Excerpts

The first edition of this book hit the streets late in 1999. For the most part, it was based on my experiences in developing Active Server Page-based applications for the retail and healthcare industries. I was an independent consultant then, but shortly before finishing the book I joined Rational Software Corporation. Working for Rational has given me the opportunity to visit and to work with many organizations that are in the process of building Web-centric applications. And I've seen everything, from well-managed teams producing top-quality software to chaotic teams desperately seeking the right guidance to a few others that still seem to be in denial. In the two years since the publication of the first edition, I've also seen the rise of the J2EE platform, and have to say that since then most of my Web application development experience has been with J2EE architectures. As a result, most of the material in this second edition is oriented toward the Java environment. This doesn't mean that .NET developers, or even Cold Fusion and PHP developers, can't build applications with the guidance in this book. You can. It's just that the majority of the examples in the design and implementation chapters, and in the reference applications, are written for JavaServer Page-based applications. The ideas in this book and in the previous edition are all the result of a desire to combine my object-oriented skills and the area of Web application development. I had little problem applying use case analysis, and it wasn't until I started creating analysis and design models that I realized things were going to get difficult. When creating a Web application, my conceptual focus was always on the Web page; and my idea of a model kept revolving around the concept of a site map. I knew that the navigation paths throughout the system were incredibly important to understanding the application and that any system model would have to include them. My earliest attempts at modeling Web applications started with Rumbaugh's OMT (Object Modeling Technique), and later when UML (Unified Modeling Language) version 0.8 was publicly released, I began to apply it. I knew that for any modeling technique to be useful it needed to capture both the relevant semantics of Web-specific elements (e.g., Web pages and hyperlinks) and their relation to the back-end elements of the system (e.g., middle-tier objects and databases). At the time, I found both OMT and UML inadequate to express the things I thought were important in a Web application. Being a somewhat successful object practitioner and engineer, I jumped to the conclusion that a whole new development methodology and notation was needed. After all, if the existing methods and notation didn't have what I needed, then the obvious solution was to invent one. This, of course, is a trap into which many of us in the software industry fall. In my free time, I started to draft new graphical and semantic ways to represent Web application architectures. Proud of my work, I began showing it to two of my colleagues--Joe Befumo and Gerald Ruldolph, both experienced object practitioners. Their immediate reaction was, Why? I tried to explain the issues involved with Web application development and the need for visually expressing their designs. Still, everyone I spoke with continued to think that developing a new method and notation was overkill. I started to rethink what I was doing. I wasn't stuck up enough to think that I was right and everyone else was wrong; I had more homework to do. I reexamined my original needs: to express Web application designs at the appropriate level of abstraction and detail, and most important, as a part of the rest of the system's design. Because UML was taking the industry by storm, I realized that anything I did would have to work with UML. So I went back to UML; this time it was in version 0.91, and a new concept was included--stereotypes. At first I was clueless as to what a stereotype was. The UML specification is not the easiest reading, after all. It was long and difficult, but I knew that any success in the area of modeling Web applications had to come from this direction. Eventually, I started to understand what was meant by stereotyping and the other extension mechanisms: tagged values and constraints. I was finally starting to see a light at the end of the tunnel. I now had a mechanism with which I could introduce new semantics into the UML grammar, without disturbing the existing semantics. I always knew the key was to provide a consistent and coherent way to model Web-specific elements at the right level of abstraction with the models of the rest of the system. The UML extension mechanism provided me with the framework to do so. The next step was to start defining the extension by creating stereotypes, tagged values, and constraints. The ability to use custom icons in diagrams with stereotyped elements went a long way to ease my concern for intuitive diagrams. Also Rational Rose, my visual modeling tool of choice, had just introduced a way to use your own stereotypes in Rose models. I quickly created a set of icons for Web-page abstractions. I tried to make them consistent, mostly rectangular with the stereotype indication in the upper left corner. I used filled-in dog ears to represent pages and unfilled dog ears to denote components. Icons without dog ears typically represented contained classes, which cannot be requested directly by a Web browser. The icon for Web-page components is pretty much a copy of the icon used by the three amigos in their Unified Modeling Language User Guide . Looking back, I remember spending less than a day drawing the icons; I didn't spend much time on it then, since I always believed that eventually someone with a little more experience would design some meaningful icons. In the four years since then, the icons have essentially remained the same; however, a more compact version is now available as a "decoration." This edition of the book also includes examples of how I hand draw many of the icons, just to show that it is possible to model Web systems on cocktail napkins. (Really, I do a fair amount of modeling and thinking about these things at conferences.) As the extension evolved, and as a lot of the details and inconsistencies were getting corrected, I always kept an eye out for code-generation possibilities. In my mind, the modeling technique could be validated if it was possible (in theory only) to unambiguously generate and reverse engineer code. I even prototyped some Rose scripts that did limited forward engineering. From that point, things proceeded at a tremendous rate. I published a white paper on the Internet and presented the topic at the 1998 Rational Users' Conference in Orlando. Grady Booch took an interest in the work and encouraged me. Addison-Wesley asked if I was interested in expanding the topic into a book. If I had only known how difficult it was going to be to write, I'm not sure that I would have agreed. I followed the original white paper with a stream of other articles for both online and print publications and started to get a regular stream of e-mail comments on the extension. Since the publication of the first edition of this book, Rational Rose has included automation for the Web modeling that was introduced in that book. I have had the opportunity to work with some top-notch engineers throughout that process--namely, Tommy Fannon and Simon Johnston--and have a greater appreciation for what goes on under the scenes of UML round-trip engineering functionality. With their insights and the input of many others, both in and out of Rational, I believe this new edition of the book and the Web-modeling profile are even more robust and applicable to the Web-centric architectures in use today. Who Should Read This Book? This book is meant to introduce architects and designers of client/server systems to the issues and techniques of developing for the Web. It will give the project manager an understanding of the technologies and issues related to developing Web applications. Because this book builds on existing object-oriented (OO) methodologies and techniques, it does not attempt to introduce them. It is expected that the reader has some familiarity with OO principles and concepts and with UML in particular. It is also expected that the reader is familiar with at least one Web application architecture or environment. For the client/server architect, this book serves as a guide to the technologies and issues of Web applications. The systems architect needs to make decisions about which technologies are appropriate to serve business needs, as expressed by the requirements and use cases. Chapter 7 defines three major client-tier architectural patterns that can help categorize a Web application's architecture. By examining these patterns and their advantages and disadvantages, the architect can make decisions that will define the technological bounds of the application. As with any engineering discipline, the architect must consider the tradeoffs for each technology to be employed in the application architecture. With a solid understanding of the technologies available, and their consequences, an appropriate combination can be put together to best meet the needs of the business problem. For the analyst and designer, this book introduces an extension to UML that is suitable for expressing Web application design. This extension's key goals are to model the appropriate artifacts (e.g., Web pages, page relationships, navigation routes, client-side scripts, server-side page generation). model at the appropriate level of abstraction and detail. enable the Web-specific elements of the model to interact with the rest of the system's elements. The analyst/designer should be able to express the execution of the system's business logic in terms of UML models. The idea is to have one unified model of a system's business logic. In the model some of the business logic is executed by traditional server-side objects and components (e.g., middle-tier components, transaction processing monitors, databases) and some of it by Web elements (e.g., browsers, client-side scripts). For the project manager, this book discusses the potential problems and issues of developing Web applications. It also serves as a guide to the development team members' responsibilities, activities, and roles. In addition to the analyst/designer and the architect, other roles in the development process are discussed. The project manager, being responsible for the overall health of a project, needs a clear understanding of all the roles and responsibilities of the people involved with the process. This edition of Building Web Applications with UML contains significantly more examples and diagrams. Responding to input from readers, I realized that they too can learn more and faster from well-constructed examples than from lengthy prose. To complement the book, I've provided two reference applications--a J2EE version of the Glossary application, which was described in the first edition, and a sample e-retail application. The e-retail application, however, contains only the client and presentation tiers because this is the focus of this book's modeling efforts. It was my original intention to update the original ASP-based Glossary application for .NET. Because of the delayed release of the .NET tools and environment, however, I was unable to develop the application such that it properly leveraged all that the .NET environment has to offer. Organization of This Book This book is divided into thirteen chapters and five appendices. Conceptually it is also divided into two major parts. Chapters 1 through 5 are essentially an introduction to modeling Web application technologies and concepts. They provide the foundation on which the second part of the book is based. These chapters can be skipped by those intimately familiar with Web application architectures; however, at least a cursory reading is still suggested. Chapter 2, Web Application Basics, is an introduction to the very basic Web application architecture. This chapter defines the term Web application and thereby its scope and focus. The chapter also defines the principal communication mechanisms and languages. Web application-enabling technologies are discussed. These are the infrastructures that transform simple Web sites (Web systems) into business logic execution systems. Most of the complexities of designing Web applications are encountered when the client performs some of the business logic in the system. The technologies for allowing this are described in Chapter 3, Dynamic Clients. In this chapter, common Web technologies, such as JavaScript, applets, and ActiveX controls, are discussed. The Document Object Model (DOM) is introduced as the main object interface to client-side resources. The basic Web application architecture, as described by the technologies in Chapters 2 and 3, are capable of delivering very useful Web applications and are especially useful for public Internet applications such as retail storefronts. For some applications, these basic ingredients are insufficient to deliver the sophisticated level of functionality required. The limiting factors are often the fundamental technologies of HTTP and HTML themselves. Web applications can be extended to encompass and use other communication and formatting technologies in addition to HTTP and HTML. In Chapter 4, Beyond HTTP and HTML, the most common of these technologies are reviewed and discussed. The final chapter of the first part is Chapter 5, Security. No matter how nonthreatening or uninteresting an application may be, if it is on the Internet, then security is a concern. Even for intranet applications, security should be a concern. Securing a Web application is in many ways much harder than a traditional client/server application. By their very nature, Web servers are open to requests to any node on the network. The trick to making an application secure is in understanding the nature of security risks. Unfortunately, no one product or service that you can buy can guarantee a secure application. Security needs to be designed in an application, and it needs to be continually maintained in that application. New security holes in off-the-shelf software are being discovered all the time. Eventually, one of them will represent a risk to your application. By designing your system with this in mind, managing the next security risk that pops up will be easier. The second part of this book is devoted to the process of building Web applications. It begins with Chapter 6, The Process, which reviews the entire process of developing OO systems. A sample Web application-development process is introduced. This process is not a complete process but does provide enough detail to establish the context in which the models and artifacts of the process can be understood. Chapter 7, Defining the Architecture, discusses the activities of defining the architecture of a Web application. Even though this activity usually follows a nearly complete examination of the requirements and use cases of the system, it is discussed earlier to help create the mind-set of developing Web applications. Because the process used here is iterative and incremental, when defining and elaborating the system's use cases, use case specifiers will have in the back of their minds a Web system architecture. In theory, this shouldn't be the case; in practice, however, and in an incremental and iterative process, it is not necessarily wrong to place use cases in the context of a specific architecture. Chapter 8, Requirements and Use Cases, reviews the process of gathering a system's requirements and defining the system's use cases. All sorts of requirements can be gathered to help specify a particular system. One of the most useful techniques for gathering functional requirements is with use cases. Use cases provide a structured way to gather and express the functional requirements of a system; and they describe the interaction between a user of the system (called an actor) and the system. Use cases are textual documents that describe, in the language of the domain, what the system should do without specifying how it should do it. The hows are expressed in Chapters 9 and 10. Chapter 9, The User Experience, introduces a new model to the development process--the User Experience (UX) model. The UX model describes the architecturally significant elements of the user interface. The creation of the UX model allows you to separate look-and-feel issues and engineering issues. In this chapter, the UX model is described as a contract between the user experience team that is responsible for designing and building the look and feel and the engineering team that is responsible for implementing the required business logic and functionality. The UX model is introduced at this point because, in many of the organizations I've visited, the activities of fleshing out user-experience artifacts happen shortly after the first set of requirements has been created, which is about the time analysts start modeling the solution. About the same time user experience is being investigated, the analysis team is analyzing the use cases and requirements specifications of the system and starting to express them in terms of objects. This is the topic of Chapter 10, Analysis. Analysis is the activity of transforming the requirements of a system into a design that can be realized in software. An analysis model, which contains classes and class collaborations that exhibit the behavior of the system, is created, as defined by the use cases. Chapter 11, Design, and Chapter 12, Advanced Design, discuss how to transform the analysis model into something that maps directly into system components (actual delivered modules). Chapter 11 is where the bulk of the Web Application Extension (WAE) for UML is introduced. Once the design model is completed, it can be mapped directly into executable code. This book's final chapter, Chapter 13, Implementation, discusses the creation of code from the UML model. Because this edition of the book comes with several reference applications, and a detailed description of the WAE's code mappings (Appendix A), this chapter just introduces a few examples of implementing WAE designs. The appendices are a big part of this edition. Appendix A, a summary of the WAE profile for UML, is a quick and detailed reference of the UML profile introduced in this book. The remaining appendices are realistic examples of applications in this book that have been modeled with the WAE profile. Appendix B contains the key UML diagrams of a typical online retail store. This application was developed in part from two architectural patterns, Controlled Controllers and Master Template, which are described in Appendices C and D, respectively. Appendix E contains the second reference application--a simple online glossary. The glossary application, which manages a set of definitions for a software development team, demonstrates the use and modeling of complex JavaScript objects. The source code can be downloaded from www.wae-uml.org, the Web site I've set up to support this book. 0201730383P09112002 Excerpted from Building Web Applications with UML by Jim Conallen All rights reserved by the original copyright owners. Excerpts are provided for display purposes only and may not be reproduced, reprinted or distributed without the written permission of the publisher.