OverBlog top European blogging platform chose Symfony 2 for its brand new version. Lear about their engineers feedbacks on how they design their software architecture based on Symfony 2. The following points will be discussed: - Dependency injection: Making a high speed transport layer with Apache Thrift into Symfony 2. - Security Bundle: Integrating a Single Sign On - Twig: Using Twig sandbox to jail custom OverBlog's users themes integration. This presentation will be animated by Xavier HAUSHERR (CTO) and Gérald LONLAS (Project manager)

1. The use of Symfony2
@ Overblog
By Xavier HAUSHERR and Gérald Lonlas

2. About Us
Xavier HAUSHERR Gerald LONLAS
CTO Project manager
Twitter: @xkobal Twitter: @geraldlonlas

3. What is OverBlog?
Born in 2004, OverBlog is the top leading European
blogging platform.
Was the first platform to share the revenue generated by
the audience.
It’s also:
2 millions blogs in 5 languages
35 millions uniques visitors per month
250 millions pages views per month
13th French site audience
50 servers to serve blogs

4. OverBlog before Symfony 2
The previous version of OverBlog is based on:
Jelix framework 1.1 Custom
PHP 5.2
Postgresql 8
Spread on 50 servers:
1 database master
11 databases slaves
38 hits and caches

5. OverBlog technical specifications
Capable of handling the load
Be scalable
Separate services: may be switch off
Reducing the pages execution time
Speed up data access
Stop with the monolith
Test driven development
Take pleasure to develop

6. PHP Frameworks
Jelix 1.3:
Small community
Product continuity
Zend framework 1:
Not full stack
Not a framework
Symfony 1:
End of life
not enough modular
performances

7. Why Symfony 2?
Full stack framework Young framework
Dependency injection Too few bundles
Good performances Strongly coupled with Doctrine
Twig & I18N Time/cost to learn
Symfony community
Sensio support
Team experience in Symfony 1

8. The use of Symfony2 @ Overblog
Service Oriented Architecture

9. Projects Distribution
One Symfony project for each part of the platform.
Each project must be independent and could be in any language
Administra-on Comments Core
Developer0
Portal Sta-s-cs
Center
Users00(SSO)

10. Software Used

11. Projects Distribution

12. Service Architecture
www Internal
API
Front End Web
Project API
Databases

13. The use of Symfony2 @ Overblog
Transport Layer

14. First Try: JSON-RPC
Easy to code
REST is natively integrated into Symfony
Object must be rebuilt from JSON
No type validation
No standard
No data model
Poor performance

15. Some statistics about Web Services
Size (bytes)
Thrif - TCompactProtocol
Thrift - TBinaryProtocol
Protocol Buffers
Remote Method Invocation (RMI)
REST - JSON
REST - XML
0 100 200 300 400 500 600 700 800 900 1000
Average Wall Time for 10000 queries (s)
Thrif - TCompactProtocol
Thrift - TBinaryProtocol
Protocol Buffers
Remote Method Invocation (RMI)
REST - JSON
REST - XML
0 50 100 150 200 250 300 350 400
http://jnb.ociweb.com/jnb/jnbJun2009.html

16. Second Try: Apache Thrift
Developed by Facebook
Incubated by Apache Software Foundation
Object data model
Definition are compiled into classes and interfaces
Cross language
Basic type validation
Binary transfer
PHP extension
No Symfony integration
Obsolete PHP Library
Small community

17. Thrift Integration In Symfony
Client Server
1. Thrift fork
Give compatibility with Controler Business
Service
UniversalClassLoader
Real namespace usage
}
Thrift
Remove hardcoded inclusion Bundle
Generated code
2. We create a bundle to integrate Thrift into
Service
client
} Service
client
Symfony write () /
read ()
write () /
read ()
Dependency injection integration
Definitions are compiled at cache warmup TProtocol TProtocol
in cache directory
Autoloader or Factory to instantiate object TTransport TTransport
2 modes: HTTP Controller or Socket
daemon
Unit Tests
Input / Input /
output output
3. Work with developers to integrate these
modifications into the next Thrift release.

18. Thrift Definition
namespace php ThriftModel.User
namespace java com.overblog.thriftModel.user
include "Generic/Image.thrift"
exception InvalidValueException
{
1: i32 code,
2: string message
}
enum Lang
{
FR,
EN
}
struct User
{
1: i64 id,
2: string email,
3: optional string password,
4: optional Image avatar
}
service UserService
{
User getUserById(1: i64 id) throws (1: InvalidValueException e),
bool deleteUser(1: i64 id) throws (1: InvalidValueException e)
}

19. Thrift Integration In Symfony
services:
overblog_api.extension.user:
class: OverblogUserInternalApiBundleApiUserExtension
arguments: [@service_container]
tags:
-: { name: "thrift.extension" }
overblog_thrift:
services:
user:
definition: User
namespace: ThriftModelUser
bundleNameIn: OverblogCommonBundle
server: true
servers:
user:
service: user
handler: overblog_api.extension.user
clients:
comment:
service: user
type: http
hosts:
comment:
host: 192.168.0.1
port: 8080

20. Thrift Integration In Symfony
namespace OverblogUserInternalApiBundleController;
use SymfonyBundleFrameworkBundleControllerController;
class UserController extends Controller
{
public function getUserAction($id)
{
try
{
$p = $this->get('thrift.client.user')
->getClient()
->getUserById($id);
}
catch (Exception $e)
{
throw $this->createNotFoundException();
}
}
}

21. Thrift Integration In Symfony
namespace OverblogUserInternalApiBundleApi;
use ThriftModelUserUserIf;
use OverblogThriftBundleApiExtensionsBaseExtension;
class UserExtension extends BaseExtension implements UserIf
{
public function getUserById($id)
{
return
$this->getInstance(
'ThriftModelUserUser',
array(
'id' => $id,
'email' => 'user@overblog.com',
'lang' => ThriftModelUserLang::FR
)
);
}
}

22. The use of Symfony2 @ Overblog
Security Bundle: Overblog SSO

23. Why a SSO ?
Need only one authentication for several services:
•Administration,
•Comments,
•Portal
•Public API (Mobile app)
Session must be checked in PHP or Javascript
Scalability.
Must be able to kill a session
Can be plugged with other system

24. SSO with Security Bundle
Use the Symfony Security Layer
One provider per service
Bundle creation to secure services
Main entry point is located on SSO
Logout disconnect from project and SSO
Token definition with rights embedded
Use RememberMe functionality to have long authentication
Catch security exception to return 401 instead of redirect

25. SSO Diagram
3. User is prompted to log in
User
1. User hit a
protected ressource
2. User is
redirected to SSO
5. User can now 4. SSO notifies the server that
access the ressource access has been granted by
redirecting user with token

26. The use of Symfony2 @ Overblog
Blog themes with Twig sandbox

27. Blog rendering
Functional specifications:
Allow the fully customization of themes
Friendly meta language
Sandbox the theme execution
Cache pages
Good performance

28. Why Twig?
The markup
Allow sandboxing & policies
Making our own filters
Compiling theme markup
Packed with Symfony 2

29. Twig usage
Twig_loader_string
No cache
Twig_loader_string
With cache

30. Sandbox configuration
# Twig sandbox policy parameters
sandbox_policy.tags: [if,list]
sandbox_policy.filters: [capitalize, date, default, upper, lower]
sandbox_policy.function: [Custom]
sandbox_policy.properties: {}
sandbox_policy.methods:
OverblogThemeServiceBundleModelBlogInterface:
- getTitle
- getUrl
# Init Sandbox parameters
twig.extension.sandbox.policy:
class: Twig_Sandbox_SecurityPolicy
arguments: [ %sandbox_policy.tags%, %sandbox_policy.filters%,
%sandbox_policy.methods%, %sandbox_policy.properties%,
%sandbox_policy.function% ]
# Enable Twig Sandbox extension
twig.extension.sandbox:
class: Twig_Extension_Sandbox
arguments: [@twig.extension.sandbox.policy, false]

31. Evaluate Twig markup
$source = '<html>.....</html>';
require_once '/path/to/lib/Twig/Autoloader.php';
Twig_Autoloader::register();
$loader = new Twig_Loader_String();
$twig = new Twig_Environment($loader, array(
'cache' => false,
));
$sandboxExtension = new Twig_Extension_Sandbox();
$sandboxExtension->enableSandbox();
$twig->addExtension($sandboxExtension);
try
{
// Evaluate theme with Twig Sandbox
$twig->loadTemplate($source)->render(
$this->getMockParams()
);
}
catch (Twig_Sandbox_SecurityError $e)
{
throw new Exception('Syntax not allowed');
}

32. The use of Symfony2 @ Overblog
Internationalization

33. Internationalization
OverBlog is ported in 5 languages
English, French, Spanish, Italian, German
Our best combo
XLIFF format.
Pootle opensource tool

34. XLIFF markup
XLIFF generated by Pootle
<trans-unit id="january" approved="yes">
<source>january</source>
<target state="translated">January</target>
</trans-unit>

35. Thanks for your time
Questions?
Take some time to create your blog on
en.over-blog.com

36. Links
Thrift fork: https://github.com/ebuzzing/thrift
Thrift bundle: https://github.com/ebuzzing/
OverblogThriftBundle
JIRA: https://issues.apache.org/jira/browse/
THRIFT-1615
Pootle: http://translate.sourceforge.net/wiki/
pootle/index