Java Web Services Up and Running, 2nd Edition A Quick, Practical, and Thorough Introduction (Martin Kalin) (Z-Library)

📄 File Format: PDF

💾 File Size: 10.0 MB

📖 Read Online ⬇️ Download

Registered users can read the full content for free

Register as a Gaohf Library member to read the complete e-book online for free and enjoy a better reading experience.

📄 Page 1

www.it-ebooks.info

📄 Page 2

www.it-ebooks.info

📄 Page 3

Martin Kalin SECOND EDITION Java Web Services: Up and Running www.it-ebooks.info

📄 Page 4

Java Web Services: Up and Running, Second Edition by Martin Kalin Copyright © 2013 Martin Kalin. All rights reserved. Printed in the United States of America. Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472. O’Reilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (http://my.safaribooksonline.com). For more information, contact our corporate/ institutional sales department: 800-998-9938 or corporate@oreilly.com. Editor: Meghan Blanchette Production Editor: Rachel Steely Copyeditor: Rachel Leach Proofreader: BIM Indexing and Proofreading Services Indexer: Judith McConville Cover Designer: Randy Comer Interior Designer: David Futato Illustrator: Rebecca Demarest September 2013: Second Edition Revision History for the Second Edition: 2013-08-23: First release See http://oreilly.com/catalog/errata.csp?isbn=9781449365110 for release details. Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of O’Reilly Media, Inc. Java Web Services: Up and Running, Second Edition, the image of a great cormorant, and related trade dress are trademarks of O’Reilly Media, Inc. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and O’Reilly Media, Inc., was aware of a trade‐ mark claim, the designations have been printed in caps or initial caps. While every precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein. ISBN: 978-1-449-36511-0 [LSI] www.it-ebooks.info

📄 Page 5

Table of Contents Preface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii 1. Web Services Quickstart. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Web Service Miscellany 3 What Good Are Web Services? 4 Web Services and Service-Oriented Architecture 7 A Very Short History of Web Services 8 From DCE/RPC to XML-RPC 9 Distributed Object Architecture: A Java Example 11 Web Services to the Rescue 12 What Is REST? 13 Verbs and Opaque Nouns 17 Review of HTTP Requests and Responses 18 HTTP as an API 20 Two HTTP Clients in Java 21 A First RESTful Example 24 How the Predictions Web Service Works 25 A Client Against the Predictions Web Service 33 Why Use Servlets for RESTful Web Services? 34 What’s Next? 37 2. RESTful Web Services: The Service Side. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 A RESTful Service as an HttpServlet 40 Implementation Details 41 Sample Client Calls Against the predictions2 Service 52 A RESTful Web Service as a JAX-RS Resource 53 A First JAX-RS Web Service Using Jersey 54 Publishing JAX-RS Resources with a Java Application 55 Publishing JAX-RS Resources with Tomcat 56 iii www.it-ebooks.info

📄 Page 6

The Adage Class 58 JAX-RS Generation of XML and JSON Responses 62 Porting the Predictions Web Service to JAX-RS 65 A RESTful Web Service as Restlet Resources 75 Sample Calls Against the adages2 Service 83 Publishing the adages2 Restlet Service Without a Web Server 84 A RESTful Service as a @WebServiceProvider 85 What’s Next? 94 3. RESTful Web Services: The Client Side. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95 A Perl Client Against a Java RESTful Web Service 96 A Client Against the Amazon E-Commerce Service 101 A Standalone JAX-B Example 110 The XStream Option 114 Another Client Against the Amazon E-Commerce Service 118 The CTA Bus-Tracker Services 123 RESTful Clients and WADL Documents 126 The JAX-RS Client API 132 JSON for JavaScript Clients 134 JSONP and Web Services 135 A Composed RESTful Service with jQuery 137 An Ajax Polling Example 140 What’s Next? 143 4. SOAP-Based Web Services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145 A SOAP-Based Web Service 146 The RandService in Two Files 151 Clients Against the RandService 152 A Java Client Against the RandService 153 A C# Client Against the RandService 156 A Perl Client Against the RandService 157 The WSDL Service Contract in Detail 160 The types Section 162 The message Section 163 The portType Section 164 The binding Section 164 The service Section 165 Java and XML Schema Data Type Bindings 166 Wrapped and Unwrapped Document Style 168 wsimport Artifacts for the Service Side 171 SOAP-Based Clients Against Amazon’s E-Commerce Service 173 Asynchronous Clients Against SOAP-Based Services 179 iv | Table of Contents www.it-ebooks.info

📄 Page 7

What’s Next? 182 5. SOAP Handlers and Faults. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185 The Handler Level in SOAP-Based Services and Clients 187 Handlers and Faults in the predictionsSOAP Service 194 The Backend Support Classes 199 From the Client to the Service 201 Signature Verification 211 Faults from the Application and Handler Levels 211 Linking the Service-Side Handler to the Service 212 A Handler Chain with Two Handlers 213 SOAP-Based Web Services and Binary Data 218 The Transport Level 224 Axis2 227 What’s Next? 229 6. Web Services Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231 Wire-Level Security 232 HTTPS Basics 233 Symmetric and Asymmetric Encryption/Decryption 234 How HTTPS Provides the Three Security Services 236 The HTTPS Handshake 237 The HttpsURLConnection Class 239 A Very Lightweight HTTPS Server and Client 244 HTTPS in a Production-Grade Web Server 254 Enforcing HTTPS Access to a Web Service 256 An HTTPS Client Against the predictions2 Service 257 Container-Managed Security 260 Linking the Service web.xml with a Tomcat Security Realm 263 The Client Side in Users/Roles Security 265 Using the curl Utility for HTTPS Testing 268 A @WebService Under HTTPS with Users/Roles Security 269 Using a Digested Password Instead of a Password 273 WS-Security 275 Securing a @WebService with WS-Security 277 What’s Next? 290 7. Web Services and Java Application Servers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291 The Web Container 292 The Message-Oriented Middleware 293 The Enterprise Java Bean Container 293 The Naming and Lookup Service 295 Table of Contents | v www.it-ebooks.info

📄 Page 8

The Security Provider 295 The Client Container 296 The Database System 296 Toward a Lightweight JAS 296 GlassFish Basics 297 Servlet-Based Web Services Under GlassFish 299 An Example with Mixed APIs 302 An Interactive Website and a SOAP-Based Web Service 308 A @WebService as a @Stateless Session EJB 312 Packaging and Deploying the predictionsEJB Service 317 A Client Against the predictionsEJB Service 319 TomEE: Tomcat with Java EE Extensions 321 Porting the predictionsEJB Web Service to TomEE 322 Deploying an EJB in a WAR File 323 Where Is the Best Place to Be in Java Web Services? 324 Back to the Question at Hand 328 Index. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331 vi | Table of Contents www.it-ebooks.info

📄 Page 9

Preface Welcome to the second edition of Java Web Services: Up and Running. This edition, like the first, is for programmers interested in developing web services and clients against such services. This edition, again like the first, emphasizes code. My aim is to make web services and their clients come alive through focused but realistic programming exam‐ ples in Java but, of course, in other languages as well: web services are designed to be language-neutral, a point best illustrated through the interaction of services and clients written in different languages. Indeed, the client of a well-designed web service can remain agnostic about the service’s implementation details, including the language in which the service is written. To ease the task of compiling and publishing services, the ZIP file with the code samples includes an Ant script that compiles, packages, and de‐ ploys web services. The major client examples include either Ant scripts for compiling and running the clients or executable JAR files with all of the dependencies included therein. The code examples are available at https://github.com/mkalin/jwsur2. What’s Changed in the Second Edition? In the four years or so since the first edition, there has been continuity as well as change. Web services remain a popular and arguably even dominant approach toward distributed software systems—that is, systems that require the interaction of software on physically distinct devices. The Web itself is a prime example of a distributed system, and the current trend is to blur the distinction between traditional, HTML-centric websites and modern web services, which typically deliver XML or JSON payloads in‐ stead of HTML ones. Web services are an appealing way to create distributed systems because these services can piggyback on existing infrastructure such as HTTP(S) trans‐ port, web servers, database systems, modern programming languages of various stripes, widespread software libraries for JSON and XML processing, security providers, and so on. Indeed, web services are a lightweight and flexible way to integrate divergent software systems and to make the functionality of such systems readily accessible. vii www.it-ebooks.info

📄 Page 10

Java remains a major player in web services, and Java support for these services, in the form of standard and third-party software libraries and utilities, continues to improve. Yet two important and related shifts in emphasis have occurred since this book was first published: • The consumers or clients of web services are increasingly written in JavaScript, particularly in the jQuery dialect, and these clients naturally prefer response pay‐ loads in JSON (JavaScript Object Notation) rather than in XML because a JSON document is the text representation of a native JavaScript object. A JavaScript client that receives, for example, an array of products as a JSON rather than an XML document can process the array with the usual JavaScript programming constructs. By contrast, a JavaScript client that receives an XML payload would face a challenge common across programming languages: the challenge of parsing an XML docu‐ ment to extract its informational content before moving on to specific application logic. Modern web services and web service frameworks acknowledge the growing popularity of JSON by treating JSON and XML formats as equals. In some frame‐ works, such as Rails, JSON even gets the nod over XML. • REST-style services are increasingly popular among familiar sites such as eBay, Facebook, LinkedIn, Tumblr, and Twitter. Amazon, a web service pioneer, contin‐ ues to support REST-style and SOAP-based versions of its services. The services from newer players tend to be REST-style for an obvious reason: REST-style services are relatively low fuss and their APIs are correspondingly simple. SOAP-based services still are delivered mostly over HTTP(S), although Java and DotNet con‐ tinue to explore the use of other protocols, especially TCP, for transport. The first edition of this book underscored that SOAP-based services over HTTP can be seen as a special case of REST-style services; the second edition pursues the same theme. The two changes in web services are reflected in how the second edition is organized. Chapter 1 begins with an overview of web services, including the link between such services and Service-Oriented Architecture (SOA), and the chapter includes a code- based contrast of SOA and the competing Distributed Object Architecture (DOA). The discussion then turns to REST: what the acronym means, why HTTP can be treated as an API and not just a transport, and how the RESTful mindset continues to impact the design and implementation of modern web services. The first chapter includes sample HTTP clients in Java, clients that can be targeted at either websites or web services. The first chapter ends with a RESTful service implemented as a JSP script with support from two backend POJO classes; the service is published with the Tomcat web server. The first chapter goes into the details of installing and running Tomcat; the second chapter does the same for the Jetty web server. The aforementioned Ant script is also clarified so that the sample web services can be packaged and deployed automatically. Although this edition of the book starts with REST-style services, SOAP-based services are treated thoroughly. Chapter 4 covers SOAP-based services at the application level, viii | Preface www.it-ebooks.info

📄 Page 11

a level in which the SOAP remains transparent; Chapter 5 explores the handler and the transport levels at which the SOAP is exposed for inspection and manipulation. Starting with REST-style services helps to explain the advantages that come with SOAP-based services, in particular the benefit of having the XML remain mostly under the hood. Issues such as security cut across the REST/SOAP boundary, and Chapter 6 is dedicated to practical web security, from wire-level security through users/roles security up to WS-Security. Web Service APIs and Publication Options In the first edition, the JAX-WS APIs and their Metro implementation were dominant. In this edition, the two are important but less dominant. For REST-style services, the book has examples based on the following APIs: HttpServlet The HttpServlet is well designed for REST-style services because the API is so close to the HTTP metal. Servlet instances encapsulate callbacks such as doPost, doGet, doPut, and doDelete, which cover the familiar CRUD operations: create (POST), read (GET), update (PUT), and delete (DELETE). There are symbolic ver‐ sions of HTTP status codes to signal the outcome of an HTTP request, support for MIME types, utilities to access HTTP headers and bodies, and so on. JSP and other Java-based scripts execute as servlet instances and, therefore, fall under the servlet umbrella. The HttpServlet is grizzled but hardly obsolete. Servlets are still an ex‐ cellent way to deliver REST-style services. JAX-RS This is a relatively recent and increasingly popular API for delivering REST-style services. The API centers on annotations such as @GET and @POST to route HTTP requests to particular Java methods. There is likewise a convenient @Path annota‐ tion to identify the particular resource targeted in a request. JAX-RS can be con‐ figured to automatically generate XML and JSON responses. This API, like the Restlet API described next, has a contemporary look and feel. At the implementa‐ tion level, JAX-RS represents a layering atop servlets. The same options for pub‐ lishing servlet-based services are available for their JAX-RS cousins. Restlet This API is similar in style to JAX-RS, although the claim is likely to upset propo‐ nents of both. The Restlet API also centers on annotations for routing HTTP re‐ quests to designated Java methods and for generating payloads. Restlet encourages interplay with other APIs. It is possible, for example, to use JAX-RS annotations in a Restlet-based service. Restlet offers an easy-to-use publisher for development and testing. Restlet services, like their JAX-RS counterparts, represent an Preface | ix www.it-ebooks.info

📄 Page 12

implementation level on top of servlets. Programmers should be able to move easily between the JAX-RS and Restlet APIs. JAX-WS @WebServiceProvider This is a deliberately XML-centric and low-level API that could be used for either SOAP-based or REST-style services. However, JAX-WS has the @WebService an‐ notation precisely for SOAP-based services; hence, the most obvious use of the @WebServiceProvider annotation is for XML-based REST-style services. This API is well suited for services that require granular control over XML generation and processing. For SOAP-based services, most of the examples use the reference implementation of JAX-WS, which is Metro. However, this edition now covers Axis2 as well. Axis2 imple‐ ments JAX-WS but has additional features. The Publication Options Each of these APIs, whether for REST-style or SOAP-based services, honors the separation-of-concerns principle with respect to publishing a web service. The web service is one concern; its publication is quite another concern. Services developed with any of these APIs can be published with a standalone web server such as Tomcat, a Java Application Server (JAS) such as GlassFish, or even with a simple command-line utility such as the standard Endpoint publisher. To underscore the separation-of-concerns principle and to emphasize the production-grade options, my examples are published in the following ways: Standalone web servers The two obvious choices in Java are Tomcat and Jetty, although other choices are available. The aforementioned Ant script automatically compiles and packages web services, REST-style and SOAP-based alike, for publication. Although the Ant script is tailored for Tomcat publication, a generated WAR file can be deployed, as is, to Jetty, Tomcat, or one of the many JASes. Tomcat and Jetty provide the usual services such as wire-level and users/roles security, logging/debugging, and administration that one expects from a production-grade web server. Java Application Servers The reference implementation is still GlassFish, which is part of the community- based Metro project. GlassFish can be used to publish either servlet-based services, which are the type that Tomcat and Jetty can publish, or EJB-based services, which are @Stateless Session Enterprise JavaBeans. TomEE, which is essentially Tomcat7 with OpenEJB extensions, is an emphatically lightweight publisher of both servlet- based and EJB-based services. Under TomEE, even an EJB-based service can be deployed as a standard WAR (Web ARchive) file. TomEE includes an implemen‐ tation of JAX-RS. x | Preface www.it-ebooks.info

📄 Page 13

Command-line publishers Examples are the standard Endpoint utility class and the Restlet Component class. These publishers are useful for development, testing, and even low-volume production. Java in general draws strength from the many options that the language and the run- time offer; this strength carries over to web services as well. There are many ways to program web services and web service clients in Java, and there are various attractive options for publishing such services. There is no need to claim any particular way in web services as the best way. My aim is to examine and clarify the choices so that in the end, the API, implementation, and method of publication can be determined by what is best suited for the service. Chapter-by-Chapter Overview The second edition has seven chapters. The following list offers a summary of each chapter. Chapter 1, Web Services Quickstart This chapter begins the code-driven tour of web services with an overview of the differences—and the similarities—between REST and SOAP. Why are web services of any use? This question is addressed with examples: one example focuses on using web services to automate access to the data and functionality available on the Web; the other example focuses on web services as a way to integrate diverse software systems. The theme of interoperability is pursued throughout the book with ex‐ amples. Chapter 1 includes a short history of web services, with emphasis on how the SOA approach to distributed systems differs significantly from the DOA ap‐ proach that predates yet continues to compete with web services. The chapter then focuses on how HTTP itself is at the center of the RESTful way to web-based, dis‐ tributed software systems. XML and JSON are introduced as document-exchange formats of special interest in RESTful services. The chapter includes code examples: a pair of Java HTTP clients used to illustrate key features of HTTP; and a first RESTful service, which consists of a JSP script and two backend POJO classes. The curl utility is used to make sample client calls, including failed ones, against the first service. The chapter covers practical matters such as installing the Tomcat web server and using the provided Ant script to compile, package, and deploy a web service. Chapter 2, RESTful Web Services: The Service Side This chapter introduces various APIs and implementations available for program‐ ming and delivering RESTful web services in Java. The HttpServlet, JAX-RS, Rest‐ let, and JAX-WS @WebServiceProvider APIs are explored through full code ex‐ amples. The chapter clarifies various ways of generating XML and JSON payloads, using both standard Java classes and different third-party ones. The code examples Preface | xi www.it-ebooks.info

📄 Page 14

adhere to RESTful principles such as honoring the intended meaning of each CRUD verb; using intuitive URIs to name resources; relying upon MIME data types to describe resource representations; and taking full advantage of those HTTP status codes that report on the outcome of an HTTP request against a RESTful service. Chapter 2, along with later chapters, looks at options for publishing RESTful serv‐ ices. The options include standalone web servers such as Tomcat and Jetty together with command-line publishers such as Endpoint, HttpServer, and Restlet Compo nent. The chapter goes into the technical details of multithreading and thread syn‐ chronization in services deployed with a web server such as Tomcat or Jetty. The installation and management of Jetty are also covered. Chapter 2 also takes a first look at the powerful JAX-B (Java API for XML-Binding) and JAX-P (Java API for XML-Processing) utilities, which are especially important in the Chapter 3 coverage of the client side in RESTful services. Chapter 3, RESTful Web Services: The Client Side This chapter shifts focus from the service to the client side of RESTful services. There are sample clients written with the weathered but still trusty URLConnec tion class and also clients written using REST-specific APIs. (JAX-RS, Restlet, and JAX-WS provide both service-side and client-side APIs.) As evidence of intero‐ perability, the chapter offers jQuery and Perl clients against Java services and Java clients against commercial services whose implementation language is officially unknown. The code samples explore various possibilities for dealing with XML and JSON payloads, in particular the standard JAX-B packages and third-party contri‐ butions such as XStream. These utilities are especially useful in transforming XML documents into native Java objects, which obviates the need for explicit parsing. Most RESTful services now furnish a grammar, in the form of an XML Schema or equivalent, for the service; core Java has utilities such as xjc that convert an XML Schema into Java classes. Chapter 3 has clients against real-world RESTful services at Twitter, Amazon, and the Chicago Transit Authority. This chapter pays special attention to the growing importance of JavaScript clients, which are highlighted in several examples using jQuery. Finally, the chapter shows how distinct web services can be orchestrated to form a single, composite service. Chapter 4, SOAP-Based Web Services This chapter turns from REST-style to SOAP-based services, in particular to the JAX-WS API and its central annotation @WebService. The chapter opens by con‐ verting a REST-style service from earlier chapters to a SOAP-based service. The emphasis in this chapter is on the application level, a level in which the XML in SOAP-based messaging remains transparent. Indeed, a chief attraction of SOAP- based services is that neither the services nor their clients require any attention to the underlying XML: service operations are, in Java, public methods preferably annotated with @WebMethod, and remote clients invoke the operations straightfor‐ wardly. The data types of arguments and return values include all of the primitive xii | Preface www.it-ebooks.info

📄 Page 15

types and their wrappers, the String and Calendar types, various other standard types, arrays of any acceptable type, and programmer-defined classes whose prop‐ erties reduce ultimately to any of these. The chapter explains in detail the programmer-friendly wsimport utility, which generates client-side support code from the web service contract, the WSDL (Web Service Description Language) document. The structure, purpose, and various uses of the WSDL are clarified through coding examples. The role of XML Schema or equivalent in a WSDL docu‐ ment is given particular emphasis. The chapter includes two Java clients against the Amazon E-Commerce service together with C# and Perl clients against a Java ser‐ vice. These examples underscore that SOAP-based services, like their REST-style cousins, are language-neutral. The clients against the SOAP-based version of the Amazon E-Commerce service introduce but do not explore the handler level of SOAP-based services; these examples also provide a first look at security issues. Chapter 5, SOAP Handlers and Faults This chapter examines the handler and transport levels in SOAP messaging, levels at which the XML in a SOAP message comes to the fore for inspection and ma‐ nipulation. The chapter begins with a look at the SOAP message architecture, which distinguishes among a message sender; an intermediary that should confine its ac‐ tivity to the SOAP header rather than the SOAP body or attachments in a message; and an ultimate receiver, which should have access to the entire SOAP message. The distinct parts of SOAP messages, the raw XML and any attachments, are accessible to SOAP handlers, which come in two flavors: message handlers have access to the entire SOAP message (header, body, and attachments), whereas logical handlers have access only to the payload in the body. WS-Security and related extensions of SOAP beyond the basic profile may use such access to inject or inspect security elements in SOAP headers. Handlers are akin to Filter instances in websites, al‐ though handlers are inherently bidirectional and can occur on either the client or the service side. The chapter covers both individual handlers and handler chains, in this case a chain consisting of a message and a logical handler. The handler chain example mimics the user authentication at work in Amazon’s web services. The chapter likewise examines the related topic of SOAP faults, special error messages that can be generated at either the application or the handler level. The chapter also looks at how SOAP messages can transport arbitrary binary data as attachments. A final topic is the transport level, usually HTTP; this level is especially useful in the users/roles security examined in Chapter 6. Chapter 6, Web Services Security This chapter covers security, a topic that cuts across the REST/SOAP boundary, at three levels: wire-level security of the type that HTTPS provides, users/roles secu‐ rity, and WS-Security in SOAP-based messaging. The chapter begins with wire- level security and its constituent services of peer authentication, message confidentiality, and message integrity. The clarification of these terms requires, in Preface | xiii www.it-ebooks.info

📄 Page 16

turn, an examination of concepts such as symmetric and asymmetric encryption/ decryption, public key security, cryptographic hash function, and cryptographic suite. HTTPS is examined in detail through coding examples: two HTTPS clients against the Google site and a lightweight HTTPS server built with the HttpsServer class that comes with the core Java JDK. There is also a sample HTTPS client against a RESTful service. These and other coding examples clarify additional security ar‐ tifacts such as the keystore and the truststore, digital certificates, and certificate authority. There is a section to explain how a web server such as Tomcat can be set up to handle and even to enforce HTTPS connections. Chapter 6 also covers container-managed users/roles security, again with coding examples that involve a production-grade web server such as Tomcat. The two-phased user authentication and roles authorization process is studied in detail and includes examples of HTTP BASIC and DIGEST authentication. The chapter ends with a code example focused on WS-Security and its end-to-end approach to security. Chapter 7, Web Services and Java Application Servers This chapter introduces the Java Application Server as an alternative to the stand‐ alone web server for deploying REST-style and SOAP-based services. The JAS as a service publisher also brings the option of deploying a web service as an EJB, in particular a web service as a @Stateless Session EJB. The chapter begins with a list of the popular JASes and then clarifies the core components and attendant func‐ tionalities of a JAS. There is a review of how sample services from previous chapters —from HttpServlet examples through JAX-RS, Restlet, @WebServiceProvider, and @WebService examples—can be ported to a JAS. In all cases, almost no change is required. Chapter 7 also motivates the option of a JAS, in particular the benefits that come with deploying a service in the thread-safe EJB container. A typical JAS is not only a publisher but also a development, testing, and management environ‐ ment. This chapter has a further coding example of how web services and websites can interact, and the excellent JPA (Java Persistence API) is introduced with two coding examples that persist data in different databases: HSQLDB and Java Derby. The chapter introduces two JASes through code examples: GlassFish, which is the reference implementation, and TomEE, which is an emphatically lightweight option among JASes. Various sidebars explain installation and management details. The chapter ends with a review and a recommendation that programmers embrace the many excellent choices of API and implementation that Java offers in the area of web services. Tools and IDEs Java programmers have a wide choice of productivity tools. Among the build tools are Ant, Maven, and Meister; among the many testing tools are EasyMock, JMockit, JUnit, Mockito, and TestNG. Java likewise offers choices among IDEs, including Eclipse, xiv | Preface www.it-ebooks.info

📄 Page 17

IntelliJ IDEA, and NetBeans. In a production environment, tools and IDEs are the way to go as they hide the grimy details that slow the journey from initial design through deployment and maintenance. In a learning environment, a build tool makes sense because it facilitates experimentation. My Ant script is meant to serve this purpose: it allows a web service, with all of the dependencies, to be compiled, built, and deployed with a single command: % ant deploy -Dwar.name=myFirstService Chapter 1 goes into the setup details, which are minimal. With respect to IDEs, this second edition is, like the first, neutral. The very grimy details that are an obstacle in a production environment are critical in a learning environment. For that reason, my code examples include all of the import statements so that depen‐ dencies are clear. Package/directory structure is explained whenever third-party libra‐ ries are used. The code listings usually have numbered statements and expressions for ease of reference and explanation. The examples themselves are designed to highlight the challenges inherent in any serious programming, but these examples also focus on patterned approaches to meeting the challenges. Web services and their clients are, in the end, code—and this book focuses on code. Conventions Used in This Book The following typographical conventions are used in this book: Italic Indicates new terms, URLs, filenames, file extensions, and emphasis. Constant width Used for program listings as well as within paragraphs to refer to program elements such as variable or method names, data types, environment variables, statements, and keywords. Sidebars The book uses sidebars (see “This Is a Sidebar” on page xv) to focus on particular topics. Sidebars often contain practical information about installing and running applications such as a standalone web server or a Java Application Server. This Is a Sidebar A topic of special interest. Preface | xv www.it-ebooks.info

📄 Page 18

Using Code Examples This book is here to help you get your job done. In general, if this book includes code examples, you may use the code in your programs and documentation. You do not need to contact us for permission unless you’re reproducing a significant portion of the code. For example, writing a program that uses several chunks of code from this book does not require permission. Selling or distributing a CD-ROM of examples from O’Reilly books does require permission. Answering a question by citing this book and quoting example code does not require permission. Incorporating a significant amount of ex‐ ample code from this book into your product’s documentation does require permission. We appreciate, but do not require, attribution. An attribution usually includes the title, author, publisher, and ISBN. For example: “Java Web Services: Up and Running, Second Edition, by Martin Kalin. Copyright 2013 Martin Kalin, 978-1-449-36511-0.” If you feel your use of code examples falls outside fair use or the permission given above, feel free to contact us at permissions@oreilly.com. Safari® Books Online Safari Books Online is an on-demand digital library that delivers expert content in both book and video form from the world’s lead‐ ing authors in technology and business. Technology professionals, software developers, web designers, and business and crea‐ tive professionals use Safari Books Online as their primary resource for research, prob‐ lem solving, learning, and certification training. Safari Books Online offers a range of product mixes and pricing programs for organi‐ zations, government agencies, and individuals. Subscribers have access to thousands of books, training videos, and prepublication manuscripts in one fully searchable database from publishers like O’Reilly Media, Prentice Hall Professional, Addison-Wesley Pro‐ fessional, Microsoft Press, Sams, Que, Peachpit Press, Focal Press, Cisco Press, John Wiley & Sons, Syngress, Morgan Kaufmann, IBM Redbooks, Packt, Adobe Press, FT Press, Apress, Manning, New Riders, McGraw-Hill, Jones & Bartlett, Course Technol‐ ogy, and dozens more. For more information about Safari Books Online, please visit us online. xvi | Preface www.it-ebooks.info

📄 Page 19

How to Contact Us Please address comments and questions concerning this book to the publisher: O’Reilly Media, Inc. 1005 Gravenstein Highway North Sebastopol, CA 95472 800-998-9938 (in the United States or Canada) 707-829-0515 (international or local) 707-829-0104 (fax) We have a web page for this book, where we list errata, examples, and any additional information. You can access this page at http://oreil.ly/Java_web_services. To comment or ask technical questions about this book, send email to bookques tions@oreilly.com. For more information about our books, courses, conferences, and news, see our website at http://www.oreilly.com. Find us on Facebook: http://facebook.com/oreilly Follow us on Twitter: http://twitter.com/oreillymedia Watch us on YouTube: http://www.youtube.com/oreillymedia Acknowledgments Edward Yue Shung Wong and Ken Yu were generous enough to review this book and offer many insightful suggestions for its improvement. They made the book better than it otherwise would have been. I thank them heartily for the time and effort that they invested in this project. The remaining shortcomings are mine alone, of course. Meghan Blanchette, my editor, has provided invaluable support, and the book would not be without her help. My thanks go as well to the many behind-the-scenes people at O’Reilly Media who worked on this project. This edition, like the first, is dedicated to Janet. Preface | xvii www.it-ebooks.info

📄 Page 20

www.it-ebooks.info