One of my first assignments as a fresh employee of IT Mill was to investigate how well Vaadin integrates with the new GlassFish 3 application server. The last time I had used the "official JEE" was back in the 1.4 days, resulting in me becoming somewhat of a Spring fanatic. However, I had read that JEE 5 had improved considerably and approached my assignment with careful optimism.
I had previously done a lot of development on Eclipse Rich Client Platform and really liked the modular thinking that was enforced by the underlying OSGi platform. Therefore, when I found out that GlassFish supported OSGi, I immediately became excited.
I started small by turning the Vaadin JAR into an OSGi bundle and deployed it on the GlassFish server. After that, I created a Vaadin application that could be deployed as a web application bundle (WAB). The result of this experiment was an article that can be found here.
With the basic building blocks in place, I moved on to create a simple modular Vaadin application inspired by Eclipse RCP. The user interface was running as an ordinary JEE web application, but it could be dynamically extended by installing OSGi bundles into GlassFish. The application is described in an article that can be found here. I have not yet created any "real-world" applications using this approach, but I have some ideas for a pet project that will utilize OSGi. If the ideas ever turn into code, I will let you know.
In addition to OSGi, I also checked out the new annotation-based way of configuring JEE applications and injecting dependencies. While figuring out how to utilize it with Vaadin, I came up with two different approaches that resulted in yet another article found here. Quickly after I had posted the article, I received a third (better) approach from a community member and included it in the article as well.
Finally, I investigated how the security features of GlassFish can be used to secure Vaadin applications. Although I still think Spring Security is more fine grained when it comes to security, the standard GlassFish/JEE 6 security features are sufficient for most applications. Custom security features, such as auditing or ACLs, can easily be implemented using interceptors to avoid cluttering the business logic with security code. My article on Vaadin and JEE6 security can be found here.
Overall, discovering GlassFish 3 has been a pleasant experience and I am going to continue on this path, as there is still a lot to discover. Thanks to the modular design of GlassFish 3, JEE has become a lightweight, non-intrusive framework for developing both small and large enterprise applications. Although Spring and Tomcat will still play an important role in my Vaadin toolbox, they are now accompanied by JEE6 and GlassFish 3 as well.