Jakarta Connectors

An EIS provides the information infrastructure for an enterprise. An EIS offers a set of services to its clients. These services are exposed to clients as local and/or remote interfaces. Examples of an EIS include:

There are two aspects of an EIS:

An architecture for integrating Jakarta EE servers with EISs. There are two parts to this architecture: an EIS vendor-provided resource adapter and an application server that allows this resource adapter to be plugged in. This architecture defines a set of contracts (such as transactions, security, connection management) that a resource adapter has to support to plug in to an application server.

These contracts support bi-directional communication (outbound and inbound) between an application server and an EIS by way of a resource adapter. That is, the application server may use the resource adapter for outbound communication to the EIS, and it may also use the resource adapter for inbound communication from the EIS.

An EIS resource provides EIS-specific functionality to its clients. Examples are:

A resource manager manages a set of shared EIS resources. A client requests access to a resource manager to use its managed resources. A transactional resource manager can participate in transactions that are externally controlled and coordinated by a transaction manager.

In the context of the connector architecture, a client of a resource manager can either be a middle-tier application server or a client-tier application. A resource manager is typically in a different address space or on a different machine from the client that accesses it.

This document refers to an EIS as a resource manager when it is mentioned in the context of transaction management. Examples of resource managers are a database system, a mainframe TP system, and an ERP system.

A managed environment defines an operational environment for a Jakarta EE-based, multi-tier, web-enabled application that accesses EISs. The application consists of one or more application components—Jakarta Enterprise Beans, Jakarta Server Pages, servlets—which are deployed on containers. These containers can be one of the following:

A non-managed environment defines an operational environment for a two-tier application. An application client directly uses a resource adapter to access the EIS, which defines the second tier of a two-tier application.

A connection provides connectivity to a resource manager. It enables an application client to connect to a resource manager, perform transactions, and access services provided by that resource manager. A connection can be either transactional or non-transactional. Examples include a database connection and an SAP R/3 connection. A connection to a resource manager may be used by a client for bi-directional communication, depending on the capabilities of the resource manager.

An application component can be a server-side component, such as an Jakarta Enterprise Bean, Jakarta Server Page, or servlet, that is deployed, managed, and executed on an application server. It can also be a component executed on the web-client tier but made available to the web-client by an application server. Examples of the latter type of application component include a Java applet, and a DHTML page.

A container is a part of an application server that provides deployment and runtime support for application components. It provides a federated view of the services provided by the underlying application server for the application components. For more details on different types of standard containers, refer to the Jakarta Enterprise Beans (see Jakarta™ Enterprise Beans Specification, Version 4.0, Jakarta Server Pages, and servlet specifications.

A standard architecture is needed to integrate various EISs with an application server. Without a standard, EIS vendors and application server vendors may have to use vendor-specific architectures to provide EIS integration.

Jakarta Connectors provides a Java solution to the problem of bi-directional connectivity between the multitude of application servers and EISs. By using the Jakarta Connectors, it is no longer necessary for EIS vendors to customize their product for each application server. An application server vendor who conforms to the Jakarta Connectors also does not need to add custom code whenever it wants to extend its application server to support connectivity to a new EIS.

Jakarta Connectors enables an EIS vendor to provide a standard resource adapter for its EIS. The resource adapter plugs into an application server and provides the underlying infrastructure for the integration between an EIS and the application server.

An application server vendor extends its system only once to support Jakarta Connectors and is then assured of connectivity to multiple EISs. Likewise, an EIS vendor provides one standard resource adapter and it has the capability to plug in to any application server that supports Jakarta Connectors.

The following figure shows that a standard EIS resource adapter can plug into multiple application servers. Similarly, multiple resource adapters for different EISs can plug into an application server. This system-level pluggability is made possible through Jakarta Connectors.

If there are m application servers and n EISs, Jakarta Connectors reduces the scope of the integration problem from an m x n problem to an m + n problem.

Figure System Level Pluggability Between Application Servers and EISs

An enterprise tools vendor provides tools that lead to a simple application programming model for EIS access, thereby reducing the effort required in EIS integration. An EAI vendor provides a framework that supports integration across multiple EISs. Both types of vendors need to integrate across heterogeneous EISs.

Each EIS typically has a client API that is specific to the EIS. Examples of EIS client APIs are RFC for SAP R/3 and ECI for CICS.

An enterprise tools vendor adapts different client APIs for target EISs to a common client API. The adapted API is typically specific to a tools vendor and supports an application programming model common across all EISs. Adapting the API requires significant effort on the part of a tools vendor. In this case, the m x n integration problem applies to tools vendors.

Jakarta Connectors provides a solution for the m x n integration problem for tools and EAI vendors. Jakarta Connectors specifies a standard Common Client Interface (CCI) that supports a common client API across heterogeneous EISs.

All EIS resource adapters that support CCI are capable of being plugged into enterprise tools and EAI frameworks in a standard way. A tools vendor need not do any API adoption; the vendor can focus on providing its added value of simplifying EIS integration.

The CCI drastically reduces the effort and learning requirements for tools vendor by narrowing the scope of an m x n problem to an m + n problem if there are m tools and n EISs.

The resource adapter provider is an expert in the technology related to an EIS and is responsible for providing a resource adapter for an EIS. Since this role is highly EIS specific, an EIS vendor typically provides the resource adapter for its system.

A third-party vendor (who is not an EIS vendor) may also provide an EIS resource adapter and its associated set of application development tools. Such a provider typically specializes in writing resource adapters and related tools for a large number of EISs.

The application server vendor provides an implementation of a Jakarta EE-compliant application server that provides support for component based enterprise applications. A typical application server vendor is an OS vendor, middleware vendor, or database vendor. The role of an application server vendor is typically the same as that of a container provider.

The Jakarta EE platform specification (see Jakarta Platform, Enterprise Edition (Jakarta EE) Specification, version 10) specifies requirements for a Jakarta EE platform provider.

The container provider is responsible for providing a container implementation for a specific type of application component. For example, the container provider may provide a container for Jakarta Enterprise Beans components. Each type of application component—Jakarta Enterprise Bean, Jakarta Servlet, Server Pages—has its own set of responsibilities for its container provider. The respective specifications outline these responsibilities.

A container implementation typically provides the following functionality:

The expertise of the container provider is system-level programming, with its focus on the development of a scalable, secure, and transaction-enabled container.

The container provider is also responsible for providing deployment tools necessary for the deployment of application components and resource adapters. It is also required to provide runtime support for the deployed application components.

The container provider typically provides tools that allow the system administrator to monitor and manage a container and application components during runtime.

In the context of the connector architecture, the application component provider produces an application component that accesses one or more EISs to provide its application functionality.

The application component provider is an application domain expert. In the case of application components targeted towards integration with multiple EISs, various business tasks and entities are implemented based on access to EIS data and functions.

The application component provider typically programs against easy-to-use Java abstractions produced by application development tools. These Java abstractions are based on the Common Client interface (CCI).

The application component provider is not required to be an expert at system level programming. The application component provider does not program transactions, security, concurrency, or distribution, but relies on a container to provide these services transparently.

The application component provider is responsible for specifying structural information for an application component and its external dependencies. This information includes, for example, the name and type of the connection factories, and security information.

The output of an application component provider is a Java™ Archive (JAR) file that contains the application components and any additional Java classes required to connect to EISs.

The application component provider relies on tools to simplify application development and EIS integration. Since programming client access to EIS data and functions is a complex application development task, an application development tool reduces the effort and complexity involved in this task.

Enterprise tools serve different roles in the application development process, as follows:

A number of these tools may be integrated together to form an end-to-end application development environment.

In addition, various tools and middleware vendors offer EAI frameworks that simplify integration across heterogeneous EISs.

The application assembler combines various application components into a larger set of deployable units. The input of the application assembler is one or more JAR files produced by an application component provider and the output is one or more JAR files with a deployment descriptor. A deployment descriptor may not be provided by the application assembler if metadata annotations (see Metadata Annotations) are used to describe deployment information.

The application assembler is typically a domain expert who assembles application components to produce an enterprise application. To achieve this goal, the application assembler takes application components, possibly from multiple application component providers, and assembles these components.

The deployer takes one or more deployable units of application components, produced by the application assembler or component provider, and deploys the application components in a target operational environment. An operational environment is comprised of an application server and multiple connected EISs.

The deployer is responsible for resolving all external dependencies declared by the application component provider. For example, the deployer ensures that all connection factories used by the application components are present in an operational environment. To perform its role, the deployer typically uses the application server-provided deployment tools.

The deployer is also responsible for the deployment of resource adapters. Since an operational environment may include multiple EISs, the role of the deployer is more intensive and complex than that in a non-EIS scenario. The deployer has to understand security, transaction, and connection management-related aspects of multiple EISs that are configured in an operational environment.

The system administrator is responsible for the configuration and administration of a complete enterprise infrastructure that includes multiple containers and EISs.

In an operational environment that has multiple EISs, the deployer should manage the operational environment by working closely with the system administrators of respective EISs. This enables the deployer to resolve deployment issues while deploying application components and resource adapters in a target operational environment.

This chapter introduced the roles involved in the connector architecture. The later chapters specify responsibilities for each role in more detail.

ERP Software Inc. is an enterprise system vendor that provides an enterprise resource planning (ERP) system. ERP Software wants to integrate its ERP system with various application servers. It achieves this goal by providing a standard resource adapter for its ERP system. The resource adapter for ERP systems supports the standard inbound communication, transaction, connection management and security contracts. The resource adapter also supports the Common Client Interface (CCI) as its client API.

TPSoft Inc. is another enterprise system vendor that provides a transaction processing (TP) system. TPSoft has also developed a standard resource adapter for its TP system. The resource adapter library supports CCI as part of its implementation.

AppServer Inc. is a system vendor that has an application server product which supports the development and deployment of component-based enterprise applications. This application server product has an Jakarta Enterprise Beans container that provides deployment and runtime support for Jakarta Enterprise Bean components. The application server supports the system-level contracts that enable a resource adapter, which also supports these contracts, to plug into the application server and provide bi-directional connectivity to the underlying EIS. The Jakarta Enterprise Beans container insulates Jakarta Enterprise Bean components from the communication, transaction, security, and connection management mechanisms required for connecting to the EIS.

Manufacturer Corp. is a big manufacturing firm that uses a purchase order processing system based on the ERP system for its business processes. Recently, Manufacturer has acquired a firm that uses TPSoft’s TP system for its purchase order processing. Manufacturer aims to integrate these two systems together into a single integrated purchase order system. It requires a scalable, multi-user, secure, transaction-enabled integrated purchase order system that is not tied to a specific computing platform. Manufacturer plans to deploy the middle-tier of this system on the application server from AppServer Inc.

The MIS department of Manufacturer develops a PurchaseOrder Jakarta Enterprise Bean that provides an integrated view of the two underlying purchase order systems. While developing PurchaseOrder Jakarta Enterprise Bean, the bean provider does not program the transactions, security, connection management or inbound communication mechanisms required for connectivity to the ERP and TP systems; it relies on the Jakarta Enterprise Beans container and application server to provide these services.

The bean provider uses an application programming model based on the CCI to access the business objects and function modules for purchase order processing in the ERP system. The bean provider uses a similar application programming model based on the CCI to access the purchase order processing programs in the TP system.

The MIS department of Manufacturer assembles an integrated web-based purchase order application using PurchaseOrder Jakarta Enterprise Bean with other types of application components, such as Jakarta Server Pages and Jakarta Servlets.

The MIS department installs and configures the application server, ERP, and TP system as part of its operational environment. It then deploys the integrated purchase order application on this operational environment. As part of the deployment, the MIS department configures the operational environment based on the deployment requirements for the various application components that have been assembled into the integrated enterprise application.

After deploying and successfully testing the integrated purchase order system, the MIS department makes the system available for other departments to use.

The implementation class name of the ResourceAdapter interface is specified in the resource adapter deployment descriptor or through the Connector annotation described in @Connector. The ResourceAdapter class must be a JavaBean. Refer to JavaBean Requirements. During resource adapter deployment, the resource adapter deployer creates a ResourceAdapter JavaBean and configures it with the appropriate properties.

When a resource adapter is deployed, or during application server startup, an application server bootstraps an instance of the resource adapter in its address space. In order to bootstrap a resource adapter instance, the application server must use the configured ResourceAdapter JavaBean and call its start method. The start method call is a startup notification from the application server, and this method is called by an application server thread.

During the start method call the ResourceAdapter JavaBean is responsible for initializing the resource adapter instance. This may involve creating resource adapter instance specific objects, creating threads (refer to Work Management), and setting up network endpoints. A ResourceAdapter JavaBean represents exactly one functional resource adapter unit or instance. The application server must instantiate exactly one ResourceAdapter JavaBean per functional resource adapter instance. The application server must create at least one functional resource adapter instance per resource adapter deployment. An application server may create more than one functional resource adapter instance per resource adapter deployment, in order to create replicas of a single functional resource adapter instance on multiple Java™ Virtual Machines (2). In general, however, there should be just one functional resource adapter instance per deployment.

The application server is allowed to have multiple instances of a ResourceAdapter JavaBean active simultaneously, in the same JVM™ instance, provided the instances are not equal. Their equality is determined using the equals method, and therefore, the ResourceAdapter JavaBean is required to implement the equals method.

During the start method call, an application server must provide a BootstrapContext instance containing references to some of the application server facilities (for example, WorkManager ) for use by the resource adapter instance. The application server facilities exposed through the BootstrapContext instance may be used by the resource adapter instance during its lifetime.

During the start method call, the resource adapter instance initializes itself, and may use the WorkManager to submit Work instances for execution (see Work Management). The start method call should return in a timely manner, and should avoid blocking calls, such as use of doWork method call on the WorkManager instance. The application server may throw a WorkRejectedException in response to any or all doWork method calls on the WorkManager instance, in order to enforce that a start method call does not block. Resource adapter implementations are strongly recommended to use startWork and scheduleWork methods on the WorkManager , instead of the doWork method.

Any exception thrown during the start method call indicates an error condition, and the attempt by the application server to create a resource adapter instance fails. A future version of the specification may add a two-phase startup procedure.

A resource adapter instance at runtime may contain several objects that may be created and discarded during its lifetime. Such objects include ManagedConnectionFactory JavaBean (refer to Connection Management), ActivationSpec JavaBean (refer to Message Inflow), various connection objects, resource adapter private objects, and other resource adapter specific objects that are exposed to applications.

The ResourceAdapter JavaBean represents a resource adapter instance and contains the configuration information pertaining to that resource adapter instance. This configuration information may also be used as global defaults for ManagedConnectionFactory and ActivationSpec JavaBeans. That is, when ManagedConnectionFactory or ActivationSpec JavaBeans are created they may inherit the global defaults (ResourceAdapter JavaBean configuration information), which make it easier to configure them.

A resource adapter instance may provide bi-directional connectivity to multiple EIS instances. A ManagedConnectionFactory JavaBean can be used to provide outbound connectivity to a single EIS instance. An ActivationSpec JavaBean can be used to provide inbound connectivity from an EIS instance. A resource adapter instance may contain several such ManagedConnectionFactory and ActivationSpec JavaBeans. The following figure describes the association between a resource adapter instance and its various ManagedConnectionFactory and ActivationSpec JavaBeans.

Resource Adapter Instance (Composition)

A ManagedConnectionFactory JavaBean represents outbound connectivity information to an EIS instance from an application by way of a specific resource adapter instance. This contains the configuration information pertaining to outbound connectivity to an EIS instance. Refer to Connection Management for more details on the ManagedConnectionFactory JavaBean.

When a ManagedConnectionFactory JavaBean is created, it may inherit the ResourceAdapter JavaBean (which represents the resource adapter instance) configuration information, and overrides specific global defaults, if any, and may add other configuration information specific to outbound connectivity.

That is, in the case of outbound communication, the outbound connectivity configuration is a union of ResourceAdapter JavaBean and ManagedConnectionFactory JavaBean configuration, with the intersecting configuration properties based on the ManagedConnectionFactory JavaBean settings.

Outbound communication is initiated by an application and the communication occurs in the context of an application thread, even though resource adapter threads may be involved in the interaction. Note, a resource adapter may use the work management contract (refer to Work Management) to request threads to do work.

The ResourceAdapterAssociation interface specifies the methods to associate a ManagedConnectionFactory JavaBean with a ResourceAdapter JavaBean.

Prior to using a ManagedConnectionFactory JavaBean, the application server must create an association between the ManagedConnectionFactory JavaBean and a ResourceAdapter JavaBean, by calling the setResourceAdapter method on the ManagedConnectionFactory JavaBean. A successful association is established only when the setResourceAdapter method on the ManagedConnectionFactory JavaBean returns without throwing an exception.

The setResourceAdapter method on the ManagedConnectionFactory JavaBean must be called exactly once; that is, the association must not change during the lifetime of a ManagedConnectionFactory JavaBean.

An ActivationSpec JavaBean represents inbound connectivity information from an EIS instance to an application by way of a specific resource adapter instance. This contains the configuration information pertaining to inbound connectivity from an EIS instance. Refer to Message Inflow for more details on the ActivationSpec JavaBean.

When an ActivationSpec JavaBean is created, it may inherit the ResourceAdapter JavaBean (which represents the resource adapter instance) configuration information, and overrides specific global defaults, if any, and may add other configuration information specific to inbound connectivity.

That is, in the case of inbound communication, the inbound connectivity configuration is a union of ResourceAdapter JavaBean and ActivationSpec JavaBean configuration, with the intersecting configuration properties based on the ActivationSpec JavaBean settings.

Inbound communication is initiated by an EIS instance and the communication occurs in the context of a resource adapter thread. There are no application threads involved. Note, a resource adapter may use the work management contract (refer to Work Management) to request threads to do work.

The ResourceAdapterAssociation interface specifies the methods to associate an ActivationSpec JavaBean with a ResourceAdapter JavaBean.

Prior to using an ActivationSpec JavaBean, the application server must create an association between the ActivationSpec JavaBean and a ResourceAdapter JavaBean, by calling the setResourceAdapter method on the ActivationSpec JavaBean. A successful association is established only when the setResourceAdapter method on the ActivationSpec JavaBean returns without throwing an exception.

The setResourceAdapter method on the ActivationSpec JavaBean must be called exactly once; that is, the association must not change during the lifetime of an ActivationSpec JavaBean.

The following are some likely situations during which an application server would shutdown a resource adapter instance:

Irrespective of what causes a resource adapter instance to be shutdown, the application server must use the following two phases to shutdown a resource adapter instance.

Resource Adapter Lifecycle (State Diagram)

The ResourceAdapter JavaBean should be treated as a central authority or registry for resource adapter instance specific information, and it should have access to the overall state of the resource adapter instance (network endpoints, etc.). This helps in the manageability of the resource adapter instance, and in performing an orderly shutdown.

Some conventions to follow:

The above conventions enable a ResourceAdapter JavaBean to effectively manage the resource adapter instance and to perform an orderly shutdown of the resource adapter instance.

There is at most one ResourceAdapter JavaBean instance per resource adapter instance. But there can be many ManagedConnectionFactory, ActivationSpec or administered object instances (Administered Objects) per resource adapter instance.

The ResourceAdapter JavaBean instance is created and configured during resource adapter deployment. The ManagedConnectionFactory, ActivationSpec and administered object instances are created and configured during the lifetime of a resource adapter instance.

At runtime, the resource adapter internally uses a union of the configured ResourceAdapter and ManagedConnectionFactory JavaBean properties, to represent outbound communication configuration.

Similarly, at runtime, the resource adapter internally uses a union of the configured ResourceAdapter and ActivationSpec JavaBean properties, to represent inbound communication configuration.

Although the lifecycle management contract is primarily intended for a managed environment, it may still be used in a non-managed environment provided that the application that bootstraps a resource adapter instance is capable of managing its lifecycle.

Lifecycle Management Model (Sequence Diagram)

The application server uses the deployment information specified by way of the deployment descriptor mechanism (specified in section Requirements) and metadata annotations (specified in Deployment Descriptors and Annotations) to configure the resource adapter in the operational environment.

The resource adapter provides connection and connection factory interfaces. A connection factory acts as a factory for EIS connections. For example, javax.sql.DataSource and java.sql.Connection interfaces are JDBC-based interfaces for connecting to a relational database.

The CCI (specified in Common Client Interface) defines jakarta.resource.cci.ConnectionFactory and jakarta.resource.cci.Connection as interfaces for a connection factory and a connection, respectively.

The application component does a lookup of a connection factory in the Java Naming and Directory Interface™ (JNDI) name space. It uses the connection factory to get a connection to the underlying EIS. The connection factory instance delegates the connection creation request to the ConnectionManager instance.

The ConnectionManager enables the application server to provide different quality-of-services in the managed application scenario. These quality-of-services include transaction management, security, error logging and tracing, and connection pool management. The application server provides these services in its own implementation-specific way. The connector architecture does not specify how the application server implements these services.

The ConnectionManager instance , on receiving a connection creation request from the connection factory , does a lookup in the connection pool provided by the application server. If there is no connection in the pool that can satisfy the connection request, the application server uses the ManagedConnectionFactory interface (implemented by the resource adapter) to create a new physical connection to the underlying EIS. If the application server finds a matching connection in the pool, it uses the matching ManagedConnection instance to satisfy the connection request.

If a new ManagedConnection instance is created, the application server adds the new ManagedConnection instance to the connection pool.

The application server registers a ConnectionEventListener with the ManagedConnection instance. This listener enables the application server to get event notifications related to the state of the ManagedConnection instance. The application server uses these notifications to manage connection pooling, manage transactions, cleanup connections, and handle any error conditions.

The application server uses the ManagedConnection instance to get a connection instance that acts as an application-level handle to the underlying physical connection. An instance of type jakarta.resource.cci.Connection is an example of such a connection handle. An application component uses the connection handle to access EIS resources.

The resource adapter implements the XAResource interface to provide support for transaction management. The resource adapter also implements the LocalTransaction interface so that the application server can manage transactions internal to a resource manager. The chapter on transaction management describes this transaction management contract between the application server (and its transaction manager) and the resource adapter (and its underlying resource manager).

Architecture Diagram: Managed Application scenario

The following steps are involved in a managed scenario:

1 The application assembler or component provider specifies connection factory requirements for an application component using a deployment descriptor mechanism. For example, a bean provider specifies the following elements in the deployment descriptor for a connection factory reference. Note that the connection factory reference is part of the deployment descriptor for Jakarta Enterprise Bean components and not the resource adapter. Refer Jakarta Enterprise Beans specification (see Jakarta Enterprise Beans Specification, version 4.0) for details on the deployment mechanism for Jakarta Enterprise Bean components:

2 During resource adapter deployment, the deployer sets the configuration information (example: server name, port number) for the resource adapter. The application server uses a configured resource adapter to create physical connections to the underlying EIS. Refer to API Requirements for details on packaging and deployment of a resource adapter.

3 The application component looks up a connection factory instance in the component’s environment using the JNDI interface.

The JNDI name passed in the method NamingContext.lookup is the same as that specified in the res-ref-name element of the deployment descriptor. The JNDI lookup results in a connection factory instance of type jakarta.resource.cci.ConnectionFactory as specified in the res-type element.

4 The application component invokes the getConnection method on the connection factory to get an EIS connection. The returned connection instance represents an application-level handle to an underlying physical connection.

An application component obtains multiple connections by calling the method getConnection on the connection factory multiple times.

jakarta.resource.cci.Connection cx = cxf.getConnection();

5 The application component uses the returned connection to access the underlying EIS by way of the resource adapter. Common Client Interface specifies in detail the application programming model for EIS access.

6 After the component finishes with the connection, it closes the connection using the close method on the Connection interface.

cx.close();

7 If an application component fails to close an allocated connection after its use, that connection is considered an unused connection. The application server manages the cleanup of unused connections. When a container terminates a component instance, the container cleans up all connections used by that component instance. Refer section ManagedConnection and Scenario: Connection Event Notifications and Connection Close for details on the cleanup of connections.

In a non-managed application scenario, the application developer follows a similar programming model to the managed application scenario. The non-managed case involves looking up of a connection factory instance, getting an EIS connection, using the connection for EIS access, and finally closing the connection.

Connection handles are application level handles to underlying physical connections and are light-weight objects, especially when dissociated from the ManagedConnection . Creation of a connection handle does not necessarily result in the creation of a new physical connection to the EIS. The ManagedConnection , which represents the actual underlying physical connection, should maintain any session or transaction state data associated with that connection to the EIS. An application component may not derive much benefit from caching these handles, although this is allowed in this specification. Application components are recommended to obtain and cache the Connection Factory objects instead. For more information, see ConnectionFactory and Connection.

An application component is recommended to obtain a connection handle from the connection factory, use the connection handle to interact with the EIS by way of the resource adapter, and close the connection handle after finishing with it.

The application component is recommended to explicitly close the connection handle as soon as the handle has been used and is not required later. This reduces the possibility of connection leaks and enhances the application server’s ability to pool physical connections to the EIS (see Connection Pool Implementation).

A connection factory provides an interface to get a connection to an EIS instance. A connection provides connectivity to an underlying EIS.

One goal of the Jakarta Connector Architecture is to support a consistent application programming model across both CCI and EIS specific client APIs. To achieve this goal, the Jakarta Connector Architecture recommends a design pattern (specified as an interface template) for both the connection factory and connection interfaces.

The CCI connection factory and connection interfaces (defined in the package jakarta.resource.cci ) are based on the above design pattern. Refer to Connection Interfaces for details on the CCI connection factory and connection interfaces. The following code sample shows the CCI interfaces:

An example of a non-CCI interface is a resource adapter that uses the package com.myeis for its EIS specific interfaces, as follows:

The JDBC interfaces— javax.sql.DataSource , java.sql.Connection —are examples of non-CCI connection factory and connection interfaces.

Note that the methods defined on a non-CCI interface are not required to throw a ResourceException . The exception can be specific to a resource adapter, for example: java.sql.SQLException for JDBC (see JDBC API Specification, version 4.1) interfaces.

The following are additional guidelines for the recommended interface template:

The above design pattern leads to a consistent application programming model for connection creation and connection closing.

The jakarta.resource.spi.ConnectionManager interface provides a hook for a resource adapter to pass a connection request to an application server. An application server provides different quality-of-service as part of its handling of the connection request.

A jakarta.resource.spi.ManagedConnectionFactory instance is a factory of both ManagedConnection and connection factory instances. This interface supports connection pooling by defining methods for matching and creating connections.

A jakarta.resource.spi.ManagedConnection instance represents a physical connection to an underlying EIS.

The creation of a ManagedConnection instance typically results in the allocation of EIS and resource adapter resources (for example, memory and network sockets) for each physical connection. Since these resources can be costly and scarce, an application server pools ManagedConnection instances in a managed environment.

Connection pooling improves the scalability of an application environment. An application server uses the ManagedConnectionFactory and ManagedConnection interfaces to implement connection pool management.

An application server also uses the transaction management-related methods (getXAResource and getLocalTransaction) on the ManagedConnection interface to manage transactions. These methods are discussed in more detail in Transaction Management.

The ManagedConnection interface also provides methods to support error logging and tracing in a managed environment.

The method ManagedConnection.getMetaData returns a jakarta.resource.spi.ManagedConnectionMetaData instance. The ManagedConnectionMetaData provides information about a ManagedConnection and the connected EIS instance. This information is only available to the caller of this method if a valid physical connection exists for an EIS instance.

The Jakarta Connector Architecture provides an event callback mechanism that enables an application server to receive notifications from a ManagedConnection instance. An application server uses these event notifications to manage its connection pool, to clean up invalid or terminated connections, and to manage local transactions. Transaction Management discusses local transaction-related event notifications in more detail.

An application server implements the jakarta.resource.spi.ConnectionEventListener interface. It uses the ManagedConnection.addConnectionEventListener method to register a connection listener with a ManagedConnection instance.

A jakarta.resource.spi.ConnectionEvent class provides information about the source of a connection-related event. A ConnectionEvent instance contains the following information:

This class defines the following types of event notifications: * CONNECTION_CLOSED * LOCAL_TRANSACTION_STARTED * LOCAL_TRANSACTION_COMMITTED * LOCAL_TRANSACTION_ROLLEDBACK * CONNECTION_ERROR_OCCURRED

The jakarta.resource.spi.ManagedConnectionFactory interface defines the following methods for error logging and tracing:

The log writer is a character output stream to which all logging and tracing messages for a ManagedConnectionFactory instance are printed.

A character output stream can be registered with a ManagedConnectionFactory instance using the setLogWriter method. A ManagedConnectionFactory implementation uses this character output stream to output error log and trace information.

An application server manages the association of a log writer with a ManagedConnectionFactory . When a ManagedConnectionFactory instance is created, the log writer is initially null and logging is disabled. Associating a log writer with a ManagedConnectionFactory instance enables logging and tracing for the ManagedConnectionFactory instance.

An application server administrator primarily uses the error and trace information printed on a log writer by a ManagedConnectionFactory instance. This information is typically system-level in nature (for example, information related to connection pooling and transactions) rather than of direct interest to application developers.

The jakarta.resource.spi.ManagedConnection interface defines the following methods to support error logging and tracing specific to a physical connection.

A newly created ManagedConnection instance gets the default log writer from the ManagedConnectionFactory instance that creates the ManagedConnection instance. The default log writer can be overridden by an application server using the ManagedConnection.setLogWriter method. The setting of the log writer on a ManagedConnection enables an application server to manage error logging and tracing specific to the physical connection represented by a ManagedConnection instance.

An application server can optionally disassociate the log writer from a ManagedConnection instance when this connection instance is put back into the connection pool by using setLogWriter and passing null .

The following object interactions are involved in the scenario shown in OID: Connection Event Notification:

OID: Connection Pool Management with New Connection Creation

OID: Connection Pool Management with Connection Matching shows the object interactions for a connection matching scenario—that is, a scenario in which the application server finds a non-empty candidate connection set and calls the resource adapter to do matching on the candidate set. The following steps are involved in this scenario:

OID: Connection Pool Management with Connection Matching

For each ManagedConnection instance in the pool, the application server registers a ConnectionEventListener instance to receive close and error events on the connection. This scenario explains how the connection event callback mechanism enables an application server to manage connection pooling.

The scenario involves the following steps (see OID: Connection Event Notification) when an application component initiates a connection close:

To maintain the consistency of the application programming model across both managed and non-managed environments, application code should use the JNDI namespace to look-up a connection factory instance.

The following code extract shows how an application client accesses a connection factory instance in a non-managed environment. The code extract does not show the use of JNDI. It is used as an example to illustrate the use of ManagedConnectionFactory and ConnectionFactory interfaces in the application code. Refer to section JNDI Configuration and Lookup for details on JNDI configuration and lookup.

The following object interactions are involved in the scenario shown in OID: Connection Creation in a Non-Managed Application Scenario:

OID: Connection Creation in a Non-Managed Application Scenario

The requirements for a resource adapter are as follows:

In a non-managed two tier application scenario, a resource adapter is allowed to support connection pooling internal to the resource adapter.

The requirements for an application server are as follows:

In the following figure, an application client invokes Jakarta Enterprise Beans component X. Enterprise Bean X accesses transaction programs managed by a TP system and calls Enterprise Bean Y to access an ERP system.

Scenario: Transactions Across Multiple Resource Managers

The application server uses a transaction manager to support a transaction management infrastructure that enables an application component to perform transactional access across multiple EIS resource managers. The transaction manager manages transactions across multiple resource managers and supports propagation of the transaction context across distributed systems.

The transaction manager supports a Jakarta Transaction XAResource -based transaction management contract with a resource adapter and its underlying resource manager. The ERP system supports Jakarta Transaction by implementing an XAResource interface through its resource adapter. The TP system also implements an XAResource interface. This interface enables the two resource managers to participate in transactions that are coordinated by an external transaction manager. The transaction manager uses the XAResource interface to manage transactions across the two underlying resource managers.

The Enterprise Beans X and Y access the ERP and TP system using the respective client access API for the two systems. Behind the scenes, the application server enlists the connections to both systems, obtained from their respective resource adapters, as part of the transaction. When the transaction commits, the transaction manager performs a two-phase commit protocol across the two resource managers, ensuring that all read/write access to resources managed by both the TP system and ERP system is either entirely committed or entirely rolled back.

The transactions are demarcated either by the container (called container-managed demarcation) or by a component (called component-managed demarcation). In component-managed demarcation, an application component can use the Jakarta Transaction UserTransaction interface or a transaction demarcation API specific to an EIS (for example, JDBC transaction demarcation using java.sql.Connection ).

The Jakarta Enterprise Beans specification requires a Jakarta Enterprise Beans container to support both container-managed and component-managed transaction demarcation models. The Jakarta Server Pages and servlet specifications require a web container to support component-managed transaction demarcation.

If multiple resource managers participate in a transaction, the Jakarta Enterprise Beans container uses a transaction manager to coordinate the transaction. The contract between the transaction manager and resource manager is defined using the XAResource interface.

If a single resource manager instance participates in a transaction (either component-managed or container-managed), the container has two choices:

If an application accesses a single resource manager using an XA transaction, it has more performance overhead compared to using a local transaction. The overhead is due to the involvement of an external transaction manager in the coordination of the XA transaction.

To avoid the overhead of using an XA transaction in a single resource manager scenario, the application server may optimize this scenario by using a local transaction instead of an XA transaction. This scenario is shown in the following figure.

Scenario: Local Transaction on a Single Resource Manager

The jakarta.resource.spi.Managed Connection instance represents a physical connection to an EIS and acts as a factory for connection handles.

The following code extract shows the methods on the ManagedConnection interface that are defined specifically for the transaction management contract:

A Managed Connection instance provides access to a pair of interfaces: javax.transaction.xa.XAResource and jakarta.resource.spi.LocalTransaction .

Depending on the transaction support level of a resource adapter, these methods should raise appropriate exceptions. For example, if the transaction support level for a resource adapter is NoTransaction , an invocation of getXAResource method should throw a ResourceException . Refer to Exceptions for details on the exception hierarchy.

The following figure illustrates this concept:

ManagedConnection Interface for Transaction Management

The transaction manager uses the XAResource interface to associate and dissociate a transaction with the underlying EIS resource manager instance and to perform a two-phase commit protocol. The transaction manager does not directly use the ManagedConnection interface. The next section describes the XAResource interface in more detail.

The application server uses the LocalTransaction interface to manage local transactions.

The javax.transaction.xa.XAResource interface is a Java mapping of the industry standard XA interface based on X/Open CAE specification (see X/Open CAE Specification — Distributed Transaction Processing: the XA Specification, X/Open document).

The following code extract shows the interface specification for the XAResource interface. For more details and API documentation, refer to the Jakarta Transaction (see Jakarta™ Transaction Specification]) and XA (see <<a9729, X/Open CAE Specification — Distributed Transaction Processing: the XA Specification, X/Open document) specifications:

The following code extract shows the jakarta.resource.spi.LocalTransaction interface:

A resource adapter implements the LocalTransaction interface to provide support for local transactions that are performed on the underlying resource manager. An application server uses the LocalTransaction interface to manage local transactions for a resource manager.

Interface: LocalTransaction has more details on the local transaction management contract.

The application server uses the jakarta.transaction.TransactionManager and jakarta.transaction.Transaction interfaces, specified in the Jakarta Transaction specification, for its contract with the transaction manager.

The application server uses the jakarta.transaction.TransactionManager interface to control the transaction boundaries on behalf of the application components that are being managed by the application server. For example, an Jakarta Enterprise Beans container manages the transaction states for transactional Jakarta Enterprise Beans components. The Jakarta Enterprise Beans container uses the TransactionManager interface to demarcate transaction boundaries based on the calling thread’s transaction context.

The application server also uses the jakarta.transaction.Transaction interface to enlist and delist transactional connections with the transaction manager. This enables the transaction manager to coordinate transactional work performed by all enlisted resource managers within a transaction.

The following table specifies various transaction management scenarios and mentions whether these scenarios are within the scope of Jakarta Connectors.

Jakarta Connectors does not require that all resource adapters must support Jakarta Transaction XAResource based transaction contract.

If a resource adapter decides to support an XAResource based contract, then Jakarta Connectors places certain requirements on a resource adapter and its underlying resource manager (RM).

The following requirements refer to a resource adapter and its resource manager together as a resource manager (RM). The division of responsibility between a resource adapter and its underlying resource manager for supporting the transaction contract is implementation-specific and is out of the scope of Jakarta Connectors.

These requirements assume that a transaction manager ™ supports Jakarta Transaction/XA and JTS requirements.

The following set of requirements are based on the Jakarta Transaction and XA specifications and should be read in conjunction with these specifications. These detailed requirements are included in this document to clearly specify the requirements from the Jakarta Connectors perspective.

The following section specifies requirements of a TM. This section assumes that the TM is compliant with Jakarta Transaction/JTS and X/Open (see X/Open CAE Specification — Distributed Transaction Processing: the XA Specification, X/Open document) specifications.

The following object interactions are involved in the scenario shown in OID: Transactional Setup For Newly Created ManagedConnection Instances.

OID: Transactional Setup For Newly Created ManagedConnection Instances

For each ManagedConnection instance in the pool, the application server registers a ConnectionEventListener instance to receive specific events on the connection. The connection event callback mechanism enables the application server to manage connection pooling and transactions.

Object Diagram: Connection Management Architecture describes the following steps when an application component closes a connection:

OID: Connection Close and Transactional Cleanup

The scenario in the following figure illustrates the steps taken by the transaction manager to commit a transaction across multiple resource manager instances. These steps are executed after the transaction manager calls the XAResource.end method for each enlisted resource manager instance.

The following steps happen in this scenario:

OID: Transaction Completion

The jakarta.resource.spi.LocalTransaction interface defines the contract between an application server and resource adapter for local transaction management. This interface is defined in Interface: LocalTransaction.

An application server implements the jakarta.resource.spi.ConnectionEventListener interface. It registers this listener instance with the ManagedConnection instance by using ManagedConnection.addConnectionEventListener method.

The following code extract specifies the ConnectionEventListener interface related to the local transaction management contract:

The ManagedConnection instance notifies its registered listeners for transaction related events by calling the methods localTransactionStarted, localTransactionCommitted, and localTransactionRolledback.

The ConnectionEvent class defines the following types of event notifications related to the local transaction management contract:

A stateless session bean with bean-managed transaction demarcation starts a local transaction in a method invocation. It returns from the business method without completing the local transaction.

The application server implements the ConnectionEventListener interface. The resource adapter notifies the application server with a LOCAL_TRANSACTION_STARTED event when the local transaction is started by the session bean instance.

When the session bean instance returns from the method invocation without completing the local transaction, the application server detects this as an incomplete local transaction because it has not received any matching LOCAL_TRANSACTION_COMMITTED or LOCAL_TRANSACTION_ROLLEDBACK events from the resource adapter.

On detecting an incomplete local transaction, the application server aborts the transaction, terminates the stateless session bean instance, and throws an exception to the client.

The application server terminates a component instance, for example, because of some system exception in a method invocation.

On termination of a component instance, the application server cleans up all ManagedConnection instances being used by this component instance. The cleanup of a connection involves resetting all local transaction and client-specific state. This state is maintained internal to the ManagedConnection instance.

The application server initiates a cleanup of a ManagedConnection instance by calling ManagedConnection.cleanup . After cleanup, the application server returns this connection to the pool to serve future allocation requests.

The application server uses the connection event listener mechanism, specified through the interfaces ConnectionEventListener and ConnectionEvent , to flag illegal cases of transaction demarcation. The application server implements the ConnectionEventListener interface to support this scenario.

The following subsection illustrates a scenario for component-managed transaction demarcation.

A Jakarta Enterprise Beans component with bean managed transaction demarcation starts a local transaction using the application-level transaction demarcation interface, for example, jakarta.resource.cci.LocalTransaction as defined in the CCI, supported by the resource adapter. It then calls the UserTransaction.begin method to start a Jakarta Transactions transaction before it has completed the local transaction.

In this scenario, the Jakarta Enterprise Beans component has started but not completed the local transaction. When the application component attempts to start a Jakarta Transactions transaction by invoking the UserTransaction.begin method, the application server detects it as a transaction demarcation error and throws an exception from the UserTransaction.begin method.

When the application component starts the local transaction, the resource adapter notifies the application server of the LOCAL_TRANSACTION_STARTED connection event. When the component invokes the UserTransaction.begin method, the application server detects an error condition, because it has not received the matching LOCAL_TRANSACTION_COMMITTED or LOCAL_TRANSACTION_ROLLEDBACK event from the resource adapter for the currently active local transaction.

A resource adapter may detect sharing violations. Any operation on a shareable connection which violates shareability is a sharing violation, for example, mutable operations like changing connection attributes, security settings, isolation levels, etc.

When such a mutable operation is performed on a ManagedConnection , it may throw a SharingViolationException when both the following conditions are true:

Further, a resource adapter may reject creation of a connection handle, by throwing a SharingViolationException, if the connection is already in a unshareable condition. Any mutable operation performed on a connection makes it unshareable.

The Jakarta EE platform specification (see Jakarta™ EE Platform Specification Version 10) identifies the following as transactional resources:

The Jakarta EE platform specification requires that Jakarta EE product providers must transparently support transactions that span multiple components and transactional resources. These requirements must be met regardless of whether a Jakarta EE product is implemented as a single process, multiple processes on the same node, or multiple processes on multiple nodes.

In addition, Jakarta EE product providers must support transactional applications that are comprised of servlets or JSP pages accessing multiple enterprise beans within a single transaction. Each component may also acquire one or more connections to access transactional resources. Jakarta EE product providers must support scenarios where multiple components in an application access transactional resources as part of a single transaction.

The Jakarta EE platform specification requires Jakarta EE platform products to support resource adapters at the XATransaction level as a transactional resource. It must be possible to access such resource adapters from multiple application components within a single transaction.

Jakarta Connectors has an additional requirement that is applicable to resource adapters that support local transactions. Note that both LocalTransaction and XATransaction resource adapters support local transactions, and they are both referred to as “local transaction capable” resource adapters in the section below.

Application server must use a single local transaction in a scenario where the following conditions hold:

Note that this requirement does not apply to a local transaction that is started by a component using an application level transaction demarcation API that is specific to a resource adapter.

Application server determines this scenario in an implementation-specific manner.

Application server may use connection sharing mechanisms to implement this local transaction requirement. Please refer to Scenario: Local Transaction for an illustration.

Application servers must support transaction scenarios where access to a non-transactional resource is combined with access to one or more transactional resources within a single transaction. For example, in a container-managed transaction, an Enterprise Bean accesses JDBC and Jakarta Messaging resources, and also accesses a non-transactional EIS using its resource adapter. If there is a failure during the above scenario, transactional resource managers operating under the transaction should rollback, but the recovery of the non-transactional resource is unspecified in this specification.

The application server is not required to support any additional transaction scenarios beyond the above set of scenarios. A Jakarta EE application should not depend on an application server’s support for any optional transaction scenarios. The application should also not depend on whether or not the container detects that a specific optional transaction scenario is illegal. Any errors in optional transaction scenarios are considered application programming errors.

The following are examples of optional transaction scenarios. The following section also describes, in a non-prescriptive manner, issues in support for these scenarios by an application server:

This scenario illustrates the use of the connection sharing mechanism to implement requirement for a local transaction to span components.

In this scenario, two Jakarta Enterprise Beans components get connections to the same EIS resource manager within a single transaction. Both Jakarta Enterprise Beans components use the same local transaction capable resource adapter.

A local transaction is associated with a single physical connection. Both Jakarta Enterprise Beans components in this scenario share the same physical connection under the local transaction scope. The container has the responsibility of managing connection sharing as illustrated in this scenario.

To share a physical connection in the local transaction scope, the container assumes the connection to be shareable unless it has been marked unshareable in the res-sharing-scope . The container uses connection sharing in a manner that is transparent to application components.

In the following figure, the stateful session beans A and B have container-managed transaction demarcation with the transaction attribute set to Required . Both A and B access a single EIS resource manager as part of their business logic.

Scenario to illustrate Local Transaction Management

The following steps happen in this scenario:

Connection Sharing Across Component Instances

In the scenario shown in the following figure, session bean A acts as a client of entity bean C and makes invocations on methods of entity bean C. Another session bean B also acts as a client of entity bean C. The C is an entity bean that may be shared across multiple clients.

A, B and C get connections to the same EIS. These Jakarta Enterprise Beans components have marked res-sharing-scope for these connections to be shareable .

A and C define a connection sharing scope. Both A and C share the same physical connection across a transaction that spans methods on A and C. Similarly, B and C define another connection sharing scope. B and C also share the same physical connection across a transaction that spans two components.

Connection Sharing Scenario

In this scenario, entity bean C obtains an application-level connection handle using the method getConnection on the ConnectionFactory during its creation. Entity bean C holds the connection handle during its lifetime.

A gets a connection handle and invokes a method on C. At a different time, B gets a connection handle and invokes a method on C.

In both cases, depending on the connection sharing scope, defined in terms of the shared physical ManagedConnection instance, in which C is called, the container supports a mechanism to associate the connection handle held by C as part of its state with the current ManagedConnection instance.

State Diagram of Application-Level Connection Handle

The interface ManagedConnection defines method associateConnection as follows:

The container typically uses the associateConnection method to change the association of an application-level connection handle with a ManagedConnection instance. The container finds the right ManagedConnection instance, depending on the connection sharing scope, and calls the associateConnection method. To achieve this, the container is required to keep track of connection handles acquired by component instances and ManagedConnection instances using an implementation-specific mechanism. In order to set a Connection Handle as the active connection handle (see Connection Sharing and Multiple Connection Handles ), the container may also use the associateConnection method to set the same ManagedConnection associated with the Connection handle.

The associateConnection method implementation for a ManagedConnection should dissociate the connection handle passed as a parameter from its currently associated ManagedConnection and associate the new connection handle with itself.

Note that the switching of connection associations must happen only for connection handles and ManagedConnection instances that correspond to the same ManagedConnectionFactory instance. The container should enforce this restriction in an implementation-specific manner. If a container cannot enforce the restriction, the container should not use the connection association mechanism.

The container must provide a mechanism to change the association of a connection handle to different ManagedConnection instances depending on the connection sharing and transaction scope. This mechanism is used in scenarios where components hold on to connection handles across different local transaction and connection sharing scopes.

The container may use the connection association mechanism in the XAResource -based transaction management contract.

The resource adapter must implement the associateConnection method to support connection sharing. The container makes a decision on whether or not to use the associateConnection method implemented by a resource adapter. The support for this method is required independent of the transaction support level of the resource adapter. Note that the container makes the decision to invoke the associateConnection method.

The container is not required to support the local transaction optimization.

A resource adapter can be classified based on the level of transaction support, as follows:

The above levels reflect the major steps of transaction support that a resource adapter is required to allow external transaction coordination. Depending on its transactional capabilities and the requirements of its underlying EIS, a resource adapter can choose to support any one of the above transaction support levels.

An application server must support resource adapters with all three levels of transaction support— NoTransaction , LocalTransaction , and XATransaction .

The following are the requirements for an application server for the transaction management contract:

Application components may acquire connections through a ConnectionFactory object (resource-ref) obtained from the JNDI namespace. The connection(s) thus obtained may be closed by the application before method completion, or may be cached by the application for later use.

When a connection is cached by the application component, the cached connection handle is considered active and remains associated with a ManagedConnection instance from the application server’s connection pool. If the cached connection handle is used infrequently, then the associated ManagedConnection instance remains in hibernation during periods of non-use. This is because the application server cannot detect when the hibernating ManagedConnection instance will be used again by the application.

Such hibernating ManagedConnection instances result in suboptimal usage of system resources. Avoiding hibernation of ManagedConnection instances leads to more optimal resource utilization and better performance.

The following describes a mechanism that allows an application server to avoid hibernating ManagedConnection instances (by dissociating the ManagedConnection from its connection handles and using the freed ManagedConnection instance for other applications). This mechanism also provides a way to notify the application server when a dissociated connection handle is used by the application, so that it can be associated with an appropriate ManagedConnection instance.

Connection Acquisition Processing describes the processing of a getConnection method call initiated by an application component (that is, when the application component first acquires a connection). At a later point in time, the connection may be dissociated by the application server by calling the dissociateConnections method on the appropriate ManagedConnection instance. This dissociates the ManagedConnection instance from all its connection handle objects.

When such a dissociated connection is used by the application (upon method re-entry), it is required to be re-associated with an appropriate ManagedConnection instance. Connection Re-association Processing describes connection re-association processing. The connection re-association processing depends on the connection notifying the application server upon re-use (lazy re-association trigger). The connection object invokes the associateConnection method on the ConnectionManager instance in order to lazily re-associate itself with an appropriate ManagedConnection instance.

Thus, a connection handle that can be dissociated can exist in one of three states: Active, Inactive or Closed. State Diagram of a Dissociatable Application-level Connection Handle describes the state transitions of a dissociatable connection handle. Note that the state Inactive applies only to dissociatable connection handles.

The application server may dissociate connections that are shareable. It must not dissociate connections that are marked unshareable, however, since application-specific state may be retained by a ManagedConnection instance. The application server may also call the dissociateConnections method even when an active transaction is in progress in the ManagedConnection .

When a disassociated connection handle is closed, the resource adapter must notify the application server by calling the inactiveConnectionClosed method on the LazyAssociatableConnectionManager interface. The application server can then perform any cleanup operations related to the disassociated connection handle in its connection pool.

Connection Acquisition Processing

Connection Re-association Processing

State Diagram of a Dissociatable Application-level Connection Handle

Transactions may be started by an application server before a method call on an application component or it may be started by an application component during a method call. It is also possible that an application server may use a transaction imported from a different server during a method call.

Irrespective of how a transaction is started, an application server enlists all connections (cached or newly acquired by an application component) with the transaction, so that the work done using those connections will be part of the transaction. This enlistment happens before the method call in the case of cached connections and during the method call when connections are newly acquired within the transaction.

But not all the connections that are cached or newly acquired by an application component may be used within a transaction. Since the application server cannot detect whether these connections would be used within the transaction, it statically (eagerly) enlists all such connections with the transaction. Thus, connections that are not used in a transaction are unnecessarily enlisted, which leads to sub-optimal performance.

The following describes a dynamic mechanism that allows the application server to enlist only those connections that are used within a transaction. A ManagedConnection that supports this optimization must invoke the lazyEnlist method on the ConnectionManager every time it is used outside of a local or XA transaction. The application server uses this method call to lazily enlist the connection in the transaction (if there is one). The application server may delist the ManagedConnection instances from the transaction at a later point.

This optimization can be used only on connections that are lazily enlist-able.

Neither the application server nor the resource adapter must support this optimization.

A resource adapter that does not support this optimization must provide a ManagedConnection implementation which does not implement the LazyEnlistableManagedConnection interface. This allows an application server to detect that the resource adapter does not support this optimization.

An application server that does not support this optimization must provide a ConnectionManager implementation that does not implement the LazyEnlistableConnectionManager interface. This allows a resource adapter to detect that the application server does not support this optimization.

There are no changes to the resource adapter deployment descriptor since the application server can programmatically detect whether a resource adapter supports this optimization or not.

The application component provider sets the res-auth deployment descriptor element, or the equivalent metadata annotation defined in the relevant application component specification, to be Container letting the application server take the responsibility of managing EIS sign-on.

The Deployer sets up the principal mapping such that the user account for connecting to the EIS instance is always eStoreUser . The Deployer also configures the authentication data, for example, the password, needed to authenticate the eStoreUser to the EIS.

The component code invokes the getConnection method on the ConnectionFactory instance with no security-related parameters. The component relies on the application server to manage sign-on to the EIS instance based on the security information configured by the Deployer.

The application component provider sets the res-auth element to be Application.

The component code performs a programmatic sign-on to the EIS. The application component passes explicit security information, for example, the username and password, to the getConnection method of the ConnectionFactory instance.

An application server and an EIS collaborate to ensure resource principals are properly authenticated when the principal connects to the underlying EIS. Jakarta Connectors identifies the following as the commonly-supported authentication mechanisms:

The authentication-mechanism-type element is used in the deployment descriptor to specify whether or not a resource adapter supports a specific authentication mechanism. Refer to Requirements for more details on the specification of the deployment descriptor for a resource adapter. The authentication mechanism supported by the resource adapter may also specified through the AuthenticationMechanism annotation (see @AuthenticationMechanism ) as part of the Connector metadata annotation (see @Connector).

Jakarta Connectors does not require that a specific authentication mechanism be supported by an application server and an EIS. An application server may support any other authentication mechanisms for EIS sign-on. The connector security architecture is independent of security mechanisms.

When an application component requests a connection from a resource adapter, the connection request is made under the security context of a resource principal. The Deployer can set a resource principal based on the following options:

In some scenarios, a caller principal can be a delegate of an initiating principal. In this case, a resource principal transitively impersonates an initiating principal.

The support for principal delegation is typically specific to a security mechanism. For example, Kerberos supports a mechanism for the delegation of authentication. Refer to the Kerberos v5 specification for more details. The security technology specific details are out of the scope of Jakarta Connectors.

In the case of credential mapping, the mapped resource principal has the same identity as the initiating or caller principal. For example, a principal with identity A has initial credentials cred(A,mech1) and has credentials cred(A,mech2) after mapping. mech1 and mech2 represents different mechanism types.

Authorization checking to ensure that a principal has access to an EIS resource can be applied at one or more of the following:

Authorization checking at the target EIS can be done in an EIS-specific way and is not specified here. For example, an EIS can define its access control policy in terms of its specific security roles and permissions.

Authorization checking can also be done at the application server level. For example, an application server can allow a principal to create a connection to an EIS only if the principal is authorized to do so. Jakarta EE containers such as Jakarta Enterprise Beans and servlet containers support both programmatic and declarative security that can be used to define authorization policies. Programmatic and declarative security are defined in the individual specifications. Refer to the Jakarta Enterprise Beans and servlet specifications for more details. An application component developer developing components for EIS access must follow the requirements defined in these specifications.

The communication between an application server and an EIS can be subject to security threats such as data modification and loss of data. Establishing a secure association counters such threats. A secure association is shared security information that allows a component on the application server to communicate securely with an EIS.

Establishing a secure association includes several steps:

A secure association between an application server and an EIS is always established by the resource adapter implementation. Note that a resource adapter library runs within the address space of the application server.

A resource adapter can use any security mechanism to establish the secure association. GSS-API (refer to IETF draft on GSS-API v2[5]) is an example of such a mechanism. Note that Jakarta Connectors does not require use of the GSS-API by a resource adapter or application server.

Configuring a mechanism for establishing secure associations is outside the scope of Jakarta Connectors. This includes setting up the desired quality of protection during secure communication.

Once a secure association is successfully established, the connection is associated with the security context of the resource principal. Subsequently, all application-level invocations to the EIS instance using the connection happen under the security context of the resource principal.

The following features are common across different Jakarta EE component models from the perspective of an Application Component Provider:

The Deployer specifies security policies that ensure secure access to the underlying EISs from application components. The deployer adapts the intended security view of an application for EIS access, specified through metadata annotations described in Metadata Annotations or the deployment descriptor, to the actual security mechanisms and policies used by the application server and EISs in the target operational environment. The Deployer uses tools to accomplish the above task.

The output of the Deployer’s work is a security policy descriptor specific to the operational environment. The format of the security policy descriptor is specific to an application server.

The Deployer performs the following deployment tasks for each connection factory reference declared in the deployment descriptor of an application component:

The application server provides a security environment with specific security policies and mechanisms that support the security requirements of the deployed application components and resource adapters, thereby ensuring a secure access to the connected EISs.

The typical responsibilities of an application server are as follows:

JAAS Based Security Architecture specifies how JAAS can be used by an application server to support the requirements of the connector security architecture.

EIS provides a security infrastructure and environment that supports the security requirements of the client applications. An EIS can have its own security domain with a specific set of security policies and mechanisms, or it can be set up as part of an enterprise-wide security domain.

The resource adapter provider provides a resource adapter that supports the security requirements of the underlying EIS.

The resource adapter implements the security contract specified as part of the Jakarta Connector Architecture. Security Contract specifies the security contract and related requirements for a resource adapter.

The resource adapter specifies its security capabilities and requirements through metadata annotations or its deployment descriptor. Requirements specifies a standard deployment descriptor for a resource adapter. Metadata Annotations specifies the metadata annotations used to express security requirements of a resource adapter.

The system administrator typically works in close association with administrators of multiple EISs that have been deployed in an operational environment. The system administration tasks can also be performed by the Deployer.

The following tasks are illustrative examples of the responsibilities of the system administrator:

The security contract includes the following classes and interfaces:

The following text has been taken from the JAAS specification. For detailed information, refer to the JAAS specification (see Java Authentication and Authorization Service Specification, version 1.0).

A Subject represents a grouping of related information for a single entity, such as a person. Such information includes the Subject’s identities and its security-related attributes, for example, passwords and cryptographic keys. A Subject can have multiple identities. Each identity is represented as a Principal within the Subject . A Principal simply binds a name to a Subject .

A Subject can also own security-related attributes, which are referred to as Credentials . Sensitive credentials that require special protection, such as private cryptographic keys, are stored within a private credential set.

The Credentials intended to be shared, such as public key certificates or Kerberos server tickets, are stored within a public credential set. Different permissions are required to access and modify different credential sets.

The getPrincipals method retrieves all the principals associated with a Subject . The methods getPublicCredentials and getPrivateCredentials respectively retrieve all the public or private credentials belonging to a Subject . The methods defined in the Set class modify the returned set of principals and credentials.

The interface java.security.Principal represents a resource principal. The following code extract shows the Principal interface:

The method getName returns the name of a resource principal.

An application server should use the Principal interface, or any derived interface, to pass a resource principal as part of a Subject to a resource adapter.

The interface jakarta.resource.spi.security.GenericCredential defines a security mechanism-independent interface for accessing the security credential of a resource principal.

The GenericCredential interface provides a Java wrapper around an underlying mechanism-specific representation of a security credential. For example, the GenericCredential interface can be used to wrap Kerberos credentials.

The Jakarta Connector Architecture does not define any standard format and requirements for security mechanism specific credentials. For example, a security credential wrapped by a Generic Credential interface can have a native representation specific to an operating system.

The GenericCredential interface enables a resource adapter to extract information about a security credential. The resource adapter can then manage an EIS sign-on for a resource principal by any of the following:

This interface org.ietf.jgss.GSSCredential is in J2SE Version 1.4. This provides a mechanism to represent generic credential information. The functionality provided by this interface is similar to the deprecated GenericCredential interface.

The class jakarta.resource.spi.security.PasswordCredential acts as a holder of username and password information. This class enables an application server to pass the username and password to the resource adapter through the security contract.

The method getUserName gets the name of the resource principal. The interface java.security.Principal represents a resource principal.

The PasswordCredential class must implement the equals and hashCode methods.

The getManagedConnectionFactory method returns the ManagedConnectionFactory instance for which the user name and password has been set by the application server. Refer to ManagedConnectionFactory to see how a resource adapter uses this method.

The method allocateConnection is called by the resource adapter’s connection factory instance. This method lets the resource adapter pass a connection request to the application server, so the application server can hook-in security and other services.

Security Contract

Depending on whether the application server or application component is configured to be responsible for managing EIS sign-on (refer to Application Component Provider), the resource adapter calls the ConnectionManager . allocateConnection method in one of the following ways:

The application server provides the required security information for the resource principal through its configured security policies and mechanisms, for example, principal mapping. The application server requests the authentication of the resource principal to the EIS either itself or passes authentication responsibility to the resource adapter. This aspect is explained later in the specification of the ManagedConnectionFactory interface.

The following code extract shows the methods of the ManagedConnectionFactory interface that are relevant to the security contract:

During the JNDI lookup, the ManagedConnectionFactory instance is configured by the application server with a set of configuration properties. These properties include default security information and EIS instance-specific information, such as hostname and port number, required for initiating a sign-on to the underlying EIS during the creation of a new physical connection.

The default security configuration on a ManagedConnectionFactory can be overridden by security information provided either by a component, in component managed sign-on, or by the container, in container-managed sign-on.

The createManagedConnection method is used by the application server when it requests the resource adapter to create a new physical connection to the underlying EIS.

A resource adapter can re-authenticate a physical connection (that is, one that already exists in the connection pool under a different security context) to the underlying EIS. A resource adapter performs re-authentication when an application server calls the getConnection method with a security context, passed as a Subject instance, different from the context previously associated with the physical connection.

If a resource adapter supports re-authentication, the matchManagedConnections method in ManagedConnectionFactory may return a matched ManagedConnection instance with the assumption that the ManagedConnection . getConnection method will later switch the security context through re-authentication. Note that the matchManagedConnections method should consider a ManagedConnection instance as immutable. There is no authentication involved in the matchManagedConnections method.

Support for re-authentication depends on whether an underlying EIS supports the re-authentication mechanism for existing physical connections. If a resource adapter does not support re-authentication, the getConnection method should throw a jakarta.resource.spi.SecurityException if the passed Subject in the getConnection method is different from the security context associated with the ManagedConnection instance.

The getConnection method returns a new connection handle. If re-authentication is successful, the resource adapter has changed the security context of the underlying ManagedConnection instance to that associated with the passed Subject instance.

A resource adapter has the following options for handling ManagedConnection.getConnection invocation if it supports re-authentication:

The following are the requirements defined for a resource adapter:

The following are the requirements defined for an application server:

The application server must use threads of the same thread priority level to process Work instances submitted by a specific resource adapter.

Work Management Contract (Object Diagram)

Work Management Contract (Interfaces)

The Work interface models a Work instance which is executed by a WorkManager upon submission. This is implemented by a resource adapter.

The application server thread that calls the run method in the Work implementation must execute with an unspecified context if no execution context has been specified, or must execute with the specified execution context. It must have at least the same level of security permissions as that of the resource adapter instance. Further, the application server thread that calls the run and release methods, may or may not have access to a JNDI context.

Both the run and release methods in the Work implementation may contain synchronization blocks but they must not be declared as synchronized methods.

The WorkManager interface provides a mechanism to submit Work instances for execution. This is implemented by an application server. A WorkManager instance can be obtained by calling the get WorkManager method of the BootstrapContext instance. The BootstrapContext instance is provided by the application server when a resource adapter instance is bootstrapped. The WorkManager instance is not required to be unique.

This WorkManager facility frees the resource adapter from having to create Java threads directly to do its work. Further, this allows efficient pooling of thread resources by the application server and more control over thread usage.

The optional startTimeout parameter specifies a time duration in milliseconds within which the execution of the Work instance must start. Otherwise, the Work instance is rejected with a WorkRejectedException set to an appropriate error code (WorkException.START_TIMED_OUT). Note, this does not offer real-time guarantees. The WorkManager may also indicate that the failure to accept the Work submission is transient and that the resource adapter may retry the Work submission by throwing the RetryableWorkRejectedException .

The optional ExecutionContext parameter provides an execution context with which the Work instance must be executed. The execution context is represented by an ExecutionContext instance containing context information. The resource adapter is responsible for populating the ExecutionContext instance with an appropriate execution context. The default implementation provides a null context, that is, an ExecutionContext instance with null values. A Work instance with null context executes with an unspecified context.

The optional WorkListener parameter provides a callback event listener object which is notified when the various Work processing events (work accepted, work rejected, work started, work completed) occur. Refer to WorkListener Interface and WorkEvent Class.

The various stages in Work processing are:

The WorkListener interface is optionally implemented by the resource adapter. The WorkEvent and WorkAdapter classes are defined by the Connector 1.5 specification. The WorkListener instance is supplied to the WorkManager during Work submittal and provides an event listener callback mechanism in order to be notified when the various Work processing events, such as work accepted, work rejected, work started, and work completed, occur. When a WorkListener is provided by the resource adapter, the application server must send event notifications to the WorkListener. These notifications may occur from any thread with an unspecified context.

The WorkEvent class and WorkAdapter abstract class:

The WorkEvent instance provides the following information:

The type of the event determines the specific contents of a WorkEvent.

The WorkAdapter class is provided as a convenience for easily creating WorkListener instances by extending this class and overriding only those methods of interest. This is a standard event listener pattern used in Java APIs.

The ExecutionContext class allows a resource adapter to specify an execution context, such as a transaction context, with which the Work instance must be executed. The resource adapter is responsible for populating the ExecutionContext instance with an appropriate execution context. The default implementation provides a null context.

It is better for ExecutionContext to be a class rather than an interface because:

Work Submission - Callback Mechanism (Sequence Diagram)

J2SE Version 1.4 provides the java.nio package that includes a multiplexed, non-blocking I/O facility. Using the java.nio package it is possible for a single thread, such as a Work instance, to listen on multiple network endpoints or ports. Prior to the java.nio facility each network endpoint needed a separate thread to listen to incoming data.

Although the work management contract is primarily intended for a managed environment, it may still be used in a non-managed environment provided the application that bootstraps a resource adapter instance is capable of functioning as a WorkManager .

A resource adapter is free to create Java threads as permitted by the security policy settings of the non-managed environment.

A Work or DistributableWork instance (see Distributed Work processing) may implement the ResourceAdapterAssociation interface. The ResourceAdapterAssociation interface specifies the methods to associate the Work instance with a ResourceAdapter JavaBean.

The application server must establish an association between the resource adapter instance and the Work instance before the exection of the Work instance has been started (Refer Work Started).

When a Work instance has been distributed to a new WorkManager instance (for example, as in Distributed Work processing), the resource adapter instance that is associated with the Work instance must be available in the WorkManager instance that the Work has been distributed to. This allows the Work instance to use application server facilities like WorkManager, MessageEndpointFactory etc that are specific to the instance that the Work has been distributed to.

An application server instance’s WorkManager may choose to distribute a Work instance submitted by a resource adapter to another WorkManager residing in a different application server instance. Distribution of Work processing to different instances may be done for achieving optimal utilization of system resources or for providing better response times. These WorkManager instances may span across multiple Java virtual machines running on the same host or different hosts.

Neither the application server nor the resource adapter must support distributed Work processing.

Certain EIS integration use cases require the propagation of other contextual information, apart from Transactions, from the EIS to the application server. For example, a resource adapter might require the propagation of security context information from the EIS to the application server during inbound message delivery. The resource adapter might also require the execution of Work instances in the context of the "flown-in" Security information. Other use cases that require the flowing in of contextual information are:

Transaction and Security work contexts are standardized by means of the TransactionContext and SecurityContext interfaces. The propagation of Quality-of-Service hints to a WorkManager for the execution of a Work instance is standardized through the HintsContext class. The application server must support these three work contexts. A portable resource adapter can assume an application server’s support for these three work contexts defined in the specification. The specification may define additional context types in a future version of the specification.

An application server or a resource adapter may define and use custom WorkContext s. However a resource adapter using these custom WorkContext s is non-portable and might not function as expected in other application servers that do not implement the custom WorkContext . See Checking Support for a WorkContext Type for a discussion about how resource adapters can check with the WorkContext s supported by the application server.

Generic Work Context (Object Diagram)

Generic Work Context (Interfaces)

A resource adapter provider can declare that it requires a list of WorkContext types to be supported by the application server through the required-work-context element in the deployment descriptor of the resource adapter (see Resource Adapter Provider) or by way of the Connector annotation (see @Connector ).

The application server must check whether all of the WorkContext types declared by the resource adapter are supported by the application server during resource adapter deployment. The application server must employ an exact type equality check (by using java.lang.Class.equals(java.lang.Class) ) to check for the support.

If the application server cannot support one or more of the WorkContext types declared in required-work-context elements, it must fail deployment of the resource adapter.

A resource adapter can check an application server’s support for a particular WorkContext type through the isContextSupported() method in the BootstrapContext implementation provided by the application server. This mechanism enables a resource adapter developer to dynamically change the WorkContext s based on the support provided by the application server. For more information, see ResourceAdapter JavaBean and Bootstrapping a Resource Adapter Instance.

The application server must employ an exact type equality check (by using java.lang.Class.equals(java.lang.Class) ) in isContextSupported , to check whether it supports the WorkContext type provided by the resource adapter. This method must be idempotent, that is, all calls to this method by a resource adapter for a particular WorkContext type must return the same Boolean value throughout the lifecycle of that resource adapter instance.

This exact type check in isContextSupported enables a resource adapter to decide whether the application server supports the contexts that the resource adapter is attempting to establish for a Work instance. If a particular WorkContext class is not supported by the application server a resource adapter may then either choose to fall back to a superclass that is supported by the application server (again ascertained by way of the isContextSupported method) or fail the Work submission.

For WorkContext classes that are defined as abstract classes, such as SecurityContext , the resource adapter must use the abstract class while invoking the isContextSupported method and not its implementation class. For more information on SecurityContext class, see SecurityContext Class

For custom extensions of the standard WorkContext s, the resource adapter must always check support for the most specific WorkContext first. It may then go up the inheritance hierarchy in order to find the most specific WorkContext type supported by the application server.

As specified in WorkListener Interface and WorkEvent Class, the WorkManager must catch any exception thrown during Work processing, which includes execution context setup (including Checking Support for a WorkContext Type), and wrap it with a WorkCompletedException set to an appropriate error code defined in WorkContextErrorCodes , which indicates the nature of the error condition.

The application server must make the following checks during context assignment

The check for support and duplicates during context assignment listed above, must be less strict than the checks described in Indicating Support for a WorkContext Type and Checking Support for a WorkContext Type. The application server must employ a java.lang.Class.isAssignable(java.lang.Class) style check. Specifically, this method must check whether a WorkContext class that is supported by the application server can be converted to the type provided by the resource adapter, by way of an identity conversion or a widening reference conversion.

If a particular WorkContext type provided by the resource adapter is supported by the application server, the application server must use the WorkContext as-is and not attempt to use it as a supported parent type. That is, an application server must use the most specific WorkContext type it supports.

If a particular WorkContext type provided by the resource adapter is not supported by the application server, the application server should be able to safely fallback to a superclass (excluding the WorkContext interface) that is supported by it.

If the above conditions are not met, the application server must fail the Work processing with a WorkCompletedException with an appropriate error code to indicate the nature of the error condition. Because the WorkCompletedException might not provide a resource adapter with adequate information about the actual failure during context assignment, the resource adapter may implement the WorkContextLifecycleListener to interpret the reasons why a context assignment of a particular WorkContext instance failed. For more information, see Section 11.7 “WorkContextLifecycleListener Interface”