design rest services with cxf jax rs implementation best
play

Design REST Services with CXF JAX- RS implementation: best practices - PowerPoint PPT Presentation

Jan 13, 2023 •462 likes •1.07k views

Design REST Services with CXF JAX- RS implementation: best practices and lessons learned Andrei Shakirin, Talend ashakirin@talend.com ashakirin.blogspot.com Agenda REST architectural style Design of REST API for Syncope domain

  1. Design REST Services with CXF JAX- RS implementation: best practices and lessons learned Andrei Shakirin, Talend ashakirin@talend.com ashakirin.blogspot.com

  2. Agenda • REST architectural style • Design of REST API for Syncope domain • Practical aspects of using CXF JAX-RS

  3. About Me • Software architect in Talend Team • PMC and committer in Apache CXF and commiter in Apache Syncope projects • Speaker for Java conferences

  4. Representational State Transfer • Set of principals and restrictions • HTTP is one instantiation of the REST • The scope of REST architectural style: loosely coupled application

  5. REST Principles 1. Everything has an ID 2. Using IDs to link things together: hypermedia and HATEOAS 3. Uniform interface 4. Interaction with resources through the representation 5. Communication is stateless

  6. JAX-RS • Specification and Java API • Support in exposing a resource Java class (a POJO) as a web resource • Versions: 1.0, 1.1, 2.0 (client API, asynchronous API, filters and interceptors) • Implementations: Jersey, Apache CXF, Resteasy, …

  7. REST API Design

  8. Apache Syncope

  9. Syncope Domain Model • Users (name, password, dates, attributes) • Roles (name, owners, attributes) • Entitlements (TASK_DELETE, ROLE_CREATE) • Connectors (ConnID bundle: DatabaseTable, SOAP) • External Resources (name, connector, mode, mapping) • Tasks (user/role template, resource, action, status)

  10. Resources and URIs: Rules • Resource is anything to be referenced • Normally resources are the nouns • Resources are coarse grained • URIs: descriptive and well structured • URIs: scoping information

  11. Design Attempt /users/addUser /users/a1b2c3/verifyPassword /roles/s8g3j8/updateRole /tasks/submitTask Don‘t do it!

  12. Resources Types 1. Predefined top-level resources 2. Resource for collection of objects 3. Resource for every exposed objects 4. Resource representing results of algorithms

  13. Top Level Resources • Entry point to the API • Home page or list of root entities (collections) URIs: http(s)://api.syncope.org/administration vs http(s)://api.syncope.org/administration/rest/jaxrs/c xf

  14. Collection Resources /users /roles /connectors /policies /resources /tasks

  15. Instance Resources /users/user123 /users/user123/status /roles/roleA /roles/roleA/parent /connectors/ldap /connectors/ldap/bundles No Hierarchy? /relationships/user123,roleA /color-blends/red;blue

  16. Algorithm Resources /users?failedLogin=true /tasks?type=propagation&status=success FIQL (Feed Item Query Language): /tasks?_s=date=lt=2014-10-31;date=gt=2014- 10-01;(type==sync)

  17. Subset of Uniform Interface Will the client will fetch resource of this type? GET /users GET /users/a1b2c3

  18. Subset of Uniform Interface Will the client delete resource of this type? DELETE /users/a1b2c3

  19. Subset of Uniform Interface Will the client modify resource of this type? PUT /users/a1b2c3

  20. Subset of Uniform Interface Will the client create resource of this type? Who is in charge to determine URI: server / client? Server : POST /users 201 Created, Location=/users/a1b2c3 Client: PUT /users/myuser

  21. Resource API: UserService

  22. Representations: Media Types Data Format + Parsing rules

  23. Representations: Media Types • Standard: text/html application/json application/xml application/xhtml+xml application/x-www-form-urlencoded • Custom: application/user+json application/vnd.mycompany-myformat • Versioned: application/user+json&v2

  24. Representations: JAX-RS @Path("users") @Consumes("application/json", "application/xml") @Produces("application/json", "application/xml") public interface UserService { @GET @Produces("application/json;qs=1.0", "application/xml;qs=0.75" ) Collection<UserTO> list(); @POST @Consumes("application/json;q=1.0", "application/xml;q=0.25") Response create(UserTO userTO) ; … }

  25. CXF: Entity Providers • XML: JAXBElementProvider, Source application/xml, application/*+xml, text/xml • JSON: JSONProvider(Jettison), Jenkins application/json, application/*+json • Multipart: Attachments, MultipartBody multipart/mixed, multipart/related, … • BinaryData application/octet-stream, … • XSLTJaxb, Atom, Dom4J, XMLBeans, …

  26. JSON: Jettison vs Jackson CXF JSONProvider (based on Jettison) • Adopt XML structures to JSON (mapped, BadgerFish) • STaX API (XMLStreamWriter, XMLStreamReader) • Flexible and simple (prefixes, root elements, array serialization, unwrapping, XSLT transformations) • Using: for small payloads, if flexibility required <root><child>test</child><child>test</child></root> { "root" : { child : [ "test", "test" ] } }

  27. JSON: Jettison vs Jackson Jackson • Not XML oriented • Supports streaming, tree and data binding models • Supports Jackson specific annotations • Using: middle and large payloads, sophisticated class hierarchy @JsonTypeInfo(use=Id.CLASS, include=As.PROPERTY, property="class")

  28. Representation: Links • HTML/XHTML <a href="http://mysyncope.com">Syncope</a> • XML <element xlink:href="http://mysyncope.com">Syncope</element> • JSON: ?

  29. Links in JSON • JSON HAL (Mike Kelly, IETF draft) • Siren (Kevin Swiber) • Collection + JSON (Mike Amudsen) • Custom format

  30. JSON HAL GET /tasks

  31. Relations: Many To Many User Role role 1 user 1 role 2 user 2 role N user N

  32. Relations as Resources Membership User Role user 1 role 2 createdBy timestamp

  33. Errors • Choose appropriate HTTP status code • Set short error code for automatic processing • Provide informative and descriptive entity- bodies • Use JAX-RS ExceptionMappers

  34. Errors: Code Mapping 1. Decide is it client or server problem (4xx/5xx) 2. Look into HTTP status code spec and select approprite one: • Entity Not Found -> 404 Not Found • Entity Already Exist -> 409 Conflict • IllegalArgumentException -> 400 Bad Request

  35. Errors: HTTP Response 404 Not found X-Application-Error-Code: EntityNotFound X-Application-Error-Info: entity=user,id=a1b2c3 { A user ‘a1b2c3‘ is not found in Syncope storage. Check if user name is correct. Refer following link for the details: https://cwiki.apache.org/confluence/pages/viewpage.acti on?pageId=30751185/ }

  36. Errors: Batch Operations 207 Multi-Status X-Application-Error-Code: Composite { “message“: “Multiple errors detected“ “errors“: [ { “statusCode“: 409 “errorCode“: “ EntityExists “ “ errorMessage “ : “User ‘a1b2c3‘ already exists“ } { “statusCode“: 404 “errorCode“: “ NotFound “ “errorMessage“: “User ‘d4e5f6‘ not found“ } … ] }

  37. Errors: ExceptionMappers @Provider public class RestServiceExceptionMapper implements ExceptionMapper<SyncopeClientException> { @Override public Response toResponse(final SyncopeClientException ex) { LOG.error("SyncopeClientException thrown by REST method: " + ex.getMessage(), ex); builder = ex.isComposite() ? getSyncopeClientCompositeExceptionResponse(ex.asComposite()) : getSyncopeClientExceptionResponse(ex); return builder.build(); } }

  38. Asynchronous Processing • Model operations taking a long time • Provide non-blocking calls on the client side • Provide suspended responses on the server side

  39. Asynchronous: Long Operations POST /tasks HTTP/1.1 { "propagationMode": "TWO_PHASES", "resource": { "href": "/resources/98712" } "status": "NONE", … } 202 Accepted Location: /tasks/x7h3b4 GET tasks/x7h3b4 { "propagationMode": "TWO_PHASES", "resource": { "href": "/resources/98712" } "status": "IN_PROGRESS", … }

  40. Asynchronous: Client API InvocationCallback<Response> callback = new InvocationCallback { public void completed(Response res) { System.out.println("Request success!"); } public void failed(ClientException e) { System.out.println("Request failed!"); } }; client.target("http://mysyncope.org/tasks") .request() .async() .post(myEntity, callback);

  41. Asynchronous: Server API @Path("/connectors") public class AsyncResource { @GET public void asyncGet(@Suspended final AsyncResponse asyncResponse) { new Thread(new Runnable() { @Override public void run() { String result = readConnectors(); asyncResponse.resume(result); } private String readConnectors() { // ... very expensive operation } }).start(); } }

  42. Transactions /tasks/f3g4n5 { “userFilter“: “age<=16“ } /tasks/l8b3n7 { “userFilter“: “age>16“ } Requirement: update age to 18 in both tasks in transaction

  43. Transactional View 1. Create transaction: POST /transactions/tasks-update 201 Created Location: /transactions/tasks-update/89d3 2. Update transaction resources: PUT /transactions/tasks-update/89d3/tasks/f3g4n5 { “userFilter“: “age<=18“ … } PUT /transactions/tasks-update/l8b3n7/tasks/f3g4n5 { “userFilter“: “age>18“ … }

Recommend

Introduction to REST Web REST Web Services Characteristics Services Principle of REST Web

Introduction to REST Web REST Web Services Characteristics Services Principle of REST Web

Introduction to REST Web Services 2/14/2009 Agenda What is REST? Introduction to REST Web REST Web Services Characteristics Services Principle of REST Web Services Design Semantic of HTTP/1.1 Operations Asst. Prof. Dr. Kanda

522 views • 12 slides
RESTful Web Services Stefan Marr Agenda What is REST? The Bookmark Example Principles of REST

RESTful Web Services Stefan Marr Agenda What is REST? The Bookmark Example Principles of REST

RESTful Web Services Stefan Marr Agenda What is REST? The Bookmark Example Principles of REST Web Service Design Semantic of HTTP/1.1 Operations SOAP vs. REST Style Assets and Drawbacks Security Public Web Services HPI, Seminar Advanced

330 views • 10 slides
Outline What is ReST ? Constraints in ReST REST Architecture Components Features of

Outline What is ReST ? Constraints in ReST REST Architecture Components Features of

Outline What is ReST ? Constraints in ReST REST Architecture Components Features of ReST applications Example of requests in REST &amp; SOAP Complex REST request REST Server response Real REST examples REST Design

603 views • 34 slides
GHS implementation (and GHS- like implementation) in the rest of Asia September, 30, 2014;

GHS implementation (and GHS- like implementation) in the rest of Asia September, 30, 2014;

GHS implementation (and GHS- like implementation) in the rest of Asia September, 30, 2014; Washington, DC Dr. Piyatida Pukclai 1 Agenda Thailand: Hazardous Substance Act Malaysia: Occupational Health and Safety Act, CLASS and EHSNR

953 views • 51 slides
Design to Implementation: Delivering the New Children &amp; Family Treatment Support Services

Design to Implementation: Delivering the New Children &amp; Family Treatment Support Services

Design to Implementation: Delivering the New Children &amp; Family Treatment Support Services Objectives To provide an overview of the multi-level change that accompanies implementation of new services To describe the different roles

1.06k views • 57 slides
More on Distributed Web Services: REST Architecture REST, or Representational State Transfer, is

More on Distributed Web Services: REST Architecture REST, or Representational State Transfer, is

Web Services REresentation State Transfer (REST) More on Distributed Web Services: REST Architecture REST, or Representational State Transfer, is a distributed communication architecture fast becoming the lingua franca for Cloud Computing. The

353 views • 17 slides
IN5320 RESTful Web Services Outline The REST Architectural Style HTTP - REST in practice

IN5320 RESTful Web Services Outline The REST Architectural Style HTTP - REST in practice

IN5320 RESTful Web Services Outline The REST Architectural Style HTTP - REST in practice RESTful web services RESTful web services compared to other web services and tools Why REST? Already worked with a RESTful API in the

838 views • 58 slides
RESTful APIs REST Representational State Transfer architectural style, set of design constraints

RESTful APIs REST Representational State Transfer architectural style, set of design constraints

CS 498RK SPRING 2019 RESTful APIs REST Representational State Transfer architectural style, set of design constraints coined in Roy T. Fieldings dissertation (2000) the Web is the largest implementation three important technologies: HTTP,

714 views • 55 slides
RESTful APIs REST Representational State Transfer Architectural style, set of design constraints

RESTful APIs REST Representational State Transfer Architectural style, set of design constraints

CS 498RK SPRING 2020 RESTful APIs REST Representational State Transfer Architectural style, set of design constraints Coined in Roy T. Fieldings dissertation (2000) The Web is the largest implementation Three important technologies: HTTP,

809 views • 55 slides
RESTful APIs REST Representational State Transfer architectural style, set of design constraints

RESTful APIs REST Representational State Transfer architectural style, set of design constraints

CS 498RK FALL 2016 RESTful APIs REST Representational State Transfer architectural style, set of design constraints coined in Roy T. Fieldings dissertation (2000) the Web is the largest implementation three important technologies: HTTP,

585 views • 54 slides
Topics RPC vs. REST: What's the What makes an API truly REST best practices difference

Topics RPC vs. REST: What's the What makes an API truly REST best practices difference

Topics RPC vs. REST: What's the What makes an API truly REST best practices difference and why does it RESTful? (Constraints and (common problems and matter? interface) their solutions) Planning and developing Drupal services

632 views • 28 slides
SECURE BY DESIGN Security Design Principles for the Rest of Us GOTO London 2016 Eoin Woods -

SECURE BY DESIGN Security Design Principles for the Rest of Us GOTO London 2016 Eoin Woods -

SECURE BY DESIGN Security Design Principles for the Rest of Us GOTO London 2016 Eoin Woods - Endava @eoinwoodz 1 BACKGROUND Eoin Woods CTO at Endava (technology services, 3300 people) 10 years in product development - Bull,

453 views • 31 slides
Design and Implementation of a Design and Implementation of a Behaviorally Typed Programming

Design and Implementation of a Design and Implementation of a Behaviorally Typed Programming

Departamento de Informtica Mestrado em Engenharia Informtica Design and Implementation of a Design and Implementation of a Behaviorally Typed Programming System Behaviorally Typed Programming System for Web Services for Web Services

692 views • 66 slides
CPS 108, Fall 1999 Program Design and Implementation Software Design and Implementation

CPS 108, Fall 1999 Program Design and Implementation Software Design and Implementation

CPS 108, Fall 1999 Program Design and Implementation Software Design and Implementation Language independent principles of design and programming Object oriented programming and design design heuristics good design helps do away

295 views • 3 slides
REST Services in Action: Using RESTful APIs with HPE NonStop Applications Todd Barth - NuWave

REST Services in Action: Using RESTful APIs with HPE NonStop Applications Todd Barth - NuWave

REST Services in Action: Using RESTful APIs with HPE NonStop Applications Todd Barth - NuWave Andrew Price - NuWave Agenda REST API Overview Market Adoption APIs in Financial Services NuWave REST-based Middleware Overview

465 views • 30 slides
REST Web-based APIs REST Representational State Transfer Style of web software

REST Web-based APIs REST Representational State Transfer Style of web software

REST Web-based APIs REST Representational State Transfer Style of web software architecture that simplifies application Not a standard, but a design pattern REST Take all resources for web application (data, files, functions)

722 views • 22 slides
Take a small REST Simple approaches for REST in smalltalk Norbert Hartl 2denker What we do...

Take a small REST Simple approaches for REST in smalltalk Norbert Hartl 2denker What we do...

Take a small REST Simple approaches for REST in smalltalk Norbert Hartl 2denker What we do... ...at 2denker mobile applications backend services for mobile applications backend services for b2b Why REST? there are RPC-style services (SOAP

587 views • 30 slides
219451: Web Services: Concepts, Design and Implementation Lecture 2 XML Basis XML, HTML and

219451: Web Services: Concepts, Design and Implementation Lecture 2 XML Basis XML, HTML and

219451: Web Services: Concepts, Design and Implementation Lecture 2 XML Basis XML, HTML and SGML : A big picture XML Overview DTD Parser DOM Original slides by Dr.Benchaporn Limthammaporn (blt@cs.kmitnb.ac.th) 1 Edited by Dr.Monchai

476 views • 28 slides
REST API What it means to be RESTful What is REST REST stands for REpresentational State

REST API What it means to be RESTful What is REST REST stands for REpresentational State

REST API What it means to be RESTful What is REST REST stands for REpresentational State Transfer It is neither a standard nor a protocol REST is not HTTP , although because of HTTPs prevalence and popularity the two tend to go

708 views • 11 slides
REST API Security Jamie Wallace EBSCO LearningExpress Physics 25 Years in Software Director

REST API Security Jamie Wallace EBSCO LearningExpress Physics 25 Years in Software Director

REST API Security Jamie Wallace EBSCO LearningExpress Physics 25 Years in Software Director of Software Development What is REST? Security? Solutions Implementation What is REST? Security? Solutions Implementation What is REST?

908 views • 57 slides
COMPLEX DESIGN SERVICES| PREPARATORY PHASE | IMPLEMENTATION | FM 2 HISTORY 2014 2008

COMPLEX DESIGN SERVICES| PREPARATORY PHASE | IMPLEMENTATION | FM 2 HISTORY 2014 2008

COMPLEX DESIGN SERVICES| PREPARATORY PHASE | IMPLEMENTATION | FM 2 HISTORY 2014 2008 Establishment of HESCON s.r.o. Ranked in the top 10 engineering offices 5 employees 2009 2015 Opening and moving to own office Focusing to complex

445 views • 21 slides
Encryption at Rest in ZFS Tom Caputi tcaputi@datto.com Overview of Encryption Implementation 2

Encryption at Rest in ZFS Tom Caputi tcaputi@datto.com Overview of Encryption Implementation 2

Encryption at Rest in ZFS Tom Caputi tcaputi@datto.com Overview of Encryption Implementation 2 What is Encryption? Want to prevent someone (an attacker) from accessing private data Permissions arent good enough Root user can

788 views • 20 slides
Complete+Cycle+for+Design DESIGN FABRICATE 8model 8synthesize IDEA 8mask+production+++

Complete+Cycle+for+Design DESIGN FABRICATE 8model 8synthesize IDEA 8mask+production+++

Implementation+Technologies We+can+implement a+design+with+many+different+ implementation+technologies+8 different+ implementation+technologies+offer+different+ tradeoffs HDL+Synthesis offers+an+easy+way+to+target+a+model+

395 views • 22 slides
Preparing a REST API Rules of REST APIs, API patterns, Typical CRUD operations Rules for a REST

Preparing a REST API Rules of REST APIs, API patterns, Typical CRUD operations Rules for a REST

Preparing a REST API Rules of REST APIs, API patterns, Typical CRUD operations Rules for a REST API Recall : REST Representational State Transfer o REST is statelessit has no idea of any current user state or history o API

535 views • 17 slides

More recommend