I'm a Java EE developer and we typically use Weblogic to deploy our apps. Now I'm faced with a new desktop application which requires logging, database connectivity and mail.
After some investigation I'm realizing that desktop apps are a completely new world to me and I'm not sure if I'm choosing the right libraries to support my app.
These are my questions:
In our Weblogic projects we used Log4j and I want to use it again in my desktop app. Is it a bad idea? Should I use a better logging framework?
In Weblogic we retrieve database connections with JNDI but now it seems impossible to do the same. How do I perform the same action in a desktop application so I can connect with a remote database? Is the combination c3p0 + database driver a good approach for this?
Is there any framework/JAR which provides all this stuff (log + ddbb + mail) as an integrated solution? Workmates told me Spring could help. I also found Warework.
In our Weblogic projects we used Log4j and I want to use it again in
my desktop app. Is it a bad idea? Should I use a better logging
framework?
No, it is not a bad idea and perfectly works. Personally, I'd go with java.util.logging as it does the job fairly well and it reduces your applications' footprint (storage). Although, it's configuration is a bit tricky.
In Weblogic we retrieve database connections with JNDI but now it
seems impossible to do the same. How do I perform the same action in a
desktop application so I can connect with a remote database? Is the
combination c3p0 + database driver a good approach for this?
You can directly connect to your database using pure java.sql JDBC API (tons of examples available in the internet), but always have to distribute the proprietary database drivers as part of your application (mySQL, Oracle, DB2, etc.). Furthermore it's possible to directly use connection pools provided with those drivers by using their proprietary APIs (fairly easy to encapsulate). Nevertheless, there are a number of issues:
latency; database protocols are fairly sensitive when it comes to latency (distance between client and database server). Having a database in the UK and desktop clients in US is probably not a good idea.
security 1; you have to distribute database user credentials to each and every desktop client. Be aware of that.
security 2; your database security requirements may demand for transport security (packet encryption).
change management; applying non-backward compatible updates to your database requires you to update all desktop clients (believe me - it's not fun).
network; depending on your environment, certain ports and/or protocols may be blocked.
Is there any framework/JAR which provides all this stuff (log + ddbb +
mail) as an integrated solution? Workmates told me Spring could help.
I also found Warework.
Logging and database access are not an issue and work fairly well without any third-party framework. Of course, those frameworks might provide value regarding other aspects (abstraction, DI, JDBC abstraction, etc.), but this is a topic of detailed software design. Sending emails directly from a desktop application might become an issue, regardless of the framework in use. Just some things to keep in mind:
which SMTP relay server do you want to use?
in case of an enterprise environment, your IT operations teams might not allow you to use their SMTP server from each desktop (keep spam in mind).
Conclusion: In desktop scenarios an application server is not a bad idea either. You should have your desktop application to communicate with an application server only by using e.g. JSON, XML, SOAP over HTTP/HTTPS or RMI, etc. The application should be responsible for the complex tasks like database access, transaction management, fine grained security, email, etc.
Related
Background Context:
Due to enterprise limitations, an uncooperative 3rd party vendor, and a lack of internal tools, this approach has been deemed most desirable. I am fully aware that there are easier ways to do this, but that decision is a couple of pay grades away from my hands, and I'm not about to fund new development efforts out of my own pocket.
Problem:
We need to send an internal file to an external vendor. The team responsible for these types of files only transfers with SFTP, while our vendor only accepts files via REST API calls. The idea we came up with (considering the above constraints) was to use our OpenShift environment to host a "middle-man" SFTP server (running from a jar file) that will hit the vendor's API after our team sends it the file.
I have learned that if we want to get SFTP to work with OpenShift we need to set up of our cluster and pods with an ingress/external IP. This looks promising, but due to enterprise bureaucracy, I'm waiting for the OpenShift admins to make the required changes before I can see if this works, and I'm running out of time.
Questions:
Is this approach even possible with the technologies involved? Am I on the right track?
Are there other configuration options I should be using instead of what I explained above?
Are there any clever ways in which an SFTP client can send a file via HTTP request? So instead of running an embedded SFTP server, we could just set up a web service instead (this is what our infrastructure supports and prefers).
References:
https://docs.openshift.com/container-platform/4.5/networking/configuring_ingress_cluster_traffic/configuring-externalip.html
https://docs.openshift.com/container-platform/4.5/networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-service-external-ip.html#configuring-ingress-cluster-traffic-service-external-ip
That's totally possible, I have done it in the past as well with OpenShift 3.10. The approach to use externalIPs is the right way.
I have an application implemented in JavaFX and it will be migrated to the web platform, but it will take some time for that.
Meanwhile, I am struggling with some problems regarding its uses. Some users need to launch the jar from a network drive because their machines do not have access to the the database. Only the drive where the jar is located has access to the database.
My doubt is whether running the jar from the allowed network drive will solve this problem. In addition, can JNLP be a solution for this ?
I'd appreciate any help about this.
Some users need to launch the jar from a network drive because their machines do not have access to the the database. Only the drive where the jar is located has access to the database. My doubt is whether running the jar from the allowed network drive will solve this problem.
It won't work directly.
JavaFX is a client technology, it runs on a client PC. If the client PC does not have direct access to a database, then neither does a JavaFX application running on that client PC.
In addition, can JNLP be a solution for this ?
No, not for direct access to the database from the client if this isn't permitted in your network architecture, you would need a middle tier in addition to the JNLP based client to accomplish this.
Discussion of some solutions to this problem
Typically, the architecture of what you are describing would be built as a multi-tier app.
A client tier, which is the the JavaFX application or HTML javascript application running on a client machine.
An application server tier which handles server logic.
A database tier which hosts the DBMS.
There is a reasonable high level overview of such an architecture here.
Often, nowadays, the application server will serve REST APIs of JSON data, which a HTML based JavaScript web application can easily consume. Such APIs are also easily consumed using JavaFX applications which embed a REST client. An application server services the REST APIs and communicates with a database over JPA or JDBC as appropriate. However, than are many alternate technologies for client/server communication, and you can choose whatever you feel is a good fit for your application, development style and organization.
Spring product specific discussion
As you state your preference to use Spring, consider a JavaFX SpringBoot application.
Spring also includes a technology called spring remoting for facilitating client/server access. Spring remoting provides for multiple communication technologies. I'd advise sticking to the straight HTTP REST based technologies rather than other techniques such as RMI or AMQP as a HTTP REST based back-end can also serve as the backend for a standard HTML/JavaScript webapp which you also mention may be an eventual target client for your application.
If using Spring on client and server, checkout Spring's AsyncRestTemplate, and invoke JavaFX's Platform.runLater API inside the success and failure callbacks of the rest template. Or, use a Spring RestTemplate and control calls to the server via JavaFX concurrency mechanisms. Not sure which would be best for you, possibly the standard RestTemplate wrapped in a JavaFX Task.
Doing this in the correct manner will allow your application UI to remain responsive while it performs network activity (not block the UI thread) and also ensure that you don't violate JavaFX thread rules (don't access controls or modify data bound to JavaFX scene controls off of the JavaFX application thread).
a fella recommended me to use ApacheDS as a replacement for my database (MySQL) you can find the discussion here
i am completely new to LDAP and ApacheDS (actually i had no idea about it yesterday), i searched about it and read some articles , finally i got this page.
considering LDAP a network protocol (if it is) is it possible or is it a wise choice to use LDAP Servers like ApacheDS as a persistence solution for desktop applications ?
doesn't LDAP need an application server (like tomcat) to run?
can you please light me up :)
thnx
LDAP needs an LDAP service to run, like ApacheDS, OpenLDAP or the like. It doesn't need anything else.
There are two advantages of LDAP has over an SQL database.
One is much finer access controls e.g. you can have a "column" which can be updated by anyone in the "adminstrator" group and readable by the user and his/her manager only. The LDAP database can implement your security policy which ensures it is centrally auditable.
LDAP databases tend to have better query and read performance (sometimes by an order magnitude), but much lower write performance (also sometimes by an order of magnitude). This is on the assumption that you use it to look up details e.g. username/password far more often than you change them.
I wouldn't use an LDAP database for logging for this reason.
There are many uses of LDAP as a data store for other things than users. As matter of fact, LDAP is often considered as one of the first NoSQL servers.
I know of a teleconference software vendor who used an LDAP directory server to replace a SQL database to gain High Availability and distribution. With their software deployed in several locations worldwide, having a single database wouldn't scale, and created issue at the network level. With LDAP and the multi-master replication capabilities of the server, they were able to have a server in each location, to control the replication flows and even leveraged the distributed nature of data to increase their services.
Java based LDAP directory servers like Apache DS or OpenDJ (opendj.org) give you flexibility in the deployment and can even be embedded in Java applications such as Web applications.
Finally while LDAP servers were designed for many reads and few writes, servers now are capable of heavy writes (although I would not use them for write only activities such as logging). OpenDJ for example has been tested with up to 15000 modifications / second on a 10 millions users database. The same configuration was able to handle over 60000 searches per second. To be fair, the JVM heap size was 32GB.
Regards,
Ludovic.
For deploy LDAP you must ldap server only. For example openldap or ApacheDS.
I used openldap as a persistence solution for web application and it worked.
There is an important difference: sql is relation but ldap is the tree!
Why do we need Application Server in Java like JBoss or WebSphere. Is it possible that we develop large scale website only with Java (Apache Tomcat). Where thousand of user connect on site at a moment. An example is a website like b2b.
What is the cost of a Application Server? I will be thankful if you compare price among different application server and if there is any free version kindly highlight it.
Application Servers are mostly used if you want to use advanced features like transaction management, hot code swapping and advanced persistence.
There are application servers that are open source. E.g. GlassFish and JBoss.
I don't think you need an application server for building a popular web site, you'll also be fine with a servlet container like Tomcat or Jetty.
In short Application Servers provide you with few services like
Transaction Management
Load Balancing
Security
Threading
etc.
You have to take care of these things yourself in a Web Server.
There are few Open Source Application servers which are free of cost.
I have used Glassfish.
Apart from answers given above, App Servers are required for EJBs.
You need Application Server as follow:
It provides you useful services like automatic transaction,Authentication,Authorization,Lifecycle management.
To remember large user data across pages using ejb's pertaining to a client.
Load balance the user request and buisness logic.
To interact with different Client UI like Java Swing,Browsers.
It is possible to handle the httpheaders yourself. We have done socket servers in java for 20 years. You do not need a container for java swing.
Persistence can be done through databases or server side files unless you need real high speed stuff. I have yet to find a real requirement for an ejb
except that some systems simply require them
This may be because jboss can provide better after-sales service, and jboss, etc. can provide operation and maintenance support, etc. This may be the reason why many large companies choose commercial versions of servers.
But you must know that tomcat and netty are not bad. For example, many large B2B or C2C or B2C companies still use tomcat, such as Internet companies such as Alibaba.
Choose a server
Operation and maintenance costs
Scalable costs
Server cost
I've got a Java client that needs to access a remote database. It is the goal to hide database credentials from the user and not hardcode any credentials within the code. Therefore, the database access will probably have to be on the server side.
I'm restricted to use Ibatis as a data abstraction framework. Apart from that I have JBoss running on the webserver, allowing me to use data sources.
How would you design the remote database access and data serialization/deserialization. would you prefer web services of some kind of data stream over a socket? How would you realize either of both?
Build a Service Layer and expose it over RMI - possibly as EJB3 stateless session beans as you have JBoss, possibly as pure RMI. I wouldn't bother with web services unless you have a specific need. RMI will take case of serialisation for you.
Your service layer needs to expose a method to authenticate users using their credentials entered on startup of the Swing app. All calls for data go through the service layer. No SQL exists in the Swing app.
There are other benfits of this arrangment other than just hiding the database credentials. Not only do you end up with a layered architecture, but you gain efficiencies from sharing prepared statements amongst all your clients by having a single data source on the server.
So you want users to be able to access the database without knowing the credentials? Your only option is server-side database access. Unfortunately there is no way of hiding the username and password in Java -- if you put it into a properties file and encrypt it, a determined attacker could still attach a debugger and see what values are being held in your code.
Also, unless you're connecting to the DB over a secure connection someone could run a packet sniffer such as tcpdump and get the credentials there.
You say that you're running a JBoss server, what might be best is to set up remote EJBs so that your client application doesn't access the database directly - it has to go via your EJB methods. (It doesn't have to be EJB, by the way, you could do something such as web services if you prefer).
The point is, your server talks to the databas directly, and your client's only access is via a limited set of interfaces you define on the server.
As has been already said, you have to connect to a server which handles the database connection. There is no way to effectively prevent someone from breaking your security, with 30 minutes of effort.
If the clients are connecting somewhat locally, within an intranet, using EJB's on your appserver is probably the best choice... though you probably want stateless session beans, i wouldnt necessarily discount message driven beans.
For longer distances where the traffic is coming from the outside, I would use webservices over HTTPS
In any event, most appservers have mechanisms to expose their EJB's as webservices, with the WSDL; and there are about a hundred utilities to generate clients, to call the webservice, from a WSDL (axis's wsdl2java works well enough)