Posts Tagged ‘spring’

« Older Entries

When we hear the term application modernization, the immediate image that comes to mind involves modernizing twenty-five year old critical business applications written in COBOL. While this is still true and represents the bulk of work in this field, there are other growing areas of application modernization that businesses undertake. These include migrating more recent heavy-weight legacy applications based on technologies like JEE and Oracle Forms to the newer light-weight Spring Framework. Another emerging modernization area involves moving from older web user interface technologies like JSP to newer more robust technologies like Spring Web Flow, Adobe Flex, and Google Web Toolkit (GWT). Modernization also involves updating the web layer to support mobile devices like the iPhone. Regardless of the application modernization area, MyEclipse for Spring provides tooling to support a rapid migration strategy.

Modernizing Existing Legacy Systems

COBOL Systems

Interestingly, reading through the plethora of online technology sites, it’s easy to get the impression that today’s information systems are almost all web applications using Java or .Net on the back-end. The reality, of course, is that the bulk of critical business applications remain in the world of COBOL – and there are no signs those systems are going to change dramatically in the near term. What is changing with an elevated sense of urgency, however, is the recognition that businesses need to define an application modernization plan that preserves and renovates their critical business processes while at the same time reducing the operating and maintenance cost of their aging existing systems.

From a high level perspective, the plan involves starting with an “as is” analysis of the current system – e.g., understand the complexity, structure, business rules, nature, and intended use of what is typically a loosely understood and largely undocumented system. The next major step involves defining the path for the “to be” system. In most cases, the modernization migration path involves a practical incremental approach. In this incremental approach, we start by defining, publishing, and using key business functionality from the existing system through web services. Then, we develop individual functional areas with Java/Spring and migrate the application in functional blocks in a timeframe that the business and technical teams can handle.

Oracle Forms Systems

The process for migrating from an Oracle Forms system to a Spring Framework system will be similar to the COBOL legacy system migration strategy. However, the migration effort should be easier due to a probability that the system software will be understood for the most part and has documentation. The functional areas may be a little tricky to separate as Oracle Forms relies heavily on PL-SQL for implementing business and validation logic. For Oracle Forms, the web services will usually be thin wrappers that call the PL-SQL stored procedures.

JEE Systems

The process for migrating from a JEE system to a Spring Framework system will be similar to the COBOL legacy system migration strategy. However, the migration effort should be easier due to a probability that the system is understood for the most part and has documentation. Also, the developers will already understand Java.

Using MyEclipse for Spring in the Migration Plan

MyEclipse for Spring provides tooling to accelerate the “to be” migration strategy – for both scaffolding the web layer and using the web services to access the existing legacy system, as well as, developing the functional areas for migration to Java/Spring solution.

Incremental Migration – Using Web Services

After web services are defined and exposed, we use the WSDL import capability of MyEclipse for Spring to quickly generate the Spring and JAX-WS infrastructure to support calling the web services. Once the web service infrastructure is generated, we use the MyEclipse for Spring scaffold capability to quickly scaffold any of a variety of web layer implementations (e.g., Spring MVC, Spring Web Flow, Adobe Flex, GWT, and iPhone) for any of the Java Beans created during the WSDL import process.

Incremental Migration – Developing Spring Services

Another feature of the WSDL import process is the generation of “contract-first” Java package shells. When the WSDL import process completes, we have code shells for Spring Services and JUnit test classes that would be implemented and tested by Java developers. MyEclipse for Spring also includes code assistants to help developers create and maintain Spring annotations for their Spring Services. Once the code is completed and the business is ready, only one line of code needs to change to switch from using the web service provided by the existing legacy system to the new Spring Service.

Modernizing the User Interface

For the desktop

This area of modernization has become more popular as we see robust RIA solutions mature in the marketplace (e.g., Adobe Flex, Spring Web Flow, Google Web Toolkit, etc.). MyEclipse for Spring simplifies this modernization process through its scaffolding capabilities. Starting from a variety of sources including data schemas, JPA entities, and Java Beans, developers scaffold the web layer with the new user interface technology. From there, developers use the scaffold as either a starting point for building the complete user interface against the back-end or as a reference implementation template for coding the user interface with the chosen technology.

MyEclipse for Spring Scaffolding Wizard

For mobile devices

Similar to its help for desktop web applications, MyEclipse for Spring simplifies modernization process for the iPhone through its scaffolding capabilities and for other mobile devices with small changes to context files and style sheets. Again, developers use the scaffold as either a starting point for building the complete user interface against the back-end or as a reference implementation template for coding the user interface with the chosen technology

iPhone Scaffolding with MyEclipse for Spring

Try it Yourself

MyEclipse for Spring is available for a free, 30-day trial. Accelerate your application modernization process by downloading from http://www.myeclipseide.com/module-htmlpages-display-pid-4.html.

Although there are several important technical areas of concern when developing production-ready software, its success fundamentally depends on having running code that implements the original conceptual ideas and functional requirements.  On the surface, this seems to be a straight forward and well understood problem to solve.  Talk to the users (or their proxies, the business analysts) to capture the conceptual ideas and requirements – then translate them to design and code.  How difficult can that be? Seriously, the more complex and interesting problems will involve addressing the technical concerns of scalability, availability, maintainability, security, etc – right?

Of course, those of us who spent decades in this field learned first-hand that moving from conceptual idea to running code that reflects the functional requirements involves a lot of moving parts.  This includes working with a diverse set of people and a lot of “I probably won’t know or understand what I want until after you build it” reality, which make it a very complex problem to solve.  The field of software engineering does a nice job of breaking down the basic process elements for attacking the problem.  Regardless of the development methodology you use – from the older waterfall through the newer agile variations – they all involve some level of define, design, build, deploy, and test processes.

Bridging the Disconnect between Conceptual Design and Running Code

Looking back at years of real projects and the lessons we can take away from them, it becomes apparent that we have to address key failure points as early in the software development lifecycle as possible.  The first failure point is typically traced back to vague, misinterpreted, and missing requirements.  Its downstream impact is increased time and money required to address the disconnect from what the user actually wanted and the delivered application, which kills the benefits projected and in effect reduces the success of the project.  Typically, these disconnects only come to light after the application is built and the user actually uses the running code.  This is the genesis for the area known as functional prototyping.  The premise is simple enough – inject the opportunity to validate the functional requirements of the system before actually investing the time and money to build the system.

This area of software engineering has had some level of success, but continues to suffer real uptake in the industry.  This is mainly due to the time consuming nature of creating what is essentially a throw away mini-project during the conceptual phase of development using the current tools available in the market. Pure agilest will also argue that functional prototypes become less needed as you reduce the application release cycle times. In essence, these mini-application releases serve the same purpose while also producing usable code.  On the surface, this seems a reasonable argument.  Interesting enough, the argument can be flipped to say non throw away functional prototypes embed the value of agile principles – focus on producing software often and early – within the waterfall methodology for the complex systems.

Using Scaffolding to Create Functional Prototypes

This is where MyEclipse for Spring provides a modern light-weight solution that makes sense for both simple and complex projects.  Use the scaffolding capabilities to produce quick functional prototypes during the conceptual phase of the software development life cycle.  The tooling provides full web application scaffolding from a variety of sources including data schemas, JPA entities, Java Beans, and WSDLs.

The most common functional prototyping approach is validating a functional area defined by a set of tables in the data schema.  In this scenario, a business analyst with minimal technical skills could run through the scaffolding wizard and generate a working CRUD web application for the selected tables.  However more often, a business analyst or set of business analysts are paired with a developer to quickly validate the domain and the expected functional interactions.  The beauty of this approach is the minimal time required for the users (or more likely, their proxies the business analyst) to validate and update the functional requirements.  It typically takes minutes to scaffold, followed by short iterations to update the domain and the functional requirements.

Functional Prototype created with MyEclipse for Spring

Another common scenario involves validating functional requirements while using web services.  Injecting scaffolding into the process involves two steps.  In the first, the business analyst or paired developer imports the WSDL to generate the back-end service and data objects.  In the next step, the business analyst or paired developer scaffold the web layer from the generated Java Beans that represent the web services domain objects.  Again, this light-weight approach takes minutes to create the functional prototype to be used to validate requirements.

Perhaps the best part of using MyEclipse for Spring to scaffold and validate functional requirements is that the scaffold can be re-used and extended in the build phase of the project.  In essence, the time invested during the conceptual phase to validate the functional requirements with scaffold prototypes is gained back from reduced build time required – and you have visually validated the functional requirements before starting the build phase of your software development life cycle.

Try it Yourself

MyEclipse for Spring is available for a free, 30-day trial.  Start creating your own functional prototypes by downloading from http://www.myeclipseide.com/module-htmlpages-display-pid-4.html.

One of the masterminds behind the GWT+Spring scaffolding support in MyEclipse for Spring wrote this article that describes the design philosophy and the GWT application architecture. The article includes some great sample Java/GWT code and a great explanation of how all the pieces fit together. As it turns out, it’s not magic after all.

Read the full article at http://www.dzone.com/links/r/gwt_and_spring_its_not_magic_after_all.html

And, if you want to see our GWT scaffolding in action, join us on August 31st for a free webinar.

This tutorial illustrates how to quickly generate a working, Spring-based mobile web application that is served alongside a desktop application. This step-by-step guide is based on the production release of MyEclipse for Spring 8.6, which includes support for scaffolding a Spring MVC app that’s also skinned to look like an iPhone application. However, with this tutorial, we illustrate how to add other mobile handsets to your list of supported mobile platforms, including Android and Palm Pre. The same concepts employed here apply when adding support for Blackberry, iPad or any other browser you want to treat differently.

Read the full post at http://bit.ly/dquUGG

This week Genuitec and Skyway Software released the second milestone (M2) of MyEclipse for Spring 8.6, which includes scaffolding for Google Web Toolkit (GWT) applications. With this new release, you can now generate full ready-to-run GWT applications from your domain model (i.e. DB tables, Java Beans, or JPA Entities). Some of the most interesting aspects of the new capability: GWT 2.0.4, GWT Best Practices, Application Layering, and Spring 2.5/3.0 Support.

Read the full post at http://bit.ly/9ydV0X

All Spring Web Flow Editors are not created equal.  The purpose of this post is to outline some of the key differences between the Spring Web Flow Editors found in SpringIDE and MyEclipse for Spring.  I’ve also included some screenshots to further illustrate how working with a Flow Editor that is intuitive and feature-rich can make all the difference when developing applications with Spring Web Flow.

Read the full post at http://bit.ly/9nmb2X

One of the new web client scaffolding options in MyEclipse for Spring 8.6 (ME4S) is Adobe Flex.  If I had to summarize the capability in one sentence it would go something like:  ME4S 8.6 generates ready-to-run Spring-Flex BlazeDS Hibernate applications using the RemoteObject to communicate with Spring Services that support create, read, update and delete operations for related objects.

Of course, there is so much more… to read about in the full blog post at http://www.genuitec.com/blog/?p=1467

Genuitec, LLC, a founding and strategic member of the Eclipse Foundation, and Skyway Software, an expert Spring development solutions company and SpringSource Certified Solution Partner, today announced the production release of a new environment, MyEclipse for Spring.  The jointly-developed product delivers a set of advanced accelerators for Spring development, including scaffolding, project bootstrapping and enhanced development editors.

“Our goal was to give millions of valued users a full-featured, intuitive Spring development solution,” said Todd Williams, vice president of technology for Genuitec.  “With the production release of MyEclipse for Spring, we feel that we have achieved that goal.  Developers who are using Spring-based tools to create Web applications now have access to some of the industry’s most advanced development accelerators.”

Read the full press release here.  Download the free 30-day trial of MyEclipse for Spring here.

June 2010 Update: This original blog post was written prior to the release of Spring Flex Scaffolding support in MyEclipse for Spring 8.6. Wanna build an entire Spring Flex CRUD app using your tables or code in a matter of seconds?  This tutorial is now productized in the MyEclipse for Spring 8.6 release.  Download and try it today! Check out the what’s generated blog or the getting started video.  Or, keep reading…

A subtle, but powerful, side effect of having Spring generation capabilities with MyEclipse for Spring is the fact that creating Spring BlazeDS Flex apps is easier and faster than ever.

This blog post covers the basics to getting started with a spring-flex project in MyEclipse for Spring.  The spring-flex framework uses Adobe’s open source BlazeDS project, which is the remoting and messaging foundation for connecting a Flex-based front-end to Java back-end services.  MyEclipse for Spring accelerates the Spring development by providing bootstrapping, scaffolding, and visual editing capabilities for all the necessary Spring configuration files code to support a ready to run Spring MVC application.  The tutorial then goes on to tweak the MyEclipse for Spring generated configuration files to support Flex Remoting to produce a simple list view that calls the MyEclipse for Spring generated Spring service.

This blog is divided into 2 parts:

Part 1: Setup & CRUD
Part 2: Adding Spring Flex

Want to know more about MyEclipse for Spring? Watch the webinar where we introduced it.

Skyway & Spring Security FAQs

by Dave Meurer on February 15, 2010

We recently answered several questions relating to Skyway’s feature to generate Spring Security 2.0 as well as general questions relating to Spring Security itself.  Here is a FAQ listing of those questions.  To learn more about Skyway’s Spring Security feature in Standard Edition, please take a look at the Security Feature Page.

  1. Before running Scaffolding > Scaffold spring security on the Spring DSL, Skyway requires that the user define a new Model package. Example video shows creating one named pkg.domain.security which Scaffolding then complements by creating a pkg.dao.security. Are there assumptions, limitations, or guidelines to where this domain.secuirty package should be placed (e.g. does the package have to be suffixed with security; does the dao package get created at the same level always)?
    Only assumption is if the package ends with “.domain”.  If so, Security Scaffolding places the DAO in a .dao package, and the Authorities and Users Domain Objects in the .domain package.
  2. After running Scaffold spring security will all newly added and domain objects have their Service and DAO objects added to Secured Resources when they have their CRUD scaffolded?
    Yes, new Services and DAOs will automatically be added to the Secured Resources.
  3. Skyway Project > Enterprise Configuration: What are the other Access values for Secured URLs and Secured Resources?
    Access can be used for Authentication and Authorization:
    Here are the 3 Authentication types:
    http://static.springsource.org/spring-security/site/docs/2.0.x/apidocs/org/springframework/security/vote/AuthenticatedVoter.htmlFor AUTHORIZATION, the Access string needs to be prefixed by “ROLE_” to indicate to  Spring Security that the Access is role based.  If the ROLE_  prefix is left off, deploy errors will occur. See example screenshot below.
  4. Skyway Project > Enterprise Configuration: How does the Secured URLs work in general? Is the default rule /secure/* allow pre-authentication for pages in this URL and then NO access for all others or is the no-access assumed for all other URLs?
    In the “/secure/*” scenario, all access to anything under the /secure/ path will require authentication.  Other URL paths do not require authentication.One note to consider is via the springSecurityFilterChain in the web.xml, all requests, specified by the url-pattern will go through Spring Security.  If a request is not intercepted by the login form, the user will be an anonymous user, and the security context will have something like the following:
    org.springframework.security.providers.anonymous.AnonymousAuthenticationToken@9611881d: Principal: roleAnonymous; Password: [PROTECTED]; Authenticated: true; Details: org.springframework.security.ui.WebAuthenticationDetails@fffd148a: RemoteIpAddress: 127.0.0.1; SessionId: 478A01F999A8CD50D40E069428B71306; Granted Authorities: ROLE_ANONYMOUS(Invalid property ‘principal.username’) Errors
    Due to the above paragraph, this error may appear with pages that have not been authenticated, but use the sitemesh decoration because the login.jsp uses <sec:authentication property=principal.username”/> which does not exist when the security context authentication is authenticated with an anonymous user.

    If the desired behavior is to remove Spring Security entirely from certain requests, the springSecurityFileChain url-pattern should match the intercept-url pattern in the security context.

    A good way to see the security context is use the code in the login.jsp page to create a sample page that displays the entire “auth” variable.

  5. Skyway Project > Enterprise Configuration: Configured Views: The Skyway training video describes the out-of-the-box operation as using the spring provide screens for login challenge. Allowing these values to be blank. However there are several default generated pages in a Skyway project that seem to appropriate to wire in here. Can you provide details into what pages become obsolete when security is enabled and provide a general description of how the login URL navigation works? In essence walking through the URL navigation from index.html through the security scenarios would help.
    Security Flow(click to enlarge)

    Files involved in security:
    6. resources/[ProjectName]-generated-security-context.xml Central Spring Security config file. All configurations from the Spring DSL > Enterprise Configuration tab are emitted into this file.
    WebContent/secure/welcome.jsp Welcome page used after someone logs in. Used in the chain of Sign-in link (from login.jsp) to /spring_security_login to welcome.jsp
    WebContent/pages/logout-redirect.jsp Straight redirect to logout-success.jsp
    WebContent/pages/logout-success.jsp Static HTML page that states “You have successfully logged out of the system.”
    WebContent/WEB-INF/sitemesh-common/login.jsp Contains top “Sign-in” tab that changes based on if a user is authenticated.  Not authenticated: sign-in link that goes to the welcome.jsp.  Authenticated: Sign out link that goes to /j_spring_security_logout
    WebContent/WEB-INF/decorators.xml Two URLs are excluded: /j_spring_security_logout, and /pages/logout-redirect.jsp to prevent the sitemesh decoration framework from intercepting these URLs and adding the decorations to them.
    /spring_security_login Default URL path to sign in to Spring Security.  Displays the default Spring Security form.  This can be overridden via the Login View field in the Enterprise Configuration tab. (not an actual file in the project)
    /j_spring_security_logout Default URL path to logout/sign out of Spring Security. By Default this will go back to the /spring_security_login URL.  A logout success/error view can be added via the Enterprise Configuration > Configured Views fields. (not an actual file in the project)
  6. Skyway Project > Enterprise Configuration: Security Information Source: Is there ever a case where the Connection in this section does not match the User & Authorities DAO connection?
    Only if a different connection is required for authentication rather than just CRUD operations.
  7. Are there any required naming conventions for the authority names (e.g. ROLE_<name>)?
    The only recommendation is to avoid using the “ROLE_” prefix in the authority names.  Spring Security adds the “ROLE_ “, for internal purposes as explained in #3 above and #2 below.  For example, if the ROLE prefix is used, Spring Security will add another role prefix resulting in something like “ROLE_ROLE_ADMIN”
  8. How do you apply the authority rules to the application? Is there a standard convention, approach to using them?
    See Question #3 above for URL authorization.
    For view element authorization, e.g. displaying buttons on a page only to ADMIN users, use the spring security tag library.  E.g.

    <sec:authorize ifAllGranted="ROLE_ADMIN">
     <input type="button" value="Save">
</sec:authorize>
  9. Security: What would happen if you had /secure/* secured, but tried to access a Secure Service via /*?
    As noted in the Securing Applications – Authentication recipe, (http://www.skywayperspectives.org/documentation/6.3/chunk/recipes/ch02s30.html), the Service and DAO Secured Resources section controls external access to those services.  It is assumed that the developer secures the entry point in the Web Application via the URL.  For example, if one of your services is a web service (JAX-WS tab on the service), and you have the Service checked in the Secured Resources pane, you will see an entry in the list of the securedServiceEndPointNames element in the resources/jaxws/jaxws-web-context file.
  10. Why is the ROLE_ prefix emitted in the security config when DB is selected?
    From the Spring API docs: “If this is set to a non-empty value, then it is automatically prepended to any roles read in from the db. This may for example be used to add the ROLE_ prefix expected to exist in role names (by default) by some other Spring Security classes, in the case that the prefix is not already present in the db.” In other words, Spring Security expects the role to have “ROLE_” as a prefix, (like in the case for the intercept url authorization) so we generate this by default so developers can create any named role in the database without the need to prefix it with “ROLE_”.

Resources

Some good resources for Spring Security:

« Older Entries