Archive for the ‘Spring Framework’ Category

Caching In Web Applications


Caching may help in increasing application performance. Here we will explore ways that will help improve the performance of a Web Application.

What is Cache?

Wiki defines a cache as "a store of things that will be required in future, and can be retrieved rapidly." That is the nub of it. In computer science terms, a cache is a collection of temporary data which either duplicates data located elsewhere or is the result of a computation. Once in the cache, the data can be repeatedly accessed inexpensively.

An application requests data from cache using a key. If the key is not found, the application retrieves the data from a slow data source and puts it into the cache. The next request for a key is serviced from the cache.

cache-hit: When a data element is requested of the cache and the element exists for the given key, it is referred to as a cache hit (or simply ‘hit’).

cache-miss: When a data element is requested of the cache and the element does not exist for the given key, it is referred to as a cache miss (or simply ‘miss’)


Target Usage Areas in a Web Application.

Common factors for which caching can be considered are How many times the cached object can be reused and how long is the response time. Other factor include like how much up to date data the user need. These are some of the factor to be kept in mind before considering caching.

Data Access Layer Caching:

Depending on the data if the data is not changing often there are many queries that can be qualified to be cached and can be served from cache instead of hitting the database.

Data Retrieval from Data Warehouse:

One of the important candidate for cache. As we know there are limited connections to DW and we often get connection limit exceeded error. As DW data is a day old and hitting DW for every call doesn’t make sense. Adding a refresh per day on the cache entity will be good enough.

Web Services Caching

Web services caching can be applied both to client side or server side. The areas specifically are authentication information caching, filtering out calls that result in similar results etc. ( to be investigated ).

Open Source Cache Solutions:

Memcached :

The architecture of Memcached consists of two pieces.

– First is a Memcached server that runs in its own process.

– The Memcached client, the second piece of the Memcached system, does know about each of the servers. The client is responsible for picking up the server for each cache entry and either storing or getting the cache entry

Open source Java caching framework

The Cache framework runs within JVM. The caching framework would create the Cache Manager objects in the same JVM where your application is running.

JSR 107: JCACHE – Java Temporary Caching API :

Specifies API and semantics for temporary, in memory caching of Java objects, including object creation, shared access, spooling, invalidation, and consistency across JVM’s.

The specification request was proposed in 2001 to standardize java application caching. The project is still pending.

Java Caching System (JCS):

JCS is a distributed caching system written in java. It is intended to speed up applications by providing a means to manage cached data of various dynamic natures.

Like any caching system, JCS is most useful for high read, low put applications. It allows both caching in memory or on disk. JCS supports cluster environment.


EHCache is a fast, lightweight, and easy-to-use in-process cache. It supports read-only and read/write caching, and memory- and disk-based caching.

EHCashe can be used for caching Hibernate (second-level cache), data access objects, security credentials, web pages.

It can also be used for SOAP and RESTful server caching, application persistence, and distributed caching.


OSCache is another open-source caching solution. It is part of a larger package, which also provides caching functionalities for JSP pages or arbitrary objects.

It is a powerful and flexible package, which, like EHCache, supports read-only and read/write caching, and memory- and disk-based caching.

It also provides basic support for clustering via either JavaGroups or JMS.


SwarmCache is a simple cluster-based caching solution based on JavaGroups. It supports read-only or nonstrict read/write caching.

SwarmCache is designed to be integrated in to the persistence layer of a database-driven Java application.

This type of cache is appropriate for applications that typically have many more read operations than write operations.

Comparing Cache Solutions:




Java Caching System (JCS):


Fast and Light Weight

Simple, Small foot print, Minimal dependencies

Simple, Small foot print, Minimal dependencies

Simple and small footprint the whole app size is less than 2 MB

fast, reliable, and highly configurable ,

Small and easy to use API Mostly used for Storing POJO objects


Provides Memory and Disk stores for scalability into gigabytes,
Scalable to hundreds of caches,
Tuned for high concurrent load on large multi-cpu servers
Multiple CacheManagers per virtual machine

OSCache is capable of caching data in memory (so it is very fast), and/or to disk

SwarmCache is an in-memory cache

Support both memory and disk caching

Cashe4J is an in-memory cache


Supports Object or Serializable caching
Support cache-wide or Element-based expiry policies
Provides LRU, LFU and FIFO cache eviction policies
Provides Memory and Disk stores
Dynamic, Runtime Configuration of Caches

Multiple caching algorithms are supported such as LRU (Least Recently Used),
FIFO (First In First Out), or unlimited.
It is also possible to plug in your own custom algorithm.

Supports Caching Algorithms, Least Recently Used (LRU),Automatic

Uses LRU (Least Recently Used) and is more like an object cache.

It supports LRU, LFU, and FIFO caching algorithms

Standards Based

Full implementation of JSR107 JCACHE API

Not standard.

not implemented based on standard JSR-107

JCACHE , JSR-107 But it depends on concurent util package before java 5.

Doesn’t follow standard

Distributed Caching

Support for replication via RMI or Jgroups

OSCache can easily be configured to cluster across multiple boxes

Cluster aware

Support distributed cache.

No Support for clustering


High Test Coverage
Fully documented
Trusted by Popular Frameworks

Project is no more active poor documentation.

Poor Documentation, last update was in 2003

Well documented

No Documentation ( only available in Russian).

JSP Tag Support

No Support

provides caching functionalities for JSP tags,
pages fragments cache, pages or arbitrary objects

No support

No Support

No Support


Apache 2.0 license

Unknown open source.


Apache License

BSD license

Learning Curve and Ease of Usage

easy to configure and learn

easy to configure and learn

complex API

New Term usage and relatively high learning curve




Configuring EHCache in Web Applications


To use Ehcache in Web Application the following configuration is needed

– Create a simple ServletContextListener and create a new instance of Cache and store it as attribute in servlet context

public void contextInitialized(ServletContextEvent sce) {

ServletContext ctx = sce.getServletContext();

CacheManager singletonManager = CacheManager.create();

Cache memoryOnlyCache = new Cache("dbCache", 0, false, true, 86400,86400);


memoryOnlyCache = singletonManager.getCache("dbCache");

ctx.setAttribute("dbCache", memoryOnlyCache );


– To use cache get it from context and pass it to DAO layer to cache the return of the query etc.

– To save an object in Cache

Element resultCacheElement = new

Element(resultSet.getString("EMPLOYEE_NUMBER"), emp);


– To get an object from Cache

Element e = cacheRef.get(personId);

if (e != null) {

emp = (Employee)e.getObjectValue(); // get object from cache


Testing EHCache Performance


Below are the results of Ehcache performance. For the demo we created a simple web application. The application structure is similar to the design of a web application used by Sample Web Application. It utilizes connection pool of Glassfish Server. For testing purpose we made the following tests

1. Calling database 500 times and records the time it takes, similarly we will call Ehcache to get the same.

2. To test how much memory space it takes to store the entire employee from DB to Cache. To store 12K records it takes around 48 MB space.

3. Get 1000 records from database and compare the querying the same from Cache.



Sample Usage of EHCache


All usages of Ehcache start with the creation of a CacheManager

CacheManager manager = CacheManager.newInstance()


Create a CacheManager specifying the path of a configuration file.

CacheManager manager = CacheManager.newInstance("src/config/ehcache.xml");


Performing CRUD operations


Put an element into a cache

Cache cache = manager.getCache("sampleCache1");
Element element = new Element("key1", "value1");

Update an element in a cache. Even though cache.put() is used, Ehcache knows there is an existing element, and considers the put an update for the purpose of notifying cache listeners.

Cache cache = manager.getCache("sampleCache1");
cache.put(new Element("key1", "value1"));
//This updates the entry for "key1"
cache.put(new Element("key1", "value2"));

Get a Serializable value from an element in a cache with a key of "key1".

Cache cache = manager.getCache("sampleCache1");
Element element = cache.get("key1");
Serializable value = element.getValue();

Get a NonSerializable value from an element in a cache with a key of "key1".

Cache cache = manager.getCache("sampleCache1");
Element element = cache.get("key1");
Object value = element.getObjectValue();

Remove an element from a cache with a key of "key1".

Cache cache = manager.getCache("sampleCache1"); cache.remove("key1");

HaJJ QUOTA By Country

Every Muslim country gets a quota of 1,000 pilgrims per million inhabitants, or 0.1 percent of its population.


Rank Country Capital City Total Population Muslim Population Hajj Quota
1 Indonesia Jakarta 237641326 204852000 20485200
2 Pakistan Islamabad 181565000 178092000 17809200
3 India New Delhi 1210193422 177291000 17729100
4 Bangladesh Dhaka 152518015 148602000 14860200
5 Egypt Cairo 82999000 80029000 8002900
6 Nigeria Abuja 166629000 75723000 7572300
7 Iran Teheran 75149669 74809000 7480900
8 Turkey Ankara 74724269 74665000 7466500
9 Algeria Algiers 37100000 34785000 3478500
10 Morocco Rabat 32765300 32376000 3237600

Authentication using Spring Security

What is Authentication?  Authentication is the act of establishing or confirming something (or someone) as authentic, that is, that claims made by or about the subject are true. (Wiki) . Spring Security provides a security solution which is very portable. By moving the application from one environment to another there is almost zero configuration change. Security is completely portable at application war level. Spring support many different authentication models which includes HTTP Basic Authentication, Form Based Authentication, LDAP , etc. We will only focus on basic authentication.

Step 1:

Filter Declaration in web.xml to filter the matching URL and delegate it to be handled by Spring Security infrastructure.



Step 2:

Web Security Service Configuration:

Here the parent element is <http. Elements are intercept-url which have the pattern which will be check against the requesting URL once matched the role will be checked in access attribute.

For Basic authentication model putting the attribute auto-config=’true’ will do the track.

<http auto-config='true'>
    <intercept-url pattern="/**" access="ROLE_USER" />

For Form Base authentication the login page url should be explicitly determinted

 <http auto-config='true'>
    <intercept-url pattern="/login.jsp*" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
    <intercept-url pattern="/**" access="ROLE_USER" />
    <form-login login-page='/login.jsp'/>

Step 3:

Configuring a provider manager:

ProviderManager is an authentication manager implementation that delegates
responsibility for authentication to one or more authentication providers.

It can use many different identity repositories (Database, LDAP etc ) to authenticate the principle. Let’s take authentication against a database. A DaoAuthenticationProvider is a simple authentication provider that uses a Data Access Object (DAO) to retrieve user information.

Bean userDetailsService must implement interface userDetails which have method loadUserByUsername where username is passed for which a UserDetails
object must be retrieved.

<bean id="authenticationManager">
<property name="providers">
<ref local="daoAuthentication" />

<bean id="daoAuthentication">
<property name="userDetailsService" ref="userDetailsService"/>

Step 4:

Creating simple login page with Spring Security Tags:

<%@ page import="" %>
<%@ page import="" %>
<%@ page import="" %>

<form action="j_spring_security_check">
	<label for="j_username">Username</label>
	<input type="text" name="j_username" id="j_username" <c:if test="${not empty param.login_error}">value='<%= session.getAttribute(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY) %>'</c:if>/>
	<label for="j_password">Password</label>
	<input type="password" name="j_password" id="j_password"/>
	<input type='checkbox' name='_spring_security_remember_me'/> Remember me on this computer.
	<input type="submit" value="Login"/>