Developing Middleware in Java EE 8

By Abdalla Mahmoud
    What do you get with a Packt Subscription?

  • Instant access to this title and 7,500+ eBooks & Videos
  • Constantly updated with 100+ new titles each month
  • Breadth and depth in over 1,000+ technologies
  1. Free Chapter
    Delving into Java EE 8
About this book

Middleware is the infrastructure in software based applications that enables businesses to solve problems, operate more efficiently, and make money. As the use of middleware extends beyond a single application, the importance of having it written by experts increases substantially. This book will help you become an expert in developing middleware for a variety of applications.

The book starts off by exploring the latest Java EE 8 APIs with newer features and managing dependencies with CDI 2.0. You will learn to implement object-to-relational mapping using JPA 2.1 and validate data using bean validation. You will also work with different types of EJB to develop business logic, and with design RESTful APIs by utilizing different HTTP methods and activating JAX-RS features in enterprise applications. You will learn to secure your middleware with Java Security 1.0 and implement various authentication techniques, such as OAuth authentication. In the concluding chapters, you will use various test technologies, such as JUnit and Mockito, to test applications, and Docker to deploy your enterprise applications.

By the end of the book, you will be proficient in developing robust, effective, and distributed middleware for your business.

Publication date:
June 2018


Chapter 1. Delving into Java EE 8

Welcome to our developing middleware solutions using Java EE 8 journey. In this book, we'll study and practice how to perfectly design and implement middleware solutions using the Java EE 8 APIs.

Whether you're a newbie or an existing user of Java EE, we've tried to make this book useful to you. For those who are new to Java EE, at the beginning of each chapter, we introduce the essential technical concepts that will enable you to move on your way. Also, for those who are already using Java EE, we've provided separate chapters for the new APIs that were introduced in release 8, in addition to mentioning in each chapter what new features were introduced for those existing APIs.

In this chapter, we will look into the following topics:

  • What is Java EE?
  • Chapter roadmap
  • Required software 
  • Book project

What is Java EE?

Java EE is a very popular platform for building enterprise solutions in the Java programming language. For many years, it has reached the top of the list of the most important enterprise application development platforms, with success in nearly all aspects of enterprise application development.

Java EE provides application developers with the following:

  • Application Server: A fully-featured middleware with all of the functionalities required to build enterprise applications
  • Java EE APIs: A set of APIs covering the common functionalities required by application developers to implement their enterprise solutions

Our role, as application developers and architects, is to design our solution as a set of components. Those components will use the Java EE APIs.

Enterprise applications

For me, enterprise applications was always a buzzy term. If we substituted enterprise with the word business, it would become business applications, which is, in fact, misleading and a far cry from the true meaning of the term.

The term enterprise applications refer to the type of applications that are used by a group of users. These types of applications include nearly everything around us—social networks, business applications, productivity applications, gaming, chatting, and so on. If we conduct a simple analysis of the commonalities between all of them, we will find that some of their common characteristics include:

  • The applications are used by a group of users, with different levels of authority over the provided functionalities
  • The applications require special scaling and resource management techniques to be applied in order to be able to handle heavy loads when the application gets more active users or more data
  • The application should run on a robust environment, robust enough to provide near 100% system availability
  • The applications manage an operational database, with hundreds or thousands of operations performed each second, while keeping our data consistent and responsive

Java EE is you a platform that fulfills all of the aforementioned requirements, and more, with declarative and easy-to-use methodologies. Rather than investing time and effort into those non-functional requirements, you'll build your applications above a middleware software, providing you with a ready-to-use implementation for all required services, leaving you free to focus on your business logic.

Java EE architecture

The Java EE platform follows the four-tier architecture, the tiers being as follows:

  • EIS tier: This is the enterprise information system (EIS) tier, where we store and retrieve all of our business data. Usually, it's a relational database system that's accessed using the Java Persistence API through our business tier, as will be discussed in detail in this book.
  • Business tier: The business tier is responsible for managing business components that expose functionalities to other modules or separate systems. Enterprise JavaBeans, messaging, and other services are maintained in this tier, which will be discussed in detail in this book.
  • Web tier: The web tier is where your web components/pages live. Although the Java's EE web profile is out of the scope of this book, we've used the web tier in many examples as well as in this chapter; therefore, basic knowledge about Servlets and JSP is essential.
  • Client tier: Either a thin client (web browser) or a thick one (another Java application) that consumes the services we provide in our enterprise middleware solution.

Note that, in this book, we'll be focusing more on the EIS and business tier parts of an enterprise middleware solution, the web part being out of the scope of this book.


Chapter roadmap

The learning journey we'll be moving on alongside the next chapter is planned to be as follows:

  • We'll start by introducing the concept of dependency injection and how to use it to simplify management processes, and the different dependencies and resources your application maintains.
  • We'll move on to data management topics by learning how to map your data into relational databases using the Java Persistence API, and how to validate your business objects against your business rules using the Java Validation API.
  • Next, we'll learn how to encapsulate business logic and expose it to other layers by learning how to build business components using the Enterprise JavaBeans API, and how to expose your business functionalities into RESTful services using the Java API for RESTful services, JAX-RS. We'll also cover a newly introduced API, JSON-B 1.0, and learn how to use it to perform complex JSON processing operations.
  • After that, we'll learn about another system-to-system communication model, which is messaging. We'll understand the concepts and architectural philosophy of messaging techniques, and learn how to apply our knowledge using JMS 2.0.
  • Then, we'll learn how to send notifications to our system users and send other information by sending them emails using the JavaMail API.
  • Then, we'll learn how to build interactive web applications with real-time communication using the WebSockets API.
  • Then, we'll learn how to secure our enterprise applications using the newly introduced Java Security API, and how to provide authentication and authorization features for any enterprise application, with this easy-to-use API.

Here's a full list of the main APIs we'll be covering in this book:

  • Contexts and Dependency Injection (CDI) 2.0
  • Java Persistence API 2.1
  • Bean Validation API 2.0
  • Enterprise JavaBeans 3.2
  • Java API for RESTful Services JAX-RS 2.1
  • JSON-Binding (JSON-B) API 1.0 (new)
  • Java Messaging System (JMS) 2.0
  • JavaMail 1.6.
  • Java Security 1.0 (new)
  • WebSockets 1.1

Contexts and dependency injection

When designing an enterprise solution, one of the primary tasks is to divide your application into separate components that interact with each other. To avoid all the hassle of managing our components, their dependencies, and their life cycles, the contexts and dependency API (CDI) has been developed to be the backbone of component and dependency management. By components, we mean objects that encapsulate your application's business logic. By dependencies, we mean commonly used application-shared resources such as a database connection, user sessions, web service endpoints, and such.

In Chapter 2, Dependency Injection Using CDI 2.0, we'll learn how to create and use CDI beans, how to use bean scopes, how to provide different implementations of the same bean, and how to inject beans into other beans. Moreover, we'll learn about some more advanced topics, such as producers, interceptors, and events.

Data persistence

The data access layer is the most fundamental part of any enterprise application. A common problem arises when dealing with a relational database from an object-oriented system—all runtime data are represented as objects, where the real data is stored as rows in tables. The Java Persistence API (JPA) provides Java developers with all the required operations, mappings, and techniques for mapping objects to the relational database.

In Chapter 3Accessing the Database with JPA 2.1, we'll learn how to create and use JPA entities and map them to tables and columns. Moreover, we'll learn how to perform the four CRUD operations: mapping entity relationships, using the JPA Query Language and the Criteria API, and mapping inheritance relationships.

Data validation

Validating your application's data is a required step before any of your business operations. Jakarta EE provides the Java Validation API, which integrates well with other APIs, like JPA and JAX-RS. With this API, you can declare all your validation rules to be processed automatically for you, whenever you receive new data from the user. It's as easy as annotating your domain objects with the appropriate annotation.

In Chapter 4Validating Data with Bean Validation 2.0, we'll learn how to use the Java Validation API to perform programmatic and automatic bean validation, how to validate graphs of objects in a bean, and the different validation constraints available. Moreover, we'll learn how to validate bean method parameters and return values, and how to define custom validation constraints to handle more complex and recurrent validation scenarios.

Enterprise JavaBeans

The core composing components of an enterprise application in Jakarta EE are Enterprise JavaBeans. They are plain Java objects with embedded business logic, supported by different services from the business tier, such as remoting, transaction management, user session management, timer services, and more.

In this book, we'll learn what enterprise Java beans are, what are they used for, and what services they provide for your embedded business code. We'll study and practice the three available types of sessions bean: stateless, stateful, and singleton.

RESTful services

RESTful services are a key technology for making computer systems talk to each other and, more specifically, making application frontends talk to their backends, and sometimes to other third-party integrations. They are functions that are deployed on a server and can be called remotely from any other system. RESTful is not just another protocol for remoting with HTTP; it's a full architectural style used to build your enterprise applications and make them extensible by other modules or separate systems.

In Chapter 5,  Exposing Web Services with JAX-RS 2.1, we will learn what RESTful services are and how to create your own RESTful services using JAX-RS. Moreover, we'll learn how to use Postman to test your RESTful services. JAX-RS topics such as accepting and processing user parameters, producing JSON responses, and uploading files are all covered in this chapter. In the final section, we'll learn about the newly introduced support for server-sent events in JAX-RS and look at examples of how to use it to provide your clients with on-demand real-time notifications about different business events.

JSON processing

As JSON is a very common format for exchanging data in REST operations, the need for a native API in Java to perform advanced processing over JSON has arisen. Finally, Jakarta EE was introduced?

In this book, we'll get an introduction to the newly introduced API, the JSON Binding API, and see how we can use it to directly manipulate JSON in advanced contexts with practical examples.


Software-to-software messaging is another model of how software communicates with each other. In this model, a messaging middleware stands in the middle of a sender and a receiver to enable the reliable exchange of messages even if one of the two parties is out of service. Moreover, this model enables the application of scaling techniques such as load balancing and message broadcasting to subscribed components.

In this book, we'll learn the basic principles of messaging and how the JMS API provides a comprehensive framework to build a full-featured messaging system to realize the described messaging model. We'll also learn the difference between the two messaging models—Point-to-Point (P2P) and the Publish-Subscribe model—and how to implement both of them, with examples, using the JMS API.


Software-to-user communication is also essential in any enterprise application. Software needs to mail its users about notifications, updates, changes, password change confirmations, and so on. Although in a large-scale development, a separate third-party cloud mailing solution would be a good idea, it's still very common to directly use the mailing APIs to communicate with our users, especially in small-scale developments.

In Chapter 8, Sending Mails with JavaMail 1.6, we'll get a brief introduction to the main mailing protocols. After that, we'll learn and practice how to programmatically send plain text and HTML emails, in addition to optionally attaching files to your emails.


WebSockets is one of the major overall advancements in HTTP communication. It extends HTTP to allow it to handle one or more full-duplex communication channels over a single HTTP connection, enabling all kinds of applications with real-time communication requirements to appear on the web market, such as chatting, multi-player gaming, collaborative document editing, and many more.

In Chapter 8Sending Mails with JavaMail 1.6, we'll learn what WebSockets are and when to use them. Moreover, we'll learn and practice how to create WebSockets endpoints in Java and how to create a client for them in JavaScript. In addition, we'll learn how to maintain and encode user state in our server. At the end of the chapter, we'll look at a complete example of using WebSockets to implement a cinema tickets booking interface for our book's project.


Authentication and authorization are the most important aspects of any middleware solution. Any enterprise application should provide a way to authenticate users before letting them in and should also check their authorization before availing any functionality to them.

Although JACC and JASPIC have existed since the early days of Java EE, they have gotten more complicated as a result of their continuous evolution. The need to restructure the Security API was a priority request by Java EE developers over the years and, therefore, the Java Security API 1.0 was introduced in Jakarta EE 8.

In Chapter 9, Securing an Application with Java Security 1.0, we'll learn the concepts and terminology related to this new API and how to get started with it by creating a simple login example. Moreover, we'll take a more in-depth look at basic concepts, such as identity stores, authentication context objects, and authentication mechanisms.


Required software

You'll need to install the following software in order to be able to follow and run through the examples in each chapter:


Whatever your preferred IDE is—Eclipse, NetBeans, IntelliJ, Notepad, or Nano—you'll be able to use, modify, and run this book's examples. If you're confused, I recommend using NetBeans, as it's the community's fully-featured one, with the least configuration needed to get started with our book. Keep in mind that full support for Jakarta EE 8 may not be available yet for those IDEs when you read this book. However, all you need to do is to configure your application's server path to a GlassFish 5 edition. Even if your IDE cannot recognize Glassfish Version 5 yet, there are workarounds available to make it appear like version 4; you can Google it if you cannot configure Glassfish 5 with your favorite IDE.

Application server

Any application server can be used as long, as it fully implements the Jakarta EE 8 profile. At the time of writing, only the reference implementation (Glassfish 5) was available with full support for version 8. Therefore, all examples in this book have been written and tested on Glassfish 5 therefore, I recommend using it, as all the related instructions and configurations are written for this application server specifically and other application servers may require additional configurations that you may have to perform on your own.

Build tool

Either Maven or Gradle would help; however, we've used Maven 3 for the examples in this book.

Relational database system

Any relational database would also be suitable. We've selected MySQL for the database examples in this book, as it's one of the most popular open source databases widely used in thousands of successful data-intensive applications.

However, if you prefer to use your own database server, you can, as long as it's JDBC compliant. However, in that case, you'll have to figure the own configurations required for the examples yourself, as we've used MySQL as the default database server for all the examples in this book.


Book project

Throughout the chapters of this book, we'll be working on an imaginary real-world project to apply the examples too. The project is simple and interesting; it's a cinema ticket booking application. Although we mention this application in the coming chapters, we don't have its complete final version! We're just using some of its requirements to learn about the different APIs and features in Jakarta EE.

Our application should have the following features:

  • CRUD movies, cinemas, and seats
  • Allow users to browse movies, cinemas, and seats
  • Allow users to browse seats for a cinema on a specific date and pick one or more tickets

Our master scene for our booking application is the interactive booking board, as shown in the following screenshot:

This interactive board will be our last practical example in this book, before we end by securing our applications in the last chapter.


Goodbye Java EE, welcome Jakarta EE!

What's the story behind this new name that suddenly appeared on the market, Jakarta EE? Well, for many years, Java EE was one of the top choices when talking about enterprise application development. Over the years, thousands of mission-critical applications have been developed using Java EE, proving that this technology is robust enough to be power the infrastructure of the biggest enterprises on the globe.

However, with the rapid advances in technology, more frequent releases, covering all the new requirements needed in a dynamic, changing world, have always been the top request of the thousands of developers using it, and things started to get a bit late to the market, compared to other quickly evolving technologies, such as Spring.

Therefore, the Java Community Process has decided to pass the management of Java EE to the Eclipse Foundation, where it will keep evolving, but under the new brand name, Jakarta EE.

According to their announcement, the Jakarta EE working group aims to:

  • Deliver more frequent releases
  • Reduce barriers to participation
  • Develop the community
  • Manage the Jakarta EE brand on behalf of the community


Now, having introduced the topic we'll be covering in this book and taken a quick look at the roadmap of the learning plan we'll go with, let's get ready and start our journey by moving on to Chapter 2, Dependency Injection Using CDI 2.0. Ensure that you have installed all of the required software, and then, let's move on!

About the Author
  • Abdalla Mahmoud

    Abdalla Mahmoud is a Java software architect and trainer with 14+ years of experience in the software development industry. He's led many successful projects using a broad range of technologies and frameworks covering the most out of the web, desktop, and mobile development aspects. He's also contributed in training hundreds of Java software engineers for more than 7 years, on different topics including Java EE, Spring, design patterns, and Android.

    Browse publications by this author
Developing Middleware in Java EE 8
Unlock this book and the full library FREE for 7 days
Start now