WAP builds Java applicationsTake advantage of your existing EJBs to power a mobile workforce ![]() | ![]() |
![]() |
Level: Introductory Aashish Patil (ash01@vsnl.net), M.S. candidate, Computer Science department, University of Southern California 01 Jul 2001 If your company already relies on multitiered enterprise Java applications, then you may be closer to a wireless future than you think. By outlining a sample application, Aashish Patil shows you how to connect your existing enterprise Java infrastructure to a wireless netowrk with minimal investment in equipment and labor. Using existing EJBs, modified servlets, and new WML and WMLScript pages makes the process a snap. The Wireless Application Protocol (WAP) can add value to the existing Web architecture of an enterprise. If you are already using enterprise Java applications, you can easily integrate them with WAP services to bring useful data and functionality to a mobile workforce. In this article, I will cover the basics of using J2EE with WAP and then build a sample WAP/enterprise Java application that demonstrates how you can connect your own EJBs to a wireless network. You should have a basic understanding of the Java 2 Platform, Enterprise Edition (J2EE) architecture before reading this article. You can find links to more information on J2EE in the Resources section below. As a refresher, here's a diagram of a typical J2EE application designed with a desktop client in mind: Figure 1. J2EE application structure ![]() In Figure 1, the layer containing the JavaServer Pages (JSPs) and servlets is responsible for the generation of dynamic HTML pages. In WAP applications, this layer would generate dynamic Wireless Markup Language (WML) pages instead. Thus, in order to alter a standard J2EE app for use with mobile devices, you will have to write new JSPs and, in some cases, new servlets. The Enterprise JavaBeans (EJBs) will be left untouched, since they are not concerned with presentation of data.
Some would argue that the servlets do not need to be changed, either: a simple redirection of their output to JSPs generating dynamic WML pages should be sufficient. However, a servlet cannot differentiate between requests coming from desktop computers and requests coming from WAP devices; since WAP applications may not implement all the functionality of a Web-based architecture, it is important that there be no confusion in this regard. Hence, developers usually design new servlets for WAP applications. However, these servlets will, in most cases, be very similar to servlets that provide similar functionality over a Web-based architecture. Another component that does not appear in Figure 1 but is crucial to WAP applications is a WAP gateway. This component is responsible for conversions from the WAP stack to the Internet stack and vice versa. Figure 2 is a revised version of Figure 1, showing the structure for a J2EE application with a WAP device as a client: Figure 2. WAP/J2EE application structure ![]() As noted, all requests to the Web server from a WAP client must be routed through a WAP gateway. Although a WAP gateway can also act as a WAP server by hosting WML/WMLScript pages, it is more convenient to host these on the Web server. There are many deployment scenarios for the WAP gateway. For most WAP applications, the gateway is either deployed by the ISP or by the company hosting the application. The latter scenario is the more secure choice, as we'll see later; however, if users want general-purpose network access on their WAP devices, an internal WAP gateway can be an inconvenience. Most non-ISPs would not want their gateways to be used to access sites other than their own; hence, to visit other sites, users will have to use an ISP's gateway. But for every gateway used by the WAP client, the user has to define a different connection, just as one does in Windows 98's Dialup Networking -- and the number of such connections available on each device is usually limited. This adds inconvenience for the user and it also blocks a connection in a WAP device for access to a single site.
WAP application design considerations A developer used to building J2EE apps for desktop clients will run into some new challenges when working with WAP. The following are some questions you might find yourself asking while building a WAP application. How many lines can I display on a screen? What security issues should I consider? Even a secure connection does not completely eliminate insecurity. The data sent to the WAP gateway is encrypted using WTLS (Wireless Transport Layer Security), which uses the same algorithm as standard TLS. However, the data sent to the WAP gateway is binary encoded (for WAP), so the encrypted data must be decrypted and re-encrypted using TLS for the Internet. For some time, the sensitive data is in clear text on the WAP gateway. A hacker could perform a memory dump at the right time and then gain access to this sensitive data. As noted, one way to get around this problem is to have the WAP gateway at your own company's end instead of at the ISP's. In that case, a trusted person could handle the gateway and the logging function could be turned off. You could also use a custom encryption algorithm to encrypt the username and the password at the client end using WMLScript. This is possible only if you use simple algorithms; WMLScript is not powerful enough to support algorithms of the DES category. How can I maintain a session? Sometimes, the default session ID length increases the length of each request considerably. As a result, the client or the WAP gateway may reject the request as a malformed URL. It is necessary to reduce the length of the session ID. See the documentation of the servlet engine that you are using for the parameter name of the session ID. If you are experiencing malformed URL errors, this documentation should also offer guidance on reducing the length of the session ID value.
Building the sample application XYZ Ltd. manufactures PDAs, wearable computers, and other pervasive computing devices. The company's sales staff visits clients to offer live demonstrations of XYZ's products; for some of these demonstrations, salespeople must travel great distances to reach client sites. How will they receive client lists and other vital data while on the road? Using e-mail for this purpose would require bulky, expensive laptops or never-ending searches for Internet cafés; using fax machines at client sites would be even more impractical. Instead, XYZ's sales crew will receive their data via WAP-enabled devices, such as mobile phones or PDAs. Using a mobile device, the salesperson can provide immediate feedback to the company on the status of the client visit. The company could then arrange immediate delivery of goods to the client and maintain current sales statistics. Our application has two main goals. First, our mobile sales staff should be able to use it to view their client lists on their WAP devices. Second, if a client wishes to buy goods, then a salesperson should be able to place an order using the device. Furthermore, one of the important goals of any WAP application should be to reduce the number of keypresses that a user must make. Due to the limited nature of a handheld device's user interface, the amount of data that a user is asked to enter should be kept to a minimum. Here's a flow diagram showing the structure of our system: Figure 3. Application flow diagram ![]() Users first must log in to access the system; they can then view the client list and details about each client. If they wish to place an order for a particular client, then they are presented with an item list from which they can select a particular item for that client. For most of the remainder of this article, we will discuss the servlet and JSP code that drives this application. We'll examine the ways in which JSPs and servlets work together. The discussion of each JavaServer Page is accompanied by a graphic showing that JSP's output on a device screen. Listing 1, Figure 4. PDA displaying login ![]() Validating blank input fields presents a problem. There is an attribute in the
A mobile phone user must go to a separate input dialog screen to enter data. Our problem arises because the user may choose to go directly to the next deck or card rather than go to the input dialog screen and enter data in the field. A user confronted with the screen in Figure 4 may omit the password and tap Next. A developer could prevent this from happening by validating using WMLScript, using the Listing 2, This file displays two links on the device screen, as shown in Figure 5. The second link ends the current session; the first leads to the current client list. In the current version of the program flow, the salesperson must select a client from the list before beginning any sales transaction; the list of sales items can only be reached from subsequent screens (the details are to follow). Other program flows are possible: for example, a link could be added to the main menu that sends the user directly to the item list. However, you should not to provide too many links on any one menu, as the small screens of WAP-enabled devices can easily become cluttered. Figure 5. PDA displaying main menu ![]() Tapping on View Clients on the menu screen in Figure 5 calls the Listing 5, Figure 6. PDA displaying client list ![]() Note that the task of displaying of the client list into three separate components --
Listing 6, Figure 7. PDA displaying client detail ![]() Listing 7, Listing 8, Figure 8. PDA displaying item list ![]()
In this version of the application, the salesperson's only option after completing the transaction is to return to the main menu (see Figure 9). You could alter the code to send the user back to the client or item lists as well. Figure 9. PDA displaying transaction complete message ![]() If you've been paying attention, you noticed that the salesperson only enters data twice: when logging on and when entering the number of items to buy for the customer.
The attached files include all the JSP and servlet code included in this article as well as the necessary EJB code. The jar file of the EJBs is also included, along with the deployment descriptors. The screen shots are from Nokia's WAP Simulator 2.0.
As mentioned previously, a WAP application provides a very nice value-added service. A standalone WAP application is not a feasible idea. However, such an application can be easily incorporated into any existing Web application architecture without much monetary or labor investment. The only new hardware you'll need is a machine and software for the WAP gateway; if you are using your ISP's gateway, even this cost is eliminated. Existing HTML pages will need to be converted into WML. However, WML pages are not as complex as HTML since they do not support as many features as HTML pages. Hence, this is not a very time-consuming task. WAP also supports images in the Wireless BitMap (WBMP) format. However, a user using WAP services is paying considerably for connection time and is usually more interested in to-the-point and targeted information rather than beauty. Unless the images themselves convey information, it is much better to provide quick information than hog bandwidth and time transmitting graphics to the user. A final note: although a simulator provides a nice environment for testing WAP applications, a WAP application can be said to be completely tested only when it has been run on all possible target WAP devices along with the WAP gateway deployed. All dynamically generated pages are compiled at the gateway. Hence, it is necessary to find out which version of WAP the gateway supports. It is no use writing pages in WML 1.2 if the gateway compiler only works with WML 1.1.
|