I passed the first test in the SCEA exam today. So I thought I would post some notes that I made as a last minute reminder. These are just meant as cram notes, to look at while you're waiting in the lobby or something right before the test, and are not intended as study notes.
The EJB specifies how many instances to pool at deploy time.
Valid lifecycle for Entity: Does Not Exist, Pooled, Ready
Finder methods of Entities return either Remote Reference or Enumeration
Entity Beans can NOT use BMT.
Only SFSB can implement SessionSynchronization interface.
Application Exceptions do not cause transactions to rollback.
Create method is optional in Entity home.
EJB Life Cycles:
SLSB:Does Not Exist, Ready
SFSB: Does Not Exist, Ready, Passive
Entity: Does Not Exist, Pooled, Ready
Must override equals and hashcode
Can be compound or single field
Can be undefined until deployment
All fields must be public
When using CMP, a no-arg constructor is required
Bean class provides implementations of
1) Home interface methods 2) Remote interface methods 3) EJB callbacks
EJB CONTAINER MODEL
EJB CONTAINER MODEL
Acts as a Decorator.
The bean pool acts as a Flyweight pattern implementation.
EJBObject and EJBHome are examples of Decorators because they provide transactions and security.
Container Adds: Life cycle mgmt, Naming, Object Distribution, Persistence, Security, Transactions, Concurrency
Never: requires that no transaction already exists. Throws RemoteException if one does.
Not Supported: Transaction will be suspended if one exists.
Supports: uses the client transaction context if it exists, or no transaction context otherwise.
Mandatory: requires an existing transaction. Throws TransactionRequiredException if one does not exist.
Required: causes the enterprise bean to use existing transactional context if it exists, or to create one otherwise.
Requires New: always creates a new transaction context before the method call, and commits or rolls back after the method call. Any existing client transaction context will be suspended until the method call returns.
Enterprise beans that implement interface SessionSynchronization must have either the Required, RequiresNew, or Mandatory transaction attribute. Implement SessionSynchronization in your Stateful Session Beans if you need to be aware of transactional events. For CMT ONLY. With bean-managed, you’re demarcating the transactions so you already know when these events occur.
Atomic: transaction must execute completely or not at all.
Consistent: the database must be in a legal state when the transaction begins and when it ends. This means that a transaction can't break the rules, or integrity constraints, of the database.
Isolatable: Transaction must execute without interference from other processes or transactions.
Durable: Data must be written to the data store before the transaction completes.
TRANSACTION ISOLATION LEVELS
Serlizable: all transactions occur in a completely isolated fashion; i.e., as if all transactions in the system had executed serially, one after the other. The DBMS may execute two or more transactions at the same time only if the illusion of serial execution can be maintained. At this isolation level, phantom reads cannot occur
Repeatable Read: All data records retrieved by a SELECT statement cannot be changed; however, if the SELECT statement contains any ranged where clauses, phantom reads may occur.
Read Committed: Data records retrieved by a query are not prevented from modification by some other transaction.
Read Uncommitted: In this isolation level, dirty reads are allowed. One transaction may see uncommitted changes made by some other transaction.
Phantom Read: occurs when, during a transaction, two identical queries are executed, and the collection of rows returned by the second query is different from the first.
Non-Repeatable Read: non-repeatable reads may occur when read locks are not acquired when performing a SELECT.
Dirty Read: A dirty read occurs when a transaction reads modified data from a row that has been modified by another transaction, but not yet committed.
Performance, Scalability, Reliability, Availability, Extensibility, Maintainability, Security, Manageability
SSL Protocol runs below HTTP and above TCP/IP
Abstract Factory: Provide an interface for creating families of related or dependent objects without specifying their implementations.
Builder: Separate the construction of a complex object from its representation so that the same construction process can create different representations.
Factory Method: Define an interface for creating an object, but let subclasses decide which class to instantiate.
Prototype: Specify the kinds of objects to create using a prototypical instance, and create new objects by copying this prototype.
Singleton: Ensure a class has only one instance with global access.
Adapter: Convert the interface of a class into another interface clients expect so they can work together.
Bridge: Decouple an abstraction from its implementation so the two can vary independently.
Composite: Compose objects into tree structures to represent part-whole hierarchies so that clients can treat individual objects and compositions uniformly.
Decorator: Attach additional responsibilities to an object dynamically.
Facade: Provide a unified interface to a set of classes in a subsystem to make it easier to use.
Flyweight: Use sharing to support large numbers of fine-grained objects efficiently.
Chain of Responsibility: Avoid coupling the sender of a request to its receiver by giving more than one object a chance to handle the request.
Command: Encapsulate a request as an object to support undo operations, queue or log requests.
Interpreter: Given a language, define its grammar and an interpreter of sentences in that grammar.
Iterator: Access elements of an aggregate object sequentially.
Mediator: Define an object that encapsulates how a set of colleague objects interact so they don't have to refer to each other explicitly.
Memento: Capture an object's internal state without violating encapsulation so that it can be restored to this state later.
Observer: When one object changes state, its listeners are notified and updated automatically.
State: Allow an object to alter its behavior when its internal state changes. The object will appear to change its class.
Strategy: Define a family of algorithms, encapsulate each one, and make them interchangeable.
Template Method: Define the skeleton of an algorithm, deferring some steps to subclasses.
Visitor: Represent a new operation without changing the classes on which it operates.
Pub/Sub: Topics. Push.
P2P: Queues. Pull. (send and forget)
Items subject to I18N:
Languages for Messages
Formats of Dates, Numbers
Sort Order (Collation)
Currency symbol & position
Tax and other legal rules
Java Supports I18N:
Properties, Resource Bundle, Locale, Unicode, java.text package, InputStreamWriter/OutputStreamReader
Collator: abstract base class for performing locale-specific String comparisons. Subclasses implement different comparison algorithms. RuleBasedCollator (provided with JDK) is a concrete subclass that provides simple, data-driven, table collator.
CollationElementIterator: used as an iterator to walk through each character of an international String.
CollationKey: represents a String to compare when using Collator. Comparing two of these returns the relative order of the strings they represent. Using this is faster than actual String comparisons.
BreakIterator: contains methods for finding boundaries of line breaks, sentences, words, and characters in text.
CharacterIterator: defines protocol for bi-directional iteration over a set of Unicode characters. Methods return either the index or the character value. Classes implement this interface to provide this functionality for various sequences of characters.
StringIterator: provides this functionality for iterating over a string.
A VPN is a trusted network running over a non-trusted network.
Unsigned applets run in the sandbox. Signed applets with a public key by trusted parties have full access. For example, a signed applet can connect to arbitrary hosts. If a policy file is created with grant privileges, an applet will be restricted to the grants in the file, regardless of signing.
A java.security.MessageDigest only provides proof that a piece of code has not been altered.
In SSL handshake, 1) Server is validated to client 2) client and server choose
a crypto algorithm.
After signing a JAR file, files could be added to it later without necessarily invalidating the signature.
Asymmetric cryptography means a separate key for encrypting and decrypting.
Even if applet code is signed, the browser’s policy may prevent it from certain things. The policy file will need to explicitly grant permissions for what it wants to do, ie, read local files.
Packet Filter Firewall: Looks at the information related to IP address of a packet, types of connections, etc. and then provides filtering based on that. Uses this to decide which packets to let through and which to deny. IP spoofing may fool it.
Application-Level Proxies: Work at the application level to provide proxy services. Allows more specific inspection of the packets. Can use application level knowledge to decide what to filter. Usually requires separate proxy for each type of application you want to filter.
Stateful Packet Inspection Firewall: Examines and remembers outgoing packets so that when incoming packets come in, that information will be used to determine whether or not to let the incoming packets through. For example, if any outgoing packets didn’t request an incoming packet, it will be filtered.
Java sandbox consists of following elements:
Byte code verifier, Access controller, Security manager
Class loader (applet class loader, url class loader, rmi class loader, default internal class loader, custom built class loaders)
Security package (security provider interface, message digests, keys, certificates, digital signatures, encryption)