What's new in WebSphere Application Server V8
Last week marked two milestones for IBM: Thursday June 16, 2011 marked IBM’s 100th anniversary, and on the next day, IBM WebSphere Application Server V8 was launched. While it’s only one product in IBM’s broad software portfolio, WebSphere Application Server is a significant one that marks a fitting start to IBM’s second century.
WebSphere Application Server V8.0 builds on over a decade of leadership for Java™ application servers by not only offering support for Java EE 6 and other important programming models, but also by improving administrator productivity with a new installation and maintenance technology, increasing security robustness, and delivering new functions for controlling component failover and run time recovery.
Leading off the list of programming model options in WebSphere Application Server V8 is support for Java EE 6, which extends the focus on application development simplification that started in Java EE 5.
- EJB 3.1
As you might recall, the EJB 3.0 specification was the API with the most extensive changes in Java EE 5 for simplifying EJB development. In Java EE 6, this focus on simplification continues in EJB 3.1 with several significant new functions:
- Business interfaces are optional, even for session beans. This is particularly useful for using session beans in conjunction with web clients, because EJB 3.1 also adds the capability to package EJBs in WAR files.
- Singleton EJBs, which can be used for managing caches or shared application state.
- Asynchronous Session Bean method invocation by employing the @Asynchronous annotation. Further, you can control asynchronous EJB method requests using the java.util.concurrent.Future interface.
- Improvements to timers for calendar-based events, non-persistent timers, and automatically created timers. Most significant in this area is support for cron-style scheduling in addition to the EJB 3.0 interval based timer API.
- An embedded Java Standard Edition (SE) EJB 3.1 container, which can be used outside an application server. This enables testing in Java SE environments such as JUnit while using global JNDI names for EJBs.
- Contexts and Dependency Injection for Java (CDI) 1.0
Contexts and Dependency Injection (CDI) is a new API in Java EE 6 that extends the dependency injection capability introduced in EJB 3.0, which could be employed with resources such as databases, destinations, queues, backing beans, and other EJBs by adding a general purpose dependency injection capability that doesn’t require the use of EJBs. This enables, for example, the injection of a Data Access Object (DAO) even if the DAO isn’t implemented using an EJB. It also enables you to use EJBs directly as JavaServer™ Faces (JSF) backing beans. In addition, CDI enables you to manage the scope, state, lifecycle, and context for objects in declarative fashion using annotations; @RequestScoped, @SessionScoped, @ApplicationScoped, or @ConversationScoped.
CDI includes a CDI container service that manages scope automatically depending on the application scope declaration; CDI beans are created and destroyed on demand by the container. As a result, CDI makes the use of beans from different scopes easier and convenient. You can even mix and match scopes and inject beans from different scopes, with the container providing the correct lifecycle management. The end result is much simpler application development with better integration between web (JSF) and business logic (EJB) tiers. This is depicted in Figure 1.
Figure 1. CDI integration
- Bean Validation 1.0
Another new API in Java EE 6 is Bean Validation 1.0, which provides a mechanism for validation of your POJOs (Plain Old Java Objects). Bean Validation provides a declarative means for describing validation constraints through a number of common annotations, such as @Null, @NotNull, @Max, @Min, @Size, @Past, @Future, as well as providing an API to create your own validation annotations, such as for a phone number:
private String phoneNum;
This improves developer efficiency by not having to write and maintain validation logic multiple times in multiple places within the application by enabling the object to validate itself. Further, Bean Validation is integrated with other APIs:
- JSF to ensure form data is automatically validated to be correct.
- JPA to ensure incorrect data is not persisted.
- JCA to ensure connectors are correctly configured.
as depicted in Figure 2.
Figure 2. Bean Validation integration
- JavaServer Faces (JSF) 2.0
JSF 2.0 adds Facelets as a view technology targeted at JSF. This means that Facelets integrate with the JSF page description format and, as a result, deliver improved performance and UI composition capability. JSF 2.0 also adds Java EE 5 style annotation-driven configuration to improve developer productivity. Finally, JSF 2.0 now accounts for Ajax lifecycles, enabling partial page processing to handle Ajax events for better UI interaction and UI look and feel customization through skins.
- Java Servlet 3.0
Java Servlet 3.0 makes extensive use of annotations for improved developer productivity by providing annotations for declaring servlets (@WebServlet), filters (@WebFilter), listeners (@WebListener), and specification of the metadata for the declared component. Java Servlet 3.0 also makes deployment descriptors optional by adding automatic metadata discovery, which enables easier use of frameworks such as Struts, and so on.
Java Servlet 3.0 also introduces web fragments in order to provide a modular deployment descriptor capability. Unlike web.xml, which requires editing when using multiple frameworks, multiple web-fragment.xml files can be used which in aggregate constitute the web-xml deployment descriptor.
Finally, Java Servlet 3.0 introduces a new asynchronous protocol that can be employed with long running requests, such as SIP and COMET, by dispatching asynchronous requests and providing notifications when asynchronous processing has completed.
- Java Persistence API (JPA) 2.0
JPA 2.0 has improved mapping support to handle embedded collections and ordered lists, such as retrieving the first result, specifying the maximum size of query results, and pessimistic locking, which improves performance for write-mostly applications.
Another addition is the Criteria API which is an object-oriented, type-safe, Java-centric equivalent of JPQL statements. The Criteria API assists in avoiding run time parsing exceptions and in writing complex dynamic queries without an in-depth knowledge of SQL. Other functions that are standardized in JPA 2.0 are a level 2 cache plug-in, as well as query hints (also known as access intents). As mentioned earlier, integration of JPA with Bean Validation is also part of Java EE 6.
- Java API for RESTful Web Services (JAX-RS) 1.1
JAX-RS delivers Web 2.0 programming model support within Java EE. Much like JAX-WS abstracts the low-level details of the SOAP protocol for web service applications, JAX-RS abstracts REST development to POJO programming and annotation based configuration. This enables applications to easily and quickly expose resources to the web in a controlled fashion that is integrated with servlets and EJBs.
- Java API for XML-based Web Services (JAX-WS) 2.2
JAX-WS 2.2 extends the functionality provided by the JAX-WS 2.1 specification with new capabilities. The most significant new capability is support for the Web Services Addressing (WS-Addressing) Metadata specification in the API. Additionally, there’s the ability to specify message exchange patterns required by a Web service using new annotations, as well as support for fine-grained Transport Level Security configuration for policy acquisition from external registries.
- Enterprise Web Services 1.3 (JSR-109)
JSR-109 1.3 adds support for singleton session beans as endpoints, as well as for CDI in JAX-WS handlers and endpoints, and for global, application, and module naming contexts.
- Java Architecture for XML Binding (JAXB) 2.2
In Java EE 6, JAXB offers improved performance through marshalling optimizations enabled by default.
Feature packs were first introduced with WebSphere Application Server V6.1 in order to balance our users’ desire for less frequent releases while still making available support for the latest standards to our clients who need them. Feature packs grew in importance and frequency with WebSphere Application Server V7.0. A significant portion of the WebSphere Application Server V7 feature pack content is now integrated into WebSphere Application Server V8.
- OSGi applications
OSGi is a Java modularity technology that has been used internally in WebSphere Application Server for several years. It enables the development, deployment, and execution of dynamic, modular, extensible applications. Existing components can be exposed as SCA components inside OSGi applications. In turn, OSGi and Web applications can be deployed as OSGi bundles in the WebSphere Application Server, increasing reuse while providing modularity.
Key to this function is the notion of an OSGi bundle which is a JAR, but it has additional headers in the JAR manifest. The additional information in the JAR manifest is used to define the specific class (or classes) to be exposed by the repository and consumed by an application. By providing modular deployment and management, OSGi enables you to separate common libraries from application archives, manage them centrally and concurrently, across many versions, with a resulting decrease in application memory and disk footprint, as well as a greatly simplified classloader structure that is specific to the application. This simplification and modularization also enables application updates without restarting an application.
- Service Component Architecture (SCA)
- Java Batch
Java Batch provides a batch container service that integrates a batch programming model with essential batch administration functions such as job definition, job status, checkpoint, and restart. The batch programming model provided can be used across the enterprise, insuring consistent application development and maintenance which, in turn, lowers application development costs. In addition to providing essential batch administration capabilities, Java Batch in WebSphere Application Server V8 provides for integrated administration of OLTP applications and batch jobs using either the administrative console or wsadmin, which leverage existing administrator skills and also lowers costs.
- Communication Enabled Applications
The Communications Enabled Applications (CEA) programming model support in WebSphere Application Server V8 simplifies delivery of rich and interactive web applications by adding communications capabilities, like click-to-call and cobrowsing. Other widgets in addition to these are provided for call notifications and collaboration, which mean that by using as little as three lines of code you enable any CEA widget onto an existing or new web application.
In addition to the simplifications mentioned, there’s improved support for the native Session Initiation Protocol (SIP) programming model, which can be used to develop, deliver, and manage powerful large-scale mission-critical converged communications services and applications This includes support for the latest SIP Servlet specification (JSR 289), including annotation support to reduce complexity and improve productivity. WebSphere Application Server V8 provides a converged container that now includes web services which add to the pre-existing converged HTTP and SIP Servlet container to integrate web services and web services applications into an SIP-based communications application.
XML programming model improvements include support for Extensible Stylesheet Language Transformations (XSLT) 2.0, XML Path Language (XPath) 2.0, and XML Query Language (XQuery) 1.0. The IBM Thin Client for XML can accelerate application development of client-side applications that utilize XSLT 2.0, XPath 2.0, and XQuery 1.0 in WebSphere Application Server
In addition to the integrated features from the WebSphere Application Server V7 feature packs described above, two new feature packs are available for WebSphere Application Server V8:
- Web 2.0 and mobile
The WebSphere Application Server Feature Pack for Web 2.0 and Mobile, based on the Apache Wink and Dojo projects, delivers support for both mobile and browser-based applications through support for the Dojo 1.6 widget library and HTML 5.0. New support for mobile device user interfaces enable the creation of mobile applications that can be targeted to a specific device, such as an iPhone, Android, or Blackberry device, by changing the associated style sheet. A number of common Rich Internet Application (RIA) and mobile functions are included, such as Directory Listing Service, File Upload Service, Graphics Conversion Service, Logging, Debug and Analytics Capture Service, and Device/browser Detection Service. (The feature pack is also available for WebSphere Application Server V7 and V6.1.)
- Dynamic scripting
The WebSphere Application Server Feature Pack for Dynamic Scripting enables the use of the PHP and Groovy dynamic scripting languages, as well as the ability to leverage Web 2.0 technologies, such as Ajax, REST, Atom, JSON, and RSS, to reuse enterprise content. Dynamic scripting provides for deployment of application components supporting the iWidget specification that can be incorporated into IBM WebSphere Portal and IBM Mashup Center-based applications, and the ability to run IBM WebSphere sMash V1.1.1 applications unchanged in a WebSphere Application Server deployment.
Enhancements to functions related to system administration include:
- High availability
WebSphere Application Server V8 adds improved high availability (HA) support in several scenarios, including:
- Automatic reconnect for JMS applications to a standby gateway queue manager when an active queue manager fails or becomes unavailable.
- Resource failover and retry logic for relational data sources and JCA connection factories, where the administrator can tailor the data sources and connection factory configuration based on application need to specify:
- Number of connection retries.
- Alternate/failover resource.
- Pre-population of alternate/failover resource connection pool.
- Auto failback.
IBM Installation Manager is used to provide a single installation technology for:
- Installing and uninstalling product.
- Updating and rolling back fixpacks and iFixes.
- Installing and uninstalling feature packs.
Not only does Installation Manager provide a common installation technology, it also makes installation easier by installing the desired level of service in one pass, thus eliminating the need to install the GA product first and then apply any fixes as a separate step. Installation Manager in WebSphere Application Server V8 contains complete GUI and response file modes of operation:
- GUI to perform individual operations.
- Response files can be recorded from the GUI or created by specifying the appropriate XML for silent installation.
- Silent mode support for invoking multiple operations.
Central Installation Manager in WebSphere Application Server V8 is also enhanced from the V7 implementation. Not only is Central Installation Manager in V8 also based on IBM Installation Manager, but it is also available from the Job Manager as well as from the Deployment Manager. Adding Job Manager support to Central Installation Manager enables you to span the boundaries of a WebSphere Application Server Network Deployment cell, as well as schedule installation and configuration jobs. The use of Installation Manager as the underlying installation technology is key to these new functions. The underlying changes are best understood by examining the flows for Central Installation Manager in WebSphere Application Server V7 (Figure 3) and in V8 (Figure 4) from the Job Manger. Instead of Central Installation Manager actually pushing out the binaries and performing the installation (as was the case in V7), Central Installation Manager in V8, in both the Job Manager and Deployment Manager, pushes out installation configuration data which is employed by Installation Manager to perform the actual binary download and installation. In addition, Central Installation Manager in WebSphere Application Server V8 can remotely install WebSphere Application Server, IBM HTTP Server, application clients, DMZ Security Proxy Server, and Web Server Plug-ins.
Figure 3. Central Installation Manger in WebSphere Application Server V7
Figure 4. Central Installation Manager with Job Manger in WebSphere Application Server V8
Last, but not least, a single instance of Installation Manager can manage the product lifecycle for any Installation Manager-based products from WebSphere, Rational®, and so on.
HPEL (High Performance Extensible Logging) in WebSphere Application Server V8 speeds up logging and tracing:
- Log primitive over 6x faster than V7.
- Trace primitive 3.8x faster than V7.
HPEL also provides more flexible access to log and trace data:
- Command line access to filter and format.
- Administrative console GUI to filter and format local or remote logs and trace, even when the remote server is down.
- Programmatic access to filter, format, and merge local or remote logs and trace.
HPEL also works with existing application log and trace instrumentation, and provides a common solution for z/OS and distributed platforms.
- Node recovery
A new optional argument for the addNode command, asExisitingNode, makes it easier to move or recover nodes. When this command argument is used, the node is added using the configuration from the Deployment Manager for that node. As a result, a node can be easily moved to a new server and, if need be, there are provisions for changing the host name during this process. In the case of a hardware failure, the node can be easily recovered back to the last configuration reflected in the cell configuration maintained by the Deployment Manager. These two scenarios are depicted in Figure 5.
Figure 5. Node recovery
Security default behavior is enhanced in WebSphere Application Server V8 to further harden the infrastructure:
- SSL communication for RMI/IIOP is the default. Previously, the behavior had been governed by the CSI/V2 default which permitted protocol negotiation, which meant that a non-SSL client could successfully request an otherwise SSL protected resource.
- The contents of HTTP session objects are now protected by default, providing privacy for the data stored in HTTP session.
- Cookie protection via HttpOnly attribute is enabled by default to reduce cross-site vulnerabilities by preventing a script from accessing a specific cookie.
In addition, there is new support for Java EE 6 security standards, specifically:
- Java Servlet 3.0 security now provides three methods -- login(), logout() and authenticate() -- that can be used with an HTTPServletRequest object and the ability to declare security constraints via annotations.
- Basic security support for the EJB embeddable container.
- Support for Java Authentication SPI for containers (JASPI).
- Web Services Security API (WSS API) and WS-Trust support in JAX-WS to enable users building single sign on Web services-based applications.
- Security enhancement for JAX-RS 1.1.
Federated Repository Support for Multiple Domains is added in WebSphere Application Server V8. The Federated Repository, which is also known as VMM (Virtual Member Manager) is enhanced to provide a new registry type, Global Federated Repository, which is a single VMM configuration that is shareable across the entire cell (both administrative and application security domains). The Federated Repository, which has been available since WebSphere Application Server V6.1 is now enhanced to permit multiple configurations per cell, which enables scoping of a Federated Repository to the Global Security or to the Domain Security level.
Essentially, the "Global Federated Repository" provides the same function as the Federated Repository did in WebSphere Application Server V7, while the Federated Repository adds an often asked-for capability.
WebSphere Application Server V8 also improves upon the Application Migration Tool (AMT) that was delivered during the V7 service cycle. The AMT analyzes source code to find potential migration problems, such as:
- Removed features
- Deprecated features
- Behavior changes
- JRE 5 and JRE 6 differences
- Java EE specification changes or enforcements
The AMT is also capable of making some application changes and providing guidance on how to make required changes, and is available as a free plug-in for both Eclipse and IBM Rational Application Developer.
IBM WebSphere Application Server V8 is a major release that offers dramatic run time improvements, plus simpler and easier ways to develop and deploy applications. This article presented a glimpse at some of the new features and enhancements to hopefully encourage you to explore what else this new release has to offer.
- WebSphere Application Server V8 product information
- WebSphere Application Server V8 trial download
- WebSphere Application Server Feature Pack for Web 2.0 and Mobile
- WebSphere Application Server Feature Pack for Dynamic Scripting
- Techdoc: Technical Introduction to WebSphere Application Server V8 for z/OS