Transaction & Security Chuyên đề Lập trình Java & J2EE Chương 16 Biên soạn: Th.S Nguyễn văn Lành Motivation for Transactions  Atomic Operations  Recovery after Network or Machine Failure  Multiple Users Sharing Data  avoid those problems by properly using transactions . The ACID Properties  Atomicity guarantees that many operations are bundled together and appear as one contiguous unit of work .  Consistency guarantees that a transaction leaves the system’s state to be consistent after a transaction completes.  Isolation protects concurrently executing transactions from seeing each other’s incomplete results.  Durability guarantees that updates to managed resources, such as database records, survive failures. Transactional Models  Flat transaction is a series of operations that are performed atomically as a single unit of work .  Nested transaction allows to embed atomic units of work within other units of work. Transsaction demarcation  Programmatic Transactions  you are responsible for issuing a begin statement and either a commit or an rollback statement  BMT: do not alow for Entity bean  Declarative Transactions  Specify transaction attributes in deployment descriptor  Container automatically handle transactional issues  CMT  Client-Initiated Transactions Transaction attribute  Required  RequiresNew  Supports  Mandatory  Never  NotSupported Required Requires New Mandatory [...]... Transaction Java Transaction API (JTA)  JTA can be used in client & bean code to programmatically control transactional boundaries  The interface you use to programmatically control transactions is javax .transaction. UserTransaction UserTransaction interface Code sample Transactional Isolation  Concurrency Control   locking on the database to prevent the two components from reading data Four transaction. .. absolutely must have perfect transactional isolation Pessimistic and Optimistic Concurrency Control Distributed Transactions   Distributed flat transactions allow multiple transaction participants, written by different vendors, to collaborate under one transactional context Two-Phase Commit Protocol   Phase One begins by sending a before commit message to all resources involved in the transaction Phase Two... authentication  The client can establish an identity with X.509 certificates Authorization  Programmatic authorization   Declarative authorization   you hard-code security checks into your bean code the container performs all authorization checks Security Roles  a collection of client identities ... Two occurs only if Phase One completed without an abort At this time, all of the resource managers, which can all be located and controlled separately, perform the actual data updates 2PC protocol EJB Security   Authentication verifies that the client is who he claims to be Authorization checks to see if an already authenticated client is allowed to perform a task Authentication  Basic authentication . Transaction & Security Chuyên đề Lập trình Java & J2EE Chương 16 Biên soạn: Th.S Nguyễn văn Lành Motivation for Transactions  Atomic. programmatically control transactions is javax .transaction. UserTransaction . UserTransaction interface Code sample Transactional Isolation  Concurrency