This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
can somebody please help me with the below assumptions ?
1. My assignment talks about an External system providing search/retrieval kind of web service. Will it fair to assume that such a search service would support features like pagination and security or would this be considered simplifying the solution ? I am confused here because nothing has been given about the capabilities of this external system or its web services and my design could vary based on this.
2. I need to persist a unidirectional 1-to-many relationship using JPA but JPA 1.0(JEE 5) does not support this. I could either change the given model relationship to bi-directional or document to use a provider supported extension feature to achieve the given navigability and leave the model as it is. Which is a lesser evil here ?Or am I going into too low level details and can just leave this decision to developers and move on ?
1) It's hard to say because it depends on your problem. Paging doesn't sound important so that seems safe. For security, it is likely the remote service will not handle security the way your application needs. Since security is a core JEE concept, I'd be especially wary of oversimplifying in this area.
2) You can absolutely leave this to the (fictional) developers. I made an assumptions that the developers know JPA and JSF and can be trusted to implement given a high level design. The fact that JPA 1 doesn't support a relationship type is an implementation detail that would need to be worked around in practice. The actual design doesn't care about that. And in a later version when it is supported, the design doesn't change. The opportunity for a better implementation merely exists.
Thanks for your reply Jeanne. My external system is a kind of Inventory System which is searched for products and their availability. So for such a 'read-only' service assuming that the provider supports at least transport level security, such as HTTP Basic/Digest and SSL if not message level security would be fine right ?
author & internet detective