in Chapter 4, the general consensus is that EJBs are now, at last, easy enough to develop that their use is warranted in situations where previously system designers did not specify their use. Assuming an efficient container implementation, stateless session beans should be as efficient as Servlets/Action handlers in executing business logic on the server side as a proxy for the client. The obvious exception here is stateful session beans. The need to maintain one session bean per connected client for the duration of the conversation will always make stateful session beans a poor scaling design choice, suitable only for a small subset of applications with very specific requirements.
The Future of Client-Server Communication