This document discusses converting synchronous APIs to asynchronous APIs. It provides examples of synchronous and asynchronous APIs. The key problem is that synchronous behavior may be required by end users but asynchronous APIs do not support callbacks. The solution presented is to introduce an API facade that handles the synchronous to asynchronous conversion, acting as a callback host. This allows existing asynchronous backends and capabilities to be exposed via both synchronous and asynchronous API styles.
Binder is what differentiates Android from Linux, it is most important internal building block of Android, it is a subject every Android programmer should be familiar with
SOAP Web Services have a well established role in the enterprise, but aside from the many benefits of the WS-* standards, SOAP and XML also carry additional baggage for developers. Consequently, REST Web Services are gaining tremendous popularity within the developer community. This session will begin by comparing and contrasting the basic concepts of both SOAP and REST Web Services. Building on that foundation, Sam Brannen will show attendees how to implement SOAP-based applications using Spring-WS 2.0. He will then demonstrate how to build a similar REST-ful application using Spring MVC 3.0. The session will conclude with an in-depth look at both server-side and client-side development as well as efficient integration testing of Web Services using the Spring Framework.
This ppt contains the matter on yii framework.
introduction to yii framework
history behind this yii framework
developer of yii framework
technologies integrated&used in yii framework
how to install yii framework ?,
yii framework features,
performance
license terms
about mudule
MVC design pattern
advantages and disadvantages of yii framework.
yii is pronounced as yee0r ji;,acronym for it is "Yes It Is".
this is the answer for several questions
is it efficient?
is it easy to use?
is it professional?
is it right for my next project?
...
yes it is
yii is a component-based php framework for developing web applications.
it has been built with sophisticated,enterprise applications in mind
Application DoS In Microservice ArchitecturesScott Behrens
We’d like to introduce you to one of the most devastating ways to cause service instability in modern micro-service architectures: application DDoS.
A specially crafted application DDoS attack can cause cascading system failures often for a fraction of the resources needed to conduct a more traditional DDoS attack.
By Scott Behrens and Jeremy Heffner
Introduction to Android studio and new build system (Gradle). This was presented at GDG DevFest Kathmandu (Nepal).
For detailed article on it: http://www.technotalkative.com/introduction-android-studio/
Static Application Security Testing Strategies for Automation and Continuous ...Kevin Fealey
Static Application Security Testing (SAST) introduces challenges with existing Software Development Lifecycle Configurations. Strategies at different points of the SDLC improve deployment time, while still improving the quality and security of the deliverable. This session will discuss the different strategies that can be implemented for SAST within SDLC—strategies catering to developers versus security analysts versus release engineers. The strategies consider the challenges each team may encounter, allowing them to incorporate security testing without jeopardizing deadlines or existing process.
Binder is what differentiates Android from Linux, it is most important internal building block of Android, it is a subject every Android programmer should be familiar with
SOAP Web Services have a well established role in the enterprise, but aside from the many benefits of the WS-* standards, SOAP and XML also carry additional baggage for developers. Consequently, REST Web Services are gaining tremendous popularity within the developer community. This session will begin by comparing and contrasting the basic concepts of both SOAP and REST Web Services. Building on that foundation, Sam Brannen will show attendees how to implement SOAP-based applications using Spring-WS 2.0. He will then demonstrate how to build a similar REST-ful application using Spring MVC 3.0. The session will conclude with an in-depth look at both server-side and client-side development as well as efficient integration testing of Web Services using the Spring Framework.
This ppt contains the matter on yii framework.
introduction to yii framework
history behind this yii framework
developer of yii framework
technologies integrated&used in yii framework
how to install yii framework ?,
yii framework features,
performance
license terms
about mudule
MVC design pattern
advantages and disadvantages of yii framework.
yii is pronounced as yee0r ji;,acronym for it is "Yes It Is".
this is the answer for several questions
is it efficient?
is it easy to use?
is it professional?
is it right for my next project?
...
yes it is
yii is a component-based php framework for developing web applications.
it has been built with sophisticated,enterprise applications in mind
Application DoS In Microservice ArchitecturesScott Behrens
We’d like to introduce you to one of the most devastating ways to cause service instability in modern micro-service architectures: application DDoS.
A specially crafted application DDoS attack can cause cascading system failures often for a fraction of the resources needed to conduct a more traditional DDoS attack.
By Scott Behrens and Jeremy Heffner
Introduction to Android studio and new build system (Gradle). This was presented at GDG DevFest Kathmandu (Nepal).
For detailed article on it: http://www.technotalkative.com/introduction-android-studio/
Static Application Security Testing Strategies for Automation and Continuous ...Kevin Fealey
Static Application Security Testing (SAST) introduces challenges with existing Software Development Lifecycle Configurations. Strategies at different points of the SDLC improve deployment time, while still improving the quality and security of the deliverable. This session will discuss the different strategies that can be implemented for SAST within SDLC—strategies catering to developers versus security analysts versus release engineers. The strategies consider the challenges each team may encounter, allowing them to incorporate security testing without jeopardizing deadlines or existing process.
Laravel, längst kein unbestriebenes Blatt mehr, gewinnt immer mehr an Popularität.
In diesem Vortrag wir Laravel kurz vorgestellt mit Themen wie:
- Was ist Laravel?
- Woher kommt Laravel?
- Was bietet Laravel?
- Laravel und sein Ecosystem.
und einiges mehr...
Bytecode Manipulation with a Java Agent and Byte BuddyKoichi Sakata
Oracle Code One 2018, Birds of a Feather (BOF) Session
Bytecode Manipulation with a Java Agent and Byte Buddy
[BOF5314]
Tuesday, Oct 23, 07:30 PM - 08:15 PM | Moscone West - Room 2005
Have you ever manipulated Java bytecode? There are several bytecode engineering libraries, and Byte Buddy is one of the easiest, and you can also use Java agents, which are related to the Instrumentation class in the java.lang.instrument API. Instrumentation is the addition of bytecode to methods. Because the changes are purely additive, a Java agent does not modify application state or behavior. With Byte Buddy and a Java agent, we can add behaviors to existing classes. This session explains what Java agents and the instrumentation API are, introduces Byte Buddy, and presents sample code that uses a Java agent and Byte Buddy to modify behavior. The presentation will be useful for those who want to start manipulating Java bytecode with Byte Buddy.
IoT testing and quality assurance indicthreadsIndicThreads
Presented at the IndicThreads.com Software Development Conference 2016 held in Pune, India. More at http://www.IndicThreads.com and http://Pune16.IndicThreads.com
--
Slides for a college course based on "Hands-On Ethical Hacking and Network Defense, Second Edition by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 1133935613
Teacher: Sam Bowne
Twitter: @sambowne
Website: https://samsclass.info/123/123_F16.shtml
This presentation provides an introduction to API Facade pattern. It describes what the problem is, how the pattern solves the problem and how such a pattern can be utilized in real deployments.
Laravel, längst kein unbestriebenes Blatt mehr, gewinnt immer mehr an Popularität.
In diesem Vortrag wir Laravel kurz vorgestellt mit Themen wie:
- Was ist Laravel?
- Woher kommt Laravel?
- Was bietet Laravel?
- Laravel und sein Ecosystem.
und einiges mehr...
Bytecode Manipulation with a Java Agent and Byte BuddyKoichi Sakata
Oracle Code One 2018, Birds of a Feather (BOF) Session
Bytecode Manipulation with a Java Agent and Byte Buddy
[BOF5314]
Tuesday, Oct 23, 07:30 PM - 08:15 PM | Moscone West - Room 2005
Have you ever manipulated Java bytecode? There are several bytecode engineering libraries, and Byte Buddy is one of the easiest, and you can also use Java agents, which are related to the Instrumentation class in the java.lang.instrument API. Instrumentation is the addition of bytecode to methods. Because the changes are purely additive, a Java agent does not modify application state or behavior. With Byte Buddy and a Java agent, we can add behaviors to existing classes. This session explains what Java agents and the instrumentation API are, introduces Byte Buddy, and presents sample code that uses a Java agent and Byte Buddy to modify behavior. The presentation will be useful for those who want to start manipulating Java bytecode with Byte Buddy.
IoT testing and quality assurance indicthreadsIndicThreads
Presented at the IndicThreads.com Software Development Conference 2016 held in Pune, India. More at http://www.IndicThreads.com and http://Pune16.IndicThreads.com
--
Slides for a college course based on "Hands-On Ethical Hacking and Network Defense, Second Edition by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 1133935613
Teacher: Sam Bowne
Twitter: @sambowne
Website: https://samsclass.info/123/123_F16.shtml
This presentation provides an introduction to API Facade pattern. It describes what the problem is, how the pattern solves the problem and how such a pattern can be utilized in real deployments.
The Anatomy of Apps - How iPhone, Android & Facebook Apps Consume APIsApigee | Google Cloud
Building mobile apps is different from building web apps. Developers need to understand the unique demands that mobile apps place on APIs and considerations across different client and back-end platforms. Mobile apps also introduce new issues for security and scalability.
WARNING: These slides contain lots of code.
We Will Discuss »
Why building mobile apps is different
A roundup of different client libraries and frameworks
Considerations for selecting mobile back-end platforms
We Will Discuss »
- Organizational and technical challenges of turning big data into valuable business insights
- Should you collect as much data as you can and worry about analyzing it later?
- Recommendations for enterprises to navigate the guardians and pitfalls of the data landscape
In this webinar we'll talk about the team structures, the roles and responsibilities and the politics that we've encountered for running an API that uses facade patterns.
- Roles needed
- Skill sets and experiences required
- Management
Whether you are starting from a green field or brown, in this webinar we'll share common patterns of facades that will help you get your API initiative off the ground.
- Data format mediation
- URL design
- Authorization and versioning
The Walgreens Story: Putting an API Around Their Stores (Webcast)Apigee | Google Cloud
Walgreens made headlines in 2012 by releasing APIs for mobile developers to enable photo printing from smartphones and quickly followed up with an API for prescription drugs. But what's a traditional business like Walgreens doing with an API? Way beyond increased relevance in an Instagram age, the Walgreens story is one of transformation of an entire business model.
Join Joe Rago and Nicholas Eby of Walgreens and Brian Mulloy of Apigee for a discussion of Walgreens' journey through the digital transformation of a century old brick-and-mortar enterprise.
If you can't make to the live webcast, register below and we'll send you a video recording with slides.
We will discuss:
The path to an API - hurdles, decisions, and milestones
- Walgreens APIs - key features and technology
- Developer and partner programs -awareness and integrations
- 3rd Party Developers - gaining awareness and integrations
We're in a data-driven economy. Web API designers need to define what and how to expose data from a variety of apps, services, and stores. What are challenges of unlocking data and opening up access in a straightforward and standards-compliant manner? Is OData the right tool for the job?
Join Anant, Brian, and Greg for a discussion of OData, its API design implications, and the pros and cons of OData as an enabler of data integration and interoperability across Data APIs.
We Will Discuss »
- OData, SQL, and the "RESTification" of data - providing a uniform way to expose, structure, query and manipulate data using REST principles.
- Opportunity and challenges for OData.
- The questions of Web standards and proprietary versus open tools and protocols.
Introduction to AWS API Gateway PresentationKnoldus Inc.
An API gateway accepts API requests from a client, processes them based on defined policies, directs them to the appropriate services, and combines the responses for a simplified user experience. Aws api gateway is the solution to implement managed API gateway for authentication, validation, monitor APIs & comparison with other managed & cloud API gateways.
Plataforma distribuída de Microserviços ou, como a Olist funcionaOsvaldo Santana Neto
Nessa apresentação eu demonstro com detalhes como a arquitetura da Olist foi implementada usando microserviços distribuídos que se comunicam através de um sistema de mensageria baseado no pattern Publisher/Subscribers (PubSub).
A plataforma Olist usa Python 3.6, Django, Django REST Framework, Loafer (asyncio), AWS SNS/SQS e PostgreSQL. Fazemos deployment no Heroku e desenvolvemos tudo isso com uma equipe distribuída por quase todas as regiões do Brasil (ainda falta um representante do Norte!).
Learn how to monitor and manage your serverless APIs in production. We show you how to set up Amazon CloudWatch alarms, interpret CloudWatch logs for Amazon API Gateway and AWS Lambda, and automate common maintenance and management tasks on your service.
Building Scalable Services with Amazon API Gateway - Technical 201Amazon Web Services
The session introduces Amazon API Gateway and walks through common patterns and use-cases as implemented by API Gateway customers. The second part of the session is dedicated to diving deeper on the new features introduced in the API Gateway and how to make the most of them.
Speaker: Stefano Bulani, Sr Product Manager, Amazon Web Services
Featured Customer - Temando
AWS August Webinar Series - Building Serverless Backends with AWS Lambda and ...Amazon Web Services
AWS Lambda is a compute service that runs your code in response to triggers and automatically manages the compute resources for you. Amazon API Gateway is a fully managed service that makes it easy for developers to publish, maintain, monitor, and secure APIs at any scale.
This webinar will familiarize you with the basics of AWS Lambda and Amazon API Gateway and demonstrate how to build web, mobile, and IoT backends using these services. You will learn how to setup API endpoints that trigger AWS Lambda functions to handle mobile, web, IoT, and 3rd party API requests. You will also learn how to use Lambda to read and write to DynamoDB.
Learning Objectives:
Understand key AWS Lambda and Amazon API Gateway features
Learn how to set up a serverless backend using Amazon API Gateway and AWS Lambda
Explore sample use cases, best practices and tips on using AWS Lambda with Amazon API Gateway
Migrate your Existing Express Apps to AWS Lambda and Amazon API GatewayAmazon Web Services
This webinar teaches you how to use Amazon API Gateway and AWS Lambda to run your existing Express.js applications with just a few lines of code. We will introduce three new features in API Gateway: proxy integrations, greedy paths, and the ANY HTTP method. Combining these features, you can configure API Gateway in a few simple clicks via the management console and express all of your logic and API definition in code.
Learning Objectives:
1. Easier migration to API Gateway and Lambda
2. New API Gateway Catch-all methods
Who Should Attend: Developers
AWS July Webinar Series: Overview: Build and Manage your APIs with Amazon API...Amazon Web Services
How do you create APIs? When publishing a new API there are a lot of factors to consider: Versioning, Network Management, Authorization, Ecosystem Management, and finally client SDKs.
Amazon API Gateway is a fully managed service that makes it easy for developers to publish, maintain, monitor, and secure APIs at any scale. With Amazon API Gateway, you can quickly declare an API interface and connect it to existing web services running on Amazon Elastic Compute Cloud (Amazon EC2) or code running on AWS Lambda, and generate an SDK for client applications to access the API. Amazon API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, authorization and access control, monitoring, and API version management. Amazon API Gateway has no minimum fees or startup costs, and you pay only for the API calls you receive and the amount of data transferred.
Learning Objectives:
Learn how to create APIs in the AWS Cloud without managing a single server with AWS Lambda
Learn how to manage stages and versions of your APIs
Learn how to map parameters and transform data in flight
Why your next serverless project should use AWS AppSyncYan Cui
In this webinar, Yan Cui and Lumigo Software Engineer Guy Moses will discuss some of the power of GraphQL and AppSync and why AppSync + Lambda + DynamoDB should be your stack of choice in 2021 and beyond!
A Practical Guide to Automating End-to-End API TestingpCloudy
In recent times we have heard alot about APIs and their applications. It has gained so much popularity that today it has become one of the integral parts of the Software Development process. In this blog post we will learn about API, and how to test the same using automation. API is the abbreviation for Application Programming Interface. It is a set of methods and procedures that developers expose to other programmers to have their applications communicate and interact with other applications. Designing an API is half of the work, and the rest half is about testing the same to provide a truly secure, reliable and scalable connection between platforms.
Now to perform API testing we have a wide variety of tools available in the market, but the most used one is Rest Assured framework. This is quite easy to use and as it has a steep learning curve. Before we will explore the usage of API Automation, we should understand an API and specifically what are the validations we need to perform in end-to-end API Testing.
L'utilizzo di API basate su eventi è diventato fondamentale per soddisfare la domanda dei clienti e fornire una migliore esperienza utente. Poiché esistono diverse differenze fondamentali tra le API REST e le API asincrone, l'utilizzo di una soluzione di gestione API standard può essere difficile.
La giusta soluzione di gestione delle API dovrebbe combinare le tradizionali funzionalità di gestione delle API con un'architettura basata sugli eventi, per offrire un enorme valore aggiunto e per espandere la portata e l'adozione del business
Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. With a few clicks in the AWS Management Console, you can create an API that acts as a “front door” for applications to access data, business logic, or functionality from your back-end services, such as workloads running on Amazon Elastic Compute Cloud (Amazon EC2), code running on AWS Lambda, or any Web application.
Similar to Essential API Facade Patterns: Synchronous to Asynchronous Conversion (Episode 4) (20)
APIs have revolutionized how companies build new marketing channels, access new customers, and create ecosystems. Enabling all this requires the exposure of APIs to a broad range of partners and developers—and potential threats.
Learn more about the latest API security issues.
Magazine Luiza is a top retailer in Brazil that operates 800 stores and nine distribution centers.
It sets itself apart from rivals with its multi-channel sales platform and innovative digital strategies.
Do you want to scale your API program? Do you want to create new business opportunities with developers and partners? If so, monetization might be the right strategy for you.
Monetization is influencing how APIs are delivered. It provides the flexibility to generate different API consumption models for developers, and it opens opportunities to derive value from APIs, for developers and for partners.
Learn about:
- Monetization trends and best practices
- The industries that leverage API monetization today
- The future of monetization
Watch the live demo of Apigee's API platform to learn how to:
- easily configure and manage new APIs and enforce security with minimal impact to backend services
- create, manage and monetize API products
- extend API Services to increase flexibility and tailor to business requirements with JavaScript, Java, Python, and Node.js
- provide developers easy, yet secure access to explore, test, and deploy APIs
- use end-to-end visibility across the digital value chain to monitor, measure, and manage success
Ticketmaster, the leader in ticket sales and distribution, uses APIs to simplify event discovery and partnerships.
APIs and API management are key to the company realizing its mission to “bring moments of joy to fans everywhere.”
AccuWeather: Recasting API Experiences in a Developer-First WorldApigee | Google Cloud
Learn about the strategy behind AccuWeather’s decision to launch a developer portal and the technology and business considerations required to open up its APIs.
App modernization projects are hard. Enterprises are looking to cloud-native platforms like Pivotal Cloud Foundry to run their applications, but they’re worried about the risks inherent to any replatforming effort.
Fortunately, several repeatable patterns of successful incremental migration have emerged.
In this webcast, Google Cloud’s Prithpal Bhogill and Pivotal’s Shaun Anderson will discuss best practices for app modernization and securely and seamlessly routing traffic between legacy stacks and Pivotal Cloud Foundry.
Apigee's Ed Anuff and Bala Kasiviswanathan will discuss how these forces inform and drive the Apigee product roadmap. Join Ed and Bala for a preview of how Apigee will deliver on its product goals, including a common stack that enables us to address our customers' multi-cloud opportunity. Learn how we'll help companies transition to the PaaS/cloud-native future, how we'll leverage Google's OSS presence, and how we will continue to emphasize the needs of developers.
We'll explore how 4 forces will impact the API market over the next two to four years, and how hybrid- and multi-cloud, open source, developer-led adoption, and cloud-native application architecture are driving profound changes in the API market.
With a focus on three core customer strategies: convenience, loyalty, and extraordinary customer and patient care, Walgreens uses Apigee to: connect digital experiences directly to stores; extend its assets into innovative ecosystems and increase the value of its stores; improve the developer experience
Learn how to deploy a lean API runtime infrastructure in your private enterprise environment while getting all the benefits of Apigee Edge API management in the cloud.
Dive into a reference architecture that demonstrates the patterns and practices for securely connecting microservices together using Apigee Edge integration for Pivotal Cloud Foundry.
We will discuss:
- basics for building cloud-native applications as microservices on - Pivotal Cloud Foundry using Spring Boot and Spring Cloud Services
- patterns and practices that are enabling small autonomous microservice teams to provision backing services for their applications
- how to securely expose microservices over HTTP using Apigee Edge for PCF
Watch the webcast here: https://youtu.be/ETT6WP-3me0
Pitney Bowes uses API management to deliver a broad set of cloud-based digital ecommerce capabilities, enable extensive partnerships, and optimize its own operations.
Microservices Done Right: Key Ingredients for Microservices SuccessApigee | Google Cloud
70% of organizations claim to be using or investigating this new trend because the promise of faster innovation, and the ability to independently develop, deploy, and scale components of large applications is hard to resist.
But, challenges exist—both known and unknown. Watch this webcast to identify key ingredients of microservices success.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
The Metaverse and AI: how can decision-makers harness the Metaverse for their...Jen Stirrup
The Metaverse is popularized in science fiction, and now it is becoming closer to being a part of our daily lives through the use of social media and shopping companies. How can businesses survive in a world where Artificial Intelligence is becoming the present as well as the future of technology, and how does the Metaverse fit into business strategy when futurist ideas are developing into reality at accelerated rates? How do we do this when our data isn't up to scratch? How can we move towards success with our data so we are set up for the Metaverse when it arrives?
How can you help your company evolve, adapt, and succeed using Artificial Intelligence and the Metaverse to stay ahead of the competition? What are the potential issues, complications, and benefits that these technologies could bring to us and our organizations? In this session, Jen Stirrup will explain how to start thinking about these technologies as an organisation.
6. Webcast Series: API Facade Patterns
Episode 1
Composition
Episode 2
Session Management
Episode 3
One Phase to Two Phase Conversion
Episode 4
Synchronous to Asynchronous Conversion
7. Episode 4 : Synchronous to Asynchronous Conversion
Conversion
Problem
Solution
Benefits
Considerations
8. Problem
Conversion of asynchronous style APIs to synchronous
To enable API teams and app developers to implement and
improve their API designs and apps
9. Example of a Synchronous API
1. Request
API
Provider
2. Response
Client waits
for the response
10. Example of a Synchronous API
POST
http://example.com/smsmessaging/outbound/tel%3A%2B12345678/r
equests
{"outboundSMSMessageRequest":
{
"address":["tel:+13500000991”],
"senderAddress":"tel:12345678",
"outboundSMSTextMessage":
{
"message":"Hello World”
},
"senderName":"ACME Inc.”
}
}
11. Example of a Synchronous API
Response:
HTTP/1.1 200
{"deliveryInfo":
{
"address":"tel:+1350000991",
"deliveryStatus":"DeliveredToNetwork”
}
}
}
13. Example of an Asynchronous API
1. Request
Client API
Provider
Client does not wait
for the completion of
the process
14. Example of an Asynchronous API
1. Request
Client does not wait
for the completion API
Client
of the process Provider
2. Asynch Response
Server calls back
15. Example of an Asynchronous API
POST
http://example.com/smsmessaging/outbound/tel%3A%2B12345678/r
equests
{"outboundSMSMessageRequest":
{
"address":["tel:+13500000991”],
"senderAddress":"tel:12345678",
"outboundSMSTextMessage":
{
"message":"Hello World”
},
"senderName":"ACME Inc.”
}
"receiptRequest":
{
"notifyURL":"http://…/notifications/",
"callbackData":”12345"},
}
16. Example of an Asynchronous API
Immediate Response:
HTTP/1.1 201
{"deliveryInfo":
{
"address":"tel:+1350000991",
"deliveryStatus":"MessageWaiting”
}
}
"receiptRequest":
{
"notifyURL":"http://…/notifications/",
"callbackData":”12345"},
}
17. Example of an Asynchronous API
Asynch Call-back Response (A new request):
POST http://Client-app.example.com/notifications/
{
"deliveryInfoNotification":
{
"callbackData": "12345”,
"deliveryInfo":
{
"address":"tel:+1350000991",
"deliveryStatus":"DeliveredToNetwork"
}
}
}
25. When the Target Does not Provide a Call Back
1. Request
Client does not wait
for the completion of
API
the process Provider
2. Check Status
Client checks for the
status later
26.
27.
28. Example of the API Façade
API Façade
API
Existing Backend
Exposure &
Capabilities Server
Mgmt.
App relies on REST
34. What is a good timeout for asynch to synch conversion?
35. Do not abandon the Asynchronous APIs
• High throughput
• Lower response-time
36. Provide Choice to Developers when Possible
If you really need a synch API -
Have a synchronous variation of the same API
alongside an asynchronous variation
Hello & Good morningWelcome to the Essential API Façade Patterns WebcastToday is Episode 4 , the last one of the series and we are going to discuss Synchronous to Asynchronous Conversion Façade Pattern.Thanks for joining us today
In terms of relevant preparatory material you can checkout this fantastic community of API thinkers and doers on a google groups called API Crafthang out and feel free to share your thoughts on APIs
The slides that we are going to be presenting today, the earlier slides of the series, and all other webiner slides of the past are available on slidesharePls go to slideshare.net/apigee
This video and other videos of the webcast series will be available on youtubeWe have a youtube channel At youtube.com/apigee
I am Santanu DeyI am a senior solution architect here at Apigee – I am love to work on Integration – primarily focused on API based Integration & I love APIs
This webcast is the last one of a four part series on Essential API Façades PatternsToday we will talk about synchronous to asynchronous conversion patterns using API façade.
Each of these web cast episodes are structured in four sectionsWill take about 20 minutes.
What is the problem statement for this pattern? What is the best way convert an Asynchronous style API to synchronous REST API So that,Applications which consumes these APIs can implement the applications with ease and improved design to make the App-experincebetterFor API providers what is the right way to implement this conversion?“Conversion of Asynchronous style API to Synchronous” For REST APIs and Apps So that is our problem statement today
Let us look at an example of REST style synchronous APIA client sends a request to the server over HTTPAnd then the client will wait for the server to respond back.Processing at the client end will be blocked for the server to respond. If the server does not respond back within a given timeframe, the client will stop waiting for that response. It is a “timeout”
Let me elaborate on synchronous communication with a REST style Request / ResponseTake the example of a standard SMS API. A client application sends a short text message for a destination number to the server. This is the request. A POST request – In REST POST is used used for creating a resource in the server. For instance, SMS is the resource in this case.
If the server is able to process and complete the request the response would look like a standard HTTP success response, with 200 response code,The payload or response body would suggest that the processing was completed. The SMS delivery status as “DeliveredToNetwork” indicates that In case of error scenarios like bad number of bad request you may expect a 400 HTTP response and so on.If the response tokes too long or because HTTP is unreliable there may be occasional connection issues such as data packet drops. In such cases the client would time out. But in case of success, creating the resource.
In case of asynch API as usual the client originates a request.However it does not wait for the server to process the request and send back a response.
The service provider may send back a response, later on, in a completely different service call invocation.The callback notification is then handled by the client.. To process further.From the perspective of the client – the notification can arrive at an out of sync time. It does not halt processing for the response.
Again taking the SMS exampleThe request remains almost same. It is a post request to create the request on the server side.One important distinction here is to include the notification URL and an unique correlation id in the requestthat the response can be identified to be associated with a the original request.In stead of dynamic call back URLs it can also be based on a pre-defined contract.
Because HTTP is itself synchronous Transport, there would have to be an immediate response, though the actual process of handling the SMS may not complete. So the immediate response would be more of an acknowledgement. Here the IMMEDIATE http response would just be a HTTP 201 which means the request was created, but the processing status is shown in the delibvery status
Once the actual processing is completed. The server would respond back.Here the asynchronous response is a new call altogether. Back in to the notify URL of the client.
i.e., the use case may require the user to wait for the response for before the next action – If we do not address that aspect it would lead to loss of user experienceFor user experience issue take this example Take the example of Booking a travel ticketThen booking a hotel stay.So this case the application experience can not Here the end-user application would have to wait for completion of the processing. If we take programmatic workarounds, that may lead to the situation where it may block main flow of the programIf one tries to work around, it might lead to thread management or asynchronous tasks in the client runtime.(If supported.) Code may become difficult to maintain / manage
This is an obvious point.
For the client the it is a single requestThe API Façade makes the necessary plumbing to address the asynchronous provider.
I am going to use a UML sequence diagram to explain the responsibilities of the API Façade layer in this pattern.
Point to consider here – time out till which the Façade layer will wait for a call back.Façade layer constructs and provides the call back URL…Façade waits for the responseIMPORTANT The API Façade layer when it receives the callback – it matches with the request correlator – that takes care of matching the request with response.
What I have not shown in the previous diagram is that the API façade also waits for a time out period. When the time out fails – it responds back to the client with an error response. If the timeout is too long – the end user would have to wait too long for an API response. On the other hand if the timeout is too short in that case the target side may not be able to process the SMS delivery status within that period.
There is a variation of this pattern. Let consider another way of implementing the asynchronous pattern.In this case the target system, the API provider does not
Almost same flow like before. Except that in place of notification from the server, the consumer needs to check the status.
In this case the Façade Layer will be polling for response. Polling frequency, retries are parameters to consider in the design. SO in two cases you may error outTime outStatus obtained from server is “negative”
Ok – before concluding the solution section, quick emphasis on the implementation of the Façade.The Façade is a logical construct in terms of the architecture. It can be implemented by number of software components such as Application servers, databases, API management & exposure layer, analytics and so on. The good news is that the Façade Layer does not need to rebuild all the existing capabilities. The API Service Layer is a Façade on top of the existing capabilities. I wanted to make it clear that we show this layer as a single component – but that is just a logical representation.
It must be a better available piece of infrastructure – Can be more secure – Can be protected by security. basic auth over SSL, IP filtering, etc.If the notification was received even after time-out – it can be debugged, On security,Some information received in the call back is not necessary for the client app. Façade can hide those from client.
Logging, alerting, forwarding to another server.. Etc.SLA monitoring is another important thing to consider for asynch calls. That can be done by the Façade layer as well.
This pattern can be employed to convert inherently asynchronous transport into synchronous.1. JMS interface can be converted into HTTP/REST.
This is totally driven by user experience / requirement enforced by the use case?What is the SLA the backend is providing for the call back?Technically also it can not be infinitely long – all HTTP clients, routers, gateways and servers have reasonable timeouts defined. We should not hit on the borderline of such time lines. Most appliances have 60 to 120 seconds defined.
Apply this pattern only client-application scenarios – where having a call back is not possible..Better user experience in terms of of request processing time.Also holding the request state in a API Façade Layer is a costly use case for a mediation layer. So for a very high throughput transaction this pattern is costly.