REST - Representational State Transfer
1. REST is Architecture Style implementation
2. REST implemenation is based on Json Over HTTP
3. REST implemented based on simple HTTP protocol
4. REST has better scalability and performance
5. REST permits more data formats like JSON,XML etc..
6. REST emphasizes scalability of component interactions, independent deployments of components.
7. REST is design of HTTP and URI standards
8. REST is follow http methods like GET,POST,PUT,DELETE,PATCH
9. HTTP PATCH requests are to make partial update on a resource.
PUT requests also modify a resource entity so to make more clear –
PATCH method is the correct choice for partially updating an existing resource
and PUT should only be used if we are replacing a resource in it’s entirety.
10. REST impelnetations using JAX-RS and Jersy
11. Annotations of JAX-RS
@Context
Injects information into a class field, bean property, or method parameter
@CookieParam
Extracts information from cookies declared in the cookie request header
@FormParam
Extracts information from a request representation whose content type is application/x-www-form-urlencoded
@HeaderParam
Extracts the value of a header
@MatrixParam
Extracts the value of a URI matrix parameter
@PathParam
Extracts the value of a URI template parameter
@QueryParam
Extracts the value of a URI query parameter
12. HTTP Status codes
200 OK - Response to a successful REST API action. The HTTP method can be GET, POST, PUT, PATCH or DELETE.
400 Bad Request - The request is malformed, such as message body format error.
401 Unauthorized - Wrong or no authentication ID/password provided.
403 Forbidden - It's used when the authentication succeeded but authenticated user doesn't have permission to the request resource.
404 Not Found - When a non-existent resource is requested.
405 Method Not Allowed - The error checking for unexpected HTTP method. For example, the RestAPI is expecting HTTP GET, but HTTP PUT is used.
13. REST security
javax.ws.rs.core.SecurityContext interface to implement security programmatically
GET
@Produces("text/plain;charset=UTF-8")
@Path("/hello")
public String updateUser(@Context SecurityContext sc) {
if (sc.isUserInRole("admin")) return "User will be updated";
throw new SecurityException("User is unauthorized.");
}
Applying annotations to your JAX-RS classes
DeclareRoles
Declares roles.
DenyAll
Specifies that no security roles are allowed to invoke the specified methods.
PermitAll
Specifies that all security roles are allowed to invoke the specified methods.
RolesAllowed
Specifies the list of security roles that are allowed to invoke the methods in the application.
RunAs
Defines the identity of the application during execution in a J2EE container.
@Path("/helloUser")
@RolesAllowed({"ADMIN", "DEV"})
public class helloUser {
@GET
@Path("updateUser")
@Produces("text/plain")
@RolesAllows("ADMIN")
public String updateUser() {
return "User Updated!";
}
}
Updating the web.xml deployment descriptor to define security configuration
Users /user GET POST admin BASIC default admin
Thanks for viewing this post. If you like it don't forget to provide comments
This is really nice post, I found and love this content. I will prefer this, thanks for sharing. Google Scraping.
ReplyDelete