The document discusses various communication protocols and standards for web services, including JSON-RPC, XML-RPC, SOAP, REST, and related description standards like WSDL, WADL, and SMD. It provides examples of each protocol/standard and compares their advantages and disadvantages. Key points covered include JSON-RPC using a request-response model with notifications and errors, XML-RPC also using request-response with errors represented differently. SOAP is described as allowing services to be discovered while RPC-based services typically are not. The verbosity of WSDL is contrasted with the more concise SMD format.
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...rahul kundu
The document defines HTTP and HTTPS. HTTP is the Hypertext Transfer Protocol that provides communication between web browsers and servers. It is unsecured and transmits data in plain text. HTTPS is HTTP secured with SSL/TLS encryption to provide security. Key differences are that HTTPS uses port 443 instead of HTTP's port 80, establishes an encrypted channel, and verifies servers with certificates to protect against attacks.
This document provides an overview of a session objective that introduces web servers, browsers, how they communicate, ASP (Active Server Pages), and a small ASP application example. The key topics covered are how web servers store and distribute web pages to clients/browsers, how browsers make HTTP requests to web servers and receive HTTP responses, an introduction to ASP for creating dynamic web pages on the server-side, and advantages of using ASP like browser independence and improved security.
This document discusses the Hypertext Transfer Protocol (HTTP) which defines how messages are formatted and transmitted on the World Wide Web. It establishes HTTP as the foundation of data communication, outlining the request/response format and various methods like GET and POST. The document also compares versions HTTP 1.0 and 1.1, covering persistent connections, pipelining, cookies, caching improvements, and other features. It provides details on HTTPS which uses HTTP over SSL to securely transmit encrypted data and authenticate web servers.
HTTP is an application-level protocol for distributed, collaborative hypermedia information systems. It is based on the client-server model and uses TCP/IP protocols. HTTP functions by having clients make requests to servers, which respond with status codes and requested resources. Key aspects of HTTP include its stateless and connectionless nature, as well as its use of request methods like GET and POST.
HTTP is the protocol that powers the web. It uses a request-response model where clients make requests that servers respond to. Common request methods include GET, POST, HEAD, PUT, DELETE, and OPTIONS. Responses include status codes like 200 for OK and content types. HTTP 1.1 added features like persistent connections and chunked encoding. Cookies are used to maintain statelessness. HTTPS uses SSL/TLS to secure HTTP connections with encryption, server authentication, and integrity.
This document provides an overview of the basics of HTTP (Hypertext Transfer Protocol). It discusses the history and problems that HTTP solved, the TCP/IP model, pillars of HTTP including paths, methods, status codes and headers. It also describes the client-server workflow involving opening a TCP connection, sending requests and reading responses. Key aspects covered include connection management, status codes, methods, headers for authentication, caching, conditionals, cookies, CORS and security. Finally, it notes why HTTP is designed as simple, extensible, stateless but not sessionless, and connection efficient, before concluding with a brief discussion of HTTPS.
A web proxy server acts as an intermediary between clients and external servers on the internet. It protects clients by filtering traffic and limiting outside access. When a client requests a resource, the proxy server evaluates the request according to its rules before forwarding it to the external server. It then sends the response back to the client. This allows all clients connected to the proxy server to access the internet from behind the firewall with improved security and performance. The proxy server can also cache frequently requested resources to speed up access.
Tim Berners-Lee outlined the advantages of a hypertext-based, linked information system in March 1989 and named his project "Enquire". By the end of 1990, Berners-Lee and Robert Cailliau created the first Web browsers and servers and designed the first version of HTTP. HTTP sits atop the TCP/IP protocol stack and allows for the delivery of HTTP messages over reliable TCP connections. HTTP requests use methods like GET and POST while responses use status codes to indicate the result.
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...rahul kundu
The document defines HTTP and HTTPS. HTTP is the Hypertext Transfer Protocol that provides communication between web browsers and servers. It is unsecured and transmits data in plain text. HTTPS is HTTP secured with SSL/TLS encryption to provide security. Key differences are that HTTPS uses port 443 instead of HTTP's port 80, establishes an encrypted channel, and verifies servers with certificates to protect against attacks.
This document provides an overview of a session objective that introduces web servers, browsers, how they communicate, ASP (Active Server Pages), and a small ASP application example. The key topics covered are how web servers store and distribute web pages to clients/browsers, how browsers make HTTP requests to web servers and receive HTTP responses, an introduction to ASP for creating dynamic web pages on the server-side, and advantages of using ASP like browser independence and improved security.
This document discusses the Hypertext Transfer Protocol (HTTP) which defines how messages are formatted and transmitted on the World Wide Web. It establishes HTTP as the foundation of data communication, outlining the request/response format and various methods like GET and POST. The document also compares versions HTTP 1.0 and 1.1, covering persistent connections, pipelining, cookies, caching improvements, and other features. It provides details on HTTPS which uses HTTP over SSL to securely transmit encrypted data and authenticate web servers.
HTTP is an application-level protocol for distributed, collaborative hypermedia information systems. It is based on the client-server model and uses TCP/IP protocols. HTTP functions by having clients make requests to servers, which respond with status codes and requested resources. Key aspects of HTTP include its stateless and connectionless nature, as well as its use of request methods like GET and POST.
HTTP is the protocol that powers the web. It uses a request-response model where clients make requests that servers respond to. Common request methods include GET, POST, HEAD, PUT, DELETE, and OPTIONS. Responses include status codes like 200 for OK and content types. HTTP 1.1 added features like persistent connections and chunked encoding. Cookies are used to maintain statelessness. HTTPS uses SSL/TLS to secure HTTP connections with encryption, server authentication, and integrity.
This document provides an overview of the basics of HTTP (Hypertext Transfer Protocol). It discusses the history and problems that HTTP solved, the TCP/IP model, pillars of HTTP including paths, methods, status codes and headers. It also describes the client-server workflow involving opening a TCP connection, sending requests and reading responses. Key aspects covered include connection management, status codes, methods, headers for authentication, caching, conditionals, cookies, CORS and security. Finally, it notes why HTTP is designed as simple, extensible, stateless but not sessionless, and connection efficient, before concluding with a brief discussion of HTTPS.
A web proxy server acts as an intermediary between clients and external servers on the internet. It protects clients by filtering traffic and limiting outside access. When a client requests a resource, the proxy server evaluates the request according to its rules before forwarding it to the external server. It then sends the response back to the client. This allows all clients connected to the proxy server to access the internet from behind the firewall with improved security and performance. The proxy server can also cache frequently requested resources to speed up access.
Tim Berners-Lee outlined the advantages of a hypertext-based, linked information system in March 1989 and named his project "Enquire". By the end of 1990, Berners-Lee and Robert Cailliau created the first Web browsers and servers and designed the first version of HTTP. HTTP sits atop the TCP/IP protocol stack and allows for the delivery of HTTP messages over reliable TCP connections. HTTP requests use methods like GET and POST while responses use status codes to indicate the result.
WSDL (Web Services Description Language) is an XML format used to define web services and describe how to access them. It defines services, port types, bindings and messages to provide interface definitions for web services. WSDL allows web services to be discovered and invoked over various protocols like SOAP, HTTP GET/POST and MIME.
A firewall can be either software-based or hardware-based, and is used to help secure a network by preventing unauthorized access. There are several types of firewalls including network layer, application layer, circuit layer, stateful multi-layer inspection, proxy, host-based, and hybrid firewalls. Firewalls work at different levels, from just packet filtering at the network level, to deep packet inspection and application-level filtering at higher levels.
OAuth 2 is an authorization framework that allows applications to access user data and perform actions on their behalf. It defines flows for applications to request access, and provides short-lived credentials in response. The main roles in OAuth are the resource owner (user), client (application), resource server (API), and authorization server (issues tokens). Common grant types include authorization code, implicit, and client credentials flows. Tokens returned include access and refresh tokens, and OpenID Connect adds optional ID tokens containing user information.
HTTP is an application-layer protocol for transmitting hypermedia documents across the internet. It is a stateless protocol that can be used on any reliable transport layer. HTTP uses requests and responses between clients and servers, with common methods including GET, POST, PUT, DELETE. It supports features like caching, cookies, authentication, and more to enable the web as we know it.
DEF CON 27 - BEN SADEGHIPOUR - owning the clout through ssrf and pdf generatorsFelipe Prado
This document discusses server-side request forgery (SSRF) attacks and how they can be used to exploit PDF generators. It provides examples of using SSRF to access internal servers and cloud metadata by modifying URLs passed to PDF generators. It also describes techniques for bypassing restrictions, such as using DNS rebinding, JavaScript data exfiltration, or embedding files within PDFs using the <link> tag. The document advocates testing PDF generators thoroughly for SSRF vulnerabilities and provides information on tools that can help automate SSRF testing and exploitation.
WebSockets allow for bidirectional communication between a client and server. They establish a persistent connection that allows real-time data transmission with low latency compared to HTTP. Socket.io makes WebSockets compatible across browsers by using the best available protocol. It works by having the client request an upgrade to WebSocket from an HTTP connection, establishing a full-duplex communication channel between client and server that stays open.
This document provides an overview of HTTP and REST APIs. It describes how HTTP allows sending documents over the web using URLs to identify resources and HTTP verbs like GET, PUT, DELETE and POST. It defines common response codes. It explains that REST stands for Representational State Transfer and relies on a stateless, client-server architecture using the HTTP protocol. The key design constraints of REST include having a uniform interface, being resource-based and using representations to manipulate resources with self-descriptive messages. Benefits include statelessness for scalability, cacheability to improve performance, separating clients from servers, and using a layered system with intermediary servers.
Virtual private network, vpn presentationAmjad Bhutto
A VPN or Virtual Private Network is a service that adds security and privacy to private and public networks by creating an encrypted tunnel between devices. It verifies authentication between two hosts and encrypts data so outsiders cannot see it. VPNs allow users to securely connect to private networks remotely and bypass internet censorship while hiding their actual location by providing an alternative IP address. There are two main types of VPNs: remote access VPNs which allow users to remotely access private networks, and site-to-site VPNs which connect the networks of multiple office locations for companies.
Companion slides for Stormpath CTO and Co-Founder Les REST API Security Webinar. This presentation covers all the RESTful best practices learned building the Stormpath APIs. This webinar is full of best practices learned building the Stormpath API and supporting authentication for thousands of projects. Topics Include:
- HTTP Authentication
- Choosing a Security Protocol
- Generating & Managing API Keys
- Authorization & Scopes
- Token Authentication with JSON Web Tokens (JWTs)
- Much more...
Stormpath is a User Management API that reduces development time with instant-on, scalable user infrastructure. Stormpath's intuitive API and expert support make it easy for developers to authenticate, manage and secure users and roles in any application.
SVG is short for Scalable Vector Graphics. It is a graphic format in which the shapes are specified in XML. The XML is then rendered by an SVG viewer. Today most web browser can display SVG just like they can display PNG, GIF, and JPG.
This document discusses various internet and cyber security threats such as unauthorized intrusion, data leakage, phishing, viruses, trojans, and denial of service attacks. It also provides tips for improving web security like using strong passwords, antivirus software, a firewall, and multi-factor authentication. Some signs of a compromised device are slow performance, pop-ups, crashing, and unusual network activity. The goals of attackers are often to steal sensitive data, install malware, or shut down networks and services.
This document discusses different types of client server models. It describes logical layers including the presentation layer, application layer, and data layer. It then defines five common client/server models: distributed presentation, remote presentation, distributed logic, remote data, and distributed data. Each model divides responsibilities between the client and server differently. For example, remote presentation puts the presentation manager on the client and the application and data layers on the server.
This document provides an overview of web services, including RESTful and SOAP-based services. It discusses key concepts such as APIs, URIs, HTTP methods, XML/JSON data formats. For RESTful services, it covers the main design principles of being stateless, using explicit HTTP methods, and having directory-like URIs. For SOAP-based services, it describes the roles of SOAP, WSDL, and UDDI in defining and discovering services. The document also provides examples and comparisons of RESTful and SOAP-based approaches.
HTTP is the most popular application protocol on the internet. It uses the client-server model where an HTTP client sends a request to an HTTP server using a request method like GET or POST. The server then returns a response with a status code and can include a message body. A URL identifies a web resource and includes the protocol, hostname, port, and path. HTTP specifications are maintained by the W3C and the current versions are HTTP/1.0 and HTTP/1.1. The HTTP request and response include a start line, headers, and optional body. Common status codes indicate success, redirection, or client/server errors.
This document introduces REST APIs and provides best practices for designing them. It defines REST as a network API that uses HTTP and URIs but has few strict rules. It recommends using HTTP verbs like GET, POST, PUT and DELETE to perform CRUD operations on resources. It also provides guidance on API design practices like versioning, error handling, authentication and documentation.
Simple REST-API overview for developers. An newer version is here: https://www.slideshare.net/patricksavalle/super-simple-introduction-to-restapis-2nd-version-127968966
HTTP headers carry important information in web requests and responses between browsers and servers. They define the request and response details like the request method, resources used, sender and receiver details, and content type. Common HTTP headers provide information on the request method, resources consumed, sender and destination, and content type. Tools like the Live HTTP Headers browser add-on or inspect element can be used to view HTTP headers and their carried information.
HTTP is a client-server protocol that allows web browsers to request web pages from servers using requests and responses. Clients usually use GET or POST methods to request resources from servers using TCP port 80, and servers respond with status messages and the requested content. HTTPS is a secure version of HTTP that uses encryption via SSL and TCP port 443 to securely transmit sensitive information like usernames and passwords over insecure networks like the internet.
This document defines and describes several key internet services and protocols:
The World Wide Web (WWW) allows documents and resources to be identified by URLs and linked through hyperlinks. File Transfer Protocol (FTP) transfers files between clients and servers. Telnet allows users to log into remote computers. Gopher distributes, searches, and retrieves documents. Internet Protocol (IP) addresses identify devices on a network and locate them. Domain names define administrative control within the internet. Web browsers retrieve and navigate web pages through hyperlinks. Search engines identify items in databases corresponding to user keywords. Electronic mail exchanges digital messages between computer users.
The document discusses various methods for accessing and consuming external data with jQuery including:
1) RESTful web services and consuming REST APIs with jQuery's AJAX methods by making GET and POST requests.
2) Common data formats for APIs like XML, JSON, and RSS and examples of each.
3) Consuming the Twitter REST API with jQuery to get user tweets, post new tweets, and search tweets.
4) Twitter's @Anywhere solution which makes it easy to add Twitter features like follow buttons and tweet widgets to applications.
5) Demonstrating the Facebook JavaScript SDK and APIs for features like login/logout and posting.
WSDL (Web Services Description Language) is an XML format used to define web services and describe how to access them. It defines services, port types, bindings and messages to provide interface definitions for web services. WSDL allows web services to be discovered and invoked over various protocols like SOAP, HTTP GET/POST and MIME.
A firewall can be either software-based or hardware-based, and is used to help secure a network by preventing unauthorized access. There are several types of firewalls including network layer, application layer, circuit layer, stateful multi-layer inspection, proxy, host-based, and hybrid firewalls. Firewalls work at different levels, from just packet filtering at the network level, to deep packet inspection and application-level filtering at higher levels.
OAuth 2 is an authorization framework that allows applications to access user data and perform actions on their behalf. It defines flows for applications to request access, and provides short-lived credentials in response. The main roles in OAuth are the resource owner (user), client (application), resource server (API), and authorization server (issues tokens). Common grant types include authorization code, implicit, and client credentials flows. Tokens returned include access and refresh tokens, and OpenID Connect adds optional ID tokens containing user information.
HTTP is an application-layer protocol for transmitting hypermedia documents across the internet. It is a stateless protocol that can be used on any reliable transport layer. HTTP uses requests and responses between clients and servers, with common methods including GET, POST, PUT, DELETE. It supports features like caching, cookies, authentication, and more to enable the web as we know it.
DEF CON 27 - BEN SADEGHIPOUR - owning the clout through ssrf and pdf generatorsFelipe Prado
This document discusses server-side request forgery (SSRF) attacks and how they can be used to exploit PDF generators. It provides examples of using SSRF to access internal servers and cloud metadata by modifying URLs passed to PDF generators. It also describes techniques for bypassing restrictions, such as using DNS rebinding, JavaScript data exfiltration, or embedding files within PDFs using the <link> tag. The document advocates testing PDF generators thoroughly for SSRF vulnerabilities and provides information on tools that can help automate SSRF testing and exploitation.
WebSockets allow for bidirectional communication between a client and server. They establish a persistent connection that allows real-time data transmission with low latency compared to HTTP. Socket.io makes WebSockets compatible across browsers by using the best available protocol. It works by having the client request an upgrade to WebSocket from an HTTP connection, establishing a full-duplex communication channel between client and server that stays open.
This document provides an overview of HTTP and REST APIs. It describes how HTTP allows sending documents over the web using URLs to identify resources and HTTP verbs like GET, PUT, DELETE and POST. It defines common response codes. It explains that REST stands for Representational State Transfer and relies on a stateless, client-server architecture using the HTTP protocol. The key design constraints of REST include having a uniform interface, being resource-based and using representations to manipulate resources with self-descriptive messages. Benefits include statelessness for scalability, cacheability to improve performance, separating clients from servers, and using a layered system with intermediary servers.
Virtual private network, vpn presentationAmjad Bhutto
A VPN or Virtual Private Network is a service that adds security and privacy to private and public networks by creating an encrypted tunnel between devices. It verifies authentication between two hosts and encrypts data so outsiders cannot see it. VPNs allow users to securely connect to private networks remotely and bypass internet censorship while hiding their actual location by providing an alternative IP address. There are two main types of VPNs: remote access VPNs which allow users to remotely access private networks, and site-to-site VPNs which connect the networks of multiple office locations for companies.
Companion slides for Stormpath CTO and Co-Founder Les REST API Security Webinar. This presentation covers all the RESTful best practices learned building the Stormpath APIs. This webinar is full of best practices learned building the Stormpath API and supporting authentication for thousands of projects. Topics Include:
- HTTP Authentication
- Choosing a Security Protocol
- Generating & Managing API Keys
- Authorization & Scopes
- Token Authentication with JSON Web Tokens (JWTs)
- Much more...
Stormpath is a User Management API that reduces development time with instant-on, scalable user infrastructure. Stormpath's intuitive API and expert support make it easy for developers to authenticate, manage and secure users and roles in any application.
SVG is short for Scalable Vector Graphics. It is a graphic format in which the shapes are specified in XML. The XML is then rendered by an SVG viewer. Today most web browser can display SVG just like they can display PNG, GIF, and JPG.
This document discusses various internet and cyber security threats such as unauthorized intrusion, data leakage, phishing, viruses, trojans, and denial of service attacks. It also provides tips for improving web security like using strong passwords, antivirus software, a firewall, and multi-factor authentication. Some signs of a compromised device are slow performance, pop-ups, crashing, and unusual network activity. The goals of attackers are often to steal sensitive data, install malware, or shut down networks and services.
This document discusses different types of client server models. It describes logical layers including the presentation layer, application layer, and data layer. It then defines five common client/server models: distributed presentation, remote presentation, distributed logic, remote data, and distributed data. Each model divides responsibilities between the client and server differently. For example, remote presentation puts the presentation manager on the client and the application and data layers on the server.
This document provides an overview of web services, including RESTful and SOAP-based services. It discusses key concepts such as APIs, URIs, HTTP methods, XML/JSON data formats. For RESTful services, it covers the main design principles of being stateless, using explicit HTTP methods, and having directory-like URIs. For SOAP-based services, it describes the roles of SOAP, WSDL, and UDDI in defining and discovering services. The document also provides examples and comparisons of RESTful and SOAP-based approaches.
HTTP is the most popular application protocol on the internet. It uses the client-server model where an HTTP client sends a request to an HTTP server using a request method like GET or POST. The server then returns a response with a status code and can include a message body. A URL identifies a web resource and includes the protocol, hostname, port, and path. HTTP specifications are maintained by the W3C and the current versions are HTTP/1.0 and HTTP/1.1. The HTTP request and response include a start line, headers, and optional body. Common status codes indicate success, redirection, or client/server errors.
This document introduces REST APIs and provides best practices for designing them. It defines REST as a network API that uses HTTP and URIs but has few strict rules. It recommends using HTTP verbs like GET, POST, PUT and DELETE to perform CRUD operations on resources. It also provides guidance on API design practices like versioning, error handling, authentication and documentation.
Simple REST-API overview for developers. An newer version is here: https://www.slideshare.net/patricksavalle/super-simple-introduction-to-restapis-2nd-version-127968966
HTTP headers carry important information in web requests and responses between browsers and servers. They define the request and response details like the request method, resources used, sender and receiver details, and content type. Common HTTP headers provide information on the request method, resources consumed, sender and destination, and content type. Tools like the Live HTTP Headers browser add-on or inspect element can be used to view HTTP headers and their carried information.
HTTP is a client-server protocol that allows web browsers to request web pages from servers using requests and responses. Clients usually use GET or POST methods to request resources from servers using TCP port 80, and servers respond with status messages and the requested content. HTTPS is a secure version of HTTP that uses encryption via SSL and TCP port 443 to securely transmit sensitive information like usernames and passwords over insecure networks like the internet.
This document defines and describes several key internet services and protocols:
The World Wide Web (WWW) allows documents and resources to be identified by URLs and linked through hyperlinks. File Transfer Protocol (FTP) transfers files between clients and servers. Telnet allows users to log into remote computers. Gopher distributes, searches, and retrieves documents. Internet Protocol (IP) addresses identify devices on a network and locate them. Domain names define administrative control within the internet. Web browsers retrieve and navigate web pages through hyperlinks. Search engines identify items in databases corresponding to user keywords. Electronic mail exchanges digital messages between computer users.
The document discusses various methods for accessing and consuming external data with jQuery including:
1) RESTful web services and consuming REST APIs with jQuery's AJAX methods by making GET and POST requests.
2) Common data formats for APIs like XML, JSON, and RSS and examples of each.
3) Consuming the Twitter REST API with jQuery to get user tweets, post new tweets, and search tweets.
4) Twitter's @Anywhere solution which makes it easy to add Twitter features like follow buttons and tweet widgets to applications.
5) Demonstrating the Facebook JavaScript SDK and APIs for features like login/logout and posting.
This document provides a project report for developing a Hospital Management System. It includes requirements for key functions like patient registration, assigning patient IDs, generating reports on patient and bed information, and updating patient records in the database. The system is intended to automate manual paper-based processes currently used by the hospital. It will utilize web-based and MySQL database technologies with a Windows development environment.
The Romans built Hadrian's Wall between sea and sea across northern England to defend their empire, which spanned almost 4,000 kilometers at its height around 1900 years ago. Life in ancient Rome was very different for the rich and poor - the rich lived in large homes while the poor crowded into multi-story apartment buildings. Public baths were one of the few places both social classes mingled, as most Romans went to free public baths daily for hygiene and socializing.
The Forces of Disruptive Innovation for StartupsJa-Nae Duane
There are 6 forces of disruptive innovation that are changing the way we do business. It is vital for entrepreneurs and startups to capitalize on these forces. Ja-Nae Duane, co-author of The Startup Equation walks you through the forces and opportunities for you to use.
General Colin Powell provides 18 lessons on leadership. Some key points include: effective leaders are willing to make difficult decisions that may upset others; leaders should make themselves accessible and address problems rather than blame; leaders should not be afraid to challenge experts or follow the latest management fads blindly; and the most important asset an organization has is its people. Powell emphasizes that strong leadership requires qualities like integrity, judgment, drive and the ability to inspire others.
The document summarizes the main components of the cell including the nucleus, cell membrane, cytoplasm, mitochondria, chloroplasts, vesicles, vacuoles, lysosomes, and cytoskeleton. It explains that the nucleus houses DNA and controls the cell, the cell membrane separates the interior from the outside environment, and the mitochondria are the powerhouse of the cell and produce ATP through cellular respiration.
TIAA-CREF offers a Flexible Automatic Monthly Transfers program that allows customers to easily save money each month with just one click. The program automatically transfers the remaining balance in a customer's checking account to their TIAA-CREF savings account at the end of each month. This ensures regular, automatic savings without having to track expenses or calculate amounts. Customers can also specify a minimum balance they want to keep in their checking account. The program makes it simple for busy people to regularly save whatever amount they can afford each month with minimal effort.
Cioppino originated in San Francisco as a soup made from whatever seafood was leftover, combined with tomatoes, wine and herbs. Clam chowder contains clams along with potatoes, onions and sometimes bacon. Dungeness crab season runs from November to December and is a major part of San Francisco's seafood culture. Several other iconic San Francisco foods include fortune cookies, Hangtown fry (omelette with bacon and oysters), and sourdough bread.
Re:new is an online platform launched by the Party of European Socialists (PES) to debate the future of progressive societies through discussion forums and social media. It aims to help the European left renew itself and start winning elections again through an inclusive, participatory process involving activists, parties, experts and others. Over its duration from October 2010 to June 2011, Re:new will focus discussions around six themes and promote engagement through connections to social media and presence in traditional media.
This document discusses becoming healthier and losing weight through lifestyle changes. It encourages readers to look at nutrition information on food packaging to make better choices and lose weight through sustainable changes rather than quick fixes. Overall, the document promotes long-term healthy habits for weight loss success.
Palmer warsaw school of economics presentationsknsz
1) Property rights and free markets that allow for voluntary exchange have led to unprecedented prosperity by incentivizing cooperation and specialization through trade based on comparative advantage.
2) Secure and transferable private property rights are necessary to define ownership, allow for the efficient allocation of resources via prices set by supply and demand, and incentivize innovation and wealth creation.
3) Countries with institutions that protect private property and allow for free exchange and trade, as measured by indices of economic freedom, tend to experience greater prosperity and growth.
Why Average Response Time is not a right measure of your web application's pe...vodQA
This document discusses the limitations of using average response time to measure web application performance and introduces Apdex as a better metric. It explains that average response time does not account for outliers and can be distorted by extremely high response times. Apdex calculates a satisfaction score based on thresholds for satisfied, tolerating, and frustrated users, which provides more useful information for evaluating performance and user experience compared to average response time alone. The document recommends using Apdex instead of average response time to make "go/no-go" decisions and better understand the number of users affected by performance issues.
This document discusses continuous delivery and testing in software development. It emphasizes building quality in from the start through continuous integration, maintaining production-like environments, and automating deployments. A testing pipeline is recommended to provide increasing levels of testing from units to systems to catch defects early and provide fast feedback. Key principles for continuous delivery include collaborative teamwork, experimentation, and taking ownership for the larger purpose.
Founded in 2000 and based in Tokyo, KnowledgeWire Corp obtains permissions from rights holders on behalf of clients in the pharmaceutical, medical publishing, and hospital industries. They provide rights and content services, reprint and resell medical publications, and develop web systems and software for medical content and hospital libraries. KnowledgeWire helps these customers with copyright compliance, communication support, and immediate payment for rights.
SOA (Service Oriented Architecture) is a collection of loosely-coupled services that communicate with each other over a network. Web services are a common implementation of SOA that use XML-based open standards like SOAP, WSDL, and UDDI. A WSDL file defines the operations and parameters of a web service, acting as a contract between the service and its clients. SOAP is an XML-based messaging protocol used to invoke operations defined in a WSDL over various transports like HTTP.
The document provides an overview of client-server technology, networking concepts like sockets and remote procedure calls, XML, web services, SOAP, and RESTful architectures. It defines key terms like web services, SOAP, WSDL, UDDI, and REST. It describes how SOAP uses XML to define an envelope and headers to package messages and how REST relies on lightweight HTTP to perform CRUD operations on resources identified by URIs.
The document provides an overview of web services and related technologies including JAXB, SOAP, WSDL, XML-RPC, and SOAP. It defines key concepts such as service description, discovery, and invocation. It describes the layers of the conceptual web services stack including network, messaging, service description, publication, discovery, and quality of service. It also provides examples of SOAP messages and faults.
The document provides an overview of web services and related technologies including JAXB, SOAP, WSDL, XML-RPC, and SOAP. It defines key concepts such as service description, discovery, and invocation. It describes the SOAP envelope and how SOAP messages are exchanged over HTTP. It also summarizes WSDL elements and how WSDL is used to describe web service interfaces, bindings and endpoints.
The document discusses RESTful web services and different types of web service architectures. It defines web services as a method of communication between electronic devices over a network. RESTful web services use HTTP methods like GET, POST, PUT, DELETE to convey method information and URIs to specify scoping information. Other architectures may use XML bodies or SOAP headers instead of HTTP methods. Web services can be classified as RESTful, RPC-style, or a REST-RPC hybrid based on how they handle method and scoping information.
This session will provide attendees with hands-on experience and in-depth knowledge of using Node.js as a runtime environment and Express.js as a web framework to build scalable and fast backend systems. Additionally, attendees will learn about Passport.js, a popular authentication middleware for Node.js, and how to use Prisma ORM to handle database operations in a type-safe and efficient manner.
The session will be conducted by experienced developers who have worked with these technologies and will be able to provide valuable insights and best practices. The session will be interactive and include plenty of opportunities for attendees to ask questions and work on real-world projects.
The document discusses remote procedure calls (RPC) and web services. It describes how RPC works by defining an interface and using stubs to make synchronous function calls between a client and server. It also explains the basic components of web services, including SOAP for messaging, WSDL for interface definition, and UDDI for service discovery. The document provides examples of how to implement web services using Java.
Web services allow programs to access application functionality over a network using standard Internet technologies. As a programmer, web services can be thought of as functions that can be called remotely over the Internet. Common examples of web services include spell checking, translation, weather reports, and stock/currency quotes. Web services use technologies like SOAP, WSDL, UDDI, XML, and JSON to define interfaces and handle requests and responses in a standardized way.
This document discusses web services and the service-oriented architecture. It begins by defining a web service as a network-accessible interface to application functionality built using standard Internet technologies. It then describes the key components of the web services technology stack, including discovery, description, packaging, transport, and network layers. Finally, it provides an overview of the steps to create a web services, including writing the web service method, describing it with WSDL, writing a proxy, and writing a client to invoke the proxy.
This document discusses various web service technologies including RSS, ATOM, JSON, SOAP, and REST. RSS and ATOM are formats for syndicating web content using XML. JSON is a lightweight data format inspired by JavaScript. SOAP defines an envelope for XML messaging, while REST uses HTTP methods to manipulate resources on a server. REST embraces HTTP and models services as resources with unique identifiers accessed via standard methods like GET and PUT.
Mobility Information Series - Webservice Architecture Comparison by RapidValueRapidValue
The document compares various web services data transfer frameworks for mobile applications, specifically examining SOAP vs REST and XML vs JSON. It finds that REST has better performance than SOAP, especially for mobile, due to using standard HTTP and being lighter weight. It also finds that JSON has better performance than XML, especially for mobile, due to being lighter weight. The document recommends REST and JSON for most mobile applications unless high security is required, in which case SOAP may be better.
Web services allow for platform and language independent access to business logic through standard protocols like HTTP. Core technologies include XML, SOAP, WSDL, and UDDI. WSDL defines services using messages, port types, bindings and ports. SOAP is an XML-based protocol for exchanging structured data with envelopes containing headers and bodies. RESTful web services use standard HTTP methods to operate on resources identified by URIs in a stateless manner.
Web services can be accessed over a network and are called using HTTP. There are two main types: SOAP uses XML and is language/platform independent; REST uses URI to expose resources and can use JSON. Java has JAX-WS for SOAP and JAX-RS for RESTful services. REST is faster and uses less bandwidth than SOAP. The document discusses implementing REST services in Java using JAX-RS and Jersey, including using annotations and returning Response objects.
Interoperable Web Services with JAX-WS and WSITCarol McDonald
The document provides an overview of Carol McDonald's presentation on Sun's web services stack. The key points are:
- Metro is Sun's implementation of JAX-WS for developing web services. WSIT provides reliability, security, and transactions using WS-* specifications.
- JAX-WS allows developing web services by annotating POJOs. The WSDL is generated automatically.
- WSIT adds features like reliable messaging, security, and transactions to web services using standards like WS-ReliableMessaging and WS-Security.
- The presentation demonstrates creating and consuming a web service using JAX-WS and configuring reliable messaging and security using WSIT.
While REST and WS-* both aim to enable web services, there are some important differences between them. WS-* specifications, such as WS-Security and WS-ReliableMessaging, provide standardized solutions for challenges like secure messaging and reliable delivery that can be difficult to achieve with REST alone. However, WS-* is also more complex than REST with HTTP and can require additional middleware. A standard WS-* profile is emerging that provides interoperability, but REST approaches using specifications like Atom Publishing Protocol are also gaining adoption for building distributed applications and APIs.
The document discusses the differences between REST and SOAP APIs. REST APIs use standard HTTP methods to manipulate resources identified by URLs, are simpler to develop but less secure, while SOAP APIs are more complex but provide greater flexibility and security through XML envelopes and namespaces. Both styles have pros and cons, so providing both may be optimal but also increases maintenance overhead.
This presentation lays out the concept of the traditional web, the improvements web 2.0 have brought about, etc.
I have attempted to explain RIA as well.
The main part of this presentation is centered around ajax, its uses, advantages / disadvantages, framework considerations when using ajax, java-script hijacking, etc.
Hopefully it should be a good read as an intro doc to RIA and Ajax.
The document discusses the need for standardized protocols to enable communication between semantic web clients and servers. It proposes two such protocols: RDF Net API and Topic Map Fragment Processing. RDF Net API defines operations like query, get statements, insert statements, and remove statements. It also defines HTTP and SOAP bindings. Topic Map Fragment Processing allows clients to retrieve and update fragments of topic maps. These protocols aim to fulfill the requirements for semantic web servers to enable querying, updating, and interacting with semantic web data in a distributed environment.
This document discusses standards for IoT interoperability, including IPSO Smart Objects, OMA LWM2M, and CoAP. IPSO Smart Objects define a simple data model and object model to enable semantic interoperability across IoT devices. OMA LWM2M builds on CoAP to provide a server profile for IoT middleware and defines reusable management objects. CoAP defines a RESTful protocol for constrained networks and devices that can be used for device discovery and interaction.
Similar to Communication Protocols And Web Services (20)
Conversational agents, or chatbots, are increasingly used to access all sorts of services using natural language. While open-domain chatbots - like ChatGPT - can converse on any topic, task-oriented chatbots - the focus of this paper - are designed for specific tasks, like booking a flight, obtaining customer support, or setting an appointment. Like any other software, task-oriented chatbots need to be properly tested, usually by defining and executing test scenarios (i.e., sequences of user-chatbot interactions). However, there is currently a lack of methods to quantify the completeness and strength of such test scenarios, which can lead to low-quality tests, and hence to buggy chatbots.
To fill this gap, we propose adapting mutation testing (MuT) for task-oriented chatbots. To this end, we introduce a set of mutation operators that emulate faults in chatbot designs, an architecture that enables MuT on chatbots built using heterogeneous technologies, and a practical realisation as an Eclipse plugin. Moreover, we evaluate the applicability, effectiveness and efficiency of our approach on open-source chatbots, with promising results.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
What is an RPA CoE? Session 1 – CoE VisionDianaGray10
In the first session, we will review the organization's vision and how this has an impact on the COE Structure.
Topics covered:
• The role of a steering committee
• How do the organization’s priorities determine CoE Structure?
Speaker:
Chris Bolin, Senior Intelligent Automation Architect Anika Systems
5th LF Energy Power Grid Model Meet-up SlidesDanBrown980551
5th Power Grid Model Meet-up
It is with great pleasure that we extend to you an invitation to the 5th Power Grid Model Meet-up, scheduled for 6th June 2024. This event will adopt a hybrid format, allowing participants to join us either through an online Mircosoft Teams session or in person at TU/e located at Den Dolech 2, Eindhoven, Netherlands. The meet-up will be hosted by Eindhoven University of Technology (TU/e), a research university specializing in engineering science & technology.
Power Grid Model
The global energy transition is placing new and unprecedented demands on Distribution System Operators (DSOs). Alongside upgrades to grid capacity, processes such as digitization, capacity optimization, and congestion management are becoming vital for delivering reliable services.
Power Grid Model is an open source project from Linux Foundation Energy and provides a calculation engine that is increasingly essential for DSOs. It offers a standards-based foundation enabling real-time power systems analysis, simulations of electrical power grids, and sophisticated what-if analysis. In addition, it enables in-depth studies and analysis of the electrical power grid’s behavior and performance. This comprehensive model incorporates essential factors such as power generation capacity, electrical losses, voltage levels, power flows, and system stability.
Power Grid Model is currently being applied in a wide variety of use cases, including grid planning, expansion, reliability, and congestion studies. It can also help in analyzing the impact of renewable energy integration, assessing the effects of disturbances or faults, and developing strategies for grid control and optimization.
What to expect
For the upcoming meetup we are organizing, we have an exciting lineup of activities planned:
-Insightful presentations covering two practical applications of the Power Grid Model.
-An update on the latest advancements in Power Grid -Model technology during the first and second quarters of 2024.
-An interactive brainstorming session to discuss and propose new feature requests.
-An opportunity to connect with fellow Power Grid Model enthusiasts and users.
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectorsDianaGray10
Join us to learn how UiPath Apps can directly and easily interact with prebuilt connectors via Integration Service--including Salesforce, ServiceNow, Open GenAI, and more.
The best part is you can achieve this without building a custom workflow! Say goodbye to the hassle of using separate automations to call APIs. By seamlessly integrating within App Studio, you can now easily streamline your workflow, while gaining direct access to our Connector Catalog of popular applications.
We’ll discuss and demo the benefits of UiPath Apps and connectors including:
Creating a compelling user experience for any software, without the limitations of APIs.
Accelerating the app creation process, saving time and effort
Enjoying high-performance CRUD (create, read, update, delete) operations, for
seamless data management.
Speakers:
Russell Alfeche, Technology Leader, RPA at qBotic and UiPath MVP
Charlie Greenberg, host
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyScyllaDB
Freshworks creates AI-boosted business software that helps employees work more efficiently and effectively. Managing data across multiple RDBMS and NoSQL databases was already a challenge at their current scale. To prepare for 10X growth, they knew it was time to rethink their database strategy. Learn how they architected a solution that would simplify scaling while keeping costs under control.
Discover top-tier mobile app development services, offering innovative solutions for iOS and Android. Enhance your business with custom, user-friendly mobile applications.
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving
Manufacturing custom quality metal nameplates and badges involves several standard operations. Processes include sheet prep, lithography, screening, coating, punch press and inspection. All decoration is completed in the flat sheet with adhesive and tooling operations following. The possibilities for creating unique durable nameplates are endless. How will you create your brand identity? We can help!
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor IvaniukFwdays
At this talk we will discuss DDoS protection tools and best practices, discuss network architectures and what AWS has to offer. Also, we will look into one of the largest DDoS attacks on Ukrainian infrastructure that happened in February 2022. We'll see, what techniques helped to keep the web resources available for Ukrainians and how AWS improved DDoS protection for all customers based on Ukraine experience
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
3. Common serialization formats JSON Natively supported within JavaScript Capable of referencing other records by convention Human readable format Lightweight Easy to parse Uses JSON-Schema to validate itself Key-Value based syntax XML JavaScript exposes a proprietary DOM API Human readable format for hierarchal data Hard to parse Consumes more memory than JSON Supports XSLT and XPath Uses XML-Schema or DTD to validate itself Markup based syntax
4. What is a web service? A web service is typically an application programming interface (API) or Web API that is accessed via Hypertext Transfer Protocol (HTTP) and executed on a remote system, hosting the requested service. Web services do not provide the user with a GUI. Web services instead share business logic, data and processes through a programmatic interface across a network. Developers can then add the Web service to a GUI (such as a Web page or an executable program) to offer specific functionality to users.
5. Web services communication protocols RPC XML-RPC HTTP Bound JSON-RPC SMD – Service Mapping Description JSONP Allows cross domain Ajax requests SOA SOAP XML Based Strongly typed WSDL dependant REST Stateless Cacheable Code On Demand Client and Server are unaware of each other’s state Layered System Uniform Interface Service may be described through SMD, WSDL, WADL or not at all
6. What is RPC? Remote Procedure Call. Allows to access server-side/inter-process operations from a client through a well-defined protocol. Examples: COBRA, XML-RPC, JSON-RPC, DCOM, RMI Client is tightly coupled with the server
7. JSON-RPC Request/Response model Request Notification Response Error Batch operations Advantages Lightweight JSON-Schemas can be extended to validate specific message Not bound to HTTP by the specification, but might be used with it Can be natively serialized from within JavaScript Service discovery can be achieved through SMD or WADL Disadvantages Procedural The web service's methods grow linearly with the number of client request types Not bound to a URI Conclusion Fits for low resources environment (embedded devices) Does not fit for rapidly growing web services Does not fit for web services operating on many entities unless the web service is an HTTP service
13. XML-RPC Request/Response model Request Response Error Advantages Bound to a URI Can represent hierarchical data in a readable way XSLT & XPath Can be validated through XML-Schema or DTD Disadvantages Procedural The web service's methods grow linearly with the number of client request types Bound to HTTP Only appropriate for the web Hard to parse Heavy payload Consumes a lot of memory No bulk operations Conclusion Does not fit for rapidly growing web services Does not fit for embedded devices Fits to represent hierarchical data
17. What is SOA? Service Oriented Architecture. Allows to access server-side from a client through a well-defined protocol. Examples: SOAP, REST, SOAPjr Client does not have to be tightly coupled with the server. Unlike RPC based web services which usually are not discoverable there is a way to discover services in SOA based web service.
18. Service Description Standards WSDL Web Services Description Language Well known Verbose Uses XML Not human readable Used by WCF Feels natural for SOAP services Endorsed by Microsoft WSDL 1.1 supports only GET and POST requests
19. Service Description Standards - Continued WADL Web Application Description Language Not very well known A bit less verbose than WSDL Uses XML A bit more human readable Used by Java Feels natural for REST Services Endorsed by Sun Microsystems
20. Service Description Standards - Continued SMD Service Mapping Description Working Draft status Less verbose Uses JSON Human readable Used by the Dojo Toolkit Not stable Endorsed by Sitepen and The Dojo Foundation
22. WSDL Example <message name=”myMethodRequest”> <part name=”parameters” element=”myMethod”/></message><message name=”empty”> <part name=”parameters” element=”myMethodResponse”/></message><portTypename=”PT”> <operation name=”myMethod”> <input message=”myMethodRequest”/> <output message=”empty”/> </operation></portType> Hold your horses, there’s more…
23. WSDL Example <binding interface=”...”> <!-- The binding of a protocol to an interface, same structure as the interface element --> </binding> <service interface=”...”> <!-- Defines the actual addresses of the bindings, as in 1.1, but now ”ports” are called ”endpoints” --> <endpoint binding=”...” address=”...”/> </service></description> And it goes on and on… I actually tried to keep it short.
25. SMD Example { target:”/jsonrpc”, // this defines the URL to connect for the services transport:”POST”, // We will use POST as the transport envelope:”JSON-RPC-1.2”, // We will use JSON-RPC SMDVersion:”2.0”, services: { add : { // define a service to add two numbers parameters: [ {name:”a”,type:”number”}, // define the two parameters {name:”b”,type:”number”}], returns:{”type”:”number”} }, foo : { // nothing is required to be defined, all definitions are optional. //This service has nothing defined so it can take any parameters //and return any value }, getNews : { // we can redefine the target, transport, and envelope for specific services target: ”/newsSearch”, transport: ”GET”, envelope: ”URL”, parameters:[ { name: ”query”, type: ”string”, optional: false, default: ”” } ], returns:{type:”array”} } }
28. WADL Example <resources base=http://www.example.org/services/> <resource path=getStockQuote> <method name=GET> <request> <paramname=symbol style=query type=xsd:string/> </request> <response> <representation mediaType=application/xml element=ex:quoteResponse/> <fault status=400 mediaType=application/xml element=ex:error/> </response> </method> </resource> <! many other URIs> </resources></application>
29. Looks a bit better, but it’s not widely adopted. So what do we do?
30. Service Discovery - Summery Use whatever your platform allows you (WSDL for .NET, WADL for JAVA and SMD for Dojo) Don’t allow service discovery – this may happen if: You intend the web service to be used only internally. You are not using a tool to generate a proxy. You intend the web service to always be on a fixed IP Allow gradual service discovery Each call will expose different operations that are available Occasionally adds an unnecessary overhead Can be solved using a parameter in the request to turn off and on gradual discovery Only exposes a part of the service that is related to the call
31. Service Discovery – WS-Discovery Web Services Dynamic Discovery A multicast discovery protocol that allows to locate web services over local network Uses web services standards like SOAP
32. SOAP Simple Object Access Protocol Message model: Request Response Error Advantages: Type safe WCF support feels more natural More appropriate for event driven use cases Services are discoverable Can carry any kind of data Disadvantages: Verbose WSDL Heavy payload, especially over HTTP Does not fit for streaming HTTP already knows how to handle requests/responses Accessing from a non-WCF client is nearly impossible Uses XML for the envelope, which makes the possibility to send any kind of data pretty much obsolete Conclusion Major pain in the ass
33. SOAP Example SOAP Request POST /InStock HTTP/1.1Host: www.example.orgContent-Type: application/soap+xml; charset=utf-8Content-Length: nnn<?xml version=”1.0”?><soap:Envelopexmlns:soap=”http://www.w3.org/2001/12/soap-envelope” soap:encodingStyle=”http://www.w3.org/2001/12/soap-encoding”><soap:Bodyxmlns:m=”http://www.example.org/stock”> <m:GetStockPrice> <m:StockName>IBM</m:StockName> </m:GetStockPrice> </soap:Body></soap:Envelope>
36. REST Representational State Transfer Constrains Stateless Uniform Interface Layered System Cacheable Code On Demand (Optional) Guiding principles Identification of resources Manipulation of resources through these representations Self-descriptive messages Hypermedia As The Engine Of Application State (HATEOAS)
37. REST is an architecture, not a standard. This means we relay on whatever application protocol we have to use.
38. REST is not bound to HTTP but feels natural with HTTP
39. REST – Web Services A RESTful web service is implemented over HTTP URI – Unique Resource Identifier Provides unified interface to access resources. /Foos/ - A collection of resources /Foos/[Identifier]/ - An object instance inside a collection Uses HTTP Verbs GET Used to get content, no side effects are guaranteed POST Used to update content PUT Used to create/replace content DELETE Used to delete content OPTIONS HEAD Discoverable through OPTIONS and HEAD Verbs Allows request to refer to different representation through MIME-types Responds with HTTP Status Codes
40. Hands On – A Simple RESTful Web Service using ASP.NET MVC We’re going to write a simple blog application Why ASP.NET MVC? Easy to implement Appropriate for small services What are our entities? A Post A Tag A Comment A User Both tags and comments entities are sub-entities of a post Both posts and comments entities are sub-entities of a user
41. Hands On – A Simple RESTful Web Service using ASP.NET MVC The URI Scheme: To represent a resource collection of posts: /Posts/ To represent a specific post resource: /Posts/[id]/ To represent a resource collection of comments of a specific post resource: /Posts/[id]/Comments/ To represent a specific comment resource of a specific post resource: /Posts/[id]/Comments/[commentId] Well, you got the idea, right? How to implement: Go to your Global.asax file Define the routes Use constrains to avoid routes clashes Use constrains to define allowed HTTP Verbs
42. Hands On – A Simple RESTful Web Service using ASP.NET MVC Implementing the URI Scheme: publicstaticvoidRegisterRoutes(RouteCollection routes) { // … routes.MapRoute(”DeleteComment”, ”Comments/{commentId}/”, new { controller = ”Comments”, action = ”Delete” }, new { commentId = @”+”, httpMethod = newHttpMethodConstraint(”DELETE”) }); routes.MapRoute(”EditComment”, ”Comments/{commentId}/”, new { controller = ”Comments”, action = ”Edit” }, new { commentId = @”+”, httpMethod = newHttpMethodConstraint(”PUT”) }); routes.MapRoute(”AddPostComment”, ”Posts/{postId}/Comments/”, new { controller = ”Comments”, action = ”Add” }, new { postId = @”+”, httpMethod = newHttpMethodConstraint(”POST”) }); routes.MapRoute(”PostComment”, ”Posts/{postId}/Comments/{commentId}/”, new { controller = ”Comments”, action = ”PostComment” }, new { postId = @”+”, commentId = @”+”, httpMethod = newHttpMethodConstraint(”GET”) }); routes.MapRoute(”PostComments”, ”Posts/{postId}/Comments/”, new { controller = ”Comments”, action = ”PostComments” }, new { postId = @”+”, httpMethod = newHttpMethodConstraint(”GET”) }); routes.MapRoute(”Comment”, ”Comments/{commentId}”, new { controller = ”Comments”, action = ”Comment” }, new { commentId = @”+”, httpMethod = newHttpMethodConstraint(”GET”) }); routes.MapRoute(”UserComments”, ”Users/{user}/Comments/”, new { controller = ”Comments”, action = ”UserComments” }, new { user = @”^[a-zA-Z0-9_]*$”, httpMethod = newHttpMethodConstraint(”GET”) }); routes.MapRoute(”UserComment”, ”Users/{user}/Comments/{commentId}/”, new { controller = ”Comments”, action = ”UserComment” }, new { user = @”^[a-zA-Z0-9_]*$”, httpMethod = newHttpMethodConstraint(”GET”) }); // …}
43. Hands On – A Simple RESTful Web Service using ASP.NET MVC The URI Scheme - Explained: Defines a route that maps to an action that allows to delete a comment commentId is limited to integral values (for more information, read about Regular Expressions) You can reach to this action only by a DELETE request publicstaticvoidRegisterRoutes(RouteCollection routes) { // … routes.MapRoute(”DeleteComment”, ”Comments/{commentId}/”, new { controller = ”Comments”, action = ”Delete” }, new { commentId = @”+”, httpMethod = newHttpMethodConstraint(”DELETE”) }); // …}
44. Hands On – A Simple RESTful Web Service using ASP.NET MVC The URI Scheme - Explained: Defines a route that maps to an action that allows to edit a comment commentId is limited to integral values You can reach to this action only by a PUT request Why are we using PUT instead of POST? The Comments/{commentId}/ URI refers to a specific item in a collection, since we are not sending only what is updated in our request we prefer to replace the resource instead of updating it publicstaticvoidRegisterRoutes(RouteCollection routes) { // … routes.MapRoute(”EditComment”, ”Comments/{commentId}/”, new { controller = ”Comments”, action = ”Edit” }, new { commentId = @”+”, httpMethod = newHttpMethodConstraint(”PUT”) }); // …}
45. Hands On – A Simple RESTful Web Service using ASP.NET MVC The URI Scheme - Explained: Defines a route that maps to an action that allows to add a comment to a post postId is limited to integral values You can reach to this action only by a POST request Why are we using POST instead of PUT? The Posts/{postId}/Comments/ URI refers to a collection, PUT will replace all of our existing comments with a new one POST only updates a resource, so a new comment is added to our existing comments collection publicstaticvoidRegisterRoutes(RouteCollection routes) { // … routes.MapRoute(”AddPostComment”, ”Posts/{postId}/Comments/”, new { controller = ”Comments”, action = ”Add” }, new { postId = @”+”, httpMethod = newHttpMethodConstraint(”POST”) }); // …}
46. Hands On – A Simple RESTful Web Service using ASP.NET MVC The URI Scheme - Explained: Those are the routes we are familiar with, the ones that use GET requests and most of the time return HTML In this example, this route maps to an action that allows us to access a specific comment on a post publicstaticvoidRegisterRoutes(RouteCollection routes) { // … routes.MapRoute(”PostComment”, ”Posts/{postId}/Comments/{commentId}/”, new { controller = ”Comments”, action = ”PostComment” }, new { postId = @”+”, commentId = @”+”, httpMethod = newHttpMethodConstraint(”GET”) }); // …}
47. Hands On – A Simple RESTful Web Service using ASP.NET MVC The comments controller: Now that our routes are defined we know what actions we need to implement All actions should use valid HTTP Status Codes All actions must be able to represent themselves in different formats (JSON, XML, HTML, RSS etc.) How to implement: Create a new controller called CommentsController Follow your routing scheme and create the needed actions Create a new action result decorator that allows you to select the HTTP Status code Use attributes to define allowed content types and HTTP Verbs
48. Hands On – A Simple RESTful Web Service using ASP.NET MVC Implementing the comments controller: publicclassCommentsController : Controller { // … [AcceptVerbs(HttpVerbs.Delete)] // Or [HttpDelete] if you are using MVC 2 and above publicActionResult Delete(intcommentId) { // Delete operation occurs here returnnewHttpResponseCodeActionResultDecorator(204); // 204 No content } [AcceptVerbs(HttpVerbs.Post)] // Or [HttpPost] if you are using MVC 2 and above publicActionResult Add(intpostId) { // Create a new comment that belongs to a post with a post Id of postIdreturnJson(new {CommentId = newCommentId}) ; } [AcceptVerbs(HttpVerbs.Put)] // Or [HttpPut] if you are using MVC 2 and above publicActionResult Add(intcommentId) { // Create a new comment that belongs to a post with a post Id of postIdreturnnewHttpResponseCodeActionResultDecorator(201, Json(new {CommentId = newCommentId}) ); // 201 - Created } // …}
49. Hands On – A Simple RESTful Web Service using ASP.NET MVC Implementing the HttpResponseCodeActionResultDecorator: publicclassHttpResponseCodeActionResultDecorator : ActionResult{ privatereadonlyintstatusCode; privatereadonlyActionResultactionResult; publicHttpResponseCodeActionResultDecorator(intstatusCode) { this.statusCode = statusCode; } publicHttpResponseCodeActionResultDecorator(intstatusCode, ActionResultactionResult) : this(statusCode) { this.actionResult = actionResult; } publicoverridevoidExecuteResult(ControllerContext context) { context.HttpContext.Response.StatusCode = statusCode; if(actionResult != null) actionResult.ExecuteResult(context); } }
50. Hands On – A Simple RESTful Web Service using ASP.NET MVC Resources with multiple representations: Our list of posts should be representable through RSS and Atom feeds but also display them as HTML. An HTTP request containing an Accept header with a value other than application/rss+xml, application/atom+xml, text/html or application/xhtml+xml will return the HTTP response code “406 Not Acceptable”. The implementation is not trivial An example of an implementation can be seen here: http://aleembawany.com/2009/03/27/aspnet-mvc-create-easy-rest-api-with-json-and-xmlhowever it does not conform to HTTP due to the fact that it will either return 404 or the default view. How to implement: Create an ActionResult class that inspects the request’s Accept header and executes the requested ActionResult or return 406 Not Acceptable
51. Hands On – A Simple RESTful Web Service using ASP.NET MVC Implementing the AcceptTypeResult: publicclassAcceptTypeResult : ActionResult{ privatereadonlyint?successStatusCode; private readonly object result; publicAcceptTypeResult(objectresult) { this.result = result; } publicAcceptTypeResult(intsuccessStatusCode, object result) : this(result) { this.successStatusCode = successStatusCode; } publicoverridevoidExecuteResult(ControllerContext context) { var request = context.HttpContext.Request; context.HttpContext.Response.StatusCode = successStatusCode ?? 200; if (request.AcceptTypes.Contains(“application/rss+xml”)) Rss(result).ExecuteResult(context); else if (request.AcceptTypes.Contains(“application/atom+xml”)) Atom(result).ExecuteResult(context); else if (request.AcceptTypes.Contains(“application/xhtml+xml”) || request.AcceptTypes.Contains(“text/html”)) View(result).ExecuteResult(context); else context.HttpContext.Response.StatusCode= 406; } }