- Shopping Bag ( 0 items )
This thoroughly revised Second Edition has been updated to reflect the latest techniques and issues surrounding the development of software and systems for the Web. You will find:
Robust, scalable, and feature-rich Web applications are attainable. Using the industry standard Unified Modeling Language (UML) for designs allows Web applications' developers to easily integrate them with other systems modeled in UML.
Written for project managers, architects, analysts, designers, and implementers, Building Web Applications with UML, Second Edition, demystifies the challenging aspects of modeling Web applications with UML's Web Application Extension (WAE). Because the UML has been widely accepted as the standard language for modeling software systems, it is generally the best option for modeling Web application designs. The WAE extends the UML notation with semantics and constructs that empower you to model Web-specific architectural elements using the Rational Unified Process or an alternative methodology. Furthermore, using UML allows modeling of Web applications as a part of the complete system and to integrate the business logic that must be reflected in each application.
This book is the updated follow-up to the widely acclaimed First Edition. Based on the author's own extensive experience as a Web developer, it incorporates helpful readerfeedback, identifies and addresses modeling problems unique to page-based Web applications, and offers practical advice and straightforward solutions.
With this book as your guide, you will be able to gain a clear understanding of how to address the unique problems of modeling the design of page-based Web applications, and more important, how to take your model directly into working code.
Late in 1996, I downloaded the preview edition of Microsoft's Active Server Pages. It was my first taste of what could be done on the Web. Even then I could see the potential for sophisticated Web applications. I began to investigate alternative architectures: CGI (Common Gateway Interface) and Allaire's Cold Fusion. Even before then, I had started tinkering with the Java beta and later bought Symantec's CafE to experiment with this new language.
At that time, I was an independent consultant working for AT&T in New Jersey. The project had nothing to do with the Web, so my only opportunity to experiment with this technology was during the evenings and whatever spare time I could find. In the end, it was all worth it. I learned a lot and was prepared for the coming onslaught and frenzy of Web application development.
My first opportunity to build a real Web application came at the request of a friend whose father owned a live cut rose wholesale and retail company, Hortico Nurseries Inc. Hortico was interested opening up a retail sales front on the newly emerging Internet. Together with a mutual friend, Jeff Wilkinson, we built our first production e-commerce site. The site was simple. It allowed customers to browse and to search a database of more than 1,400 varieties of roses and even to place orders. At first, the site didn't generate as many orders as we had hoped, but it did expose Hortico to a new market and certainly helped it's sales grow in other ways. To the best of our knowledge, Hortico was the first Web site to make a comprehensive catalog of rose varieties and pictures available to the Internet community. Jeff has pretty much taken overthe management of the site, and I help when I can. He has gone on to win awards for Web site design for some of his other projects, and I moved on to other contracts.
My first professional contract dealing with Web applications was with a small start-up company in the healthcare business. This experience got me even more involved with the subtleties of building Active Server pages (ASP) applications, especially with the issues of managing server-side resources and transaction management in a Web application environment. I learned a lot about the use of client-side scripting, applets, and Activex controls. I also learned a valuable lesson about testing applications: Client machines with different operating systems can behave differently with the exact same HTML, Java, and browser code. All of these experiences have driven me even more to a belief that Web applications need to be modeled and built just like any other complex software system. In the years that followed, I continued to experiment with the latest Web technologies and consulted with other companies with Web-related issues.
All throughout my Web application experiences, I tried to practice my object-oriented skills in the area of Web application development. I had little problem applying use case analysis, and it wasn't until I started creating analysis and design models that I realized that things were going to get difficult. When creating a Web application, my conceptual focus was always on the Web page. My idea of a model kept revolving around the concept of a site map. I knew that the navigation paths throughout the system were incredibly important to the understanding of the application and that any model of the system would have to include them.
My earliest attempts at modeling Web applications started with Rumbaugh's OMT (Object Modeling Technique); later, when UML version 0.8 was publicly released, I began to apply it. I knew that for any modeling technique to be useful, it needed to both capture the relevant semantics of Web-specific elements, such as Web pages and hyperlinks and their relations to the back-end elements of the systemo middle tier objects and databases. At the time, I found both OMT and UML inadequate to express the things I thought were important in a Web application.
Being a somewhat successful object practitioner and engineer, I jumped to the conclusion that a whole new development methodology and notation were needed. After all, if the existing methods and notation didn't have what I needed, the obvious solution was to invent new ones. This, of course, is a trap that many of us in the software industry fall into. In my free time, I started to draft new graphical and semantic ways to represent Web application architectures. Proud of my work, I began showing it to two of my colleagues: Joe Befumo and Gerald Ruldolph, both experienced object practitioners. Their immediate reaction was: Why? I tried to explain the issues involved with Web application development and the need for visually expressing their designs. Yet everyone I spoke with continued to think that developing a new method and notation was a little overkill.
I started to rethink what I was doing. I wasn't so stuck up to think that I was still right and everyone else wrong. I had more homework to do. I reexamined my original needs: to express Web application designs at the appropriate level of abstraction and detail, and most important, as a part of the rest of the system's design. Since UML was taking the industry by storm, I realized that anything I did would have to work with UML.
So I went back to the UML. By now, it was in version 0.91, and a new concept was included: stereotypes. At first, I was clueless to what a stereotype was. The UML specification is not the easiest reading, after all. It was long and difficult, but I knew that any success in the area of modeling Web applications had to come from this direction. Eventually, I started to understand what was meant by stereotyping and the other extension mechanisms: tagged values and constraints. I was finally starting to see light at the end of the tunnel.
I now had a mechanism with which I could introduce new semantics into the UML grammar without disturbing the existing semantics. I always knew that the key was to provide a consistent and coherent way to model Web-specific elements at the right level of abstraction with the models of the rest of the system. The UML extension mechanism provided me with the framework to do so.
The next step was to start defining the extension by creating stereotypes, tagged values, and constraints. For me, the ability to use custom icons in diagrams with stereotyped elements went a long way to ease my concern for intuitive diagrams; also, Rational Rose, my visual modeling tool of choice,1 had just introduced a way to use one's own stereotypes in Rose models. I quickly created a set of icons for Web page abstractions. I tried to make them consistent, mostly rectangular with the stereotype indication in the upper-left corner. I used filled-in dog ears to represent pages and unfilled dog ears2 to denote components. Icons without any dog ears typically represented contained classes, which cannot be requested directly by a Web browser. The icon for Web page components is pretty much a copy of the icon used by the three amigosoGrady Booch, James Rumbaugh, and Ivar Jacobsonoin their book, The Unified Modeling Language User Guide (Addison Wesley Longman, 1999).
Looking back, I remember spending less than a day to draw up the icons. I didn't spend much time on it then, since I always believed that eventually someone with a little more experience would design some meaningful ones. In the almost two years since then, they have remained essentially the same. I am surprised that I have received absolutely no comments on the style of the icons from the hundred or more people who have been using them. I think that for this version of the extension, the style of icons is gonna stick.
As the extension evolved and a lot of the details and inconsistencies were getting corrected, I always kept an eye out for code-generation possibilities. In my mind, the modeling technique could be validated if it were possible, in theory only, to unambiguously generate and reverse engineer code. Since most of my experience was with Microsoft Active Server Pages, I began creating Rational Rose scripts to forward engineer ASP code. I've tailored the scripts to create Java Server Pages code also; from a code structure point of view the two are very similar.
From that point, things proceeded at a tremendous rate. I published a white paper on the Internet and presented the topic at the 1998 Rational User's Conference in Orlando, Florida. Grady Booch took an interest in the work and encouraged me. Addison Wesley Longman asked whether I was interested in expanding the topic into a book. If I had only known how difficult was going to be to write, I'm not sure that I would have agreed. I followed the original white paper with a stream of other articles for both online and print publications and started to get a regular stream of e-mail comments on the extension.
By the time this book hits the streets, I will have introduced the topic at five professional conferences and written at least a dozen articles and white papers on the topic. Ideally, this book will continue to propel the recognition that Web application development is a serious topic and one from which we can learn and adopt the successful practices of the past.Jim Conallen
|Pt. 1||Overview of Modeling and Web-Related Technologies||1|
|Ch. 2||Web Application Basics||9|
|Ch. 3||Dynamic Clients||31|
|Ch. 4||Beyond HTTP and HTML||49|
|Pt. 2||Building Web Applications||93|
|Ch. 6||The Process||95|
|Ch. 7||Defining the Architecture||133|
|Ch. 8||Requirements and Use Cases||161|
|Ch. 9||The User Experience||187|
|Ch. 12||Advanced Design||265|
|App. A||Web Application Extension Profile Version 2||315|
|App. B||The Number Store Reference Application||377|
|App. C||Controlled Controllers Pattern||411|
|App. D||Master Template Pattern||423|
|App. E||Glossary Application||429|
The first edition of this book hit the streets late in 1999. For the most part, it was based on my experiences in developing Active Server Page-based applications for the retail and healthcare industries. I was an independent consultant then, but shortly before finishing the book I joined Rational Software Corporation. Working for Rational has given me the opportunity to visit and to work with many organizations that are in the process of building Web-centric applications. And I've seen everything, from well-managed teams producing top-quality software to chaotic teams desperately seeking the right guidance, plus a few others that still seem to be in denial.
In the two years since the publication of the first edition I've also seen the rise of the J2EE platform, and have to say that since then most of my Web application development experience has been with J2EE architectures. The result of this is that most of the material in this second edition is oriented towards the Java environment. This doesn't mean that .NET developers or even Cold Fusion and PHP developers, can't build applications with the guidance in this book. You can. It's just that the majority of the examples in the design and implementation chapters, and in the reference applications, are written for JavaServer Page-based applications.
The ideas in this book and in the previous edition are all a result of a desire to combine my object-oriented skills to the area of Web application development. I had little problem applying use case analysis, and it wasn't until I started creating analysis and design models I realized that things were going to get difficult. Whencreating a Web application, my conceptual focus was always on the Web page; and my idea of a model kept revolving around the concept of a site map. I knew that the navigation paths throughout the system were incredibly important to understanding the application and that any system model would have to include them.
My earliest attempts at modeling Web applications started with the Rumbaugh's OMT, and later when UML version 0.8 was publicly released, I began to apply it. I knew that for any modeling technique to be useful it needed to both capture the relevant semantics of Web-specific elements, such as Web pages and hyperlinks, and their relation to the back-end elements of the system (e.g., middle-tier objects and databases). At the time, I found both OMT and UML inadequate to express the things I thought were important in a Web application.
Being a somewhat successful object practitioner and engineer, I jumped to the conclusion that a whole new development methodology and notation was what was needed. After all, if the existing methods and notation didn't have what I needed then the obvious solution was to invent a new one. This of course is a trap into which many of us in the software industry fall. In my free time, I started to draft new graphical and semantic ways to represent Web application architectures. Proud of my work, I began showing it to two of my colleagues—Joe Befumo and Gerald Ruldolph, both experienced object practitioners. Their immediate reaction was: Why? I tried to explain the issues involved with Web application development and the need for visually expressing their designs. Still, everyone I spoke with continued to think that a new method and notation was a little overkill.
I started to rethink what I was doing. I wasn't stuck up enough to think that I was right and everyone else was wrong; I had more homework to do. I reexamined my original needs: to express Web application designs at the appropriate level of abstraction and detail, and most important, as a part of the rest of the system's design. Because UML was taking the industry by storm, I realized that anything I did would have to work with UML.
So I went back to UML; this time it was in version 0.91 and a new concept was included—stereotypes. At first I was clueless as to what a stereotype was. The UML specification is not the easiest reading, after all. It was long and difficult, but I knew that any success in the area of modeling Web applications had to come from this direction. Eventually, I started to understand what was meant by stereotyping and the other extension mechanisms: tagged values and constraints. I was finally starting to see a light at the end of the tunnel.
I now had a mechanism with which I could introduce new semantics into the UML grammar, without disturbing the existing semantics. I always knew the key was to provide a consistent and coherent way to model Web-specific elements at the right level of abstraction with the models of the rest of the system. The UML extension mechanism provided me with the framework to do so.
The next step was to start defining the extension by creating stereotypes, tagged values, and constraints. For me the ability to use custom icons in diagrams with stereotyped elements went a long way to ease my concern for intuitive diagrams, also Rational Rose; my visual modeling tool of choice had just introduced a way to use your own stereotypes in Rose models. I quickly created a set of icons for Web-page abstractions. I tried to make them consistent, mostly rectangular with the stereotype indication in the upper-left corner. I used filled in dog ears to represent pages, and unfilled dog ears to denote components. Icons without any dog ears typically represented contained classes, which cannot be requested directly by a Web browser. The icon for Web-page components is pretty much a copy of the icon used by the three amigos in their UML Users Guide book.
Looking back, I remember spending less than a day drawing the icons; I didn't spend much time on it then, since I always believed that eventually someone with a little more experience would design some meaningful ones. In the almost four years since then, the icons have essentially remained the same; however, a more compact version is now available as a "decoration." This edition of the book also includes examples of how I hand draw many of the icons, just to show that it is possible to model Web systems on cocktail napkins. (Really, I do a fair amount of modeling and thinking about these things at conferences.)
As the extension evolved, and as a lot of the details and inconsistencies were getting corrected, I always kept an eye out for code-generation possibilities. In my mind, the modeling technique could be validated if it was possible (in theory only) to unambiguously generate and reverse-engineer code. I even prototyped some Rose scripts that did limited forward-engineering. From that point, things proceeded at a tremendous rate. I published a white paper on the Internet and presented the topic at the1998 Rational Users' Conference in Orlando. Grady Booch took an interest in the work and encouraged me. Addison-Wesley asked if I was interested in expanding the topic into a book. If I had only known how difficult it was going to be to write I'm not sure that I would have agreed. I followed the original white paper with a stream of other articles for both online and print publications and started to get a regular stream of email comments on the extension.
Since the publication of the first edition of this book, Rational Rose has included automation for the Web modeling that was introduced in that book. I have had the opportunity to work with some top-notch engineers throughout that process namely—Tommy Fannon and Simon Johnston—and have a greater appreciation for what goes on under the scenes of UML round-trip engineering functionality. With their insights and the input of many others, both in and out of Rational, I believe this new edition of the book and the Web-modeling profile are even more robust and applicable to the Web-centric architectures in use today.
This book is meant to introduce architects and designers of client/server systems to the issues and techniques of developing for the Web. It will give the project manager an understanding of the technologies and issues related to developing Web applications. Because this book builds on existing object-oriented (OO) methodologies and techniques, it does not attempt to introduce them. It is expected that the reader has some familiarity with OO principals and concepts and with UML in particular. It is also expected that the reader is familiar with at least one Web application architecture or environment.
For the client/server architect, this book serves as a guide to the technologies and issues of Web applications. The systems architect needs to make decisions regarding which technologies are appropriate to serve business needs, as expressed by the requirements and use cases. Chapter 7 defines three major client-tier architectural patterns that can help categorize a Web application's architecture. By examining these patterns and their advantages and disadvantages the architect can make decisions that will define the technological bounds of the application. As with any engineering discipline, the architect must consider the tradeoffs for each technology to be employed in the application architecture. With a solid understanding of the technologies available, and their consequences, an appropriate combination can be put together to best meet the needs of the business problem.
For the analyst and designer this book introduces an extension to UML that is suitable for expressing Web application design. This extension's key goals are:
The analyst/designer should be able to express the execution of the system's business logic in terms of UML models. The idea is to have one unified model of a system's business logic. In it some of the business logic is executed by traditional server-side objects and components (e.g., middle-tier components, transaction processing monitors, databases) and some of it by Web elements (e.g., browsers, client-side scripts).
For the project manager, this book discusses the potential problems and issues of developing Web applications. It also serves as a guide to the development team members' responsibilities, activities, and roles. In addition to the analyst/designer and architect, other roles in the development process are discussed. The project manager, being responsible for the overall health of a project, needs a clear understanding of all the roles and responsibilities of the people involved with the process.
This edition of Building Web Applications with UML contains significantly more examples and diagrams. Responding to input from readers, I realized that they, like myself, can learn more and faster from well-constructed examples than lengthy prose. To compliment the book, I've provided two reference applications—a J2EE version of the Glossary application, which was described in the first edition; and sample eRetail application. The eRetail application, however, just contains the client and presentation tiers because this is the focus of this book's modeling efforts.
It was my original intention to update the original ASP-based Glossary application for .NET, however due to the delayed release of the .NET tools and environment, I was unable to develop the application such that it properly leveraged all that the .NET environment has to offer.
This book is divided into 13 chapters. Conceptually it is also divided into two major parts. Chapters 1 through 5 are essentially an introduction to modeling, Web application technologies and concepts. They provide the foundation on which the second part of the book is based. These chapters can be skipped by those intimately familiar with Web application architectures; however, at least a cursory reading is still suggested, especially of Chapter 1, Introduction.
Chapter 2, Web Application Basics, is an introduction to the very basic Web application architecture. In it, the term Web application is defined, and thereby its scope and focus. The chapter continues with definitions of the principal communication mechanisms and languages. Web application-enabling technologies are discussed. These are the infrastructures that transform simple Web sites (Web systems) into business logic execution systems.
The basic Web application architecture, as described by the technologies in Chapters 2 and 3, are capable of delivering very useful Web applications and are especially useful for public Internet applications such as retail storefronts. For some applications these basic ingredients are insufficient to deliver the sophisticated level of functionality that some applications require. The limiting factors are often the fundamental technologies of HTTP and HTML themselves. Web applications can be extended to encompass and use other communication and formatting technologies in addition to HTTP and HTML. In Chapter 4, Beyond HTTP and HTML, the most common of these technologies are reviewed and discussed.
The final chapter of the first part is Chapter 5, Security. No matter how nonthreatening or uninteresting an application may be, if it is on the Internet, then security is a concern. Even for intranet applications, security should be a concern. Securing a Web application is in many ways much harder than a traditional client/server application. By their very nature, Web servers are open to requests to any node on the network. The trick to making an application secure is in understanding the nature of security risks. Unfortunately, there is no one product or service that you can buy to guarantee a secure application. Security needs to be designed in an application, and it needs to be constantly maintained in that application. New security holes in off-the-shelf software are being discovered all the time. Eventually, one of them will represent a risk to your application. By designing your system with this in mind, managing the next security risk that pops up will be easier.
The second part of this book is devoted to the process of building Web applications. It begins with Chapter 6, Process, in which the entire process of developing OO systems is reviewed. A sample Web application-development process is introduced. This process is not a complete process but does provide enough detail to establish the context in which the models and artifacts of the process can be understood.
Chapter 7, Defining the Architecture, discusses the actual activities of defining the architecture of a Web application. Even though this activity usually follows a nearly complete examination of the requirements and use cases of the system, it is discussed earlier to help create the mind-set of developing Web applications. Because the process used here is an iterative and incremental one, use case specifiers will have, in the back of their minds, a Web system architecture when defining and elaborating the system's use cases. In theory, this shouldn't be the case; however, in practice and in an incremental and iterative process it is not necessarily wrong to place use cases in the context of a specific architecture.
Chapter 8, Requirements and Use Cases, reviews the process of gathering a system's requirements and defining the system's use cases. There are all sorts of requirements that can be gathered to help specify a particular system. One of the most useful techniques for gathering functional requirements is with Use Cases. Use Cases are a structured way to gather and express the functional requirements of a system; and they describe the interaction between a user of the system (called an actor) and the system. They are textual documents that describe in the language of the domain, what the system should do, without specify how it should it. The hows are expressed in the next two chapters.
Chapter 9, User Experience, introduces a new model to the development process—the User Experience (UX) model. The UX model describes the architecturally significant elements of the user interface. The creation of the UX model allows you to better separate look-and-feel issues from engineering ones. In this chapter the UX model is described as a contract between the user experience team that is responsible for designing and building the look and feel and the engineering team that is responsible for implementing the required business logic and functionality. The UX model is introduced after the Requirements chapter and before the Analysis chapter; this is because, in many of the organizations I've visited, the activities of fleshing-out user-experience artifacts happen shortly after the first set of requirements has been created, which is at about the same time analysts start modeling the solution.
About the same time the user experience is being investigated, the analysis team is analyzing the use cases and requirements specifications of the system and starting to express them in terms of objects. This is the topic of Chapter 10, Analysis. Analysis is the activity of transforming the requirements of a system into a design that can be realized in software. An Analysis Model, which contains classes and class collaborations that exhibit the behavior of the system, is created, as defined by the use cases.
Chapter 11, Design, and Chapter 12, Advanced Design, discuss how to transform the Analysis Model into something that maps directly into system components (actual delivered modules). Chapter 11 is where the bulk of the Web Application Extension (WAE) for UML is introduced.
Once the Design Model is completed, it can be directly mapped into executable code. This book's final chapter, Chapter 13, Implementation, discusses the creation of code from the UML model. Because this edition of the book comes with several reference applications, and a detailed description of the WAE's code mappings (Appendix A), this chapter just introduces a few examples of implementing WAE designs.