Home > Store

J2EE and Beyond: Design, Develop, and Deploy World-Class Java Software

Register your product to gain access to bonus material or receive a coupon.

J2EE and Beyond: Design, Develop, and Deploy World-Class Java Software


  • Sorry, this book is no longer in print.
Not for Sale


  • Copyright 2003
  • Edition: 1st
  • Book
  • ISBN-10: 0-13-141745-2
  • ISBN-13: 978-0-13-141745-8

Technologies, architecture, and Java patterns for building robust multi-tier J2EE applications.

  • All you need to build robust, multi-tier J2EE applications
  • Presents in-depth coverage of J2EE technologies, architecture, and Java design patterns
  • Covers Web services, XML, security, messaging, networking, and much more
  • Complete case study covers the design, construction, and integration of every application tier

To build high-performance Web applications and services with J2EE, developers need deep mastery over J2EE's diverse technologies and effective architectural strategies for designing distributed multi-tier applications. In J2EE and Beyond, a leading J2EE developer delivers both. Art Taylor ranges far beyond JSPs, EJBs, and servlets, offering practical insight into many crucial J2EE APIs, and presenting powerful design patterns that illuminate the effective use of J2EE 1.3 and J2SE 1.4. Taylor's example-rich coverage encompasses all this, and more:

  • JAXM, JAXP, and other J2EE APIs for XML and Web services development
  • Java security APIs: JSSE for SSL support, JCE for cryptography, and JAAS for authentication and authorization
  • Effective strategies for utilizing RMI and Java networking
  • The latest enhancements to JDBC database connectivity
  • Making the most of logging and other J2SE 1.4 enhancements
  • Java messaging (JMS), directory services (JNDI), and much more

J2EE and Beyond also includes a complete case study demonstrating how every tier, each core J2EE technology, and related technologies such as XML all come together to create a J2EE application.



As an aid to your work with J2EE and Beyond, we are making available the source code appearing in the book.

Download the source code (zipped JAR file, 12.6 MB).

Sample Content

Online Sample Chapters

An Introduction to J2EE

Analysis, Design, and Development Techniques with J2EE

Table of Contents



1. J2EE and Beyond.

Introduction. When It All Began. Multitiered Development with J2EE. Core J2EE Packages. J2EE Components. Presentation Tier Components. Business Tier Components. Summary.

2. J2EE Architecture and Design.

Introduction. Architecture Defined. Architecture and J2EE. Goals of the Architectural Process. The Architectural Process. Summary.

3. Analysis, Design, and Development Techniques With J2EE.

Introduction. The Architectural Process. Project Communication and the Unified Modeling Language. The Analytical Process, J2EE Style. Use Case Analysis. Managing Use Case Complexity. Object Types. Summary.

4. J2EE Case Studies.

Introduction. The Discussion Group System. The Movie Shopping System. Summary.


5. The JDBC API: JDBC Basics.

Introduction. Connecting to the Relational Database. The JDBC Package. The javax.sql Package. Using JDBC. Using the Connection Class. JNDI and DataSources. Summary.

6. JDBC: Connecting to the Database and Using the Data.

Introduction. Retrieving and Manipulating Data: The Statement Class and JDBC Exceptions. Summary.

7. JDBC: Preparing SQL Statements and Examining Results.

Introduction. The PreparedStatement. The ResultSet Class. Data Type Mapping. SQL CHAR Data Type. Summary.

8. Java Security.

Introduction. Java Security and Protection Domains. The Java Security Environment. Java Security Classes. Providing Security through Encryption. The Java Keystore. Using the Keytool Utility. Summary.

9. The Java Authentication and Authorization API (JAAS).

Introduction. Package History and Design. The JAAS Package. Authentication with JAAS. Code Example. Application Execution. Summary.

10. The Java Secure Sockets Extension: JSSE.

Introduction. The JSSE API. The SSL Protocol. JSSE Installation. The JSSE Package. JSSE Code Sample. The SSLServer Class. The SSLServer Class Constructor. The SSLClient Class. The SSLClient Class Constructor. The Client Superclass. Summary.

11. Using Cryptography With Java.

Introduction. Package Design. JCE Example. Summary.

12. Using A Naming Service with Java: The JNDI Package.

Introduction. JNDI and Naming Services. The Context. Directory Servers. LDAP Basics. The JNDI API. JNDI Coding Examples. The Directoryservice Class: The Getcontext Method. The Environment Class. Summary.

13. Using Logging with J2EE.

Introduction. The Benefits of Logging. The LOG4J API. A LOG4J Code Example. The Java.Util.Logging Package. Java JDK Logging Code Sample. The Singlelineformatter Class. Creating A Convenience Method to Implement Logging. Summary.

14. Java and XML: Introduction to XML.

Introduction. Uses of XML. What It Is and What It Isn't. XML: Applying Order to Data. XML Standards. Java XML Packages. The XML Document. Elements in an XML Document. Describing the XML Document: The DTD. Summary.

15. XML and Java: The JAXP PackagE.

Introduction. Parsing and Transforming. JAXP Overview. XML Parsing and Transformations. Retrieving the Value of a Specific Node Using DOM. Event-Driven Parsing: The Sax Parser. Summary.

16. XML Transformation and Creating XML Documents.

Introduction. Transforming XML Documents. Programming XML Transformations. Converting Objects To XML Format. The JDBCXML Class. Summary.

17. Java Networking API.

Introduction. TCP/IP Networking. TCP/IP Network Addresses. Network Programming: The Network Socket. Java Sockets. Data Transmission and Object Serialization. Socket Programming Example. Summary.

18. Using Remote Method Invocation.

Introduction. The Concept of Remote Objects. The RMI Framework. Building An RMI Application. Using Java RMI. RMI Classes and Interfaces. The Hello World RMI Example. Using the RMI Registry. An RMI Order Status Server. Summary.

19. Additional RMI Concepts.

Introduction. Using RMI Callbacks. Auto-Starting RMI Servers With Activation. Binding RMI Objects Into A Directory Server. RMI Versus Other Remote Services Solutions. Dynamic Class Loading With RMI. Summary.

20. Using Messaging with Java: The JMS API.

Introduction. The JMS API. When Messaging Is A Good Choice. Using JMS With A Message Queue. Using Publish And Subscribe Messaging. Summary.

21. The Javamail API.

Introduction. Electronic Mail. Summary.

22. JAXM: Java Web Services.

Introduction. Why We Need Web Services. Web Services Defined. The Soap Messaging Standard. Java and Web Services. JAXM Packages. Using JAXM: Sample Applications. Summary.

23. Using A Remote Provider: Soap-RP.

Introduction. Soap Remote Providers. The Provider.XML Configuration File. JAXM Provider Examples. The Moviesorderservice Class: The Onmessage Method Sending A Message To A Soap Messaging Provider. Summary.

24. Enterprise Javabeans: An Introduction.

Introduction. The Java Middleware Architecture. The EJB Container. Server Clusters and Failover Capabilities. EJB Deployment. EJB Runtime Operation (How EJBs Work). EJBs and Transactions. Developing EJBs. Summary.

25. Ejbs: Deployment, Security, and Transactions.

Introduction. EJB Roles. The EJB Deployment Descriptor. Security With EJBs. Transactions With EJBs. Bean-Managed Transactions. Summary.

26. Programming With EJBs.

Introduction. Types Of Entity Beans. Connecting EJBs to Presentation Tier Components. The Servletexample2 Class Declaration. Session Beans: The Moviesfacadebean Class. Accessing an Entity Bean. The Moviesbean Javabean. Entity Beans: The Moviesentitybean Class. Message-Driven Beans. EJB MDB Client. The Deployment Descriptor. Message Driven Beans: Security and Transactions. Summary.

27. Using Java Servlets.

Introduction. The Network: TCP/IP. The Network: HTTP. The HTML Standard. The Web Application. The Execution of Java Servlets. Servlet Example. The Servletexample1 Class: The Web.XML File. Summary.

28. Java Server Pages: The Basics.

Introduction. Why JSP?. Java Server Pages Development. How JSP Works. The Web Application and The Session. The Concept of Scope. JSP Implicit Objects. Directives. Summary.

29. JSP Examples.

Introduction. Some JSP Examples. Java Software Components: JavaBeans and EJBs. Using JavaBeans With JSPs. JavaBeans Versus Custom Tag Libraries. sing Custom Tags In JSP. JavaBeans Or Custom Tag Libraries: Tips On Usage. Model1 and Model2 Web Application Architectures. Summary.

30. Creating Graphical User Interfaces With Java.

Introduction. The Java GUI. The Abstract Windowing Toolkit (AWT). Java GUI Event Handling. The Swing API. The Swingguidemo Program. The Swingguidemo Class. Sample Application: The Table Browser Application. Technical Approach. The Tablebrowser.Java Application: The Datatablemodel Inner Class. Summary.

31. Using Swing Applications With RMI.

Introduction. Using Applets. The Business Logic. Summary.


32. Java Design Patterns.

Introduction. The Architectural Tiers. Design Patterns. Summary.

33. J2EE Applied: Creating a Framework-Based Shopping Cart Application.

Introduction. Frameworks. The Struts Framework. The Movies Shopping Cart Application. The Struts Package. The WEB.XML File. The Struts Configuration File. Java Design Patterns. Summary.

34. J2EE Applied: The Movie Store Application.

Introduction. The Movie Store Application. The LogonAction Class. User Registration. Displaying the Main Menu. The Menu JSP Page. Listing Movies. The Movies Listing Servlet. The XSL Template for the Movies Listing. Adding to the Shopping Cart. The Shopping Cart Bean. The Checkout Process. Sending Email. Logging Out of the Movie Store. The Constants. Deploying and Running the Application. Summary.

35. The Shopping Cart Application: Using EJBs and Blobs.

Introduction. Refactoring the ShoppingCartBean. The Session Bean Code. The Blobview servlet. The BlobWriter Class. The Data Access Object: The GeneralDAO Class. The GeneralAggregateVO Class. Summary.

36. JSP in Development: A Discussion Group System.

Introduction. Discussion Group System: Application Description. The Message. Application Flow for the Message System. The Message System: Technical Description. Message System Database Design. Summary.

37. J2EE Applied: Coding the Discussion Group System.

Introduction. The Organization of the Discussion Group System. The Rest of the Story: JSP Pages and JavaBeans Code Explained. Summary.




Within a few short years, the World Wide Web and its associated Internet or Net development has permeated our culture so that we now consider it commonplace. From Web browsers running on the ubiquitous PC in the United States to the Internet cafe in Bangalore India, the Web is everywhere. And despite the fickle currents of national economies and the fates of dubious technical startups, the most common and the most promising application development platform continues to be the Web.

Web technologies abound, and for a developer or manager who must make a key decision regarding the best Web development platform, the decision is in no way simple or straightforward. But as many have found in the past few years, there is one choice that provides a rich set of technologies, flexible development and deployment options, and a robust, mature, and secure infrastructure. That choice is the Java language offering for the enterprise, commonly known as the Java 2 Enterprise Edition, or J2EE.

J2EE is a superset of Java, both a language and a set of technologies that extends over 3,000 APIs at this writing. As such, J2EE cuts a wide swath through the Java APIs so that a comprehensive discussion of J2EE could require volumes. But by being concise and focusing on the commonly used technologies, this book provides the succinct coverage of J2EE APIs that developers require.

J2EE is a development environment for creating distributed applications. These are applications which are composed of components running on one or more servers. In developing J2EE applications, we make logical distinctions on the types of components we create. We distinguish between these components as separate tiers of development. In the first section of this book we will discuss these logical tiers in some detail, but in order to understand the design of this book just know that they are as follows.

  • Resource tier: Stores the persistent data for the application.
  • Integration tier: Interacts with the resource tier and business tier.
  • Business tier: Encapsulates business logic of the application.
  • Presentation tier: Prepares the application presentation for the client tier.
  • Client tier: Interacts with the user, the client of the application.

Not every application uses every tier. To add to the confusion, many architectural discussions refer to only three of these tiers, a client tier, a middle tier and a resource (data) tier. But to truly understand J2EE and be able to use it correctly, a developer should understand all of these tiers of development and how J2EE packages can be used on each of them. That is the approach used in this book.

The J2EE development paradigm differs from that of client/server architectures where a client application communicates directly with a database resource (the resource tier) and offers a variety of technologies. A J2EE developer therefore needs to understand both the technology of J2EE and the proper architectural strategies for designing multi-tiered, distributed J2EE applications.

This book provides the information the prospective J2EE developer or architect needs to know. Sections deal with the architecture and design of solutions with J2EE, J2EE technology, and J2EE applications. The goal is to provide significant technical coverage in each section and to use a consistent set of code examples throughout. This book goes beyond Java Server Pages (JSPs), Enterprise JavaBeans (EJBs), and servlets that many J2EE books are limited to and covers key J2EE APIs and packages, such as

  • Java Web Services, SOAP (JAXM)
  • Java XML (JAXP)
  • Relational database connectivity (JDBC)
  • Remote Method Invocation (RMI)
  • Java networking
  • Logging
  • Java Naming and Directory Interface (JNDI)
  • Java email (JavaMail)
  • Servlets
  • Java Server Pages (JSP)
  • Enterprise JavaBeans (EJB)
  • Java messaging (JMS)
  • SSL support (JSSE)
  • Cryptography (JCE)
  • Java security
  • Security Authentication and authorization (JAAS)

GUI development (Swing)

This broad coverage explains the book's bulk and also provides value for the reader. While it would be easy to write a complete book about any of these APIs, the goal of this book was to provide a large and significant portion of what the developer needs to know to actually use these APIs and packages. The purpose of each core technology is explained and demonstrated through both minimal examples (just what is needed to use the technology) and more complex examples, many of which are demonstrated as part of a complete application.

Creating a solid object-oriented design is an important part of creating a good J2EE-based application. Since the J2EE technology and object-oriented development in general may be unfamiliar to many readers, this book devotes several chapters to the discussion of good architectural design with J2EE. These chapters include a discussion of object-oriented modeling and design and the application of these principles to J2EE development.

Application of Java design patterns is an important part of good J2EE development. This book provides a discussion of Java design patterns and then applies them when appropriate throughout the examples in the text.

Book Sections

This book is divided into three parts, starting with architecture and design and proceeding through a detailed discussion of a large swath of important J2EE APIs. These sections are as follows.

  • Part 1: J2EE Architecture and Design
  • Part 2: Core J2EE Technology
  • Part 3: J2EE Sample Applications

Part 1, J2EE Architecture and Design, covers J2EE architecture and design, offering practical steps for creating a solid J2EE architecture based on user requirements. It includes several chapters on object-oriented analysis and design applied to J2EE and a set of case studies that provide an example of how to architect a J2EE system.

Part 2, Core J2EE Technology, provides extensive coverage of the J2EE packages identified above. Basic introductory code examples are used to introduce the package and then more complex code examples, many of which are used by examples in later sections, are used to more detailed information on how to use the package.

Part 3, J2EE Sample Applications, builds on the work of the previous sections to demonstrate the use of J2EE packages to develop two applications: a shopping cart application and a discussion group application. The shopping cart application uses the Struts framework, servlets, JSPs and EJBs. Code examples from the previous chapters are used in the creation of this application.

The development of a discussion group application using JSPs, tag libraries, and Java Bean components is also shown. Users are allowed to enter and modify their own messages and add messages to a message thread.

Covering J2EE APIS

In determining the order in which to cover the numerous J2EE APIs, we will use the option that provides the most meaningful coverage for someone who is relatively unfamiliar with J2EE technologies and packages. Using the multiple tiers of development as our guide mentioned previously, we start with the APIs most commonly used on the integration tier of development and proceed from there back to the client tier. Since most J2EE applications must manage some form of data and must be able to persist this data (the application state) as needed, we begin our discussion with the J2EE package used for interacting with relational databases, JDBC. Since managing security has become a concern of many organizations (and rightly so), we then move our discussion to Java security and the related security APIs (JAAS, JSSE, JCE).

Naming services provide a convenient facility for accessing resources in J2EE applications and are discussed in the chapter on the JNDI package. A good logging API was something lacking in early J2EE releases and has now become part of the J2EE collection. Both the core Java logging package is discussed as well as the Apache log4j package.

Much has been written in the technical press about XML and SOAP. These technologies and protocol standards represent some very valuable facilities for managing data interchange, moving data between components and applications. We will spend several chapters discussing XML and will use XML related APIs in examples throughout the text.

Our discussion then moves on to various APIs and J2EE packages which are useful on the business tier—Java networking, Remote Method Invocation (RMI), Web services and XML messaging with Java (JAXM), Java messaging with JMS and using email with Java using the JavaMail package. EJBs are then discussed across a number of chapters in the text.

Once we understand what can be done on the business tier, we spend several chapters discussing the presentation tier (Web tier) components J2EE provides. This involves coverage of JSPs and servlets. As you would expect, these applications build on the material presented in the previous chapters.

Finally, the client tier is discussed—how to use Java APIs and J2EE to create client tier, GUI applications. Like the presentation tier code shown, the client tier code builds on the previous chapters, demonstrating application code that accesses databases using JDBC, and uses RMI to communicate with remote objects that encapsulate data access functionality.

Code Examples

Working code examples are presented throughout this book. These code examples provide a sample of how specific technology can be used. They range from simple, minimal implementations of a J2EE package to more complex components that are part of a complete sample application. As a reader learning J2EE, you may want to use these code samples to supplement your learning experience. These examples are available at the Web site for this book http://www.phptr.com/taylor/j2ee. On that same page you can find an email link to contact me, the author.

Who Should Read this Book

This book is intended for the Java developer who is somewhat familiar with the Java language and wants to learn about developing applications using the various J2EE packages. Knowledge of Java object-oriented concepts (classes, objects, interfaces) and how to write Java programs is required. Knowledge of servlets, JSPs, EJBs, XML, Java XML Messaging (SOAP), Java security, and the various other packages and technologies of J2EE are not required—that's what this book is for.


Submit Errata

More Information

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020