I have following architecture in my application.
Client (GWT) <--calls--> Servlet <--calls--> Service <--calls--> Dao
I want to make this architecture easier for changes.
For example: when I want return the inserted id of an object from the Dao layer, because I need it in the client, I have to update the service and the servlet layer as well. So for this little change I have to update all 3 layers (3 classes and 3 interfaces) makes a change on 6 places.
I see why I need the Dao Layer.
I also get why I need the service layer.
What I don't get is why the service layer can't also be a servlet. At the moment all my servlets do is forwarding the request to the service layer.
The Wikipedia Article about Java Servlets says:
Servlets are most often used to
1 process or store data that was submitted from an HTML form
2 provide dynamic content such as the results of a database query
3 manage state information that does not exist in the stateless HTTP protocol
1 and 2 are just database calls, which I make in my dao layer and the service layer makes extra business logic already possible.
3 I am currently not working with sessions. I don't have a login so far and I am just playing around with my architecture, but I think the service layer could handle this as well.
I want to know the cos and pros for this architecture change:
pros:
One layer less to update if a change happens.
cons
Service Layer gets complexer.
Thx for your answers.
You need the servlet layer because that is what allows access to the session.
Also, you don't want your service layer to need to know anything about HTTP since you want to be able to re-use the service and DAO layers in other applications (e.g. if you write a desktop application re-using those layers) and needing to include the servlet API would not make sense there.
If needed you could call the DAO layer directly from a servlet for simple cases in order to not duplicate methods in the service and DAO layers.
The servlet API has filters which are a good place to implement security in your web application.
You can use Spring Security if you are already using the Spring framework for your web application.
Related
We are writing a mostly single-page, client-side app, but server-side/DB endpoints are still required of course, so the natural choice is SpringMVC (since we are a Java / Spring shop).
But this got me thinking why we need the cluttered, very old design for this app:
- Controller layer
- Service layer
- DAO layer
This app is mostly just the client side making AJAX calls with JSON for DB retrieval/persistence. Do I really need to go thru the Controller layer to receive requests, then invoke a Service method, which in turn invokes a DAO method?
At the same time, I don't want to write a REST Service because it could result in overhead and we may not support all of the REST requirements... but is it the right choice here? If I understand correctly, I would still need a RESTController on the presentation layer?
My goal is to just directly hit a Service method or, maybe even more directly, a DAO method. Is that how modern apps are written?
You cannot hit a DAO unless you expose it through an API of some sort that can be invoked remotely by the UI application; as a consequence, you need to write a service.
A convenient way of exposing a service is to either:
Use Spring MVC and use the controllers as stateless endpoints that provide a JSON/Protobuffer/XML sort of payload that is then parsed by your API (with JSON being the simplest option of them all, perhaps) or
Use Spring Boot, which uses Spring MVC under the hood.
Hope this helps and good luck with your project.
Assuming you follow DDD and you have your Domain, Application and Presentation (Controller) Layers, should the Application Layer be completely decoupled from knowing anything about HTTP requests and all the other things that go with it such as cookies, sessions, etc.
To illustrate, say our CommentingService in Application Layer needs a value from a cookie named guestId. Should this value be passed in as a parameter to our service or can we pass the whole Request (HttpContext) object and let our service extract it from there.
Commons sense tells me that if I would want to reuse this Application Layer somewhere else I would want it to be decoupled from web.
Services
Yes, you will want to decouple your application layer from any web concerns.
Application layer is responsible for managing your domain objects like aggregates, repositories etc (orchestration).
Mostly you will go with next layer providing Rest Api functionality.
If you decompose it like that, you could use your API with CLI, Rest, Soap or whatever your business want you to provide.
Cross-cutting concerns
You will want to implement cross-cutting concerns in your application layer, because you do not want to reinvent wheel for every outside layer.
For example: security, caching, transaction managing logging.
It doesn't provide you with business capabilities, so you do not implement them in domain layer, but you can implement it in your application layer.
After read the Gordon's article about Best Practices to build Enterprise Application using Spring Framework, I would like to share some ideas about the Service layer.
My architecture represents exactly what Gordon described in this image http://gordondickens.com/wordpress/wp-content/uploads/2012/07/Spring-App-Layers.png
The application is complex, has a heavy business rule and demands to use different resources like Database, SOAP, REST and file handle sometimes in the same use case.
For this scenery that I have described above, I have a Service class that needs to perform SOAP and REST requests and handle some database data. So, I have autowired in my Service class a SOAP and a REST component and the Repository to handle the database stuff.
I'm concerned about if this is the best approach do handle the integration between my Services and the resources like SOAP, REST, Database and etc.
Thanks
So, I have autowired in my Service class a SOAP and a REST component
and the Repository to handle the database stuff.
Sounds problematic even though it will work.
Think about the dependency between layers. Service layer will depend on Repository layer (Business logic layer will depend on data layer). Service integration layer (or service communication layer) for incoming requests will depend on the Service layer. But the data layer does not depend on the service layer. Nor the service layer depend on the inbound service invocation layer.
So, remove the SOAP and REST components from the Service class. To the SOAP and REST components, wire the Service instance (i.e. avoid SOAP and REST components wired into the Service, do it in the reverse direction).
This way, when you want to support another integration protocol (say JMS), you do all such work not by modifying your service.
Your data access seems to be fine. I hope your Service accesses the repository via DAOs.
So, I have autowired in my Service class a SOAP and a REST component
and the Repository to handle the database stuff.
Sounds fine. You are using dependency injection, this means they can be easily tested or altered.
I am about to start creating a new application and wanted to get some feedback on the approach I plan on using. We will be using spring and spring data jpa.
Can controllers call domain services and repositories or should the controller only make calls to application and infrastructure services?
If its "ok" to call domain services and repositories from a controller and a domain service operation needs a transaction, can/should I just put the #Transactional annotation on the domain service method? Or should I have an application service that wraps the call (not sure I like this approach because you would end up with a bunch of pass through methods)?
If its not "ok" to call domain services and repositories from a controller do I need to create application services to wrap all possible domain service calls(like I said in 2 that could be a lot of pass through methods)?
The best solution I can come up with is something like the following:
Repositories will have the #Transactional annotation with propagation REQUIRED when writing to the database and propagation set to readOnly=true and propagation set to SUPPORTS when reading from the database.
Application and Domain Services will add the #Transactional annotation as needed
If the controller ever needs to make make a direct call to a repository a domain service or an application service it can. No pass throughs.
I am not clear for your question. What is the Domain Services doing? I knew Application Services and Domain Repositories very well.
In spring , there are two layers service and data access layer.
Service layer can used #Service (In your design it will be application Services) but not used #Transactional Tag.
Data access layer used #Repository Tag and also #Transactional Tag, Because This layer is directly connected and make operation with the Database. So, I like to know what 's function of the Domain Service. I am not clear for that.
Thanks buddy.
I personally would only access your domain and application services from your controllers. That way you only have to put #Transactional annotations at one "level". You get transactionality out of the box at your repository layer if you're extending the regular Spring Data repository interfaces. I would leave that layer as simple as possible. Put your readOnly and other configuration at the service layer.
Creating "pass through" methods allows you more flexibility down the road too if you ever decide to change your DAO implementation.
I'm developing a new application based on Spring MVC and Hibernate for data access.
I want the data access layer to be running on a separate application server, preferably JBOSS.
I want the data access layer to be running behind a firewall.
How can I achieve this?
Right now I'm concerned about hibernate lazy initialization in this scenario. Would there really be any problems with Hibernate lazy initialization?
There could be some performance penalties to this approach - the IO will be a bottleneck. However, Spring Remoting allows you to easily achieve this.
Create an interface for you DAO.
Implement the concrete implementation.
Use spring remoting to export the interface.
Inject the interface - from your apps point of view its just something that implements the interface. It doesn't care the the calls are being fired off to the remote server.
The mechanism for achieving this is called DynamicProxies - a Java SE feature. DynamicProxies allow you to provide a class that responds to the method calls on an interface at runtime. In this case the method calls are dispatched across to the corresponding methods on the remote server.
Both the service layer and DAO layer servers should be behind the firewall on the same domain.
From the UI, use REST web services to fetch the data from application server (hosting the DAO's and Transactional services). Annotate the entity classes with #Proxy(lazy=false) to avoid lazy loads of entities. For the server to validate the clients (web application querying the business layer behind firewall), use client identity certificates, you can use Bouncy Castle CMS APIs to validate the identity, trust and message integrity. If you have SSL offloaders in network, use detached signatures in http(s) headers.