SlideShare a Scribd company logo

RESTful Web Services

Download as PPTX, PDF
Gordon Dickens
Gordon Dickens

Using Spring to create a RESTful java application.

Technology
1 of 22
RESTful Web Services 20-Jan-2011 Gordon Dickens gordon@gordondickens.com
Who Am I?  Instructor/Mentor  Active Tweeter for Open Source Tech Topics twitter.com/gdickens  Certified Instructor for  DZone Most Valuable Blogger dzone.com/page/mvbs – dzone.com/user/284679 Technophile Blog - technophile.gordondickens.com  GitZone:github.com/gordonad  LinkedIn:linkedin.com/in/gordondickens 2
Web Services  What are Web Services?  SOA  Remote messaging between systems  SOAP != Web Services  Web Services != SOAP  SOAP !opposite of REST  REST !opposite of SOAP 3
Who is using REST? 4
What is REST?  REpresentationalState Transfer  term by Roy Fielding  en.wikipedia.org/wiki/Representational_State_Transfer  www.ics.uci.edu/~fielding/pubs/dissertation/rest_arch_style.htm  Architectural Style  Design principle  Not an API  Not a standard  Web Services over HTTP  Client: Browser, Desktop, Mobile Device, etc.  HTTP supported by most languages & platforms 5
Re – S – T  Representational  Client requests data AND representation from server  HTML, PDF, JSON, XLS, etc.  State  URIs returned in hypermedia are in context of the current resource  Available options for the client embedded within  View state to edit state  Transfer  The server transfers hypermedia content to the client  HATEOAS  Cool resume building buzzword  Hypermedia as the Engine of Application State 6
REST Benefits  Representations can be any format  JSON, XML, PDF, JPG, HTML, etc.  Client requests standard media type  Hypermedia  response contains resource specific links  provides state transitions  Cacheable  HTTP  Existing Infrastructure  Language Support 7
REST Introduction  Take the ROAD back to OOAD  Nouns are defined in the URI  Verbs are provided by HTTP  GET (retrieve)  POST (create)  PUT (update)  DELETE (delete)  What should the server return from this URI?  http://myserver:8080/myapp/accounts/234 8
What’s our Job?  We must design the URI patterns & flow  Define URIs with Nouns  Include identifiers as Path Variables  GET /accounts/234  GET /accounts/234/orders  GET /accounts/234/orders/25  Parameters provide hints to the server such as pagination values or max rows, etc. 9
URI Design  For each Resource (noun) define behavior  Account:  GET /accounts – returns list of accounts  GET /accounts/{id} – returns account by id  POST /accounts – inserts account data  PUT /accounts/{id} – Updates account by id  DELETE /accounts/{id} – Close account by id  Account’s Orders  GET /accounts/{id}/orders – List all orders for account  GET /accounts/{id}/orders/{id} – List specific order  POST /accounts/{id}/orders – Insert order for account  PUT /accounts/{id}/orders/{id} – Update order  DELETE /accounts/{id}/orders/{id} – Cancel Order 10
HTTP Response Codes  Familiar HTTP Response codes  200 OK  404 Page not found  500 Server is kaput  RESTful uses standard HTTP codes  1xx Informational  2xx Success  3xx Redirection  4xx Client Error  5xx Server Error 11
Designing the flow  Conditional Headers  If-Unmodified-Since  If-Match (etag)  If-None-Match  Example of Conditional PUT  Returns:  200 - OK  201 - Created  404 – Not Found  412 – Precond. Failed 12
Representation Request  Client to Server HTTP/1.1 200 OK GET /accounts/234 Date: … HOST: myserver.com Content-Length: 2146 Accept: application.xml, … … <account id=“234”> … </account> GET /accounts/234 HTTP/1.1 200 OK HOST: myserver.com Date: … Accept: application/json, … Content-Length: 1027 … { “account”:{“id”:234, …} } 13
Java & REST  JAX-RS  JSR-311  Jersey (RI), Restlet, CXF, RestEasy  Spring REST  leverages formatters & converters  REST Template – Easy Client development  Spring Roo – generates RESTfulURIs 14
Spring REST @RequestMapping  Annotations for: @ResponseStatus  URL Path @PathVariable  HTTP Verbs @RequestBody  Request body (payload) @ResponseBody  Response body @RequestParam @RequestHeader  Header, Parameter & Path variables  Response Status codes  Automatic marshalling/unmarshalling of resource representations  <mvc:annotation-driven/>  Registers automatic formatters, converters &marshallers  Inspects classpath for Jackson/JSON, JodaTime, etc. 15
Security - Data  Same as other messaging approaches  Encapsulation:  SSL, TLS, IPsec, etc.  Encryption:  PGP, S/MIME, etc. 16
Security - Auth  Authentication:  Basic, Digest, X509, etc.  Spring Security  Client Sends GET /account/123  Server Responds with: HTTP/1.1 401 Unauthorized WWW-Authenticate: Basic realm=”MyApp Realm”  Authorization  Standard web.xml security configuration  Spring Security  OAuth 17
“An open protocol to allow secure API authorization in a simple and standard method from desktop to web applications.” http://oauth.net code.google.com/p/oauth/ 18
OAuth Participants  Client  Our app  Server  Who we want to connecting with  Service Provider  Service that authenticates credentials 19
OAuth Safety Dance 20
“OpenID is a decentralized authentication protocol that makes it easy for people to sign up and access web accounts.” openid.net openid.net/developers/libraries/#java  OpenID 2.0 Java 5 impl for  Java REST framework, Google Federated Login openid 2.0, OAuth consumer & service provider, JSON code.google.com/p/jopenid/ IOC code.google.com/p/dyuproject/ 21
Questions? Email: gordon@gordondickens.com Twitter: twitter.com/gdickens Blog: technophile.gordondickens.com Git: github.com/gordonad LinkedIn: linkedin.com/in/gordondickens 22

Recommended

Spring Social - Messaging Friends & Influencing People
Spring Social - Messaging Friends & Influencing PeopleSpring Social - Messaging Friends & Influencing People
Spring Social - Messaging Friends & Influencing PeopleGordon Dickens
 
Enterprise Spring Building Scalable Applications
Enterprise Spring Building Scalable ApplicationsEnterprise Spring Building Scalable Applications
Enterprise Spring Building Scalable ApplicationsGordon Dickens
 
RESTful Web APIs – Mike Amundsen, Principal API Architect, Layer 7
RESTful Web APIs – Mike Amundsen, Principal API Architect, Layer 7RESTful Web APIs – Mike Amundsen, Principal API Architect, Layer 7
RESTful Web APIs – Mike Amundsen, Principal API Architect, Layer 7CA API Management
 
Building REST and Hypermedia APIs with PHP
Building REST and Hypermedia APIs with PHPBuilding REST and Hypermedia APIs with PHP
Building REST and Hypermedia APIs with PHPAzRy LLC, Caucasus School of Technology
 
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...CA API Management
 
Enterprise Access Control Patterns for Rest and Web APIs
Enterprise Access Control Patterns for Rest and Web APIsEnterprise Access Control Patterns for Rest and Web APIs
Enterprise Access Control Patterns for Rest and Web APIsCA API Management
 
LAJUG Napster REST API
LAJUG Napster REST APILAJUG Napster REST API
LAJUG Napster REST APIstephenbhadran
 
JAX-RS 2.0: RESTful Web Services
JAX-RS 2.0: RESTful Web ServicesJAX-RS 2.0: RESTful Web Services
JAX-RS 2.0: RESTful Web ServicesArun Gupta
 

Recommended

Spring Social - Messaging Friends & Influencing People
Spring Social - Messaging Friends & Influencing PeopleSpring Social - Messaging Friends & Influencing People
Spring Social - Messaging Friends & Influencing PeopleGordon Dickens
 
Enterprise Spring Building Scalable Applications
Enterprise Spring Building Scalable ApplicationsEnterprise Spring Building Scalable Applications
Enterprise Spring Building Scalable ApplicationsGordon Dickens
 
RESTful Web APIs – Mike Amundsen, Principal API Architect, Layer 7
RESTful Web APIs – Mike Amundsen, Principal API Architect, Layer 7RESTful Web APIs – Mike Amundsen, Principal API Architect, Layer 7
RESTful Web APIs – Mike Amundsen, Principal API Architect, Layer 7CA API Management
 
Building REST and Hypermedia APIs with PHP
Building REST and Hypermedia APIs with PHPBuilding REST and Hypermedia APIs with PHP
Building REST and Hypermedia APIs with PHPAzRy LLC, Caucasus School of Technology
 
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...
Enterprise Access Control Patterns for REST and Web APIs Gluecon 2011, Franco...CA API Management
 
Enterprise Access Control Patterns for Rest and Web APIs
Enterprise Access Control Patterns for Rest and Web APIsEnterprise Access Control Patterns for Rest and Web APIs
Enterprise Access Control Patterns for Rest and Web APIsCA API Management
 
LAJUG Napster REST API
LAJUG Napster REST APILAJUG Napster REST API
LAJUG Napster REST APIstephenbhadran
 
JAX-RS 2.0: RESTful Web Services
JAX-RS 2.0: RESTful Web ServicesJAX-RS 2.0: RESTful Web Services
JAX-RS 2.0: RESTful Web ServicesArun Gupta
 
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRISThe glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRISGeert Pante
 
Dave Carroll Application Services Salesforce
Dave Carroll Application Services SalesforceDave Carroll Application Services Salesforce
Dave Carroll Application Services Salesforcedeimos
 
SharePoint Data Anywhere and Everywhere by Chris Beckett - SPTechCon
SharePoint Data Anywhere and Everywhere by Chris Beckett - SPTechConSharePoint Data Anywhere and Everywhere by Chris Beckett - SPTechCon
SharePoint Data Anywhere and Everywhere by Chris Beckett - SPTechConSPTechCon
 
Web development with ASP.NET Web API
Web development with ASP.NET Web APIWeb development with ASP.NET Web API
Web development with ASP.NET Web APIDamir Dobric
 
Web Center Services and Framework
Web Center Services and FrameworkWeb Center Services and Framework
Web Center Services and FrameworkJaime Cid
 
Making Sense of API Access Control
Making Sense of API Access ControlMaking Sense of API Access Control
Making Sense of API Access ControlCA API Management
 
Mashups
MashupsMashups
MashupsJohan Eltes
 
API Design- Best Practices
API Design- Best PracticesAPI Design- Best Practices
API Design- Best PracticesPrakash Bhandari
 
REST Architecture with use case and example
REST Architecture with use case and exampleREST Architecture with use case and example
REST Architecture with use case and exampleShailesh singh
 
Together Cheerfully to Walk with Hypermedia
Together Cheerfully to Walk with HypermediaTogether Cheerfully to Walk with Hypermedia
Together Cheerfully to Walk with HypermediaVladimir Tsukur
 
Take a REST!
Take a REST!Take a REST!
Take a REST!Vladimir Tsukur
 
Server-Side Programming Primer
Server-Side Programming PrimerServer-Side Programming Primer
Server-Side Programming PrimerIvano Malavolta
 
An Introduction To REST API
An Introduction To REST APIAn Introduction To REST API
An Introduction To REST APIAniruddh Bhilvare
 
24032022 Zero Trust for Developers Pub.pdf
24032022 Zero Trust for Developers Pub.pdf24032022 Zero Trust for Developers Pub.pdf
24032022 Zero Trust for Developers Pub.pdfTomasz Kopacz
 
Introduction To REST
Introduction To RESTIntroduction To REST
Introduction To RESTBhavya Siddappa
 
Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...
Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...
Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...Joonas Lehtinen
 
Hypermedia APIs
Hypermedia APIsHypermedia APIs
Hypermedia APIsPaulo Gandra de Sousa
 
Jsf login logout project
Jsf login logout projectJsf login logout project
Jsf login logout projectGagandeep Singh
 
Java Web Programming [1/9] : Introduction to Web Application
Java Web Programming [1/9] : Introduction to Web ApplicationJava Web Programming [1/9] : Introduction to Web Application
Java Web Programming [1/9] : Introduction to Web ApplicationIMC Institute
 
Java power to the SOA developer (ODTUG Kaleidoscope 2010)
Java power to the SOA developer (ODTUG Kaleidoscope 2010)Java power to the SOA developer (ODTUG Kaleidoscope 2010)
Java power to the SOA developer (ODTUG Kaleidoscope 2010)Lucas Jellema
 
Intro to OSGi and Eclipse Virgo
Intro to OSGi and Eclipse VirgoIntro to OSGi and Eclipse Virgo
Intro to OSGi and Eclipse VirgoGordon Dickens
 
Eclipse e4 Tutorial - EclipseCon 2010
Eclipse e4 Tutorial - EclipseCon 2010Eclipse e4 Tutorial - EclipseCon 2010
Eclipse e4 Tutorial - EclipseCon 2010Lars Vogel
 

More Related Content

What's hot

The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRISThe glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRISGeert Pante
 
Dave Carroll Application Services Salesforce
Dave Carroll Application Services SalesforceDave Carroll Application Services Salesforce
Dave Carroll Application Services Salesforcedeimos
 
SharePoint Data Anywhere and Everywhere by Chris Beckett - SPTechCon
SharePoint Data Anywhere and Everywhere by Chris Beckett - SPTechConSharePoint Data Anywhere and Everywhere by Chris Beckett - SPTechCon
SharePoint Data Anywhere and Everywhere by Chris Beckett - SPTechConSPTechCon
 
Web development with ASP.NET Web API
Web development with ASP.NET Web APIWeb development with ASP.NET Web API
Web development with ASP.NET Web APIDamir Dobric
 
Web Center Services and Framework
Web Center Services and FrameworkWeb Center Services and Framework
Web Center Services and FrameworkJaime Cid
 
Making Sense of API Access Control
Making Sense of API Access ControlMaking Sense of API Access Control
Making Sense of API Access ControlCA API Management
 
REST Architecture with use case and example
REST Architecture with use case and exampleREST Architecture with use case and example
REST Architecture with use case and exampleShailesh singh
 
Together Cheerfully to Walk with Hypermedia
Together Cheerfully to Walk with HypermediaTogether Cheerfully to Walk with Hypermedia
Together Cheerfully to Walk with HypermediaVladimir Tsukur
 
Server-Side Programming Primer
Server-Side Programming PrimerServer-Side Programming Primer
Server-Side Programming PrimerIvano Malavolta
 
24032022 Zero Trust for Developers Pub.pdf
24032022 Zero Trust for Developers Pub.pdf24032022 Zero Trust for Developers Pub.pdf
24032022 Zero Trust for Developers Pub.pdfTomasz Kopacz
 
Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...
Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...
Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...Joonas Lehtinen
 
Jsf login logout project
Jsf login logout projectJsf login logout project
Jsf login logout projectGagandeep Singh
 
Java Web Programming [1/9] : Introduction to Web Application
Java Web Programming [1/9] : Introduction to Web ApplicationJava Web Programming [1/9] : Introduction to Web Application
Java Web Programming [1/9] : Introduction to Web ApplicationIMC Institute
 
Java power to the SOA developer (ODTUG Kaleidoscope 2010)
Java power to the SOA developer (ODTUG Kaleidoscope 2010)Java power to the SOA developer (ODTUG Kaleidoscope 2010)
Java power to the SOA developer (ODTUG Kaleidoscope 2010)Lucas Jellema
 

What's hot (20)

The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRISThe glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
 
Dave Carroll Application Services Salesforce
Dave Carroll Application Services SalesforceDave Carroll Application Services Salesforce
Dave Carroll Application Services Salesforce
 
SharePoint Data Anywhere and Everywhere by Chris Beckett - SPTechCon
SharePoint Data Anywhere and Everywhere by Chris Beckett - SPTechConSharePoint Data Anywhere and Everywhere by Chris Beckett - SPTechCon
SharePoint Data Anywhere and Everywhere by Chris Beckett - SPTechCon
 
Web development with ASP.NET Web API
Web development with ASP.NET Web APIWeb development with ASP.NET Web API
Web development with ASP.NET Web API
 
Web Center Services and Framework
Web Center Services and FrameworkWeb Center Services and Framework
Web Center Services and Framework
 
Making Sense of API Access Control
Making Sense of API Access ControlMaking Sense of API Access Control
Making Sense of API Access Control
 
Mashups
MashupsMashups
Mashups
 
API Design- Best Practices
API Design- Best PracticesAPI Design- Best Practices
API Design- Best Practices
 
REST Architecture with use case and example
REST Architecture with use case and exampleREST Architecture with use case and example
REST Architecture with use case and example
 
Together Cheerfully to Walk with Hypermedia
Together Cheerfully to Walk with HypermediaTogether Cheerfully to Walk with Hypermedia
Together Cheerfully to Walk with Hypermedia
 
Take a REST!
Take a REST!Take a REST!
Take a REST!
 
Server-Side Programming Primer
Server-Side Programming PrimerServer-Side Programming Primer
Server-Side Programming Primer
 
An Introduction To REST API
An Introduction To REST APIAn Introduction To REST API
An Introduction To REST API
 
24032022 Zero Trust for Developers Pub.pdf
24032022 Zero Trust for Developers Pub.pdf24032022 Zero Trust for Developers Pub.pdf
24032022 Zero Trust for Developers Pub.pdf
 
Introduction To REST
Introduction To RESTIntroduction To REST
Introduction To REST
 
Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...
Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...
Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...
 
Hypermedia APIs
Hypermedia APIsHypermedia APIs
Hypermedia APIs
 
Jsf login logout project
Jsf login logout projectJsf login logout project
Jsf login logout project
 
Java Web Programming [1/9] : Introduction to Web Application
Java Web Programming [1/9] : Introduction to Web ApplicationJava Web Programming [1/9] : Introduction to Web Application
Java Web Programming [1/9] : Introduction to Web Application
 
Java power to the SOA developer (ODTUG Kaleidoscope 2010)
Java power to the SOA developer (ODTUG Kaleidoscope 2010)Java power to the SOA developer (ODTUG Kaleidoscope 2010)
Java power to the SOA developer (ODTUG Kaleidoscope 2010)
 

Viewers also liked

Intro to OSGi and Eclipse Virgo
Intro to OSGi and Eclipse VirgoIntro to OSGi and Eclipse Virgo
Intro to OSGi and Eclipse VirgoGordon Dickens
 
Eclipse e4 Tutorial - EclipseCon 2010
Eclipse e4 Tutorial - EclipseCon 2010Eclipse e4 Tutorial - EclipseCon 2010
Eclipse e4 Tutorial - EclipseCon 2010Lars Vogel
 
Eclipse Plug-in Develompent Tips And Tricks
Eclipse Plug-in Develompent Tips And TricksEclipse Plug-in Develompent Tips And Tricks
Eclipse Plug-in Develompent Tips And TricksChris Aniszczyk
 
Eclipse Extensions Vs OSGI Services Tikal@ EclipseDemoCamps Tel Aviv
Eclipse Extensions Vs OSGI Services Tikal@ EclipseDemoCamps Tel AvivEclipse Extensions Vs OSGI Services Tikal@ EclipseDemoCamps Tel Aviv
Eclipse Extensions Vs OSGI Services Tikal@ EclipseDemoCamps Tel Avivguestb69b980e
 
OSGi Technology, Eclipse and Convergence - Jeff McAffer, IBM
OSGi Technology, Eclipse and Convergence - Jeff McAffer, IBMOSGi Technology, Eclipse and Convergence - Jeff McAffer, IBM
OSGi Technology, Eclipse and Convergence - Jeff McAffer, IBMmfrancis
 
OSGi, Eclipse and API Tooling
OSGi, Eclipse and API ToolingOSGi, Eclipse and API Tooling
OSGi, Eclipse and API ToolingChris Aniszczyk
 
Eclipse plug in development
Eclipse plug in developmentEclipse plug in development
Eclipse plug in developmentMartin Toshev
 
Visual Design with Data
Visual Design with DataVisual Design with Data
Visual Design with DataSeth Familian
 

Viewers also liked (8)

Intro to OSGi and Eclipse Virgo
Intro to OSGi and Eclipse VirgoIntro to OSGi and Eclipse Virgo
Intro to OSGi and Eclipse Virgo
 
Eclipse e4 Tutorial - EclipseCon 2010
Eclipse e4 Tutorial - EclipseCon 2010Eclipse e4 Tutorial - EclipseCon 2010
Eclipse e4 Tutorial - EclipseCon 2010
 
Eclipse Plug-in Develompent Tips And Tricks
Eclipse Plug-in Develompent Tips And TricksEclipse Plug-in Develompent Tips And Tricks
Eclipse Plug-in Develompent Tips And Tricks
 
Eclipse Extensions Vs OSGI Services Tikal@ EclipseDemoCamps Tel Aviv
Eclipse Extensions Vs OSGI Services Tikal@ EclipseDemoCamps Tel AvivEclipse Extensions Vs OSGI Services Tikal@ EclipseDemoCamps Tel Aviv
Eclipse Extensions Vs OSGI Services Tikal@ EclipseDemoCamps Tel Aviv
 
OSGi Technology, Eclipse and Convergence - Jeff McAffer, IBM
OSGi Technology, Eclipse and Convergence - Jeff McAffer, IBMOSGi Technology, Eclipse and Convergence - Jeff McAffer, IBM
OSGi Technology, Eclipse and Convergence - Jeff McAffer, IBM
 
OSGi, Eclipse and API Tooling
OSGi, Eclipse and API ToolingOSGi, Eclipse and API Tooling
OSGi, Eclipse and API Tooling
 
Eclipse plug in development
Eclipse plug in developmentEclipse plug in development
Eclipse plug in development
 
Visual Design with Data
Visual Design with DataVisual Design with Data
Visual Design with Data
 

Similar to RESTful Web Services

Rest with Java EE 6 , Security , Backbone.js
Rest with Java EE 6 , Security , Backbone.jsRest with Java EE 6 , Security , Backbone.js
Rest with Java EE 6 , Security , Backbone.jsCarol McDonald
 
RESTful services
RESTful servicesRESTful services
RESTful servicesgouthamrv
 
Best Practices for Architecting a Pragmatic Web API.
Best Practices for Architecting a Pragmatic Web API.Best Practices for Architecting a Pragmatic Web API.
Best Practices for Architecting a Pragmatic Web API.Mario Cardinal
 
REST APIs in the context of single-page applications
REST APIs in the context of single-page applicationsREST APIs in the context of single-page applications
REST APIs in the context of single-page applicationsyoranbe
 
Rest presentation
Rest presentationRest presentation
Rest presentationsrividhyau
 
Pinterest like site using REST and Bottle
Pinterest like site using REST and Bottle Pinterest like site using REST and Bottle
Pinterest like site using REST and Bottle Gaurav Bhardwaj
 
RefCard RESTful API Design
RefCard RESTful API DesignRefCard RESTful API Design
RefCard RESTful API DesignOCTO Technology
 
JAX-RS JavaOne Hyderabad, India 2011
JAX-RS JavaOne Hyderabad, India 2011JAX-RS JavaOne Hyderabad, India 2011
JAX-RS JavaOne Hyderabad, India 2011Shreedhar Ganapathy
 
REST and Web API
REST and Web APIREST and Web API
REST and Web APIIT Weekend
 
RESTful SOA - 中科院暑期讲座
RESTful SOA - 中科院暑期讲座RESTful SOA - 中科院暑期讲座
RESTful SOA - 中科院暑期讲座Li Yi
 
Android App Development 06 : Network &amp; Web Services
Android App Development 06 : Network &amp; Web ServicesAndroid App Development 06 : Network &amp; Web Services
Android App Development 06 : Network &amp; Web ServicesAnuchit Chalothorn
 
How APIs Can Be Secured in Mobile Environments
How APIs Can Be Secured in Mobile EnvironmentsHow APIs Can Be Secured in Mobile Environments
How APIs Can Be Secured in Mobile EnvironmentsWSO2
 
Service approach for development Rest API in Symfony2
Service approach for development Rest API in Symfony2Service approach for development Rest API in Symfony2
Service approach for development Rest API in Symfony2Sumy PHP User Grpoup
 
Time to REST: testing web services
Time to REST: testing web servicesTime to REST: testing web services
Time to REST: testing web servicesIurii Kutelmakh
 

Similar to RESTful Web Services (20)

Rest
RestRest
Rest
 
Rest with Java EE 6 , Security , Backbone.js
Rest with Java EE 6 , Security , Backbone.jsRest with Java EE 6 , Security , Backbone.js
Rest with Java EE 6 , Security , Backbone.js
 
RESTful services
RESTful servicesRESTful services
RESTful services
 
Best Practices for Architecting a Pragmatic Web API.
Best Practices for Architecting a Pragmatic Web API.Best Practices for Architecting a Pragmatic Web API.
Best Practices for Architecting a Pragmatic Web API.
 
REST APIs in the context of single-page applications
REST APIs in the context of single-page applicationsREST APIs in the context of single-page applications
REST APIs in the context of single-page applications
 
Rest presentation
Rest presentationRest presentation
Rest presentation
 
Pinterest like site using REST and Bottle
Pinterest like site using REST and Bottle Pinterest like site using REST and Bottle
Pinterest like site using REST and Bottle
 
RefCard RESTful API Design
RefCard RESTful API DesignRefCard RESTful API Design
RefCard RESTful API Design
 
JAX-RS JavaOne Hyderabad, India 2011
JAX-RS JavaOne Hyderabad, India 2011JAX-RS JavaOne Hyderabad, India 2011
JAX-RS JavaOne Hyderabad, India 2011
 
REST and Web API
REST and Web APIREST and Web API
REST and Web API
 
REST and Web API
REST and Web APIREST and Web API
REST and Web API
 
Rest Webservice
Rest WebserviceRest Webservice
Rest Webservice
 
RESTful SOA - 中科院暑期讲座
RESTful SOA - 中科院暑期讲座RESTful SOA - 中科院暑期讲座
RESTful SOA - 中科院暑期讲座
 
Android App Development 06 : Network &amp; Web Services
Android App Development 06 : Network &amp; Web ServicesAndroid App Development 06 : Network &amp; Web Services
Android App Development 06 : Network &amp; Web Services
 
Getting Started with API Management
Getting Started with API ManagementGetting Started with API Management
Getting Started with API Management
 
How APIs Can Be Secured in Mobile Environments
How APIs Can Be Secured in Mobile EnvironmentsHow APIs Can Be Secured in Mobile Environments
How APIs Can Be Secured in Mobile Environments
 
Service approach for development Rest API in Symfony2
Service approach for development Rest API in Symfony2Service approach for development Rest API in Symfony2
Service approach for development Rest API in Symfony2
 
Time to REST: testing web services
Time to REST: testing web servicesTime to REST: testing web services
Time to REST: testing web services
 
Restful design at work v2.0
Restful design at work v2.0Restful design at work v2.0
Restful design at work v2.0
 
WebApp #3 : API
WebApp #3 : APIWebApp #3 : API
WebApp #3 : API
 

Recently uploaded

Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 

Recently uploaded (20)

Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 

RESTful Web Services

  • 1. RESTful Web Services 20-Jan-2011 Gordon Dickens gordon@gordondickens.com
  • 2. Who Am I?  Instructor/Mentor  Active Tweeter for Open Source Tech Topics twitter.com/gdickens  Certified Instructor for  DZone Most Valuable Blogger dzone.com/page/mvbs – dzone.com/user/284679 Technophile Blog - technophile.gordondickens.com  GitZone:github.com/gordonad  LinkedIn:linkedin.com/in/gordondickens 2
  • 3. Web Services  What are Web Services?  SOA  Remote messaging between systems  SOAP != Web Services  Web Services != SOAP  SOAP !opposite of REST  REST !opposite of SOAP 3
  • 4. Who is using REST? 4
  • 5. What is REST?  REpresentationalState Transfer  term by Roy Fielding  en.wikipedia.org/wiki/Representational_State_Transfer  www.ics.uci.edu/~fielding/pubs/dissertation/rest_arch_style.htm  Architectural Style  Design principle  Not an API  Not a standard  Web Services over HTTP  Client: Browser, Desktop, Mobile Device, etc.  HTTP supported by most languages & platforms 5
  • 6. Re – S – T  Representational  Client requests data AND representation from server  HTML, PDF, JSON, XLS, etc.  State  URIs returned in hypermedia are in context of the current resource  Available options for the client embedded within  View state to edit state  Transfer  The server transfers hypermedia content to the client  HATEOAS  Cool resume building buzzword  Hypermedia as the Engine of Application State 6
  • 7. REST Benefits  Representations can be any format  JSON, XML, PDF, JPG, HTML, etc.  Client requests standard media type  Hypermedia  response contains resource specific links  provides state transitions  Cacheable  HTTP  Existing Infrastructure  Language Support 7
  • 8. REST Introduction  Take the ROAD back to OOAD  Nouns are defined in the URI  Verbs are provided by HTTP  GET (retrieve)  POST (create)  PUT (update)  DELETE (delete)  What should the server return from this URI?  http://myserver:8080/myapp/accounts/234 8
  • 9. What’s our Job?  We must design the URI patterns & flow  Define URIs with Nouns  Include identifiers as Path Variables  GET /accounts/234  GET /accounts/234/orders  GET /accounts/234/orders/25  Parameters provide hints to the server such as pagination values or max rows, etc. 9
  • 10. URI Design  For each Resource (noun) define behavior  Account:  GET /accounts – returns list of accounts  GET /accounts/{id} – returns account by id  POST /accounts – inserts account data  PUT /accounts/{id} – Updates account by id  DELETE /accounts/{id} – Close account by id  Account’s Orders  GET /accounts/{id}/orders – List all orders for account  GET /accounts/{id}/orders/{id} – List specific order  POST /accounts/{id}/orders – Insert order for account  PUT /accounts/{id}/orders/{id} – Update order  DELETE /accounts/{id}/orders/{id} – Cancel Order 10
  • 11. HTTP Response Codes  Familiar HTTP Response codes  200 OK  404 Page not found  500 Server is kaput  RESTful uses standard HTTP codes  1xx Informational  2xx Success  3xx Redirection  4xx Client Error  5xx Server Error 11
  • 12. Designing the flow  Conditional Headers  If-Unmodified-Since  If-Match (etag)  If-None-Match  Example of Conditional PUT  Returns:  200 - OK  201 - Created  404 – Not Found  412 – Precond. Failed 12
  • 13. Representation Request  Client to Server HTTP/1.1 200 OK GET /accounts/234 Date: … HOST: myserver.com Content-Length: 2146 Accept: application.xml, … … <account id=“234”> … </account> GET /accounts/234 HTTP/1.1 200 OK HOST: myserver.com Date: … Accept: application/json, … Content-Length: 1027 … { “account”:{“id”:234, …} } 13
  • 14. Java & REST  JAX-RS  JSR-311  Jersey (RI), Restlet, CXF, RestEasy  Spring REST  leverages formatters & converters  REST Template – Easy Client development  Spring Roo – generates RESTfulURIs 14
  • 15. Spring REST @RequestMapping  Annotations for: @ResponseStatus  URL Path @PathVariable  HTTP Verbs @RequestBody  Request body (payload) @ResponseBody  Response body @RequestParam @RequestHeader  Header, Parameter & Path variables  Response Status codes  Automatic marshalling/unmarshalling of resource representations  <mvc:annotation-driven/>  Registers automatic formatters, converters &marshallers  Inspects classpath for Jackson/JSON, JodaTime, etc. 15
  • 16. Security - Data  Same as other messaging approaches  Encapsulation:  SSL, TLS, IPsec, etc.  Encryption:  PGP, S/MIME, etc. 16
  • 17. Security - Auth  Authentication:  Basic, Digest, X509, etc.  Spring Security  Client Sends GET /account/123  Server Responds with: HTTP/1.1 401 Unauthorized WWW-Authenticate: Basic realm=”MyApp Realm”  Authorization  Standard web.xml security configuration  Spring Security  OAuth 17
  • 18. “An open protocol to allow secure API authorization in a simple and standard method from desktop to web applications.” http://oauth.net code.google.com/p/oauth/ 18
  • 19. OAuth Participants  Client  Our app  Server  Who we want to connecting with  Service Provider  Service that authenticates credentials 19
  • 21. “OpenID is a decentralized authentication protocol that makes it easy for people to sign up and access web accounts.” openid.net openid.net/developers/libraries/#java  OpenID 2.0 Java 5 impl for  Java REST framework, Google Federated Login openid 2.0, OAuth consumer & service provider, JSON code.google.com/p/jopenid/ IOC code.google.com/p/dyuproject/ 21
  • 22. Questions? Email: gordon@gordondickens.com Twitter: twitter.com/gdickens Blog: technophile.gordondickens.com Git: github.com/gordonad LinkedIn: linkedin.com/in/gordondickens 22