The document provides an overview of REST (Representational State Transfer) and compares various Java frameworks that can be used to develop RESTful web services. It discusses REST concepts and how it works. It then describes and compares popular Java REST frameworks like JAX-RS, Jersey, Restlet, RESTEasy, Dropwizard, and Spring REST. It also covers REST security options like Basic Authentication, OAuth 1.0a, and OAuth 2.0 and discusses their pros and cons. Finally, it mentions JAX-RS support for security. In summary, the document is a detailed comparison of Java REST frameworks and security options for developing secure RESTful web services.
Cloud foundry Docker Openstack - Leading Open Source TriumvirateAnimesh Singh
OpenStack, Docker, and Cloud Foundry are the three most popular open source projects according to a recent cloud software survey. Docker has taken the cloud world by storm as a revolutionary way to not only run isolated application containers, but also to package them. But how does Docker fit into the paradigm of IaaS and PaaS? More specifically, how does it integrate with OpenStack and Cloud Foundry, the world's most popular infrastructure and platform service implementations? OpenStack, Docker, and Cloud Foundry are the three most popular open source projects according to a recent cloud software survey. Docker has taken the cloud world by storm as a revolutionary way to not only run isolated application containers, but also to package them. But how does Docker fit into the paradigm of IaaS and PaaS? More specifically, how does it integrate with OpenStack and Cloud Foundry, the world's most popular infrastructure and platform service implementations?
These charts from our OpenStack Summit talk Vancouver talk how the three leading open source cloud technologies are evolving to work together to support next generation workloads!
Extremely high-level overview of some of the major components and sub-systems of the Alfresco platform for content management. Delivered to the Red Hat Summit/JBoss World Campground session on 5/4/2011.
For those who are developing, managing, or planning enterprise Java and business application deployments on Oracle WebLogic Server with Oracle Coherence or Oracle GlassFish Server applications, this session gives a roadmap on how Oracle is evolving this infrastructure to be the next-generation application foundation for its customers to build on in a private cloud setting. Together with Java as a Service Update you will be able to see Oracle’s vision, product plans, and roadmap for this server infrastructure and how it will be used in the rapidly maturing cloud infrastructure space. The session will help you make key decisions about running enterprise applications on Oracle’s enterprise Java server foundation.
WebSphere Application Server Liberty Profile and DockerDavid Currie
Presentation from IBM InterConnect 2015 covering a brief introduction to Docker, the relationship between IBM and Docker, and then using WebSphere Application Server Liberty Profile under Docker.
Containers brought new approach for implementation of DevOps workflows. So our CEO, Ruslan Synytsky, devoted a speech to this topic during Madrid meetup and described in details how Java developers can get benefits from Docker containers in Jelastic Cloud.
Cloud foundry Docker Openstack - Leading Open Source TriumvirateAnimesh Singh
OpenStack, Docker, and Cloud Foundry are the three most popular open source projects according to a recent cloud software survey. Docker has taken the cloud world by storm as a revolutionary way to not only run isolated application containers, but also to package them. But how does Docker fit into the paradigm of IaaS and PaaS? More specifically, how does it integrate with OpenStack and Cloud Foundry, the world's most popular infrastructure and platform service implementations? OpenStack, Docker, and Cloud Foundry are the three most popular open source projects according to a recent cloud software survey. Docker has taken the cloud world by storm as a revolutionary way to not only run isolated application containers, but also to package them. But how does Docker fit into the paradigm of IaaS and PaaS? More specifically, how does it integrate with OpenStack and Cloud Foundry, the world's most popular infrastructure and platform service implementations?
These charts from our OpenStack Summit talk Vancouver talk how the three leading open source cloud technologies are evolving to work together to support next generation workloads!
Extremely high-level overview of some of the major components and sub-systems of the Alfresco platform for content management. Delivered to the Red Hat Summit/JBoss World Campground session on 5/4/2011.
For those who are developing, managing, or planning enterprise Java and business application deployments on Oracle WebLogic Server with Oracle Coherence or Oracle GlassFish Server applications, this session gives a roadmap on how Oracle is evolving this infrastructure to be the next-generation application foundation for its customers to build on in a private cloud setting. Together with Java as a Service Update you will be able to see Oracle’s vision, product plans, and roadmap for this server infrastructure and how it will be used in the rapidly maturing cloud infrastructure space. The session will help you make key decisions about running enterprise applications on Oracle’s enterprise Java server foundation.
WebSphere Application Server Liberty Profile and DockerDavid Currie
Presentation from IBM InterConnect 2015 covering a brief introduction to Docker, the relationship between IBM and Docker, and then using WebSphere Application Server Liberty Profile under Docker.
Containers brought new approach for implementation of DevOps workflows. So our CEO, Ruslan Synytsky, devoted a speech to this topic during Madrid meetup and described in details how Java developers can get benefits from Docker containers in Jelastic Cloud.
As a Service: Cloud Foundry on OpenStack - Lessons LearntAnimesh Singh
According to OpenStack users survey, Cloud Foundry is the 2nd most popular workload on OpenStack. You want to deploy Cloud Foundry on OpenStack or already have. What's next?
Cloud Foundry continues to evolve with revolutionary changes, e.g move from bosh-micro to bosh-init, using the new eCPI, move to Diego etc.
Same with OpenStack, e.g changes from Keystone v2 to v3, from Liberty to Mitaka, network plugins changes etc. Both IaaS and PaaS layers are changing frequently. How do you do in-place updates/upgrades/operational tasks without impacting user experience at both the layers?
In this talk will discuss our lessons learnt operating hybrid Cloud Foundry deployments on top of OpenStack over the last two years and how we used underlying technologies to seamlessly operate them
WebSphere Application Server Liberty Profile and DockerDavid Currie
Latest incarnation of my Liberty and Docker presentation including coverage of the Java EE7 images and the auto-scaling beta. As presented to the UK WebSphere User Group on 1 October 2015.
Slides from Workshop 'Cloud Foundry: Hands-on Deployment Workshop'
http://www.meetup.com/CloudFoundry/events/150601282/
In this workshop you will learn Cloud Foundry fundamental concepts, setup, deployment and operations. We’ll cover a couple of alternatives to deploy CF in a local environment for learning and testing purposes as well as deploying Cloud Foundry atop IaaS production level environment, being able to manage hundreds of components and thousands of applications.
If you did not have a chance to work with Cloud Foundry, it may be useful to test its features locally at first. Deploying this environment on a local machine allows you to get hands-on experience in the solution and, in case you are a contributor, to test some features before you commit them to a production environment.
Heard about Cloud Foundry? Already a Spring, Grails, Ruby, Node.js, Scala, or generalist programmer looking to understand what Cloud Foundry, the open source PaaS from VMware, means to you? Are you an architect trying to understand where PaaS fits it, and what it brings to the table? If you answered "yes" to any of those questions, then join the experts in this bootcamp to Cloud Foundry.
Building Content-Rich Java Apps in the Cloud with the Alfresco APIJeff Potts
This presentation, originally delivered at JavaOne on October 2, 2012, talks about why you should use Alfresco instead of rolling your own content repository and discusses the new public Alfresco API for writing content apps that persist content to Alfresco in the Cloud.
first explains what paas is and then execute helloworld in cloudfoundry which is a vmware paas solution then explain what containerization is the what docker is and how to execute hell world in a docker container
Slide deck from an Alfresco Webinar which can be viewed at http://blogs.alfresco.com/wp/webcasts/2009/05/alfresco-webcast-a-developers-guide-1-capabilities-architecture-optaros/
This presentation discusses what Alfresco is an options for working with Alfresco from a developer perspective.
The recent launch of Alfresco One 5.0 included many key enhancements to the software. Some are provided to increase ease-of-use to end users while others bring new and improved integrations and capabilities to administrators and developers. In addition to several bug fixes, SharePoint Protocol was replaced by Alfresco Office Services and now supports property mapping and better browser support. HTML5 preview includes full text search and the ability to download or permalink from the preview—all without Flash.
The latest improvements to solr 4 will bring a more responsive and faceted search to the software. This includes inline actions for search results as well as the search criteria defaulting to AND rather than OR. Support for clustering/sharding and term highlighting is expected soon as well.
In addition to these advancements, the following list touches on some enhancements. In depth information can be found at https://www.alfresco.com/5ready
CMIS 1.1 Item Type
Site Manager and Analytics
More Aikau components
Advanced inline HTML editor (TinyMCE4)
Many Explorer-only features added to Share
Content encryption at rest
Improvements to docs.alfresco.com
Getting Started With Docker | Docker Tutorial | Docker Training | EdurekaEdureka!
This tutorial on "Getting started With Docker" will help you understand the fundamental concepts in Docker and how it is used for containerization. Below are the topics covered in this tutorial:
1. Challenges With Shipping & Transportation
2. How Does Docker Fit The Bill?
3. What Is Docker?
4. Benefits Of Docker Over Virtual Machines
5. Docker Terminology
6. Architecture Of Docker
7. Hands-On: Running Hello-World Docker Container
To take a structured training on Deep Learning, you can check complete details of our Deep Learning with TensorFlow course here: https://goo.gl/WF1RYI
Altoros Cloud Foundry Training: hands-on workshop for DevOps, Architects and ...Manuel Garcia
Dealing with high-load services of all kinds makes us to seek for new generation tools to build reliable, scalable, and 100% available systems. At this workshop, you will have chance to dive deep into how Cloud Foundry solves the issues of portability, scalability, reliability and extensibility.
Hands-on agenda:
- Application lifecycle: from development to production
- Deep dive into Cloud Foundry architecture
- Where to deploy Cloud Foundry
- How to Deploy Cloud Foundry: from small evaluation to hundreds VMs High Availability production environments
- Scale up and down your infrastructure. Can you auto scale?
- Zero downtime upgrades
- Auto Healing deployments
- Cloud Foundry system logging and monitoring
- Services: types, current restrictions and expectations
As a Service: Cloud Foundry on OpenStack - Lessons LearntAnimesh Singh
According to OpenStack users survey, Cloud Foundry is the 2nd most popular workload on OpenStack. You want to deploy Cloud Foundry on OpenStack or already have. What's next?
Cloud Foundry continues to evolve with revolutionary changes, e.g move from bosh-micro to bosh-init, using the new eCPI, move to Diego etc.
Same with OpenStack, e.g changes from Keystone v2 to v3, from Liberty to Mitaka, network plugins changes etc. Both IaaS and PaaS layers are changing frequently. How do you do in-place updates/upgrades/operational tasks without impacting user experience at both the layers?
In this talk will discuss our lessons learnt operating hybrid Cloud Foundry deployments on top of OpenStack over the last two years and how we used underlying technologies to seamlessly operate them
WebSphere Application Server Liberty Profile and DockerDavid Currie
Latest incarnation of my Liberty and Docker presentation including coverage of the Java EE7 images and the auto-scaling beta. As presented to the UK WebSphere User Group on 1 October 2015.
Slides from Workshop 'Cloud Foundry: Hands-on Deployment Workshop'
http://www.meetup.com/CloudFoundry/events/150601282/
In this workshop you will learn Cloud Foundry fundamental concepts, setup, deployment and operations. We’ll cover a couple of alternatives to deploy CF in a local environment for learning and testing purposes as well as deploying Cloud Foundry atop IaaS production level environment, being able to manage hundreds of components and thousands of applications.
If you did not have a chance to work with Cloud Foundry, it may be useful to test its features locally at first. Deploying this environment on a local machine allows you to get hands-on experience in the solution and, in case you are a contributor, to test some features before you commit them to a production environment.
Heard about Cloud Foundry? Already a Spring, Grails, Ruby, Node.js, Scala, or generalist programmer looking to understand what Cloud Foundry, the open source PaaS from VMware, means to you? Are you an architect trying to understand where PaaS fits it, and what it brings to the table? If you answered "yes" to any of those questions, then join the experts in this bootcamp to Cloud Foundry.
Building Content-Rich Java Apps in the Cloud with the Alfresco APIJeff Potts
This presentation, originally delivered at JavaOne on October 2, 2012, talks about why you should use Alfresco instead of rolling your own content repository and discusses the new public Alfresco API for writing content apps that persist content to Alfresco in the Cloud.
first explains what paas is and then execute helloworld in cloudfoundry which is a vmware paas solution then explain what containerization is the what docker is and how to execute hell world in a docker container
Slide deck from an Alfresco Webinar which can be viewed at http://blogs.alfresco.com/wp/webcasts/2009/05/alfresco-webcast-a-developers-guide-1-capabilities-architecture-optaros/
This presentation discusses what Alfresco is an options for working with Alfresco from a developer perspective.
The recent launch of Alfresco One 5.0 included many key enhancements to the software. Some are provided to increase ease-of-use to end users while others bring new and improved integrations and capabilities to administrators and developers. In addition to several bug fixes, SharePoint Protocol was replaced by Alfresco Office Services and now supports property mapping and better browser support. HTML5 preview includes full text search and the ability to download or permalink from the preview—all without Flash.
The latest improvements to solr 4 will bring a more responsive and faceted search to the software. This includes inline actions for search results as well as the search criteria defaulting to AND rather than OR. Support for clustering/sharding and term highlighting is expected soon as well.
In addition to these advancements, the following list touches on some enhancements. In depth information can be found at https://www.alfresco.com/5ready
CMIS 1.1 Item Type
Site Manager and Analytics
More Aikau components
Advanced inline HTML editor (TinyMCE4)
Many Explorer-only features added to Share
Content encryption at rest
Improvements to docs.alfresco.com
Getting Started With Docker | Docker Tutorial | Docker Training | EdurekaEdureka!
This tutorial on "Getting started With Docker" will help you understand the fundamental concepts in Docker and how it is used for containerization. Below are the topics covered in this tutorial:
1. Challenges With Shipping & Transportation
2. How Does Docker Fit The Bill?
3. What Is Docker?
4. Benefits Of Docker Over Virtual Machines
5. Docker Terminology
6. Architecture Of Docker
7. Hands-On: Running Hello-World Docker Container
To take a structured training on Deep Learning, you can check complete details of our Deep Learning with TensorFlow course here: https://goo.gl/WF1RYI
Altoros Cloud Foundry Training: hands-on workshop for DevOps, Architects and ...Manuel Garcia
Dealing with high-load services of all kinds makes us to seek for new generation tools to build reliable, scalable, and 100% available systems. At this workshop, you will have chance to dive deep into how Cloud Foundry solves the issues of portability, scalability, reliability and extensibility.
Hands-on agenda:
- Application lifecycle: from development to production
- Deep dive into Cloud Foundry architecture
- Where to deploy Cloud Foundry
- How to Deploy Cloud Foundry: from small evaluation to hundreds VMs High Availability production environments
- Scale up and down your infrastructure. Can you auto scale?
- Zero downtime upgrades
- Auto Healing deployments
- Cloud Foundry system logging and monitoring
- Services: types, current restrictions and expectations
Have you know about Microsoft’s new version of ASP.NET Core?
That is ASP.Net Core 3.0, is an open-source, modular, community-focused framework to build superior quality applications.
Read the full blog and know what are the new features and fundamental changes to existing features.
Visit graycelltech.com/blog for more
Dye and Yielding Plants M.P. Dr. Azra khan PH.D. Research Paper ◄ vaquar khan ► ★✔
Natural Dye- Yielding plants Rajgarh District (M.P.)
Rajgarh district of Madhya Pradesh has been unexplored from floristic point of view.
A perusal of literature reveals that there is no publication pertaining to the floristic composition of the area.
It was therefore thought imperative to undertake the botanical survey of this unexplored but floristically rich district of state.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Welcome to the first live UiPath Community Day Dubai! Join us for this unique occasion to meet our local and global UiPath Community and leaders. You will get a full view of the MEA region's automation landscape and the AI Powered automation technology capabilities of UiPath. Also, hosted by our local partners Marc Ellis, you will enjoy a half-day packed with industry insights and automation peers networking.
📕 Curious on our agenda? Wait no more!
10:00 Welcome note - UiPath Community in Dubai
Lovely Sinha, UiPath Community Chapter Leader, UiPath MVPx3, Hyper-automation Consultant, First Abu Dhabi Bank
10:20 A UiPath cross-region MEA overview
Ashraf El Zarka, VP and Managing Director MEA, UiPath
10:35: Customer Success Journey
Deepthi Deepak, Head of Intelligent Automation CoE, First Abu Dhabi Bank
11:15 The UiPath approach to GenAI with our three principles: improve accuracy, supercharge productivity, and automate more
Boris Krumrey, Global VP, Automation Innovation, UiPath
12:15 To discover how Marc Ellis leverages tech-driven solutions in recruitment and managed services.
Brendan Lingam, Director of Sales and Business Development, Marc Ellis
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Enhancing Performance with Globus and the Science DMZGlobus
ESnet has led the way in helping national facilities—and many other institutions in the research community—configure Science DMZs and troubleshoot network issues to maximize data transfer performance. In this talk we will present a summary of approaches and tips for getting the most out of your network infrastructure using Globus Connect Server.
The Metaverse and AI: how can decision-makers harness the Metaverse for their...Jen Stirrup
The Metaverse is popularized in science fiction, and now it is becoming closer to being a part of our daily lives through the use of social media and shopping companies. How can businesses survive in a world where Artificial Intelligence is becoming the present as well as the future of technology, and how does the Metaverse fit into business strategy when futurist ideas are developing into reality at accelerated rates? How do we do this when our data isn't up to scratch? How can we move towards success with our data so we are set up for the Metaverse when it arrives?
How can you help your company evolve, adapt, and succeed using Artificial Intelligence and the Metaverse to stay ahead of the competition? What are the potential issues, complications, and benefits that these technologies could bring to us and our organizations? In this session, Jen Stirrup will explain how to start thinking about these technologies as an organisation.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
2. INTRODUCTION
REST (Representational State Transfer) which was detailed in Roy Thomas Fielding's doctorate dissertation
"Architectural Styles and the Design of Network-based Software Architectures" in year 2000, which can
dramatically reduce the investment necessary to provide service-oriented access to enterprise resources. Fielding
used the term to describe a technique and best practices for retrieving data formatted in XML over HTTP for use in
applications.
REST is an architectural style, not a standard or specification, built on existing, well-understood standards governed
by the W3C, such as HTTP, URI (Uniform Resource Identifier) and RDF(Resource Description Format). REST
services are focused on access to resources.
1
3. REST :
So this means areas that REST works really well for are:
Limited bandwidth and resources; remember the return structure is really in any format (developer
defined). Plus, any browser can be used because the REST approach uses the standard GET, PUT,
POST, and DELETE verbs. Again, remember that REST can also use the XML HttpRequest object
that most modern browsers support today, which adds an extra bonus of AJAX.
Totally stateless operations; if an operation needs to be continued, then REST is not the best
approach and SOAP may fit it better. However, if you need stateless CRUD (Create, Read, Update,
and Delete) operations, then REST is it.
Caching situations; if the information can be cached because of the totally stateless operation of the
REST approach, this is perfect.
SOAP :
Asynchronous processing and invocation; if your application needs a guaranteed level of reliability
and security then SOAP 1.2 offers additional standards to ensure this type of operation. Things like
WSRM – WS-Reliable Messaging.
Formal contracts; if both sides (provider and consumer) have to agree on the exchange format then
SOAP 1.2 gives the rigid specifications for this type of interaction.
Stateful operations; if the application needs contextual information and conversational state
management then SOAP 1.2 has the additional specification in the WS* structure to support those
things (Security, Transactions, Coordination, etc). Comparatively, the REST approach would make the
developers build this custom plumbing.
2
SOAP VS REST
6. APACHE CXF
5
PROJECT HOME http://cxf.apache.org/
ABOUT Apache CXF is an open source services framework. CXF helps you build and develop services using
frontend programming APIs, like JAX-WS and JAX-RS. These services can speak a variety of protocols
such as SOAP, XML/HTTP, Restful HTTP, or CORBA and work over a variety of transports such as
HTTP, JMS or JBI.
Developer(s) Apache Software Foundation
License Type Apache License
Released February 18, 2015 - Apache CXF 3.0.4
Download Page http://cxf.apache.org/download.html
Development Status Active
Tutorial/Getting started http://www.javatips.net/blog/2012/02/cxf-restful-tutorial
Forum Mailing List: http://cxf.apache.org/mailing-lists.html
Support: http://cxf.apache.org/support.html
Support for Java 7 Yes
7. JERSEY
6
PROJECT HOME https://jersey.java.net/
ABOUT Jersey RESTful Web Services framework is open source, production quality, framework for developing
RESTful Web Services in Java that provides support for JAX-RS APIs and serves as a JAX-RS (JSR 311
& JSR 339) Reference Implementation. Jersey provides it’s own API that extend the JAX-RS toolkit with
additional features and utilities to further simplify RESTful service and client development.
Developer(s) Oracle Corporation
License Type CDDL version 1.1 and GPL v2 license
Released August 2008 (Not sure) (One post indicates that it was available since 2007)
Last Release Jersey 2.19 / June 29, 2015
Download Page https://jersey.java.net/download.html
Development Status Active
Tutorial/Getting started https://jersey.java.net/documentation/latest/getting-started.html
http://www.vogella.com/tutorials/REST/article.html
Forum Mailing List: users@jersey.java.net
Stake overflow: http://stackoverflow.com/questions/tagged/jersey
Issue Tracking: https://java.net/jira/browse/JERSEY
Support for Java 7 Yes
8. RESTLET
7
PROJECT HOME http://restlet.com/
ABOUT Restlet Framework is the leading RESTful web API framework for Java. Its unique Java API is available
on both client and server sides, in six consistent editions: Java SE, Java EE, Android, GAE, GWT and
OSGi! This project has been around for a long time and implemented REST before REST was popular.
JAX-RS was a natural extension
Developer(s) Jerome Louvel & Thierry Boileau of Noelios Consulting (now Aeon Consulting partner) and Restlet
community
License Type Apache license 2.0, LGPL license 3.0, LGPL license 2.1, CDDL license 1.0, EPL license 1.0
Released 2005
Last Release 2.3.3 / May 21, 2015
Download Page http://restlet.com/downloads/current/
Development Status Active
Tutorial/Getting started http://restlet.com/technical-resources/restlet-framework/guide/2.2
http://restlet.com/technical-resources/restlet-framework/guide/2.3/extensions/jaxrs
Forum http://restlet-discuss.1400322.n2.nabble.com/
Support for Java 7 Yes
9. RESTEASY
8
PROJECT HOME http://resteasy.jboss.org/
ABOUT RESTEasy is a JBoss project that provides various frameworks to help you build RESTful Web Services
and RESTful Java applications. It is a fully certified and portable implementation of the JAX-RS
specification.
Developer(s) Jboss (redhat)
License Type Apache License, Version 2.0
Released Jan 2009
Last Release Release 3.0.9/Sep 2014
Download Page http://sourceforge.net/projects/resteasy/files/Resteasy%20JAX-RS/
Development Status Active
Tutorial/Getting started https://developer.jboss.org/wiki/ResteasyWIKI
http://www.mastertheboss.com/resteasy/resteasy-tutorial
https://www.youtube.com/watch?v=Re8CggeqDr4
Forum http://resteasy.jboss.org/mailinglists
Support for Java 7 Yes
10. DROPWIZARD
9
PROJECT HOME https://dropwizard.github.io/dropwizard/
ABOUT Dropwizard is a Java framework for developing ops-friendly, high-performance, RESTful web services.
Dropwizard pulls together stable, mature libraries from the Java ecosystem into a simple, light-weight
package that lets you focus on getting things done. Dropwizard has out-of-the-box support for
sophisticated configuration, application metrics, logging, operational tools, and much more, allowing you
and your team to ship a production-quality web service in the shortest time possible.
Developer(s) Yammer Inc.
License Type Apache License, Version 2.0
Released Dec 2011
Last Release July 06, 2015 – Version 0.8.2
Download Page https://dropwizard.github.io/dropwizard/getting-started.html
Development Status Active
Tutorial/Getting started https://dropwizard.github.io/dropwizard/getting-started.html
https://www.openshift.com/blogs/day-13-dropwizard-the-awesome-java-rest-server-stack
Forum https://groups.google.com/forum/#!forum/dropwizard-user
Support for Java 7 Yes
11. SPRING REST
10
PROJECT HOME
ABOUT Spring Framework is an open source services framework. Spring Rest helps you build and develop
services using frontend programming APIs supported by Spring MVC, Spring Rest not JAX-RS
compliant.
Developer(s) pivotal
License Type Apache License 2.0
Released March 2004
Last Release 4.2.0-SNAPSHOT / December 26, 2014
Download Page http://maven.apache.org/download.cgi
http://gradle.org/gradle-download/
Development Status Active
Tutorial/Getting started https://spring.io/guides/gs/rest-service/
https://github.com/spring-guides/gs-rest-service
Forum http://stackoverflow.com/questions/tagged/spring-restdocs
http://forum.spring.io/forum/spring-projects/web
Support for Java 7
12. COMPARISON
We checked both Spring MVC and JAX-RS compliant frameworks to see what may be the most suitable
technology for your purpose.
We think that both technologies can do whatever you want to achieve with it, although there are
philosophical divergences in approach and design. Mainly that Spring is controller hierarchy, while JAX-
RS frameworks adopt a resource hierarchy.
JAX-RS is a specification (JSR311), and you have the advantage of replacing Jersey with Apache CXF
or RESTEasy (theoretically) without effecting your main codebase. Most of the JAX-RS frameworks
support spring integration, so technically your own functional code wouldn't need to change, except for
configuration of JAX-RS frameworks.
Sticking with existing Spring MVC would of course lend towards "less framework explosion" than
introducing another paradigm and more framework(s)
Going with a JAX-RS framework, however might force you, in a good way, to think in terms of resources
first, and encourage logical separation.
11
13. COMPARISON (CONT.…)
All of these are mature and production ready frameworks. They all have integration capabilities with
Spring And of have support to documentation and contract specification , Chances of going wrong with
any of them is minimal..
CXF JAX-RS is implemented as a CXF filter sitting behind the servlets, while Jersey and RestEasy are,
servlet filters.
One unique advantage with CXF is that it makes it very easy to produce both a JAX-RS and JAX-WS
(SOAP) endpoint from the exact same data model and service interface at the same time. So if that is
something which matters to you, this may be the way to go. CXF had issues with handling SSL and
HTTP proxies which seems to have been addressed in recent releases
Restlet based program can run as a standalone Java application. The restlet also supports Java EE
environment with the help of Jetty web container. So this may result into a light-weight implementation
and have unique value that way. There are some challenges or manual work involved in de-marshalling
the response into java object.
12
14. COMPARISON (CONT.…)
RESTEasy may be a good choice if your environment is Jboss oriented. It also provides good
integration with EJB 3.0 and SEAM (something to consider if you have a need for that). Also it has a
proprietary caching for URL or query which could be handy for high volume applications.
Jersey has some of the best tooling (IDE) support specially if you are using NetBeans. So you can
achieve better productivity from tooling perspective. There are some challenges with Jersey-Spring
integration specially with AOP. Also since it is a reference implementation for JAX-RS, it will continue
to support any updates to the specification.
DROPWIZARD promises improved performance and ease of development and has out-of-the-box
support for sophisticated configuration, application metrics, logging, operational tools etc. It aims to
integrate best of breed features and best practices components, something which may be good to
consider from a technical debt perspective as well (use of best of breed libraries tend to reduce
technical debt).
Spring Rest is Easy to use and inbuilt support by spring framework. It using Jekson for convert object to
JSON. Spring Rest has its rich API and annotation support. Spring Rest is not JAX-RS compliant.
13
15. REST SECURITY
Basic Authentication w/ TLS/SSL
1) In the authentication process, a TLS/SSL client sends a message to a TLS/SSL server, and the
server responds with the information that the server needs to authenticate itself. The client and
server perform an additional exchange of session keys, and the authentication dialog ends.
2) When authentication is completed, SSL-secured communication can begin between the server
and the client using the symmetric encryption keys that are established during the
authentication process.
Link:
http://www-01.ibm.com/support/knowledgecenter/SSPVUA_9.0.1/com.ibm.p8.installingmcs.doc/mcsin051.htm
http://java2novice.com/restful-web-services/http-basic-authentication/
http://www.codingpedia.org/ama/how-to-secure-jersey-rest-services-with-spring-security-and-basic-authentication/
16. REST SECURITY
Basic Authentication pros and cons
Pros:
Basic authentication is the easiest of the three to implement, because the majority of the time, it
can be implemented without additional libraries. Everything needed to implement basic
authentication is usually included in your standard framework or language library.
Cons:
The problem with basic authentication is that it is, well “basic”, and it offers the lowest security
options of the common protocols. There are no advanced options for using this protocol, so
you are just sending a username and password that is Base64 encoded. Basic authentication
should never be used without TLS (formerly known as SSL) encryption because the username
and password combination can be easily decoded otherwise.
Passwords are reset often. If you use the password as part of your API authentication scheme,
API access would fail every time the password is changed.
Rest API logout issue, How to perform logout.
15
17. REST SECURITY
Oauth :
• OAuth is an open standard for authorization. OAuth provides client applications a 'secure delegated
access's to server resources on behalf of a resource owner. It specifies a process for resource owners
to authorize third-party access to their server resources without sharing their credentials.
• Designed specifically to work with Hypertext Transfer Protocol (HTTP), OAuth essentially allows access
tokens to be issued to third-party clients by an authorization server, with the approval of the resource
owner, or end-
• user. The client then uses the access token to access the protected resources hosted by the resource
server. OAuth is commonly used as a way for Internet users to log into third party websites using their
Microsoft, Google, Facebook or Twitter accounts without exposing their password.
• OAuth is a service that is complementary to, and therefore distinct from, OpenID. OAuth is also distinct
from OATH, which is a reference architecture for authentication, not a standard for authorization.
16
18. REST SECURITY
Oauth 1.0a:
OAuth Core 1.0 (also known as RFC 5849), the community-based specification published on December
4th, 2007, revised June 24th, 2009, and finalized in April 2010 is one of the fastest growing Open Web
specifications. It provides a much needed solution for security web APIs without requiring users to share
their usernames and passwords.
https://github.com/ddo/oauth-1.0a
Note :Important: OAuth 1.0 was officially deprecated on April 20, 2012, and is no longer supported. We
encourage you to migrate to OAuth 2.0 as soon as possible.
17
19. Oauth 1.0 a pros and cons
Pros:
Oauth 1.0a is the most secure of the three common protocols. Oauth1 is a widely-used, tested, secure,
signature-based protocol. The protocol uses a cryptographic signature, (usually HMAC-SHA1) value
that combines the token secret, nonce, and other request based information. The great advantage of
OAuth 1 is you never directly pass the token secret across the wire, which completely eliminates the
possibility of anyone seeing a password in transit. This is the only of the three protocols that can be
safely used without SSL (although you should still use SSL if the data transferred is sensitive).
Cons:
This level of security comes with a price: generating and validating signatures can be a complex
process. You have to use specific hashing algorithms with a strict set of steps. However, this
complexity isn’t often an issue anymore as every major programming language has a library to handle
this for you.
18
REST SECURITY
20. REST SECURITY
OAuth 2.0 :
OAuth 2.0 is the next evolution of the OAuth protocol which was originally created in late 2006. OAuth
2.0 focuses on client developer simplicity while providing specific authorization flows for web
applications, desktop applications, mobile phones, and living room devices. This specification is being
developed within the IETF OAuth WG and is based on the OAuth WRAP proposal.
19
21. REST SECURITY
OAuth 2.0 a pros and cons
Pros:
Oauth2’s current specification removes signatures, so you no longer need to use cryptographic
algorithms to create, generate, and validate signatures. All the encryption is now handled by TLS,
which is required. There are not as many Oauth2 libraries as there are Oauth1a libraries, so integrating
this protocol into your API may be more challenging.
Cons:
OAuth2’s default settings are less secure than OAuth1 (no digital signature means you can’t verify if
contents have been tampered with before or after transit), we recommend OAuth1 over OAuth2 for
sensitive data applications. OAuth2 could make sense for less sensitive environments, like some social
networks.
20
24. HATEOAS
Hypermedia as the Engine of Application State, is a constraint of the REST application architecture that
distinguishes it from most other network application architectures.
A hypermedia-driven site provides information to navigate the site's REST interfaces dynamically by
including hypermedia links with the responses.
Layman terms HATEOAS means provide all required information to client with response so client can
use same information for further call or logics.
A simple JSON presentation is traditionally rendered as:
{ "name" : “Vaquar" }
HATEOAS-based response would look like this:
{ "name": “Vaquar",
"links": [ { "rel": "self", "href": "http://localhost:8080/customer/1" } ]
}
Example:
http://keaplogik.blogspot.com/2015/01/spring-hateoas-embedded-resources-with.html
23
25. HATEAOAS provides a way to interact with the REST API entirely through hyperlinks. With each call
that you make to the API, we’ll return an array of links that allow you to request more information about
a call and to further interact with the API. You no longer need to hard code the logic necessary to use.
There are three components for each link in a HATEOAS links array:
href: URL of the related HATEOAS link you can use for subsequent calls.
rel: Link relation that describes how this link relates to the previous call.
method: The HTTP method required for the related call.
[ {
"href": "https://api.sandbox.paypal.com/v1/payments/payment/PAY-6RV70583SB702805EKEYSZ6Y",
“
rel": "self",
"method": "GET"
}, {
"href": "https://api.sandbox.paypal.com/v1/payments/payment/PAY-
6RV70583SB702805EKEYSZ6Y/execute",
"rel": "execute",
"method": "POST"
} ]
24
27. Level 0: Swamp of POX
Level 0 uses its implementing protocol (normally HTTP, but it doesn't have to be) like a transport protocol.
That is, it tunnels requests and responses through its protocol without using the protocol to indicate
application state. It will use only one entry point (URI) and one kind of method (in HTTP, this normally is
the POST method). Examples of these are SOAP and XML-RPC.
Level 1: Resources
When your API can distinguish between different resources, it might be level 1. This level uses multiple URIs,
where every URI is the entry point to a specific resource. Instead of going through
http://example.org/articles, you actually distinguish between http://example.org/article/1 and
http://example.org/article/2. Still, this level uses only one single method like POST.
26
28. Level 2: HTTP verbs
API MUST use HTTP verbs. It doesn't. REST is completely protocol agnostic, so if you want to use a
different protocol, your API can still be RESTful.
This level indicates that your API should use the protocol properties in order to deal with scalability and
failures. Don't use a single POST method for all, but make use of GET when you are requesting
resources, and use the DELETE method when you want to delete a resources. Also, use the response
codes of your application protocol. Don't use 200 (OK) code when something went wrong for instance.
By doing this for the HTTP application protocol, or any other application protocol you like to use, you
have reached level 2.
Level 3: Hypermedia controls
Level 3, the highest level, uses HATEOAS to deal with discovering the possibilities of your API towards the
clients. More information about HATEOAS can be found below.
- See more at: http://restcookbook.com/Miscellaneous/richardsonmaturitymodel/#sthash.hKwUyXJn.dpuf
27
29. ERROR HANDLING
Best Practices for REST Error Handling
Human Readable Error Messages: Part of the major appeal of REST based web services is that you
can open any browser, type in the right URL, and see an immediate response -- no special tools
needed. However, HTTP error codes do not always provide enough information. For example, if we take
option 1 above, and request and invalid book ID, we get back a 404 Error Code. From the developer
perspective, have we actually typed in the wrong host name, or an invalid book ID? It's not immediately
clear. In Option 3 (DAS), we get back a blank page with no information. To view the actual error code,
you need to run a network sniffer, or point your browser through a proxy. For all these reasons, I think
Option 4 has a lot to offer. It significantly lowers the barrier for new developers, and enables all
information related to a web service to be directly viewable within a web browser.
Application Specific Errors: HTTP status codes are specific to document retrieval and posting, and
these may not map directly to your application domain. For example, one of the DAS error codes relates
to invalid genomic coordinates (sequence coordinate is out of bounds/invalid). What HTTP error code
would we map to in this case?
Machine Readable Error Codes: As a third criteria, error codes should be easily readable by other
applications.
http://www.codingpedia.org/ama/error-handling-in-rest-api-with-jersey/
28
30. REST VERSION
A commonly used way to version your API is to add a version number in the URL.
For instance:
/api/v1/article/1234
To "move" to another API, one could increase the version number:
/api/v2/article/1234
The hypermedia way
GET /api/article/1234 HTTP/1.1 Accept: application/vnd.api.article+xml; version=1.0
M E R V A / B O X 29
31. REST PARTIAL RESPONSE AND PAGINATION
Partial Response :
Making API faster we can filter Rest response based on given criteria , instead of returning full objects in API
responses with all the data fields, only a subset of data fields are returned. The benefit is obvious —- less data
transferred over the network means less bandwidth usage, faster server response, less CPU time spent on the
server and client, as well as less memory usage on the client.
Example:
https://blog.apigee.com/detail/restful_api_design_can_your_api_give_developers_just_the_information
https://developers.google.com/youtube/2.0/developers_guide_protocol_partial
Pagination:
Pagination is the process of dividing (content) into discrete pages, It is necessary to anticipate the paging of your
resources in the early design phase of your API. It is indeed difficult to foresee precisely the progression of the
amount of data that will be returned.
http://blog.octo.com/en/design-a-rest-api/
https://developer.atlassian.com/confdev/confluence-rest-api/pagination-in-the-rest-api
http://dev.billysbilling.com/blog/How-to-make-your-API-better-than-the-REST
30
32. REST TESTING
Following testing tools available to perform end to end Rest testing
https://github.com/spring-projects/rest-shell
https://addons.mozilla.org/en-us/firefox/addon/poster/
https://spring.io/blog/2009/03/27/rest-in-spring-3-resttemplate
http://howtodoinjava.com/2015/02/20/spring-restful-client-resttemplate-example/
http://www.soapui.org/rest-testing/getting-started.html
31
33. REST CACHING
32
The goal of caching is never having to generate the same response twice. The benefit of doing this is that we
gain speed and reduce server load. The best way to cache your API is to put a gateway cache (or
reverse proxy) in front of it. Some frameworks provide their own reverse proxies
https://www.varnish-cache.org/
http://sleeplessinslc.blogspot.com/2009/03/example-of-caching-with-rest-using.html
34. REST DOCUMENTATIONS
Following tools are good for generating documentation not for contract agreement
Swagger
An open spec for describing REST APIs [ github ]
Tools for auto-generating
Documentation
Code for your API
Mashery
An open source project [ github ]
Tools for generating
Documentation
An exploration interface for your API
Apiary and API Blueprint
Write the API description in a DSL within markdown
Tools for auto-generating
Documentation
Mock server
Seems to be focused on ruby+mac devs
33
35. RAML
A spec for describing REST APIs [ github ]
APIgee
A commercial product with some documentation features
A commercial product with some documentation features
miredot
Commercial REST API documentation generator
Java specific
34