客户端的业务逻辑
为什么人们说业务逻辑应该在服务器端代码(例如EJB)上实现,而不是在客户端应用程序代码上实现?
我想到的示例是基于 EJB 的体系结构上的业务对象验证。它真的必须委托给 EJB 还是可以在将对象发送到服务器进行保存之前在客户端上运行它?
Why do people say that business logics should be implemented on the server side code (e.g. EJB) and not on the client application code?
The example that I have in mind is a business object validation on a EJB based architecture. Does it really have to be delegated to the EJB or is it ok to run it on the client before the object is sent to the server to be saved?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
验证可以在客户端完成,以便保存到服务器的往返过程。但服务器也应该执行相同的验证。理想情况下,您可以在客户端和服务器端重用相同的类。
Validation can be done client-side in order to save the round-trip to the server. But the server should also perform the same validation. Ideally, you can reuse the same classes on both client and server-side.
有两个原因。首先,多个客户端可能具有相同的业务逻辑,因此将其分解到服务器是有意义的。其次,您很可能无法信任客户端,这意味着服务器验证至关重要。
There are two reasons. First, you're likely to have the same business logic for multiple clients, so it makes sense to factor it out to the server. Second, you most likely can't trust the client, which means server validation is essential.
这是我们从客户端/服务器(胖客户端)架构中学到的东西。使用这样的架构,您必须重新部署所有客户端才能更改某些内容,这非常痛苦。服务器端应用程序和集中部署(使用瘦客户端或富客户端)不存在此问题,因此是首选。
验证是您必须在服务器端执行的操作(“不要信任客户端”),并且也可以在客户端执行以避免往返。我什至没有提及多个客户端的情况(GUI、命令行应用程序、批处理等)。
That's something we've learned from client/server (fat clients) architectures. With such architectures, you had to redeploy all the clients to change something and this was just a pain. Server side applications and centralized deployment (with thin or rich clients) don't have this problem and are thus preferred.
Validation is something that you must perform on the server side ("don't trust the client") and can also perform on the client side to avoid a round trip. And I'm not even mentioning the case of multiple clients (a GUI, a command line application, a batch, etc).
因为通常客户端代码用于显示信息,而不是真正定义应用程序的功能。
主要是因为这使您可以灵活地添加其他客户端,而不必执行奇怪的技巧(例如复制/粘贴)。
例如,假设您的客户端使用 HTML,稍后您想使用 json 添加新客户端。
如果业务规则位于客户端上,您必须将它们复制到新客户端。
现在,不要与验证规则和其他规则混淆。这些也必须放置在客户端。
Because usually the client code is used to display the information and not really to define what the application does.
Mainly because this gives you flexibility to add other clients without having to do strange tricks ( like copy/paste )
For instance, assume your client is using HTML, later you want to add a new client using json.
If the business rules were on the client, you'll have to copy them to the new client.
Now, don't get confused with validation rules and other. Those have to be placed in the client side too.