Chapter 3 Design • Business logging: You can log the request and response in the business controller of the application. • Authorization: You can integrate authorization logic, which will check the user’s authorization to access the data from a particular business controller. Business validation or services are responsible for filtering and processing a DTO received from the data access layer on the bases of business rules and logic. After processing, objects are sent back to a particular business controller, which has initiated the request for business services. Business services are responsible for the following: • Model binding: Data received from Data access layer will be mapped to business services. • Business rules validation: Business rules and checks like null pointer exception and blank check, etc. are validated in business services. The data transfer object interacts with the data layer (database). Records stored in a database are mapped to entity objects, and entity objects are requested to appropriate tables in the data repository. Entity objects are then sent back to business services where objects are processed, then these processed objects are sent back to the business controller, as shown in Figure 3-17. The business controller redirect to appropriate business services, and business services access the data received from the DTO and data access object (DAO) of the data access layer. 85