It is still rare to develop a stable, large-scale web application with a clear sense of JEE technology purpose. Most such projects start with months of indecision about how the various Java components should work. Much valuable time is spent experimenting with technical solutions, doing proof of concepts where real development should have commenced. There are a few good ways to build web applications and there are many bad so this chapter attempts to offer a little guidance.
A large proportion of Java applications are written for the web, so it is appropriate to provide these specific rules for web applications. Many of these rules are not just specific to Java, but to web applications in general.
“..at the start of the project, the development manager asked the programmers who offered architecture advice a few simple questions; 'how is the web application going to interact with the EJBs? How is the navigation model going to work? What about reporting, logging, auditing, and the persistence layer?' We looked at each other and sighed, remembering going over these same issues for the previous project and the project before that; knowing it would be a long road to agreement. A few in the group were first-time web application writers but had somehow talked their way into the development framework meeting due to the length of time in the company. The first-timers were evangelists for technologies neither they or anyone else had ever used but would hold onto until the bitter end.”
[webapp.prototype] Get a prototype done early and approved
[webapp.mvc] Follow the MVC pattern
[webapp.parameter] Passing parameters between screens
[webapp.stateless] Stateless Servlets, Actions and Controllers
[webapp.production] Production grade websites
[webapp.url] Make the URLs match the filename
[webapp.global] Global display message for users.
[webapp.security] Security concepts for web applications
[webapp.security.roles] Roles vs Permissions vs Access
[webapp.security.url] Protection against URL rewriting