ISO Management Elements in Java EE .NET Platforms

In a heterogeneous application and platform environment, IT managers are faced with different and often incompatible management frameworks. IT organizations often partition the heterogeneous platforms into groups of application "silos"subsystems with a common management infrastructure. Third-party products such as HP OpenView or CA Unicenter provide management consoles that consolidate the platform-specific management information and provide a common view of managed components. As for SOA, custom solutions from companies such as Infravio facilitate SLA compliance of deployed Web services. Computer Associates, AmberPoint, Actional, and Service Integrity developed a Web services extension to Microsoft's MOM solution to address management of .NET and Java EE Web services via a proprietary management solution. Java EE and .NET implementations that address individual ISO management elements are fundamentally different, as discussed in the following sections.

Fault Management

The goal of fault management systems is to discover faults in the application or in the system infrastructure and report and log the fault event. Where possible, the fault management system can take corrective action to correct the fault and automatically restore service. The Java EE platform and .NET platform have different models for logging and event handling. Java EE applications widely use Java Logging APIs, such as java.util.logging, which supports configurable application logging. Under JSR-77, application servers and modules can be queried for information and can provide event notifications. .NET applications use the System.Diagnostics namespace to log application events to the Windows event log. The Windows event log provides system-wide event logging and monitoring at the system, security, and application level but is a windows-specific infrastructure. In a mixed system, the error and logging messages reflect the different programming environments and underlying systems that complicate aggregation and interpretation of the messages. Failover is another characteristic of fault management. Both Java EE application servers and .NET on Windows Server provide for clustering to support failover.

Configuration Management

The goal of distributed configuration management is to deploy and monitor application and component assets and their configuration information. This task is made more complex in heterogeneous systems, where version changes and updates can create incompatibilities that may be difficult to anticipate. The Java EE and .NET deployment models are different. The Java EE deployment process supports the "develop oncedeploy anywhere" model, with separation of responsibilities between the module development team and the deployment team. The programmatic management of the deployment process is specified in JSR-88 (Java EE Application Deployment Specification). Java EE does not provide support for module version control. .NET assemblies support a different model. Assemblies are self-describing deployment units that support .NET version management. In addition to the application configuration management issues, IT organizations must manage security and operating system patches on all the different systems.

Accounting

The goal of accounting management is to measure system and application usage. This allows the IT organization to understand the true cost of providing an IT service and to keep IT services aligned with the business requirements. At the platform level, most operating systems allow for monitoring and management of resources usage by users or groups. Typical system-level resources are CPU and disk space. This allows for integration with billing systems and enforcement of usage policies and the compliance with service level agreements (SLAs). At the application server level, Java EE does not provide an accounting framework, but account management systems are provided on top of the Java EE infrastructure. .NET-based systems rely on the Windows metering infrastructure for accounting.

Performance Management

The goal of performance management is to measure and maintain adequate system and application performance. Examples of performance metrics are user response times, application throughput, and resource utilization. Java EE and .NET provide facilities for measuring performance data at the component level. Java EE application servers provide facilities through JSR 77 for collection of statistics at the application server and module object levels. Both Java EE and .NET provide caching models that can be tuned for improved throughput. ASP.NET provides caching in the page-processing and data levels. Java EE provides extensive object caching for EJBs in the Business tier, and servlet containers cache JSPs and can be extended to support tunable caching of JSP fragments.

Security Management

Security management entails management of users, roles, credentials, and rights and is a key task of IT organization in ensuring secure operations. The goal of security management in mixed platform environments is to meet all of these security requirements while maintaining synchronized security schema on all platforms. Management of multiple user accounts and sets of credentials adds overhead for the IT organization and increases the potential for security holes. .NET relies heavily on IIS for implementation of authentication, which leverages the Windows infrastructure, [MSDN1] and [MSDN2]. Java EE has defined several interfaces for application server integration with user management. These systems typically support integration with directory services using JNDI (including Active Directory) and integration with the underlying operating system user management. Most recently, the JSR-196 specification describes the integration with JAAS, which is a more powerful and flexible model [JSR196]. From a management viewpoint, unifying the user repository on LDAP does not solve the different underlying schema and security models. Java EE application server vendors offer proprietary support for Windows Domain authentication; however, this model is not supported in a standard fashion across application servers and requires user management only through the Windows Domain, [BEA1] and [IBM1]. Some organizations have addressed this problem through single-sign-on solutions and cross-domain security solutions such as Kerberos, [KERB].

The support for security policy at the VM level differs between .NET and Java EE and is managed with different tools. .NET has a more sophisticated policy structure, but Java allows greater flexibility for overriding default policies. Java EE RMI supports the use of SSL for secure communications; whereas, there is no similar built-in solution for .NET Remoting. WS-Security implementation is available for .NET and Java for secure remote invocation of Web services [PILIPCHUK1], and Sun implements WS-Security as part of the Java Web Services Developer Pack. Apache WSS4J is another implementation of the OASIS Web Services Security (WS-Security) for Java. See [JWSDP] and [WSS4J] for more details.

For the code demonstration, this chapter continues to use WS-I Supply Chain Management application described in the following sections.