JavaOne-Day 2

by Sue Spielman

Today's keynote by Scott McNealy gave a glimpse into some of the cool wireless apps fast approaching. The time is quickly arriving for ME. It's about 'what you have, what you know, who you are' in the world of security. The new Motorola i95cl was demo'ed with a heart rate monitor application using a low frequency device pigtailing from the phone, sending real-time info to a website. One can imagine the many uses that will open up for this type of monitoring in the health care (and other) industries. Your cell phone might become your lifeline. Literally.

Also demo'ed was a Java Smartcard with embedded biometrics. Using a credit card running a Java applet, the card was inserted into a reader in a simulated airport security scenerio and used to verify Scott's fingerprint. After two failures, we had a confirmed match. Pretty cool stuff. And it's certainly worth mentioning that the DoD is deploying 4.3 million JavaCards this year. If you haven't been paying attention to the smartcard biometrics brew-haha, you might want to reconsider.

Let's get down and dirty with The Pack, aka Java Web Services Developers Pack. I sat in on a number of presentations that were about using WSDP and that offered details on using JAX-RPC. Web Services (WS) are definitely being used right now for integration points using an aggregation of other WS's. If you're just getting started, make sure to check out the Blueprints that will be released in June with the FCS of The Pack. It should help clarify things to consider like: communication sytle (document or method), maintaining state, security, request and response generation. Most of this will seem familiar to anyone dealing in Servlet or EJB development (using ValueObjects, chatty servers, etc) but there's lots to take into account.

JAX-RPC seems to be the crux of the matter and will be a key component of J2EE 1.4. It's RMI-like, only not. It's meant for heterogenous environments (unlike RMI Java-Java) and hides (most of) the plumbing. It's the JAX-RPC which is making the contract (or WSDL file) available to the WS. Advanced features to watch for are handlers to access underlying SOAP request/responses, and pluggable serializers to use arbitrary Java Objects in method signatures (however you lose portability). XRPCC is the RMI-like compiler for JAX-RPC. In the current EA2 of The Pack, the only endpoint support is for Servlets, so your JAXRPCServlet acts as the gateway for all requests coming into the Web Service. As a side note, keep an eye on the JSR-101 and make sure that your implementations (and implementations of your Container vendors) are following it.

Speaking of JSRs, I also stopped in on the JCP session. There are quite a few JSRs that might be catching your attention now, or in the very near future. JSR-127 Java Server Faces is geared towards a standard UI framework for web apps, using JSP tags and Java APIs. It's looking like April/May for an EA. JSR-109 on Implementing Web Services, which is being led by IBM) should be available for proposed final draft in June of this year. It will cover endpoints, secure service requests, and Bean/Container message service. JSR-152 (which is JSP 1.3) is being aligned with the J2EE 1.4 release. Seems like the J2EE 1.4 release is going to be quite the animal.

Today also saw the announcement of a beta version of the J2EE AVK which is an application verification kit. Finally, a way to make sure that your application is J2EE compliant to the spec and portable across any J2EE App server. With a suite of over 15,000 tests, the kit generates detailed logs for pinpointing problems. Some of the members of the beta program are showing the AVK results in a deploy-a-thon across multiple App servers with no code changes in the Pavilion. Check out more info if you are interested at While this might not seem like a flashy announcement, I think that we, as developers, will be hearing more about this from our customers who want to have the AVK run on deployed applications.

I sat down with with the spec leads of the WSDP, JSTL, and the upcoming JSP 1.3 release as we wolfed down some dinner. With all of the buzz going on about Web Services in general, I'm going to put together a future article about some of the more interesting points made. Some highlights: WS is not in need of security right now because deployments are internal, but there are some plans for how it's going to get incorporated in the near future; JAX-RPC being the essential component of the WSDP; JSP Fragments and the Expression Language being the driving forces for the JSP 1.3, as well as some more details on how the JSTL will play in the WS arena. Stay tuned.