Book Image

Architecting Modern Java EE Applications

By : Sebastian Daschner
Book Image

Architecting Modern Java EE Applications

By: Sebastian Daschner

Overview of this book

Java EE 8 brings with it a load of features, mainly targeting newer architectures such as microservices, modernized security APIs, and cloud deployments. This book will teach you to design and develop modern, business-oriented applications using Java EE 8. It shows how to structure systems and applications, and how design patterns and Domain Driven Design aspects are realized in the age of Java EE 8. You will learn about the concepts and principles behind Java EE applications, and how to effect communication, persistence, technical and cross-cutting concerns, and asynchronous behavior. This book covers Continuous Delivery, DevOps, infrastructure-as-code, containers, container orchestration technologies, such as Docker and Kubernetes, and why and especially how Java EE fits into this world. It also covers the requirements behind containerized, zero-dependency applications and how modern Java EE application servers support these approaches. You will also learn about automated, fast, and reliable software tests, in different test levels, scopes, and test technologies. This book covers the prerequisites and challenges of distributed systems that lead to microservice, shared-nothing architectures. The challenges and solutions of consistency versus scalability will further lead us to event sourcing, event-driven architectures, and the CQRS principle. This book also includes the nuts and bolts of application performance as well as how to realize resilience, logging, monitoring and tracing in a modern enterprise world. Last but not least the demands of securing enterprise systems are covered. By the end, you will understand the ins and outs of Java EE so that you can make critical design decisions that not only live up to, but also surpass your clients' expectations.
Table of Contents (22 chapters)
Title Page
About the Author
About the Reviewer
Customer Feedback
Appendix: Links and further resources

Implementing security in Java EE applications

After seeing the most common security approaches of today's world, let's have a look into how security is implemented using Java EE.

Of all the Java versions, Java EE version 8 aimed to address security aspects. It contains a security API that simplifies and unifies the integration for developers.

Transparent security

In the simplest way, security in web applications can be implemented by proxy web servers, such as Apache or nginx. In that case, the security responsibilities are transparent to the application.

This is often the case if the enterprise application doesn't have to deal with users as domain entities.


In order to secure web services offered by the Java EE application, usually security on the servlet layer is used. This is the case for all technology that is built on top of servlets such as JAX-RS. Security features are configured using the servlet deployment descriptor, that is, the web.xml file.

This can happen in several ways...