Creating Software that Saves Lives

1
Creating Software that Saves Lives

• JBoss SEAM An Introduction

February 18, 2008 Platinum Solutions HQ
2
What is JBoss SEAM?

• JBoss Seam is web application framework that acts
  as the glue between existing (presumably JavaEE)
  components.
• If JavaEE standards are seen as a set of cloth
  patches, then SEAM is what brings them together
  to form a quilt.

3
What is JBoss SEAM?

• SEAM provides the plumbing between the various
  components of the web development stack by
  providing Context Management to all of them.

4
What JBoss SEAM is Not?
SEAM provides the means to integration the
various components of the development stack. It
leaves the implementation to others. SEAM does
not attempt to reinvent the wheel. There are
many dedicated projects to the various components
of the stack, and SEAM simply sews them
together. (Therefore, no SeamMVC, SeamORM,
etc) SEAM encourages the integration of
components that stick to the Java EE API. This
allows for better portability and easier swap
ability of implementations. (Java EE 5 makes the
use of EJB a little less scary)
5
Some Lesser known facts (myths) about JBoss SEAM

• JBoss SEAM does NOT require JBoss! The SEAM web
  site goes out of its way to show you how to
  configure SEAM on standalone Tomcat, WebLogic,
  and Oracle OC4J.
• JBoss SEAM does NOT require EJB! SEAM can manage
  POJOs as well as session beans (but EJBs
  recommended).
• JBoss SEAM does NOT require Hibernate! SEAM
  recommends using the JEE Java Persistence API
  (JPA) to hide the ORM implementation, which can
  be swapped out for TopLink, Cayenne, etc.
• JBoss SEAM CAN integrate with Spring! (but
  really, there is no reason to since they both do
  the same thing).

6
SEAM Contexts

• The fundamental concept behind SEAM are
  contexts (scoped memory spaces). Its the use
  of shared contexts that allows the various
  components to interact with each other.

7
SEAM and Bi-Jection

• SEAM Inversion of Control (IoC) supports both the
  notions of Injection and Out-jection.
  Out-jection means any changes made to the
  object will be put back into the context (where
  others can see it).
• IoC in SEAM is implemented through the use of
  Annotations (No XML necessary!).
• Every bean that is to be managed by SEAM gets a
  Name annotation.
• To inject a bean, create a local variable and
  give it the In annotation (no get/set
  necessary!). As long as the variable name
  matches the bean name, no mapping is necessary.

8
SEAM and Bi-Jection
_at_Entity _at_Name("user") _at_Scope(SESSION) _at_Table(name
"Customer") public class User implements
Serializable
The User entity bean is in the Session scope.
When ever a method on the ChangePassword bean is
called, the User object from the session scope
will be injected prior to the call.
Note because names match, no mapping is
necessary.
_at_Stateful _at_Scope(EVENT) _at_Name("changePassword") _at_R
estrict("identity.loggedIn") public class
ChangePasswordAction implements ChangePassword
_at_In _at_Out private User user
After every method call, any changes to the User
object are out-jected back to the Session.
9
Conversation Scope Context

• The default context (where managed objects end up
  if no scope is specified) in SEAM is the
  Conversation scope. A conversation spans any
  number of method calls required to complete a
  unit of work.
• In the case of wizard like functionality, a
  conversation spans from the first screen to the
  last screen.
• Conversations are also isolated from each other,
  meaning that 1 user can have 2 conversations
  going on at the same time. (the common example
  is two flight reservation conversations to
  compare prices).

10
Conversation Scope Context

• By default, a conversation is the same as
  request scope. (meaning a conversation starts
  when a request arrives, and ends when the
  response is rendered).
• To demarcate the beginning and ending of
  conversations, annotations are used in the JSF
  backing bean to mark the method that joins the
  conversation, and the method that ends it.

11
Conversation Scope Context
_at_Stateful _at_Name("hotelBooking") public class
HotelBookingAction implements HotelBooking
_at_In(requiredfalse) _at_Out private Hotel
hotel _at_Begin public void
selectHotel(Hotel selectedHotel) public
void bookHotel() public void
setBookingDetails() _at_End public void
confirm() _at_End public void cancel()
The Hotel entity bean is the default Conversation
scope.
The first call to selectHotel begins the
conversation.
These methods are called inside the conversation.
They will always use the same instance of
Hotel which is injected from the conversation
context.
A call to either of these ends the conversation.
12
Enhanced JSF

• JBoss SEAM is tightly bound to JSF (Most of
  SEAMs magic lies inside JSF lifecycle
  listeners).
• JBoss SEAM provides some enhancements that
  makes developing JSF easier. We already saw one
  way with the addition of Conversation scope
  context.
• Some other enhancements are
• Validation
• Stateful Pageflows
• PDF/Email templating

13
JSF Validation Enhancement

• The recommended (but not required) SEAM
  architecture uses domain objects across the
  entire stack (back and front end). As such, SEAM
  makes use of Entity Bean validation to
  auto-magically provide validation logic and error
  messages that just show up on the JSF page.
• This is accomplished with the SEAM validate tags.
  

14
JSF Validation Enhancement
_at_Entity _at_Name("hotel") public class Hotel
implements Serializable _at_Length(min4,
max6) _at_NotNull public String getZip()
return zip
Hibernate will validate this Entity bean.
This tag tells SEAM to validate all the fields
inside it (via Hibernate validator)
Any error messages are displayed via standard JFS
message tag.
ltsvalidateAllgt lthinputText idzip"
value"hotel.zip" required"true/gtgt
lthmessage forzip/gt lt/svalidateAllgt
15
JSF Stateful Page Flow

• In SEAM, page flow is defined in the pages.xml
  file rather than the faces-config.xml file.
• In the pages.xml file, you can specify
  navigation that requires a Conversion context and
  conditional logic based on stateful data in the
  context.

16
JSF Stateful Page Flow
pages.xml file
ltpage view-id"/register.xhtml"gt ltaction
if"validation.failed"
execute"register.invalid"/gt
ltnavigationgt ltrule if"register.regi
stered"gt ltredirect
view-id"/home.xhtml"/gt lt/rulegt
lt/navigationgt lt/pagegt
Only navigate to the home page if the user is
registered.
17
JSF Stateful Page Flow

• More complicated Web Flow can be implemented by
  integrating with jBPM

pages.xml file
Begins a conversation and delegates to jBPM
ltpage view-id"/numberGues.xhtml"gt
ltbegin-conversation jointrue
pageflownumberGuess/gt
pageflow.jpdl.xml file
ltpageflow-definition namenumberGues.xhtml"gt
ltpage name"win" view-id"/win.jsp"gt
ltend-conversation /gt ltredirect/gt
lt/pagegt
jBPM provides complex page flow, and can use
Drools to make decisions!
18
PDF/Email template in JSF

• SEAM provides a JSF tags to easily create
  formated PDFs and Emails.

PDF tag example
ltpdocument xmlnsui"http//java.sun.com/jsf/face
lets" xmlnsf"http//java.sun.com/jsf
/core" xmlnsp"http//jboss.com/produ
cts/seam/pdf" title"Why Seam
subject"seam" author"Seam Team"
creator"Seam PDF example
app"gt ltpparagraphgtDear currentOrder.customerNa
me,lt/pparagraphgt ltpparagraphgt Your order on
ltptext value"currentOrder.orderDate"gtlt/ptext
gt has been processed and will ship shortly.
19
Rules Based Security

• A selling point for Spring is the robust security
  framework provided by Acegi. JBoss SEAM is also
  working to provide a highly flexible security
  framework based on Drools.
• SEAM comes with some ready made rules for which
  you need implement an Authenticator. That is a
  class that actually lookup up the user (via JPA,
  LDAP, etc).

20
Rules Based Security
MemberAccount class extends and implements the
Abstract UserAccount
Entity _at_Table(uniqueConstraints
_at_UniqueConstraint(columnNames
"username")) public class MemberAccount extends
UserAccount implements Serializable
components.xml
ltsecurityidentity security-rules"securityR
ules"/gt ltidentity-managementjpa-identit
y-store name"identityStore
account-class"org.jboss.seam.example.seamspace.Me
mberAccount"/gt ltdroolsrule-base
name"securityRules"gt ltdroolsrule-filesgt
ltvaluegt/META-INF/security-rules.drllt/val
uegt lt/droolsrule-filesgt
lt/droolsrule-basegt
Security config info goes in the components.xml
file
21
Rules Based Security

• Declarative Security

pages.xml file
ltpage view-id/inventory.xhtmlgt
ltrestrictgtshasRole(admin)lt/restrictgt lt/pagegt
JSF file
ltsdiv renderedidentity.loggedIngt
ltslink valueCheck Inventory
actionmanager.checkInventory
renderedshasRole(admin)/gt lt/sdivgt
Method-Level access
_at_Restirct(shostRole(admin)) public String
checkInventory()
22
Rules Based Security
Programatic/Context Based Security
rule CreateFriendComment no-loop
activation-group "permissions" when check
PermissionCheck(name "friendComment", action
"create", granted false)
MemberFriend(authorized true, f friend)
not Member(mbrId memberId -gt (!mbrId.equals(f.ge
tMemberId()))) then check.grant() end
Rule from the security-rules.drl file
Load friend list into Drools workingMemory. Check
the CreateFriendComment Rule
public void createComment()
Contexts.getMethodContext().set("friends",
member.getFriends()) Identity.instance().check
Restriction( "shasPermission('friendComme
nt', 'create', friends)")
23
Rapid Application Development(seam-gen)

• JBoss SEAM comes with the ability to generate a
  complete CRUD application for a database schema
  with a tool called seam-gen.
• The ability to generate a CRUD application is
  also built into the JBoss Tools plugin for
  Eclipse.

24
JBoss SEAM Website

• In February, JBoss SEAM launched its official
  website (and its actually powered by SEAM!)
• www.seamframework.org

25
Thank You!
www.PlatinumSolutions.com