Enterprise JavaBeans Tutorial
  • ejb - Tutorial
  • - Css
  • - W3css
  • ejb - Useful Resources
  • Ejb - Ebook Download

  • Enterprise JavaBeans

    Enterprise JavaBeans EJB is one of several Java APIs for modular construction of enterprise software. EJB is a server-side software component that encapsulates business logic of an application. An EJB web container provides a runtime environment for web related software components, including computer security, Java servlet lifecycle management, transaction processing, and other web services. The EJB specification is a subset of the Java EE specification.


    The EJB specification was originally developed in 1997 by IBM and later adopted by Sun Microsystems EJB 1.0 and 1.1 in 1999 and enhanced under the Java Community Process as JSR 19 EJB 2.0, JSR 153 EJB 2.1, JSR 220 EJB 3.0, JSR 318 EJB 3.1 and JSR 345 EJB 3.2.

    The EJB specification provides a standard way to implement the server-side also called "back-end" 'business' software typically found in enterprise applications as opposed to 'front-end' user interface software. Such software addresses the same types of problem, and solutions to these problems are often repeatedly re-implemented by programmers. Enterprise JavaBeans is intended to handle such common concerns as persistence, transactional integrity and security in a standard way, leaving programmers free to concentrate on the particular parts of the enterprise software at hand.

    General responsibilities

    The EJB specification details how an application server provides the following responsibilities:

    Additionally, the Enterprise JavaBean specification defines the roles played by the EJB container and the EJBs as well as how to deploy the EJBs in a container. Note that the current EJB 3.2 specification does not detail how an application server provides persistence a task delegated to the JPA specification, but instead details how business logic can easily integrate with the persistence services offered by the application server.


    Businesses found that using EJBs to encapsulate business logic brought a performance penalty. This is because the original specification allowed only for remote method invocation through CORBA and optionally other protocols, even though the large majority of business applications actually do not require this distributed computing functionality. The EJB 2.0 specification addressed this concern by adding the concept of local interfaces which could be called directly without performance penalties by applications that were not distributed over multiple servers.

    The EJB 3.0 specification ]


    The following shows a basic example of what an EJB looks like in code:

    public class CustomerService { 
      private EntityManager entityManager; 
      public void addCustomerCustomer customer { 

    The above defines a service class for persisting a Customer object via O/R mapping. The EJB takes care of managing the persistence context and the addCustomer method is transactional and thread-safe by default. As demonstrated, the EJB focuses only on business logic and persistence and knows nothing about any particular presentation.

    Such an EJB can be used by a class in e.g. the web layer as follows:

    public class CustomerBacking {
       private CustomerService customerService;
       public String addCustomerCustomer customer {
          context.addMessage...; // abbreviated for brevity
          return "customer_overview";

    The above defines a JavaServer Faces JSF backing bean in which the EJB is injected by means of the @EJB annotation. Its addCustomer method is typically bound to some UI component, such as a button. Contrary to the EJB, the backing bean does not contain any business logic or persistence code, but delegates such concerns to the EJB. The backing bean does know about a particular presentation, of which the EJB had no knowledge.

    Types of Enterprise Beans

    An EJB container holds two major types of beans:

    Stateful Session Beans are business objects having state: that is, they keep track of which calling client they are dealing with throughout a session and thus access to the bean instance is strictly limited to only one client at a time. If concurrent access to a single bean is attempted anyway the container serializes those requests, but via the @AccessTimeout annotation the container can instead throw an exception. Stateful session beans' state may be persisted passivated automatically by the container to free up memory after the client hasn't accessed the bean for some time. The JPA extended persistence context is explicitly supported by Stateful Session Beans.

    Stateless Session Beans are business objects that do not have state associated with them. However, access to a single bean instance is still limited to only one client at a time, concurrent access to the bean is prohibited. If concurrent access to a single bean is attempted, the container simply routes each request to a different instance. This makes a stateless session bean automatically thread-safe. Instance variables can be used during a single method call from a client to the bean, but the contents of those instance variables are not guaranteed to be preserved across different client method calls. Instances of Stateless Session beans are typically pooled. If a second client accesses a specific bean right after a method call on it made by a first client has finished, it might get the same instance. The lack of overhead to maintain a conversation with the calling client makes them less resource-intensive than stateful beans.

    Singleton Session Beans are business objects having a global shared state within a JVM. Concurrent access to the one and only bean instance can be controlled by the container Container-managed concurrency, CMC or by the bean itself Bean-managed concurrency, BMC. CMC can be tuned using the @Lock annotation, that designates whether a read lock or a write lock will be used for a method call. Additionally, Singleton Session Beans can explicitly request to be instantiated when the EJB container starts up, using the @Startup annotation.

    Message Driven Beans are business objects whose execution is triggered by messages instead of by method calls. The Message Driven Bean is used among others to provide a high level ease-of-use abstraction for the lower level JMS Java Message Service specification. It may subscribe to JMS message queues or message topics, which typically happens via the activationConfig attribute of the @MessageDriven annotation. They were added in EJB to allow event-driven processing. Unlike session beans, an MDB does not have a client view Local/Remote/No-interface, i. e. clients cannot look-up an MDB instance. An MDB just listens for any incoming message on, for example, a JMS queue or topic and processes them automatically. Only JMS support is required by the Java EE spec, but Message Driven Beans can support other messaging protocols. Such protocols may be asynchronous but can also be synchronous. Since session beans can also be synchronous or asynchronous, the prime difference between session- and message driven beans is not the synchronicity, but the difference between object oriented method calling and messaging.


    EJBs are deployed in an EJB container, typically within an application server. The specification describes how an EJB interacts with its container and how client code interacts with the container/EJB combination. The EJB classes used by applications are included in the package. The package is a service provider interface used only by EJB container implementations.

    Clients of EJBs do not instantiate those beans directly via Java's new operator, but instead have to obtain a reference via the EJB container. This reference is usually not a reference to the implementation bean itself, but to a proxy, which either dynamically implements the local or remote business interface that the client requested or dynamically implements a sub-type of the actual bean. The proxy can then be directly cast to the interface or bean. A client is said to have a 'view' on the EJB, and the local interface, remote interface and bean type itself respectively correspond with the local view, remote view and no-interface view.

    This proxy is needed in order to give the EJB container the opportunity to transparently provide cross-cutting AOP-like services to a bean like transactions, security, interceptions, injections, and remoting. As an example, a client invokes a method on a proxy, which will first start a transaction with the help of the EJB container and then call the actual bean method. When the bean method returns, the proxy ends the transaction i.e. by committing it or doing a rollback and transfers control back to the client.

    The EJB Container is responsible for ensuring the client code has sufficient access rights to an EJB. Security aspects can be declaratively applied to an EJB via annotations.

    EJB containers must support both container managed ACID transactions and bean managed transactions.

    Container-managed transactions CMT are by default active for calls to session beans. That is, no explicit configuration is needed. This behavior may be declaratively tuned by the bean via annotations and if needed such configuration can later be overridden in the deployment descriptor. Tuning includes switching off transactions for the whole bean or specific methods, or requesting alternative strategies for transaction propagation and starting or joining a transaction. Such strategies mainly deal with what should happen if a transaction is or isn't already in progress at the time the bean is called. The following variations are supported:

    Alternatively, the bean can also declare via an annotation that it wants to handle transactions programmatically via the JTA API. This mode of operation is called Bean Managed Transactions BMT, since the bean itself handles the transaction instead of the container.

    JMS Java Message Service is used to send messages from beans to clients, to let clients receive asynchronous messages from these beans. MDBs can be used to receive messages from clients asynchronously using either a JMS Queue or a Topic.

    As an alternative to injection, clients of an EJB can obtain a reference to the session bean's proxy object the EJB stub using Java Naming and Directory Interface JNDI. This alternative can be used in cases where injection is not available, such as in non-managed code or standalone remote Java SE clients, or when it's necessary to programmatically determine which bean to obtain.

    JNDI names for EJB session beans are assigned by the EJB container via the following scheme:

    entries in square brackets denote optional parts

    A single bean can be obtained by any name matching the above patterns, depending on the 'location' of the client. Clients in the same module as the required bean can use the module scope and larger scopes, clients in the same application as the required bean can use the app scope and higher, etc.

    E.g. code running in the same module as the CustomerService bean as given by the example shown earlier in this article could use the following code to obtain a local reference to it:

    CustomerServiceLocal customerService =
        CustomerServiceLocal new InitialContext.lookup"java:module/CustomerService";

    For communication with a client that's written in the Java programming language a session bean can expose a remote-view via an @Remote annotated interface. This allows those beans to be called from clients in other JVMs which themselves may be located on other remote systems. From the point of view of the EJB container, any code in another JVM is remote.

    Stateless- and Singleton session beans may also expose a "web service client view" for remote communication via WSDL and SOAP or plain XML. This follows the JAX-RPC and JAX-WS specifications. JAX-RPC support however is proposed for future removal. To support JAX-WS, the session bean is annotated with the @WebService annotation, and methods that are to be exposed remotely with the @WebMethod annotation..

    Although the EJB specification does not mention exposure as RESTful web services in any way and has no explicit support for this form of communication, the JAX-RS specification does explicitly support EJB. Following the JAX-RS spec, Stateless- and Singleton session beans can be root resources via the @Path annotation and EJB business methods can be mapped to resource methods via the @GET, @PUT, @POST and @DELETE annotations. This however does not count as a "web service client view", which is used exclusively for JAX-WS and JAX-RPC.

    Communication via web services is typical for clients not written in the Java programming language, but is also convenient for Java clients who have trouble reaching the EJB server via a firewall. Additionally, web service based communication can be used by Java clients to circumvent the arcane and ill-defined requirements for the so-called "client-libraries"; a set of jar files that a Java client must have on its class-path in order to communicate with the remote EJB server. These client-libraries potentially conflict with libraries the client may already have for instance, if the client itself is also a full Java EE server and such a conflict is deemed to be very hard or impossible to resolve.

    With EJB 2.1 and earlier, each EJB had to provide a Java implementation class and two Java interfaces. The EJB container created instances of the Java implementation class to provide the EJB implementation. The Java interfaces were used by client code of the EJB.

    With EJB 2.1 and earlier, the EJB specification required a deployment descriptor to be present. This was needed to implement a mechanism that allowed EJBs to be deployed in a consistent manner regardless of the specific EJB platform that was chosen. Information about how the bean should be deployed such as the name of the home or remote interfaces, whether and how to store the bean in a database, etc. had to be specified in the deployment descriptor.

    The deployment descriptor is an XML document having an entry for each EJB to be deployed. This XML document specifies the following information for each EJB:

    Old EJB containers from many vendors required more deployment information than that in the EJB specification. They would require the additional information as separate XML files, or some other configuration file format. An EJB platform vendor generally provided their own tools that would read this deployment descriptor, and possibly generated a set of classes that would implement the now deprecated Home and Remote interfaces.

    Since EJB 3.0 JSR 220, the XML descriptor is replaced by Java annotations set in the Enterprise Bean implementation at source level, although it is still possible to use an XML descriptor instead of or in addition to the annotations. If an XML descriptor and annotations are both applied to the same attribute within an Enterprise Bean, the XML definition overrides the corresponding source-level annotation, although some XML elements can also be additive e.g., an activation-config-property in XML with a different name than already defined via an @ActivationConfigProperty annotation will be added instead of replacing all existing properties.

    Container variations

    Starting with EJB 3.1, the EJB specification defines two variants of the EJB container; a full version and a limited version. The limited version adheres to a proper subset of the specification called EJB 3.1 Lite and is part of Java EE 6's web profile which is itself a subset of the full Java EE 6 specification.

    EJB 3.1 Lite excludes support for the following features:

    EJB 3.2 Lite excludes less features. Particularly it no longer excludes @Asynchronous and @Schedule/@Timeout, but for @Schedule it does not support the "persistent" attribute that full EJB 3.2 does support. The complete excluded list for EJB 3.2 Lite is:

    Version history

    EJB 3.2, final release 2013-05-28

    JSR 345. Enterprise JavaBeans 3.2 was a relatively minor release that mainly contained specification clarifications and lifted some restrictions that were imposed by the spec but over time appeared to serve no real purpose. A few existing full EJB features were also demanded to be in EJB 3 lite and functionality that was proposed to be pruned in EJB 3.1 was indeed pruned made optional.

    The following features were added:

    EJB 3.1, final release 2009-12-10

    JSR 318. The purpose of the Enterprise JavaBeans 3.1 specification is to further simplify the EJB architecture by reducing its complexity from the developer's point of view, while also adding new functionality in response to the needs of the community:

    EJB 3.0, final release 2006-05-11

    JSR 220 - Major changes: This release made it much easier to write EJBs, using 'annotations' rather than the complex 'deployment descriptors' used in version 2.x. The use of home and remote interfaces and the ejb-jar.xml file were also no longer required in this release, having been replaced with a business interface and a bean that implements the interface.

    EJB 2.1, final release 2003-11-24

    JSR 153 - Major changes:

    EJB 2.0, final release 2001-08-22

    JSR 19 - Major changes: Overall goals:

    EJB 1.1, final release 1999-12-17

    Major changes:

    Goals for Release 1.1:

    EJB 1.0 1998-03-24

    Announced at JavaOne 1998, Sun's third Java developers conference March 24 through 27 Goals for Release 1.0: