BEA White Paper
BEA WebLogic Server ® 9.0
�Copyright
Copyright © 2005 BEA Systems, Inc. All Rights Reserved. September, 2005
Restricted Rights Legend This document may not, in whole or in part, be photocopied, reproduced, translated, or reduced to any electronic medium or machine readable form without prior consent, in writing, from BEA Systems, Inc. Information in this document is subject to change without notice and does not represent a commitment on the part of BEA Systems, Inc.
Trademarks BEA, Built on BEA, Jolt, Joltbeans, Steelthread, Top End, Tuxedo, BEA WebLogic Server, BEA Liquid Data for WebLogic, BEA WebLogic Portal, BEA WebLogic Workshop, and WebLogic are registered trademarks of BEA Systems, Inc. BEA AquaLogic, BEA AquaLogic Data Services Platform, BEA AquaLogic Enterprise Security, BEA AquaLogic Service Bus, BEA dev2dev Subscriptions, BEA eLink, BEA MessageQ, BEA WebLogic Communications Platform, BEA WebLogic Enterprise, BEA WebLogic Enterprise Platform, BEA WebLogic Enterprise Security, BEA WebLogic Express, BEA WebLogic Integration, BEA WebLogic Java Adapter for Mainframe, BEA WebLogic JDriver, BEA WebLogic Log Central, BEA WebLogic Network Gatekeeper, BEA WebLogic Platform, BEA JRockit, BEA WebLogic SIP Server, and BEA WebLogic WorkGroup Edition are trademarks of BEA Systems, Inc. BEA Mission Critical Support is a service mark of BEA Systems, Inc. All other company and product names may be the subject of intellectual property rights reserved by third parties.
CWP1005E0905-1A
�BEA White Paper – BEA WebLogic Server 9.0
Table of Contents
Executive Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5 Enterprise Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5 BEA WebLogic Server in the Enterprise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6 SOA with WebLogic and AquaLogic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7 Multi-Layered Business Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8 The Presentation Layer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8 Data Binding and Transformation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8 BEA WebLogic Server Web Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9 Dynamic Web Pages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9 Web Page Interoperability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10 Thick Clients Including SOA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10 Front-End Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11 SSO and Integration With External Security Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12 Web Services and WSRP: SOA Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12 The Business Layer—Business Logic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14 Enterprise Development . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14 Robust Business Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15 Transactions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16 Business Application Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17 Scalability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .18 High Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .18 Performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19 The Integration (Back-End) Layer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20 Messaging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20 Security System Integration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21 Data Persistence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22 Integration With Other Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22 Governance Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23 Local Application Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24 Domain-Wide Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25 System Health Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .26 Auditing Compliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27 Migration to BEA WebLogic Server 9.0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .28 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29 What’s New: The Big Picture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29 Systems Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29 Performance and Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29 Enterprise Web Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30 Enterprise-Ready Messaging Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30 Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30 Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30 Supported Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30 About BEA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31
�BEA White Paper – BEA WebLogic Server 9.0
Executive Summary
In this time of increasing enterprise integration and service-oriented architecture adoption, the choice of a service and integration platform becomes ever more crucial. To fully leverage and protect your mission-critical business infrastructure, a chosen platform should be not only standards-based, robust, and scalable, but easy to configure, administrate, and govern, and flexible enough to accommodate varied development teams and multiple application frameworks. BEA WebLogic Server® satisfies these criteria and more: this award-winning enterprise-grade kernel is the cornerstone of both the BEA WebLogic Platform™ application suite and the groundbreaking BEA AquaLogic™ SOA product family. BEA WebLogic Server, now in its ninth revision, has famously hosted a wide range of service containers, making it the developer’s and architect’s choice for more than eight years. Now it has become the business owner’s choice for unbeatable return on investment: the ideal service host in an SOA, it brings a business closer to zero downtime than any other application server. BEA WebLogic Server offers extensive support at both the development and production ends of the application life cycle, while fully supporting the latest J2EE specification (1.4) and a wide range of Web services standards. The result is greater interoperability than that of any other application server on the market. This white paper is divided into three sections:
• Enterprise Overview: BEA WebLogic Server’s position in the enterprise and in a Service-Oriented
Architecture (SOA)
• Multi-Layered Business Solutions: Explains how BEA WebLogic Server helps implement solutions to a
range of business problems
• Conclusion: A summary of the major features of BEA WebLogic Server 9.0.
This document is written for both business decision makers and enterprise architects. It was designed to be read either in individual sections or from start to finish. Together, the overview and conclusion give a high-level overview of the server. Digging deeper will provide greater insight into how BEA WebLogic Server can help solve specific business problems.
Enterprise Overview
BEA WebLogic Server 9.0 is a Java application server fully implementing the J2EE 1.4 specification, the latest Web services standards, and the most advanced interoperability standards. BEA WebLogic Server is engineered to deliver scalable, reliable unified security, transaction, and management services. The J2EE 1.4 specification provides a standard set of APIs for creating distributed applications that can access a wide variety of services such as databases, messaging services, and transactions; they allow dynamic Web content to interoperate with disparate and even legacy systems. End-user clients access these applications using Web browser or Java clients. BEA WebLogic Server installations consistently top the SPECjAppServer
5
�BEA White Paper – BEA WebLogic Server 9.0
(spec.org/jAppServer2004) J2EE benchmarks, setting high-performance records and winning accolades for high value. Beyond the J2EE API, BEA WebLogic Server provides advanced messaging, data persistence, management, high availability, clustering, and multi-platform development support. With the rest of the BEA WebLogic Platform and the BEA AquaLogic product family, it provides a solid core of services that have withstood the demands of the world’s largest enterprises and continue to be the most highly regarded implementations in the field. BEA WebLogic Server also allows enterprises to deploy applications in a highly available and scalable environment. With it, enterprises can configure clusters of BEA WebLogic Server instances to distribute load and provide extra capacity in case of hardware or network failures. Extensive security features protect access to services, keep enterprise data secure, and prevent malicious attacks. Other tools allow system administrators to monitor and tune the performance of applications and the server environment. Finally, BEA WebLogic Server can be configured to automatically monitor and tune application throughput without human intervention. Together, these features and tools provide a robust environment for secure deployment of mission-critical, high-volume applications.
BEA WebLogic Server in the Enterprise
In the 1990s, Java became very popular as a solutions “glue”—unifying disparate systems through easy-tocode interfaces and multi-platform support. BEA WebLogic Server began its life as a collection of Java services that predated current J2EE specifications. Workspaces, transactional control, messaging, e-mail services, and other services marked the early versions and made it increasingly vital to enterprises needing to unify service offerings on a common platform. BEA has a long history of “innovate, then standardize”—innovating where there is no standard, immediately adopting a standard when it appears, and continuing to develop solutions where standards have yet to catch up. As Java became mainstream, BEA WebLogic Server grew to support enterprise-wide requirements.
Customers
Suppliers
Employees
Partners
Figure 1: BEA WebLogic Server 9.0 Enterprise Configuration.
Business Analysts
BEA WebLogic Workshop
BEA WebLogic Portal
BEA WebLogic Integration
Application Developers
BEA WebLogic Server
Enterprise Developers
BEA JRockit
Enterprise Information Systems
IT Infrastructure Components
DBMS Messaging Web Services
CRM
ERP
MRP
6
�BEA White Paper – BEA WebLogic Server 9.0
BEA WebLogic Server 9.0 supports the following standards: SNMP management protocol, XA distributed transactions, SSL v3, public key encryption, LDAP, J2EE 1.4, JavaSE 5.0 including CORBA orbs, FML32 buffers, XML, SAML, SPNEGO, and Web services. BEA WebLogic Server 9.0 goes beyond existing standards to support multi-stream auditing, store-and-forward messaging, side-by-side deployment, high-availability solutions including LAN, MAN, and WAN clustering configurations, whole server migration, singleton services, context dying, a comprehensive diagnostics framework that allows for automatic action, and support for multiple development frameworks. What is the role of BEA WebLogic Server in your enterprise? That depends on the needs of your enterprise architecture. BEA WebLogic Server has a Web container, an EJB business logic container including a data persistence implementation, a high-performance file store, a messaging bus, a full online or offline message delivery system, a transaction container, an integration point with a J2EE Connector Architecture container, an RMI services host, an auditing host, a database pool manager, a JNDI registry, UDDI registry, a Web services platform, an integration point with Tuxedo transactional MOM solutions, and a J2EE implementation. The Multi-Layered Business Solutions section of this document (below) shows how BEA WebLogic Server can address specific business needs.
SOA with WebLogic and AquaLogic
BEA WebLogic Server is the heart of the BEA WebLogic™ product family, which includes BEA WebLogic Portal® and BEA WebLogic Integration™ Both run within BEA WebLogic Server, depending on core services such as . security services, transaction control, auditing, a Web and Servlet server, and an EJB container.
Service Infrastructure BEA AquaLogic Product Family Packaged Applications
SAP ORCL SEBL PSFT BEA
Figure 2: BEA WebLogic and AquaLogic product stacks.
Custom Applications
IBM MSFT ORCL
EDGE
SIP
BEA WebLogic Product Family
AIX Solaris
Application Infrastructure
MSFT
Tuxedo
CICS
HPUX
Windows
Mainframes
7
�BEA White Paper – BEA WebLogic Server 9.0
Both BEA WebLogic Portal and BEA WebLogic Integration complement BEA WebLogic Server, logically extending its core services to meet additional use cases. BEA WebLogic Portal builds on the server’s Web container by partitioning the servlet into desktops, books, pages, and portlets, while BEA WebLogic Integration leverages its transactional and EJB functionalities to provide long-running business processes that can be easily monitored. BEA AquaLogic Service Bus™ adds a layer of governance to all services offered by the BEA WebLogic product family. Though not limited to working with BEA products, the BEA AquaLogic Service Bus is ideally suited to homogenize the wide range of services provided by BEA WebLogic Server. The two product families complement each other, providing the necessary components for a true enterprise-wide SOA.
Multi-Layered Business Solutions
This section gives an overview of the purposes to which BEA WebLogic Server can be put. A more technical architecture overview is available in the BEA WebLogic Server Architecture section.
The Presentation Layer
How can BEA WebLogic Server help present data? This section starts with internal presentation services such as data binding, and progresses to thick clients.
Data Binding and Transformation
Whatever type of data an organization must present, if there are Java classes that bind or transform it, it will run in BEA WebLogic Server. In fact, BEA WebLogic Integration includes a data engine for transforming binary data into and out of XML. What follows are the out-of-the-box functions included with BEA WebLogic Server.
BEA WebLogic Server 9.0
WLST Beehive/ Spring Web Services JavaEE SIP Portal BPEL
BEA WebLogic Server 9.0
WLST CFML Beehive/ Spring Web Services JavaEE SIP Portal BPEL
Figure 3: BEA WebLogic Server 9.0 SOA service bus endpoints.
CFML
AquaLogic Service Bus
BEA WebLogic Server 9.0
WLST CFML Beehive/ Spring Web Services JavaEE SIP Portal BPEL
BEA WebLogic Server 9.0
WLST CFML Beehive/ Spring Web Services JavaEE SIP Portal BPEL
BEA WebLogic Server 9.0
WLST CFML Beehive/ Spring Web Services JavaEE SIP Portal BPEL
8
�BEA White Paper – BEA WebLogic Server 9.0
XML XML data requires a binding mechanism to translate it into and out of Java. BEA WebLogic Server 9.0 supports BEA’s XMLBeans v2 through an Apache open source project (xmlbeans.apache.org/). Java objects can be mapped to XML as Document objects, Streaming API for XML (StAX) cursors, or Plain Old Java Objects (POJOs). BEA WebLogic Server supports the latest XML specifications in J2EE 1.4, including JAX-RPC, JAXP, JAXR, SOAP with Attachments API for Java (SAAJ), and Web services technologies. In addition, BEA WebLogic Server allows configuration of SAX- and DOM-style parsing and XSLT transformations for individual applications, allowing for maximum flexibility when parsing, building documents, and displaying the results.
Other Services For enterprises that need to surface FML32 data from Tuxedo, BEA WebLogic Server 9.0 includes the BEA WebLogic Tuxedo Connector, which facilitates, with transactional control, Tuxedo buffer information transformation into Java. J2EE 1.4 continues to support Java-CORBA interoperability, and the JDK 1.5 runtime contains a CORBA ORB. The Integration Layer section of this document describes Java/CORBA transport capabilities in more detail.
BEA WebLogic Server Web Server
BEA WebLogic Server contains a fully functional Web server with a range of features: implementation of the HTTP 1.1 specification, scalable connection pools with a queue to handle heavy loads, and configurable forwarding to and from other servers. Security features include a certificate store, Public Key exchange including Secure Socket Layer (SSL) v3, audit logging, automatic and configurable AA (Authorization and Authentication) triggers, user group and role support, IP denial after a number of failed attempts, secure partitioning by path or by document type, and single sign-on support through SAML v1.1 Identity Asserters and Credential Mappers (see the Security System Integration section for details). BEA WebLogic Server also offers channel division across multiple network interface cards and ports, allowing predictable integration with firewalls and routers. BEA WebLogic Server’s Web Container is fully scalable and robust, with virtually flat scaling as server nodes are added to a BEA WebLogic Server cluster. Permitting user sessions to automatically migrate to a secondary server in the event of hardware failure allows business logic to service 10 or 10 million users without changing the code.
Dynamic Web Pages
Web developers have long needed to produce and use dynamic Web pages. Early CGI programming solutions were script-based, making them brittle and non-scalable. The 1997 introduction of the Java Servlet API gave developers a standard way to generate dynamic Web content; today, most BEA WebLogic Server presentation solutions utilize the BEA WebLogic Server Web container capabilities, including the handling of JSPs (JavaServer Pages). BEA WebLogic Server 9.0 ships with a number of JSP tags—customizable references embedded into Servlet pages—that assist with caching, processing, and looping. BEA WebLogic Server 9.0 also includes an implementation of the Java Standard Tag Library (JSTL), deployable as a .jar or a library. Servlets are processes that wait within the Web container to handle specialized requests. Servlets managed by BEA WebLogic Server include BEA WebLogic Server Administration Console (see the Administration Console section), Web services, and Web Service Remote Portlets, or WSRP (see the Web Services and WSRP: SOA Solutions section). It is also possible to write Servlets for customized request handling.
9
�BEA White Paper – BEA WebLogic Server 9.0
WSRP portlets are Web services wrapped with presentation information; WSRP producer portlets created in BEA WebLogic Server are deployed as Servlets, and are typically consumed by portals. The most complete WSRP implementation on the market is contained in the BEA WebLogic Portal (bea.com/portal); in addition, WSRP 2.0 producers may be created and hosted on BEA WebLogic Server 9.0 using Struts, pageflows, and Web services support in the core server.
Web Page Interoperability
Once dynamic Web pages are hosted on BEA WebLogic Server, how do you manage groups of pages, Web services, and WSRP portlets, moving easily from one to another while preserving context, security, and flow? How to handle error handling, help pages, forms, wizards, etc.? The answer is Page Flow technology, part of the Apache open-source project Beehive (incubator.apache.org/beehive). BEA created Page Flow and other technologies as part of BEA WebLogic Server 8.1, then donated the technology to the open source community to start the Beehive project. Beehive 1.0 is integrated with BEA WebLogic Server 9.0. The most popular JSP Model 2 (also known as Model View Controller, or MVC) framework is Struts (struts.apache.org); both Struts 1.1 and Struts 1.2 are included with BEA WebLogic Server 9.0. Beehive’s Page Flow technology builds on the Struts engine and adds context handling, JSP tag support, inter-flow communication, error handling, and logging. BEA engineers have further integrated Beehive with BEA WebLogic Server, leveraging the power of security, unified logging, and error handling. BEA WebLogic Workshop® offers a visual development fabric for creating and configuring Beehive Page Flows.
Thick Clients Including SOA
BEA WebLogic Server supports a wide variety of clients; “thick clients” require the distribution of code beyond the serving of Web pages done by browser-based clients. Thick clients range from Java applets embedded in Web pages to Java-based clients connecting via Remote Method Invocation (RMI), from CORBA orb connectivity (through RMI/IIOP) to Web services and WSRP-enabled portals.
Applets Applet downloads into client browsers allow Web pages to come alive with full connectivity to BEA WebLogic Server—far beyond what is possible with asynchronous HTTP. BEA WebLogic Server can deliver applet jars and maintain context with client users.
RMI Clients (Thick Clients) Some solutions require a full-fledged Java application running on the client desktop. BEA WebLogic Server supports Java Web Start, a standard J2SE 5.0 mechanism by which Java clients can get live information from BEA WebLogic Server while functioning remotely. BEA WebLogic Server fully supports the RMI Java transport layer (JRMP), and has developed an RMI implementation, t3, that is faster, more scalable, and more extensible than the RMI spec. RMI clients can access the full range of features available on BEA WebLogic Server by including the weblogic.jar on the remote classpath; alternatively, a smaller client can be built utilizing RMI/IIOP and WebLogic lightweight client jars.
10
�BEA White Paper – BEA WebLogic Server 9.0
Front-End Security
BEA WebLogic Server is protected externally by front-end security systems and internally by adherence to a common security framework. It includes the only pluggable security architecture that allows for both integration with all major third-party security frameworks and custom-built pluggable providers. Front-end security includes protection against unsolicited requests (a.k.a. hackers) and compliance with common security standards that allow for ease of development and deployment.
Hacker Protection Unwanted system users appear both externally and internally, and they require different approaches to locking down your server and its sensitive business assets. External Protection SSL: Sensitive data must be encrypted as it is transferred to and from client applications. BEA WebLogic Server implements the industry standard SSL 3, with the PKI exchange of certificates allowing secure, encrypted data exchange. There are separate ports for SSL and non-SSL data exchange, and the Web Container manages the switch from secure to non-secure connections. BEA WebLogic Server also supports HTTP Header encryption standards, encrypted cookies, and HTTP compression. WS-Security: Web services must also be secured at the Web container perimeter. BEA WebLogic Server supports WS-Security, which encrypts key Web service header information for non-repudiation of service requests. This is beyond the level of data privacy afforded by SSL encryption for communication exchanges. Failed logins: BEA WebLogic Server can protect against unregistered users with a “three strikes and you’re out” policy that prevents future spurious login attempts from noted IP addresses. Security alerts: Security is about not only secure software, but also secure coding and configuration practices. At e-docs.bea.com/wls/docs90/lockdown/practices.html, BEA lists strategies to deal with common attacks such as man-in-the-middle and cross-scripting; for supported customers, the company also maintains an advisories posting with the latest patch information. Internal Protection Many attacks occur from behind firewalls. BEA WebLogic Server offers protection there as well, with password protection, data protection, and secure messaging exchange services. Password protection: In BEA WebLogic Server 9.0, user passwords are stored in either the internal LDAP or the user security store; they cannot be retrieved from the Subject object. Passwords necessary to the operation of BEA WebLogic Server itself (e.g., database passwords, external system passwords, and WebLogic passwords) are automatically encrypted upon entry using the Cryptography API. Cryptography API: The Cryptography API is also available for use in developing custom applications. For example, an administrator who needs to retrieve passwords (to enable connectivity to another system, for example) not encoded in a one-way hash, can write a custom Credential Mapper that uses the Cryptography API to decrypt passwords for use.
11
�BEA White Paper – BEA WebLogic Server 9.0
Consistent security infrastructure: All containers within BEA WebLogic Server utilize the same security infrastructure, and so are consistent in their treatment of subject, context, and authorization parameters. Once an application is secured in one container, the same rules apply to all containers, providing a consistent security mesh throughout a domain.
SSO and Integration With External Security Systems
Single sign-on (SSO) across disparate systems requires at least some level of common understanding regarding authentication and authorization (AA), users, groups, and roles. BEA WebLogic Server 9.0 supports current Java AA standards including Java AA Service (JAAS) and Java Authorization Contract with the Container (JACC); SSO standards such as Security Assertion Markup Language (SAML); Web Service security standards such as WS-Security, WS-I Basic Profile 1.0, WS-Policy, WS-Reliable Messaging, and WS-Addressing for interoperability; and, in a following service pack, XML Access Control Markup Language (XACML). In addition, BEA WebLogic Server goes beyond the standards to provide a complete option package, including a full-featured Servlet Authentication Filter for use with SSO solutions such as SAML and Microsoft’s Simple and Protected GSSAPI Negotiation Mechanism (SPENGO), a Certificate Validation Service implementation, and the only pluggable security architecture—BEA’s own Security Service Provider Interface (SSPI)—that is compatible with all leading security frameworks.
Web Services and WSRP: SOA Solutions
BEA WebLogic Server remains the number-one service platform for hosting SOA services, with a developmentto-deployment range of Web service coding, testing, staging, deploying, and configuration options. It offers integration with the new BEA AquaLogic Service Bus™ which takes all hosted services (EJBs, JMS queues, , Web services, etc.) and manages them in a technologically agnostic way, with homogeneous searchability, service level agreements (SLAs), error handling, and transactional capabilities.
UDDI v2 BEA WebLogic Server 9.0 also ships with a Universal Description, Discovery, and Integration (UDDI) v2 registry. Built on the Simple Object Access Protocol (SOAP) data communication standard, UDDI creates a global, platform-independent, open architecture space that allows an organization to create a catalogue of its Web services. The UDDI v2 registry can contain catalogued information about a business, the services it offers, and the communication standards and interfaces it uses to conduct transactions.
Authoring Web Services With BEA WebLogic Server 9.0, Web services are easy to author and deploy. Developers can choose the programming model that suits them: Web Services Enterprise Edition (WSEE) 1.1 low-level services deployment, development of JSR-181 Web services annotations (based on BEA-developed JSR-175 annotations), scriptbased configuration from a WSDL, or other choices. With this approach, developers can quickly and easily create Web services that allow for faster time to market, more productivity, less overall complexity, and lower cost of ownership.
12
�BEA White Paper – BEA WebLogic Server 9.0
Data Binding As shown in Figure 4, data binding between Web services and application business logic is easy in BEA WebLogic Server 9.0 with XMLBeans 2, an Apache project begun at BEA that maps XML schemas to and from Java objects. Interface types include Plain Old Java Objects (POJOs), StAX (JSR 173) streaming parser cursors, and standard XML Document objects.
Conversations BEA WebLogic Server Web services are JSR 109–compliant, allowing for Web service deployment portability between JSR 109–compliant containers; WS-Basic Profile, WS-Addressing, WS-Reliable Messaging, and WS-Policy combine to establish secure Web service boundaries and compartmentalized messages. The new BEA WebLogic Web service conversation framework for long-running WS processes incorporates and goes beyond existing standards, leading the way toward the next generation of WS interoperability. The Web service conversation framework supports asynchronous messaging and callback, leverages BEA WebLogic Server’s robust messaging and high-availability solutions for 0% transaction loss, and can be easily created or migrated from previous BEA WebLogic Web service instances.
WSRP Web Service Remote Portlets (WSRPs) can be hosted on BEA WebLogic Server, for services with an added configurable display component.
XML
Figure 4: XML data binding options in BEA WebLogic Server 9.0.
Partial binding for versioning and intermediary processing
(Non) Lossy Binding
XML Bean
Tokenized store
POJO Cursor Original XML
Strongly typed
Preserved ordering
Java application
Full fidelity
13
�BEA White Paper – BEA WebLogic Server 9.0
The Business Layer—Business Logic
Enterprise Development
In production, BEA WebLogic Server can host a wide variety of application frameworks, including Cold Fusion Meta Language pages, Spring open source application framework, Console Portal and WSRP producers, page flows on Beehive, Web services annotation compilations, Beehive control, Spring application framework, and J2EE CA adapters. There are many developmental on-ramps to deploying on the server, including BEA’s integrated development environment, BEA WebLogic Workshop®, available with a service pack following BEA WebLogic Server 9.0. While BEA WebLogic Workshop is BEA’s preferred integrated development environment, all the advantages conferred by BEA WebLogic Portal and BEA WebLogic Integration, it is only one of many tools available to BEA WebLogic Server developers. Java 5 code created in any text editor and compiled will run in BEA WebLogic Server. Tighter development integration (starting/stopping the server, compiling J2EE applications, deploying/undeploying applications) is possible in Borland JBuilder 2006, Genuitec MyEclipseIDE, and Eclipse JDT 3.1 + Web Tools Platform 1.0, with others to follow. Adoption of BEA WebLogic Server does not lock developers into one development environment, but rather frees a development team to create in whatever mode is best. The ease of configuration and deployment of BEA WebLogic Server 9.0 means that the largest percentage of development time is likely to be spent writing Java business functionality. BEA WebLogic Server 9.0 can host any Java 5–compliant java jar, ear, war, rar, or Web service; a plethora of functional implementations are available, either as freeware or under license. BEA WebLogic Server has always been the developer’s choice: it is easy to install and easy to configure with the best documentation and support on the market.
BEA WebLogic Server 9.0
Figure 5: Multi-development platform.
WLST CFML
Beehive/ Spring Web services
JavaEE SIP
Portal BPEL
14
�BEA White Paper – BEA WebLogic Server 9.0
Robust Business Services
Business services are at the heart of any enterprise application. Deploying them onto the BEA WebLogic Server platform makes it possible to leverage the full range of features available to your code: transactions, poolable resources, security framework, work management, context management, clustering, diagnostics, and high availability.
Enterprise Java Beans (EJB) EJB 2.1—poolable, callable, secure, robust, scalable, transactional resources—are appropriate when business logic must be both poolable and under transactional control. EJBs may be called internally from the message, Web, J2EE CA, or WSRP containers, or externally through RMI. EJBs can help secure business functionality and make it available for a wide variety of Java clients. As easy to wrap up as Web services, EJBs can be searchable, language-agnostic, and as easily callable as any other service. Entity EJBs make a useful interface to persistent data, and the EJB container’s object/relational mapping capabilities are further enhanced by BEA WebLogic Server’s extension of the EJB-QL query language for further object-relational (O/R) data configuration. BEA WebLogic Server 9.0 has made several enhancements available to message-driven EJBs (MDBs), including transaction batching for large volumes of messages and administrative pause and resume of MDBs. MDBs are also callable from the J2EE CA container (see the J2EE Connector Architecture section for details).
Front-end Services Web Container RMI Services - JNDI
Messaging Container
Administration
Auditing
Figure 6: BEA WebLogic Server 9.0 Service Containers.
Web Services and WSRP
Servlets and Pageflow
EJB Container
Diagnostic Framework
UDDI Registry and SSL
Singelton Service
Clustering (LAN, MAN, WAN)
Transaction and Context Services/Work Area
High Availability: Zero Downtime
JMX (mBeans)
Resource Pooling
RDBMS and File
Security Framework
SPI Plug-ins (AA++) Two-Phase Deployment and Side-By-Side
BEA WebLogic Tuxedo Connector
Cryptography Services
Scripting Tool
JCA
Internal LDAP
Portal Framework
Back-end Services
15
�BEA White Paper – BEA WebLogic Server 9.0
WorkManager Running through the core of BEA WebLogic Server 9.0 are its WorkManager and Context services. Applications now have a mechanism for scheduling work for execution by parallel/asynchronous threads, managed centrally across all containers. Entry at any point into the server is tagged using “context dyeing,” and unique session IDs are created that can be traced through the various containers, across JVMs, and back again. Applications can configure scheduling guidelines (e.g., “this module should get 90% of CPU time” or “shut down this application if you encounter stuck threads”) that BEA WebLogic Server will use in conjunction with data collected in actual run-time performance to schedule CPU resources for the application. Applications no longer must configure individual thread pools for specific components; instead, they can rely on BEA WebLogic Server to monitor, tune, and allocate these resources. It is also possible to call into the BEA WebLogic Server work manager API externally, and the J2EE CA container’s implementation of work management leverages the infrastructure provided by the core subsystem. This allows applications to obtain the same quality of service using Connectors as they can using the native interfaces of the Core Work Manager. (For a more complete discussion of J2EE CA, messaging, database integration, and other system-to-system communication, see the Integration (Back-End) Layer section.)
Transactions
Transactions are more than commits, rollbacks, and result heuristics. They represent threads of execution touching multiple containers within the application server and calls into and out of the server, around the cluster, into other systems, and back again. They may also involve multiple systems simultaneously agreeing to commit or roll back. Transaction services: BEA WebLogic Server 9.0 supports the latest Java Transaction Services (JTS) in its transactional container services, and Java Transactional API (JTA); it also supports CORBA Object Transactional Services (OTS) as defined in the J2EE 1.4 specification. JTA can be invoked in application code, although services such as JMS and EJB use automatic transactional control with regard to connections, invocations, and data storage. Transactional control with XA: XA, invented by Bell Labs and Tuxedo engineers, is a world standard for transaction coordination between multiple transaction containers; it allows for coordinated commits and rollbacks. BEA WebLogic Server not only allows XA implementation in database connections, J2EE CA adapter connections, EJBs, and JMS connections, but also permits non-XA resources to participate in XA transactions through “Logging Last Resource” transaction optimization. (See e-docs.bea.com/wls/docs90/jta/llr.html for details.)
More Java Services For a complete list of Java services available to business logic from within BEA WebLogic Server 9.0, please see e-docs.bea.com/wls/docs90/admin_ref/utils.html.
16
�BEA White Paper – BEA WebLogic Server 9.0
Business Application Security
Security is at the heart of the BEA WebLogic Server product family. All services are given equal protection with a unified security infrastructure that is highly configurable, dynamic, and pluggable with all major security frameworks. For an overview of these security features, see e-docs.bea.com/wls/docs90/secintro/concepts.html.
Pluggable Framework SSPI BEA WebLogic Server’s pluggable security service provider interface (SSPI) is the only one of its kind on the market. It allows you to connect to existing user and group stores and external policy decision points, integrate with enterprise security solutions, or craft custom solutions with an easy-to-build deployment model. There is also a consistent callback mechanism and easy integration with BEA AquaLogic Enterprise Security™ for unified , policy management across the multiple domains of an SOA. Included with BEA WebLogic Server 9.0 are plug-ins addressing authentication, authorization, identity assertion, role mapping, credential mapping, certificate path (for handling certificate chains), key storage, authorization adjudication, and auditing. Included Authentication Providers and Identity Asserters map to many different credential stores. (See the Security System Integration section for more information.)
Data Encryption In addition to automatic encryption management with SSL, PKI, Web service security, and password protection in configuration files such as config.xml, BEA WebLogic Server also exposes these services to the application. BEA WebLogic Server does not store passwords on its system in cleartext; encryption capabilities can be leveraged at every layer and in every container.
Figure 7: Side-by-side deployment.
End Users Session Manager
Original Application Instance
New Application Instance
QA Tools
RDBMS
17
�BEA White Paper – BEA WebLogic Server 9.0
Scalability
Java has always offered the promise of “write once, run anywhere.” BEA WebLogic Server is known for almost linear scalability: the ability to take a single instance of application code and deploy it across a cluster or clusters of servers, or across a LAN, MAN, or WAN—with almost no loss of performance. Scalability is also important within the server; BEA WebLogic Server 9.0 offers service pooling of JDBC connections, J2EE CA connections, Java threads, sockets, file readers, Tuxedo connections, message queues and topics, messaging bridges, Servlets, and EJBs. Also available are automatic server failover, server self-tuning, and overload protection.
High Availability
True zero downtime is almost impossible to achieve, but BEA WebLogic Server 9.0 gets closer than ever before with a variety of deployment and management services. Side-by-side deployment: BEA WebLogic Server 9.0 enables deployment of multiple versions of the same application across a WebLogic cluster; new client requests are routed to the new version and there is no impact on existing clients of the older version. BEA WebLogic Server will automatically retire the older version of the application once all existing clients have completed their processing. This eliminates the need to build out replicated versions of production environments, deploy two different versions in two environments, or use a load-balancer to cutover application traffic to the new version. HTTP Session, EJB, JMS, RMI, and JDBC availability: BEA WebLogic Server provides clustering support for Servlets and JSPs by replicating the HTTP session state of clients that access clustered Servlets and JSPs. BEA WebLogic Server can maintain HTTP session states in memory, a file system, or a database. Load balancing and failover for EJBs and RMI objects is handled using replica-aware stubs, which can locate instances of an object throughout a cluster. Replica-aware stubs are created for EJBs and RMI objects as a result of the object compilation process. EJBs and RMI objects are deployed homogeneously to all server instances in the cluster. The BEA WebLogic Java Messaging Service (JMS) architecture implements clustering of multiple JMS servers, supporting cluster-wide transparent access to destinations from any BEA WebLogic server instance in the cluster. Each JMS topic or queue, however, is still managed separately by each BEA WebLogic Server instance in the cluster. BEA WebLogic Server also allows clustering of JDBC objects, including data sources and multi-data sources, to improve the availability of cluster-hosted applications. Each JDBC object configured for a cluster must exist on each managed server in the cluster—when configuring JDBC objects, target them to the cluster. MAN and WAN clustering: The state of an HTTP session running on a server instance in one cluster can be replicated on a server instance in another cluster. The clusters can be located on different LANs within the same MAN, or be in geographically distant locations within a WAN. Upon a failure of the primary server instance, another member of the same cluster can recover the session data from the remote instance (in another cluster) and make it available in the primary cluster. If no members of the cluster in which the primary failed are available, the request can failover to the remote cluster hosting the session replica.
18
�BEA White Paper – BEA WebLogic Server 9.0
Server failover: Leveraging the BEA WebLogic Diagnostic Framework, BEA WebLogic Server 9.0 now monitors its own health. Using the configurable Node Manager, it allows itself to be brought down and automatically migrated to another location if it senses that its systems are failing. In addition, a JMS implementation leverages the automatic migration function to provide automatic JMS Server failover. Zero-downtime upgrades: Upgrading and migrating BEA WebLogic Server domains has been made even easier. A new upgrade wizard, which can be run in silent or GUI mode, provides complete and seamless migration of existing domain artifacts including JTA transaction logs, JMS file and database stores, custom security providers, node manager configuration, and anything else needed to migrate to the new 9.0 domain. Singleton services: BEA WebLogic Server features for increasing the availability of singleton services include support for multiple thread pools to harden individual servers against failures, health monitoring and life cycle APIs to support detection restart of failed and ailing servers, the ability to upgrade software without interrupting services, and the ability to automatically migrate server-dependent services such as JMS servers and JTA transaction recovery services.
Performance
All J2EE-compliant application servers are not the same; BEA WebLogic Server 9.0 has many features that others cannot match. Owner of numerous industry benchmark world records, BEA WebLogic Server typically wins with half the hardware of its nearest competition. Major performance features include automatic CPU scheduling based on workloads, JDBC performance gains including statement batching, JMS and messaging performance improvements include file store disk scheduling algorithms, store-and-forward message queuing, limited use of serialization and boxcarring disk writes, Logging Last Resource XA optimization for non-XA resources, and a new conversational Web services framework.
BEA WebLogic Service Cluster
Figure 8: Zero-downtime service pack upgrades— service pack upgrades are applied across the cluster in a rotating fashion.
19
�BEA White Paper – BEA WebLogic Server 9.0
The Integration (Back-End) Layer
BEA WebLogic Server’s integration with back-end systems is made up of pooled connectivity to non-Java systems, messaging infrastructure and bridges to other systems, integration with security frameworks, and data storage and integration with BEA Tuxedo.
Messaging
Asynchronous messaging is an essential part of any enterprise integration solution, providing a boundary between the caller and the called. Such a boundary enables two systems with disparate service-level agreements (SLAs) to interact. If only synchronous communication were possible, work would proceed at the speed of the slower system. Multiply this situation by number of calls and number of systems; without asynchronous messaging, functionality would soon grind to a halt. BEA WebLogic Server takes messaging very seriously. Many new features have been added to the core JMS Server implementation, going far beyond J2EE compliance.
Store and Forward The most dramatic of the BEA WebLogic Server 9.0 messaging enhancements comes from existing Tuxedo technology—store and forward (S&F). While not required by J2EE 1.4, S&F allows BEA WebLogic Server 9.0 to become a true message powerhouse, matching the robustness and scalability of messaging pure-play products. S&F allows message consumers—even durable subscribers—to be unavailable for a period of time without messages piling up on the queue and causing the process to run out of memory. That’s because S&F works together with the file store—based on a custom “log-based file system” and accompanying disk scheduling algorithm (see the Data Persistence section for more)—to produce a seamless stream of queue and topic availability, even under extremely high loads. Other performance gains come from JDBC statement batching, minimizing serialization/deserialization of user buffers, and boxcarring of disk writes.
Preserving Message Order Message ordering is a fundamental requirement of major messaging applications. BEA WebLogic Server JMS guarantees that messages sent to a destination, distributed or otherwise, tagged with a certain “unit of order” will be processed in the order sent. (The JMS specification asks only for sequential delivery, and only then from a single producer to a single consumer.)
Connecting With Other Messaging Systems For years, BEA WebLogic Server has shipped with a messaging bridge that uses J2EE CA technology to provide on- and off-ramps to other messaging systems. The BEA WebLogic Server 9.0 messaging bridge, taking advantage of S&F capabilities, does not rely on XA to provide exactly-once service. Instead, it uses its own retransmission/duplicate-detection protocol, resulting in a significant performance increase. BEA WebLogic Server 9.0 also provides a C language API for creating non-Java producers and consumers that can take advantage of most of its add-on features, including clustering, S&F, security, and large-message support.
20
�BEA White Paper – BEA WebLogic Server 9.0
Packaging Queues and Topics With Applications BEA WebLogic Server defines extensions, called JMS Modules, to standard J2EE modules. An application can use these extensions to configure required JMS resources, then package them in its application archive. The application becomes fully self-contained, with no dependency on resources configured at the domain level.
Message Management Due to unavailable message consumers, error conditions, or system failures, it is sometimes necessary to manipulate messages, either manually or by procedure, to help them pass through a system. The BEA WebLogic Server 9.0 console, with its expanded message management, offers sophisticated capabilities in this area, including the ability to view and browse every message; to delete, move, import, and export messages; and to manage durable subscribers manually. Each function can be coded into the application via pure JMX interfaces, or in a script written in Jython and executed with BEA’s WebLogic Scripting Tool (WLST). (See Scripting Tools, below, for more information.) All features are seamlessly integrated into the console for one-stop message management. The JMS container also leverages an Automatic Server Migration feature—new to BEA WebLogic Server 9.0—to provide automatic JMS failover.
Security System Integration
This document has covered security at all layers of the BEA WebLogic Server—the Web tier, the business layer, and the back end—because it is pervasive across the platform. Pluggable security has been mentioned in previous sections; this section discusses the actual integration with security stores. Let’s start with the internal LDAP server included with BEA WebLogic Server 9.0: it is a light-to-medium-weight LDAP server, ideal for storing role and resource policies for all sizes of application. All default security providers that ship with BEA WebLogic Server 9.0 use this store for their policies.
Credential Stores Authentication providers are easy to configure with BEA WebLogic Server, and many user and group store interfaces are included: Active Directory, custom RDBMS, iPlanet, LADP, LADP x509, OpenLDAP, Novell, Windows NT, and SAML. BEA WebLogic Server also manages plug-ins handling Public Key Infrastructure (PKI) key storage and keychain certificate path configuration.
Policy Decisions BEA WebLogic Server makes decisions regarding role assignment and resource access based on a rich set of predicates, expanded with this release to include HTTP Servlet requests, HTTP Servlet sessions, and additional date and time combinations. Roles are key in determining access authorization to every resource held by the application server. They are easily configurable either via the console or through a chosen enterprise security framework. All major security vendors support BEA WebLogic Server’s pluggable provider service interfaces, including BEA AquaLogic Enterprise Security 2.0.
Integration With EAI Systems BEA WebLogic Server supports a rich variety of Credential Mapper providers, intended to convert Java security attributes into tokens that EAI systems can consume. This is especially important when connecting via J2EE Connector Architecture (J2EE CA) adapters, when disparate credentials and roles may need to be mapped.
21
�BEA White Paper – BEA WebLogic Server 9.0
Data Persistence
Virtually all enterprise applications require some form of data persistence. EJB Entity Beans (discussed above in the Robust Business Services section) are one possible J2EE solution. This section covers two major data stores: RDBMS and file stores.
Relational Database Access BEA WebLogic Server 9.0 implements the JDBC 3.0 specification of database access, allowing finer granularity when managing transactions (intermediary save-points) and tuning connection pools. BEA WebLogic Server has continued to refine its database pooling, allowing some of the fastest database access from any application server. Ease of configuration: The various JDBC resource types (connection pools, data sources, transactional data sources) have been consolidated into a new version of a “data source” so that applications configure a single entity, instead of multiple entities, when specifying JDBC configuration. BEA WebLogic Server 9.0 defines extensions, called JDBC Modules, to the standard J2EE Modules types. Administrators can configure required JDBC resources, bundle them into a JDBC module, and package the module into the ear file of the application that needs the resources. The application becomes fully self-contained, with no dependency on JDBC or JMS resources configured at the domain level. Database debugging: As in previous releases, BEA WebLogic Server 9.0 includes a set of JDBC drivers suitable for connecting with all major databases. In addition, it ships with a driver debugging tool, JDBC Spy. This thin driver wrapper logs detailed information about all JDBC calls. The information in the logs can be used to troubleshoot application problems. Logging is consistent, regardless of which BEA WebLogic Type 4 JDBC driver is used; all parameters and function results for JDBC calls can be logged; and logging can be enabled dynamically from the console. File Storage Instead of the standard Java file store access, BEA WebLogic Server uses a pool of file connections that allow the application infrastructure to treat the file system as a poolable resource, with all the advantages of scalability. BEA WebLogic Server 9.0 debuts a new implementation of file access based on a custom “log-based file system” and an accompanying disk-scheduling algorithm, written in pure Java, that anticipates the location of the physical disk to optimize reads and writes up to 10 times over other systems.
Integration With Other Systems
BEA WebLogic Server 9.0 offers many options for integration with non-Java systems not covered above. Several large categories of integration are possible with BEA WebLogic Server 9.0: Web services/SOA (covered in Thick Clients Including SOA); messaging bridges (covered in Messaging); J2EE CA Adapters; integration with Tuxedo; Java-COM integration; B2B conversations; and long-running process integration.
J2EE Connector Architecture (J2EE CA) Third-party J2EE CA adapters can be run in the BEA WebLogic Server 9.0 J2EE CA container, connecting a J2EE application with virtually any technology, from SAP and PeopleSoft systems to FIX and SWIFT financial trading protocols. BEA WebLogic Server 9.0 now supports J2EE CA version 1.5.
22
�BEA White Paper – BEA WebLogic Server 9.0
The BEA WebLogic Server 9.0 J2EE CA container manages pooled connections, XA transactions, and security context management. Since J2EE CA 1.5 is bi-directional, external systems can use this entry point to call into BEA WebLogic Server 9.0 to begin interaction with the BEA WebLogic Server WorkManager (discussed in detail in the WorkManager section above).
Java Mail API integration A J2EE CA adapter could also be used with an e-mail server to send and receive messages. BEA WebLogic Server fully supports the JavaMail 1.2 API, meaning that it is not necessary to use J2EE CA to use Java Mail.
BEA WebLogic Tuxedo Connector BEA WebLogic Tuxedo Connector provides interoperability between BEA WebLogic Server applications and BEA Tuxedo services. The connector allows BEA WebLogic Server clients to invoke BEA Tuxedo services and Tuxedo clients to invoke BEA WebLogic Server Enterprise Java Beans (EJBs) in response to a service request. BEA WebLogic Tuxedo Connector makes it possible to develop and support applications interoperating between BEA WebLogic Server and BEA Tuxedo with a Java Application to Transaction Monitor Interface (JATMI) similar to the BEA Tuxedo ATMI. BEA WebLogic Tuxedo Connector tBridge functionality provides Tuxedo/Q and JMS advanced messaging services, in addition to CORBA service application calls.
jCOM WebLogic jCOM is a software bridge that allows bidirectional access between Java/J2EE objects deployed in BEA WebLogic Server; Microsoft ActiveX components available within Microsoft Office products, Visual Basic, and C++ objects; and other Component Object Model/Distributed Component Object Model (COM/DCOM) environments. Web services are often the preferred way to communicate with Microsoft applications. While BEA suggests migrating legacy COM applications to .NET, jCOM support is provided in BEA WebLogic Server 9.0 as a migration path for interim solutions that require Java-to-COM integration. It is suitable for small projects or bridge solutions. Business Processes and B2B: For business processes and business-to-business (B2B) conversations, please see the BEA WebLogic Integration™ product (bea.com/integration).
Governance Services
Governance in BEA WebLogic Server 9.0 includes everything from JVM control to application debugging, configuration and deployment; dynamic diagnostic monitoring to logging, auditing, and alerting; enterprise-wide management of clusters to failover, high availability, security, application promotion, and upgrades. Many of these tasks, if not all, can be performed with BEA WebLogic Server Console. This section not only describes the administrative capabilities of the console but includes all aspects of application governance, including intersection with the Java Virtual Machine, BEA WebLogic Diagnostics Framework, auditing, monitoring, overload protection, and debugging capabilities.
23
�BEA White Paper – BEA WebLogic Server 9.0
Local Application Management
Before addressing the operations, administration, and management needs of your enterprise, let’s take a look at localized management at the machine or instance level, including scripting and coded administration, debugging, and Java Virtual Machine (JVM) integration with the award-winning BEA JRockit.
Scripting Tools BEA WebLogic Server 9.0 supports interaction with online and offline servers through a scripting language based on Jython (Java Python): WebLogic Scripting Tool (WLST). It is possible to invoke commands through a live console, or write Jython scripts that can be run offline. Either way, WLST permits interaction with both BEA WebLogic Server and offline configuration scripts (config.xml). Since BEA WebLogic Server 9.0 XML configuration files are 100% schema-compliant, changes made to offline files can be validated with any XML validation tool.
MBeans All management calls into BEA WebLogic Server are made through the Java Messaging eXtension (JMX) implementation using Management Beans, or MBeans. The console uses MBeans as its primary means of communicating with a running server, so the two methods are entirely compatible.
Overload Protection BEA WebLogic Server 9.0 helps govern system load through a set of protective features collectively known as overload protection—limiting requests to the thread pool, throttling work managers, controlling the number of Web-based requests by setting a limit on HTTP sessions, configuring server behavior on OutOfMemory exceptions, and proactive management of stuck threads.
Java Platform Debugger Architecture (JPDA) BEA WebLogic Server 9.0 continues to support the Java Platform Debugger Architecture (JPDA), allowing developers to attach a debugger to the server to pause, observe, and edit objects during development.
BEA JRockit Integration BEA’s Java Virtual Machine (JVM), BEA JRockit, is the fastest JVM in operation and is responsible for most of BEA WebLogic Server’s performance records. BEA JRockit provides simplified development and top performance through highly streamlined thread management and adaptive memory management. BEA JRockit also has features that most JVMs do not, including management APIs, a management console, a runtime analyzer, and a memory leak detector. The performance impact of JRockit’s efficient analytical bytecode profiling is so small that it cannot be measured. With JRockit, it is now safe to analyze and debug applications in both production and development. For more information on the power of BEA WebLogic Server plus JRockit, please see bea.com/jrockit.
24
�BEA White Paper – BEA WebLogic Server 9.0
Domain-Wide Administration
BEA WebLogic Server domains are administered through the browser-based WebLogic Server Administration Console. These domains are logically related groups of BEA WebLogic Server resources that are managed as a unit. Most of the zero-downtime features of the BEA WebLogic Server 9.0 kernel also appear in the BEA WebLogic Server Administration Console. One instance of BEA WebLogic Server in each domain is configured as an administration server. The administration server hosts the Administration Console; managed servers (all other servers in a cluster) host applications. In a domain with only a single BEA WebLogic Server instance, that server functions as both administration server and managed server.
BEA WebLogic Server Administration Console Primary functions of the BEA WebLogic Server Administration Console include starting, stopping, and configuring BEA WebLogic server instances and clusters; configuring BEA WebLogic Server service containers (e.g., database connectivity, messaging, Web services); managing users, groups, roles, and other security parameters; configuring and deploying applications; monitoring server and application performance; and viewing server and domain log files. BEA WebLogic Server 9.0 Administration Console has a new look and feel, because it is now designed on the struts-based portal framework, which includes Beehive page flow UI technology. This means that the console is itself highly configurable: portlets can be added or subtracted from the view; the console can be rebranded with a different look and feel; portlets can be consumed by other portals; custom portlets can be added to the console framework; and new page flows can be constructed to suit specific administrative needs. Multi-administrator functionality has been built into the console. Administrative functions can be delegated to specific users; it is easily partitioned for the security of different groups and users. BEA WebLogic Server 9.0 also incorporates a two-phase commit configuration strategy: any administrator wishing to make modifications to a running system must first lock the console, signaling to all others his or her control. During edits, changes can be reviewed and rolled back if necessary before final commit.
Figure 9: BEA WebLogic Server 9.0 Administration Console.
25
�BEA White Paper – BEA WebLogic Server 9.0
Configuration assistants: BEA WebLogic Server 9.0 Administration Console is based on Struts and page flows, and it includes many helper tools to guide you through commonly used functionalities. Instead of clicking from page to page to create and group new users, for example, a “configuration assistant” flow moves through all necessary steps, masking the complexity of the operations. This configurable portal allows for construction of custom guides for custom operations. Production redeployment: Production redeployment enables an administrator to redeploy a new version of an application in a BEA WebLogic Server 9.0 production environment without stopping the deployed application or otherwise interrupting the application's availability to clients. Production redeployment works by deploying a new version of an updated application alongside an older version of the same application. BEA WebLogic Server 9.0 automatically manages client connections so that only new client requests are directed to the new version. Clients already connected to the application during the redeployment continue to use the older, retiring version of the application until they complete their work. Security policy management: BEA WebLogic Server 9.0 offers control over user, group, and role configuration, with a new set of policy predicates including time, session, and request attributes that protect applications more effectively. In addition, the Security Service Provider Interface (SSPI) allows creation of custom security providers or integration with all major third-party security frameworks.
System Health Monitoring
BEA WebLogic Server 9.0 offers a unified diagnostic framework spanning the entire BEA WebLogic Platform: the BEA WebLogic Diagnostic Framework. It has been embedded into each BEA WebLogic Server 9.0 container, creating the ability to instrument application and BEA WebLogic Server classes to diagnose application execution; to set watches & notifications so that alerts are triggered when configured conditions or thresholds are met; and to dye all inbound requests to track application processing. The status of all BEA WebLogic Server 9.0 systems can be seen at a glance via the WebLogic Administration Console; because the BEA WebLogic Diagnostic Framework API is public, hooks may be written that allow BEA WebLogic Server to monitor the health of any applications alongside that of the core BEA WebLogic Server containers.
Figure 10: Diagnostics monitoring in BEA WebLogic Server 9.0 Administration Console.
26
�BEA White Paper – BEA WebLogic Server 9.0
Integration with high-availability systems: BEA WebLogic Server 9.0’s internal high availability solutions relating to messaging, session failover, clustered services, overload protection, the diagnostics framework, upgrades, side-by-side deployment, and other services can be made to work within industry-standard frameworks. BEA WebLogic Server partners with a variety of high-availability solution vendors, making it possible to formulate a complete disaster recovery profile that will provide complete protection in the event of environmental failure.
Administration Console Online Help The Administration Console includes a complete help system. It has two parts:
• How do I...? documents procedures for tasks that can be performed using the console • Administration Console Reference provides reference information for each page in the Console, including
descriptions of all attributes that can be set using the console. The Administration Console help system is available through the console itself or online at e-docs.bea.com/wls/docs90/ConsoleHelp/index.html.
Auditing Compliance
Today, enterprise-wide governmental initiatives such as Sarbanes-Oxley and HIPAA require organizations to integrate auditing with transactional records. BEA WebLogic Server 9.0 offers the level of auditing control that applications need, even in the recording of non-routine, complex, and unusual transactions. BEA WebLogic Server 9.0 auditing provides control over business applications, making it possible to reliably record, organize, process, and transmit critical information throughout the organization, automating internal control activities wherever possible. BEA WebLogic Server 9.0 helps combat common difficulties arising from compliance, including the following:
• Systems development, implementation, maintenance, and change management through the BEA
WebLogic Server console
• Data conversion and system interface controls through J2EE CA adapters, XML Beans 2, and encryption
services, as well as robust data transmission through BEA WebLogic Server 9.0 transactional controls
• Security technologies, protocols, and administration through BEA WebLogic Server Security Service
Provider interfaces (including pluggable Auditing Providers), and through internal security functions (including user blocking and IP logging
• Integration with third-party service providers through compliance with SOA Web services and the
BEA AquaLogic product family. Alerting and Notification BEA WebLogic Server 9.0 continues its long-running support for the industry-standard SNMP management protocol with the BEA WebLogic Server SNMP agent. The WebLogic SNMP agent is a BEA WebLogic Server subsystem that gathers WebLogic management data (managed objects), converts the data to SNMP communication modules (trap notifications), and forwards the trap notifications to third-party SNMP management systems. The BEA WebLogic SNMP agent, supporting the SNMPv1 and SNMPv2 protocols, can also respond to direct requests from a manager using the PDU format.
27
�BEA White Paper – BEA WebLogic Server 9.0
All managed objects that BEA WebLogic Server exposes for management through SNMP are defined in the BEA WebLogic Server Management Information Base (MIB). BEA WebLogic Server 9.0 can be configured to provide immediate notification when a certain condition has been met. Conditions encompass all states known to the server through the WebLogic MBeans, including all information from the WebLogic Diagnostics Framework.
Logging In addition to runtime auditing capabilities inherent in the BEA WebLogic Server 9.0 service containers, running documentation logs must be available. BEA WebLogic Server 9.0 subsystems use logging services to provide information about events such as the deployment of new applications or the failure of one or more subsystems. A server instance may also use them to communicate its status and respond to specific events. For example, WebLogic logging services can be used to report error conditions or listen for log messages from a specific subsystem. Each BEA WebLogic Server instance maintains a server log. Because each BEA WebLogic Server domain can run concurrent, multiple instances of BEA WebLogic Server, the logging services collect messages generated on multiple server instances into a single, domain-wide message log. For more information, see Server Log Files and Domain Log Files at e-docs.bea.com/wls/docs90/logging/logging_services.html#1177266. You can also create a custom catalog of log messages, using WebLogic utilities to generate Java classes to be used in application code. The log messages generated from the applications will be integrated with, and treated in the same way, as log messages generated by the server. For more information, see Writing Messages to the BEA WebLogic Server Log at e-docs.bea.com/wls/docs90/i18n/writing.html#1178164. Internationalization Created log message catalogs can be written in any language and can be accompanied by translations for different locales. BEA WebLogic Server support for internationalization ensures that log messages are presented in the appropriate language for the locale under which they run. For more information, see Internationalization and Localization for BEA WebLogic Server at e-docs.bea.com/wls/docs90/i18n/Overview.html#1014699.
Security Advisory Process BEA also keeps security processes up to date with frequent reviews of potential vulnerabilities in the enterprise. Vulnerability patches are fully tested and documented and are available at dev2dev.bea.com/advisories.
Migration to BEA WebLogic Server 9.0
As noted in the Enterprise Development section above, BEA WebLogic Server 9.0 offers numerous developmental on-ramps. Compelling reasons to migrate from other application servers to BEA WebLogic Server include linear scalability through its server clustering mechanism, a pluggable security infrastructure, and an enterprise-grade kernel that delivers true RASP capabilities, zero downtime, and record performance. For additional information about migrating applications to BEA WebLogic Server 9.0, see bea.com/wls. There are many compelling reasons for current BEA WebLogic customers to upgrade to BEA WebLogic Server 9.0, including enhanced kernel performance governing all core functionality; new zero-downtime high-availability
28
�BEA White Paper – BEA WebLogic Server 9.0
features; scalable administrative capabilities including embedded WLST; MAN and WAN clustering and failover; and significantly enhanced messaging functionality and administration, including newly asynchronous store and forward and full console message administration. An upgrade wizard makes it easy to migrate current BEA WebLogic Server 8.1 applications onto the BEA WebLogic Server 9.0 platform. In addition, future upgrades of BEA WebLogic Server will include synchronization with a patch repository, maintained by BEA, to help prevent service-pack and patch-library conflicts. For a more complete discussion of upgrades from previous BEA WebLogic Server versions to 9.0, please see the BEA WebLogic Server Upgrade White Paper at bea.com/wls.
Conclusion
BEA WebLogic Server 9.0 is the most significant BEA application server release to date. Fully compliant with J2EE 1.4, this release tackles the biggest challenge facing enterprise networks today: reducing overall cost of management and operations while delivering high reliability, continuous uptime, scalability, and mission-critical integration solutions.
What’s New: The Big Picture
BEA WebLogic Server 9.0 is fully compliant with the J2EE 1.4 specification. This release implements and extends the latest J2EE standards—Enterprise Web services 1.1, JMS 1.1, JMX 1.2, JDBC 3.0, Connector Architecture 1.5, EJB 2.1, and more—to deliver unparalleled quality of service across the enterprise. The following sections summarize key innovations.
Systems Management
BEA WebLogic Server 9.0 focuses on simplifying and streamlining the day-to-day management of production systems with minimal disruption to live production environments. A comprehensive, centralized diagnostics service lets administrators identify and resolve issues in real time, and accommodates the integration of third-party analytic tools. This release of BEA WebLogic Server introduces a more extensible, “portalized” Administration Console as well as a tightly controlled, predictable process for managing changes to a domain's configuration regardless of the configuration tool used. A new scripting tool, a simplified domain directory structure, and modular deployment capabilities automate and facilitate application configuration and deployment. For more information, see System Administration and Management at e-docs.bea.com/wls/docs90/notes/new.html#1208082.
Performance and Availability
Out-of-the-box support for WAN and MAN failover address catastrophic data center failures. Overall server performance is greatly improved, with automated server migration and provisioning of services, policy-driven processing, self-tuning capabilities, increased overload protection, cross-cluster failover, and more. For more information, see Server Reliability, Availability, Scalability, and Performance at e-docs.bea.com/wls/docs90/notes/new.html#1215373.
29
�BEA White Paper – BEA WebLogic Server 9.0
Enterprise Web Services
Implementing Web services in Java is now safer and more portable than ever, thanks to the Web services in J2EE 1.1 (JSR 921). This standard increases developer flexibility and choice by providing a common run-time environment and industry-standard support for Java annotations and Web services extensions. The BEA WebLogic Server implementation JSR 921 lets developers respond more effectively to changing business requirements, with true asynchronous messaging support for conversational applications, interoperability features designed for enterprise SOA, and improved XML processing. Developers can leverage BEA WebLogic Web services to rapidly create, deploy, and adapt secure and fully interoperable enterprise Web services. For more information, see J2EE Standard Web Services at e-docs.bea.com/wls/docs90/notes/new.html#1205868.
Enterprise-Ready Messaging Infrastructure
BEA WebLogic Server 9.0 implements cross-domain communication, bi-directional transactions from enterprise information systems, automatic destination migration for high availability, message store and forward for improved reliability, and tightly controlled order of message delivery. In addition, this release improves management and performance of enterprise and messaging-intensive applications. For more information, see the following:
• Java Message Service (JMS) e-docs.bea.com/wls/docs90/notes/new.html#1206087 • Resource Adapters e-docs.bea.com/wls/docs90/notes/new.html#1206337 • e-docs.bea.com/wls/docs90/ (all documentation) • e-docs.bea.com/wls/docs90/notes/index.html (every detail of BEA WebLogic Server 9.0).
Resources
Documentation
• BEA WebLogic Server 9.0 documentation: e-docs.bea.com/wls/docs90/index.html • BEA WebLogic Platform product information: bea.com/weblogic • BEA AquaLogic product family: bea.com/aqualogic • BEA AquaLogic Service Bus documents: e-docs.bea.com/alsb/docs20/index.html.
Dev2Dev and Arc2Arc BEA’s active developer-to-developer community, at dev2dev.bea.com, has spawned an architect community, at dev2dev.bea.com/role/architect.
Supported Standards
For a complete list of BEA WebLogic Server 9.0 supported standards, please see e-docs.bea.com/wls/docs90/notes/new.html#standards.
30
�BEA White Paper – BEA WebLogic Server 9.0
About BEA
BEA Systems, Inc. (NASDAQ: BEAS) is a world leader in enterprise infrastructure software, providing standardsbased platforms to accelerate the secure flow of information and services. BEA product lines—WebLogic®, Tuxedo®, and the new AquaLogic™ family of Service Infrastructure—help customers reduce IT complexity and successfully deploy Service-Oriented Architectures to improve business agility and efficiency. For more information please visit bea.com.
31
�BEA Systems, Inc. 2315 North First Street San Jose, CA 95131 +1.800.817.4232 +1.408.570.8000 bea.com CWP1005E0905-1A
�