SOLUTION: INFO 321 American Military University SQL Statement & Index Discussion

NetBean:Online Payment System

1. IntroductionThis assignment is about the design and implementation of a web-based, multi-user payment service using Java Enterprise Edition (J2EE) technologies. The system is a much simplified version of PayPal. Through a JSF-based web interface, users should be able to send money to other registered users (e.g. using their registered email address as their unique identifier), request money from other registered users and manage their own account (e.g. look at their recent transactions). Super-users (i.e. admins) should be able to access all user accounts and transactions. Optionally, you will deploy your application on the cloud (e.g. on Amazon AWS, Microsoft Azure, or any similar infrastructure).After successfully completing the assignment, you will have demonstrated that you can:design and implement user interfaces using Java Server Facesdesign and implement business logic using enterprise Java beans (EJBs)design and implement a secure multi-user system2. Project DescriptionOnline payment services, such as PayPal, allow users to connect their online accounts to their bank accounts, debit and credit cards. In such systems, users are usually able to transfer money from their bank accounts to the online account, receive payments to this account from other users, push money from the online account to their bank accounts etc.For simplicity, we will assume that, for this project, all registered users start with a specific amount of money (e.g. £1000 pounds) and no connections to bank accounts exist.Note: this is pretend money and no connection to real sources of money should exist.Each user has a single online account whose currency is selected upon registration. A user can select to have their account in GB Pounds, US dollars or Euros. In that case, the system should make the appropriate conversion to assign the right initial amount of money (e.g. if the baseline is the £1000, then the initial amount should be 1000 * GBP_to_USD_rate US dollars).A user can instruct the system to make a direct payment to another user. If this request is accepted (i.e. the recipient of the payment exists and there are enough funds), money is transferred (within a single J2EE transaction) to the recipient immediately. A user should be able to check for notifications regarding payments in their account.A user can instruct the system to request payment from some other user. A user should be able to check about such notifications for requests for payment. They can reject the request, or, in response to it, make a payment to the requesting user.Users can access all their transactions, that is, sent and received payments and requests for payments as well as their current account balance.An administrator can see all user accounts and all transactions.Currency conversion must be implemented by a separate RESTful web service (see Section 3.3). The actual exchange rates will be statically assigned (hard-coded) in the RESTful service source code.3. System Architecture3.1. Web LayerThe web layer consists of a set .xhtml (facelets) pages through which users and administrators interact with the web application.Users should be able to:View all their transactionsMake direct payments to other registered usersRequest payments from registered usersAdministrators should be able to see:user accountsall payment transactionsand register new administratorsCDI Beans must not access any persistent data from the database. They should delegate all business logic to the service layer.3.2. Service LayerThe service layer consists of a set of Enterprise Java Beans (EJBs) which implement the business logic for the system. EJBs should support J2EE transactions so that data integrity is preserved. You should utilise container-managed transactions. That is, your code doesn’t need to cope with opening, committing or roll-backing transactions. You will only need to annotate your EJBs with the appropriate transaction attributes (or leave the default behaviour, if appropriate).The service layer is responsible for accessing the data (persistence) layer. Persistence (JPA) entity managers must be injected in your EJBs. Access to persistent data must only take place through these entity managers.3.3. Data LayerThe data layer consists of a relational database and JPA entities. To simplify deployment and configuration you must use JavaDB as your Relational Data Base Management System (RDBMS). JavaDB is an RDBMS which is installed with GlassFish.You data model should be written as a set of persistence entities (JPA). Upon deployment, JPA will create the actual relational database tables for you. Access to the database must always take place through manipulating JPA entities. Do not access the database directly using JDBC.3.3. Web ServicesYou must implement a REST Service that is accessed by the service layer. The service will be deployed on the same server but accessed from the service layer in the standard way (i.e. through HTTP).A currency conversion RESTful web service which responds only to GET requests. The exported resource should be named conversion, in a path like the following:baseURL/conversion/{currency1}/{currency2}/{amount_of_currency1}The RESTful web service should return an HTTP response with the conversion rate (currency1 to currency2) or the appropriate HTTP status code if one or both of the provided currencies are not supported.e.g. GET baseURL/conversion/{currency1}/{currency2} HTTP/1.1 should return a status ok response with a very simple response (e.g. in JSON that says that 1.00 GBP = 1.21217 EUR). Writing a REST client should be straightforward. Check the following links for more information: (Links to an external site.) (Links to an external site.) (Links to an external site.)3.4. SecurityThe online payment service is a multi-user web application. A user must be logged-in in order to interact with the system. Users should not be able to see other users’ information nor access pages and functionality for administrators. Administrators access their own set of pages, through which can have access to all users information. Users and administrators should be able to logout from the web application.You will need to implement and support:Communication on top of HTTPS for every interaction with users and adminsForm-based authentication (simple using the file realm, in a jdbcRealm where users can subscribe – full marks will be given to the second approach (see Section 4.))Logout functionalityDeclarative security to restrict access to web pages to non-authorised usersDeclarative security to restrict access to EJB methods4. Mark Allocation4.1. Web Layer (20%)15% – Full marks will be given if all required .xhtml are written and correctly connected with CDI backing beans in a way that makes sense even if no other functionality is implemented at the service and data layer. The set of correctly implemented JSF pages includes .xhtml pages required to perform security-related actions.5% – Full marks will be given if all required conversions and validations are done. This highly depends on the way you design your pages. In most cases, standard validations and conversions should be enough. Full marks will be given to assignments which support full and correct page navigation by explicitly specifying navigation rules in a faces-config.xml file.Important Note: The appearance of web pages will not be marked. If you want, you can use frameworks like PrimeFaces or RichFaces that build on JSF, or custom .css files, but this is not part of this assignment.4.2. Service Layer (20%)Full marks will be given if all required business logic is implemented in a set of Enterprise Java Beans, which must include appropriate annotations for supporting JTA transactions, if and when required.Users should be able to (15%):View all their transactions Make direct payments to other registered users Request payments from registered users Administrators should be able to (5%):view all user accounts and balancesview all payment transactionsregister more administrators4.3. Persistence Layer (10%)Full marks will be given if all access to application data is handled through JPA Entities. A correctly configured persistence.xml file is required along with annotations for defining JPA entities. Annotations are required to define associations among different entities (e.g. one-to-many, many-to-many) wherever this is required.4.4. Security (20%)10% – Form-based authenticationFull marks will be given if users can register, login and logout. This can happen using a jdbcRealm which is linked to JavaDB in order to register and authenticate users. An admin must be registered in the system when deploying (and, therefore, creating the DB tables)4% – Declarative security for access control when navigating through .xhtml pagesAccess to .xhtml pages must be restricted to authorised actors. You need to add security constraints in the deployment descriptor.4% – Declarative security for accessing EJB functionalityEJBs must be annotated appropriately (along with annotation-based role declarations) so that EJB functionality can be accessed my authorised actors (users and admin)2% – Initial administration registrationUpon deployment, a single administrator account (username: admin1, password:admin1) must be present. You can implement that through a singleton EJB that is instantiated upon deployment or by using a simple SQL script when the persistence unit is deployed. Only an administrator can register more administrators through the restricted admin pages.4.5. Web Services (10%)Full marks will be given if the REST web service is correctly implemented (using the correct URI structure presented above).4.7. One out of two options (20%)For the last 20% of the marks you can select between 2 options.4.7.1 ReportWrite a report (up to 1500 words), critically assessing the strengths and limitations of your implementation utilising your understanding of the underlying technologies. The report must consider the following points:(5%) How your design fits with the 3-tier architectural model and the model-view-controller software pattern(5%) The strengths and weaknesses of your chosen methods for securing the application, comparing your approach to other options(5%) How your design could be extended so that your server is not a single point of failure(5%) How your system would deal with concurrent users accessing functionality and data4.7.2 More Programming10% – Implement the DAO and DTO access patterns. In real world applications, the service layer never accesses the persistence layer directly. Back-end storage resources may change (e.g. new relational or non-relational databases may be added) over time and the service layer code must be independent of such changes. The most common software pattern for implementing such independence is the DAO pattern. DTO objects are also used instead of moving entity objects across layers.Check below for more information and extra resources:……10% – All transactions must be timestamped by accessing a ‘remote’ Thrift timestamp service (which is deployed on the same server as your system). The service should return the current date and time to your system when requested by the Enterprise Java Bean. The Thrift server can be implemented as a deployable EJB which uses a separate thread to accept time-stamping requests at port 10000.4.9. Comments about markingThe coursework requires you to bring together several independent pieces of functionality. It is highly recommended that you think about the service design BEFORE you start implementation. Consider which parts are necessary to implement the core functionality and create easily replaceable stubs for the peripheral services.Some parts of this assignment are independent. For example one could implement the system without the REST web service (losing the marks mentioned in the marking criteria) by just hard-coding the currency conversion functionality in an EJB.Along the same lines, one could ignore the data/persistence layer (losing 10% of the marks) by storing data in Lists and Sets appropriately in a Singleton EJB (just like we did during the web services’ lab classes).Some other functionality cuts through the whole system architecture vertically. That means that if, for example, the requesting money functionality is not implemented (nor the .xhtml files and any potentially required persistence data) marks will be removed from all three layers.Security is mostly independent and orthogonal to the rest of the system.5. SubmissionYour submission should be a zip file containing:a zipped copy of the NetBeans project containing well formatted source code (including all .java, .xhtml and all required configuration files)a brief catalogue of the files, describing the purpose of each filethe report (if you selected this option)screenshots for the cloud deployment as described in section 4.8Failure to submit the source code as described in the first bullet, will result to a zero mark as I will not be able to assess your programming effort. The submitted source code must be part of a Netbeans project that I can compile and deploy locally on my own GlassFish server. Projects implemented using other technologies (e.g. jsp, Spring, MySQL Server, PHP, Play etc.) will not get any marks. A penalty of 5% will be applied if the source code is not well-formatted and self-documenting (Links to an external site.) (or well-documented). A penalty of 3% will be applied if the name of the database, jdbcRealm and context root are not WebappsDB, WebappsRealm, /webapps2020, respectively.

Order a unique copy of this paper
(550 words)

Approximate price: $22

Our Basic features
  • Free title page and bibliography
  • Plagiarism-free guarantee
  • Unlimited revisions
  • Money-back guarantee
  • 24/7 support
Our Options
  • Writer’s samples
  • Expert Proofreading
  • Overnight delivery
  • Part-by-part delivery
  • Copies of used sources
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

AcademicWritingCompany guarantees

Our customer is the center of what we do and thus we offer 100% original essays..
By ordering our essays, you are guaranteed the best quality through our qualified experts.All your information and everything that you do on our website is kept completely confidential.

Money-back guarantee always strives to give you the best of its services. As a custom essay writing service, we are 100% sure of our services. That is why we ensure that our guarantee of money-back stands, always

Read more

Zero-plagiarism tolerance guarantee

The paper that you order at is 100% original. We ensure that regardless of the position you are, be it with urgent deadlines or hard essays, we give you a paper that is free of plagiarism. We even check our orders with the most advanced anti-plagiarism software in the industry.

Read more

Free-revision guarantee

The thrives on excellence and thus we help ensure the Customer’s total satisfaction with the completed Order.To do so, we provide a Free Revision policy as a courtesy service. To receive free revision the Academic writing Company requires that the you provide the request within Fifteen (14) days since the completion date and within a period of thirty (30) days for dissertations and research papers.

Read more

Privacy and Security policy

With, your privacy is the most important aspect. First, the academic writing company will never resell your personal information, which include credit cards, to any third party. Not even your lecturer on institution will know that you bought an essay from our academic writing company.

Read more

Adherence to requirements guarantee

The academic writing company writers know that following essay instructions is the most important part of academic writing. The expert writers will, therefore, work extra hard to ensure that they cooperate with all the requirements without fail. We also count on you to help us provide a better academic paper.

Read more

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2020 at 10:52 AM
Total price:
The price is based on these factors:
Customer Academic level
Number of pages required
Urgency of paper