book

RESTful Java Web Services, Second Edition

by Jobinesh Purushothaman

September 2015

Intermediate to advanced

354 pages

8h 27m

English

Packt Publishing

Read now

Unlock full access

Support files, eBooks, discount offers, and moreWhy subscribe?Free access for Packt account holders
What this book covers

Downloading the example codeErrataPiracyQuestions
The REST architectural style
HTTP versionsUnderstanding the HTTP request-response modelUniform resource identifierUnderstanding the HTTP request methodsRepresenting content types using HTTP header fieldsHTTP status codesThe evolution of RESTful web services
ResourcesURIThe representation of resourcesGeneric interaction semantics for REST resourcesThe HTTP GET methodThe HTTP POST methodThe HTTP PUT methodThe HTTP DELETE methodHypermedia as the Engine of Application State
A brief overview of JSONUnderstanding the JSON data syntaxBasic data types available with JSONA sample JSON file representing employee objects
Processing JSON with JSR 353 object model APIsGenerating the object model from the JSON representationGenerating the JSON representation from the object modelProcessing JSON with JSR 353 streaming APIsUsing streaming APIs to parse JSON dataUsing streaming APIs to generate JSON
Processing JSON with Jackson tree model APIsUsing Jackson tree model APIs to query and update dataProcessing JSON with Jackson data binding APIsSimple Jackson data binding with generalized objectsFull Jackson data binding with specialized objectsProcessing JSON with Jackson streaming APIsUsing Jackson streaming APIs to parse JSON dataUsing Jackson streaming APIs to generate JSON
Processing JSON with object model APIs in GsonGenerating the object model from the JSON representationGenerating the parameterized Java collection from the JSON representationGenerating the JSON representation from the object modelProcessing JSON with Gson streaming APIsReading JSON data with Gson streaming APIsWriting JSON data with Gson streaming APIs
An overview of JAX-RS
Specifying the dependency of the JAX-RS APIUsing JAX-RS annotations to build RESTful web servicesAnnotations for defining a RESTful resource@PathSpecifying the @Path annotation on a resource classSpecifying the @Path annotation on a resource class methodSpecifying variables in the URI path templateRestricting values for path variables with regular expressionsAnnotations for specifying request-response media types@Produces@ConsumesAnnotations for processing HTTP request methods@GET@PUT@POST@DELETE@HEAD@OPTIONSAnnotations for accessing request parameters@PathParam@QueryParam@MatrixParam@HeaderParam@CookieParam@FormParam@DefaultValue@Context@BeanParam@Encoded
Mapping the path variable with Java typesMapping the request and response entity body with Java typesUsing JAXB to manage the mapping of the request and response entity body to Java objects
Setting up the environmentBuilding a simple RESTful web service application using NetBeans IDEAdding CRUD operations on the REST resource class
Specifying a dependency of the JAX-RS client APICalling REST APIs using the JAX-RS clientSimplified client APIs for accessing REST APIs
Understanding subresources and subresource locators in JAX-RSSubresources in JAX-RSSubresource locators in JAX-RS
Reporting errors using ResponseBuilderReporting errors using WebApplicationException
Mapping exceptions to a response message using ExceptionMapper
A brief introduction to Bean ValidationBuilding custom validation constraintsWhat happens when Bean Validation fails in a JAX-RS application?
Building a custom entity providerMarshalling Java objects to the CSV representation with MessageBodyWriterMarshalling CSV representation to Java objects with MessageBodyReader
Using the Expires header to control the validity of the HTTP cacheUsing Cache-Control directives to manage the HTTP cacheConditional request processing with the Last-Modified HTTP response headerConditional request processing with the ETag HTTP response headerConditional data update in RESTFul web services
Modifying request and response parameters with JAX-RS filtersImplementing server-side request message filtersPostmatching server-side request message filtersPrematching server-side request message filtersImplementing server-side response message filtersImplementing client-side request message filtersImplementing client-side response message filtersModifying request and response message bodies with JAX-RS interceptorsImplementing request message body interceptorsImplementing response message body interceptorsManaging the order of execution for filters and interceptorsSelectively applying filters and interceptors on REST resources by using @NameBindingDynamically applying filters and interceptors on REST resources using DynamicFeature
Specifying dependencies for Jersey
A quick look at the static resource configurations
What is Jersey ModelProcessor and how does it work?A brief look at the ModelProcessor interface
Formats for specifying JSON REST API hypermedia linksProgrammatically building entity body links using JAX-RS APIsProgrammatically building header links using JAX-RS APIsDeclaratively building links using Jersey annotationsSpecifying the dependency to use Jersey declarative linkingEnable Jersey declarative linking feature for the applicationDeclaratively adding links to resource representationGrouping multiple links using @InjectLinksDeclaratively building HTTP link headers using @InjectLinks
Building RESTful web service for storing imagesBuilding RESTful web service for reading images
Jersey client API for reading chunked input
Securing and authenticating web services
Building JAX-RS clients with basic authenticationSecuring JAX-RS services with basic authenticationConfiguring JAX-RS application for basic authenticationDefining groups and users in the GlassFish server
Understanding the OAuth 1.0 protocolBuilding the OAuth 1.0 client using Jersey APIsUnderstanding the OAuth 2.0 protocolUnderstanding the grant types in OAuth 2.0Building the OAuth 2.0 client using Jersey APIs
Using SecurityContext APIs to control accessUsing the javax.annotation.security annotations to control access with the Jersey frameworkUsing Jersey's role-based entity data filtering
Introduction to RESTful web services
An overview of the WADL structureGenerating WADL from JAX-RSGenerating the Java client from WADLMarket adoption of WADL
An overview of the RAML structureGenerating RAML from JAX-RSGenerating RAML from JAX-RS via CLIGenerating JAX-RS from RAMLGenerating JAX-RS from RAML via CLIA glance at the market adoption of RAML
A quick overview of Swagger's structureAn overview of Swagger APIsGenerating Swagger from JAX-RSSpecifying dependency to SwaggerConfiguring the Swagger definitionAdding Swagger annotations on a JAX-RS resource classGenerating Java client from SwaggerA glance at the market adoption of Swagger
Identifying resources in a problem domain
Understanding the difference between PUT and POST
Hypertext Application LanguageRFC 5988 – Web Linking
Including the version in resource URI – the URI versioningIncluding the version in a custom HTTP request header – HTTP header versioningIncluding the version in a HTTP Accept header – the media type versioningHybrid approach for versioning APIs
HTTP Cache-Control directiveHTTP conditional requests
A quick look at ODataURI convention for OData-based REST APIsReading resourcesQuerying dataModifying dataRelationship operations
Tools for building a JAX-RS application
Adding Arquillian dependencies to the Maven-based projectConfiguring the container for running testsAdding Arquillian test classes to the projectRunning Arquillian tests
Defining the @PATCH annotationDefining a resource method to handle HTTP PATCH requests
Transforming the JPA model in to OData-enabled RESTful web services
Packaging JAX-RS applications with an Application subclassPackaging the JAX-RS applications with web.xml and an Application subclassConfiguring web.xml for a servlet 2.x containerConfiguring web.xml for a Servlet 3.x containerPackaging the JAX-RS applications with web.xml and without an Application subclassConfiguring web.xml for the servlet 2.x containerConfiguring web.xml for the servlet 3.x container

Content preview from RESTful Java Web Services, Second Edition

Authorizing the RESTful web service accesses via the security APIs

The authorization process verifies whether the client who has requested or initiated an action has the right to do so. In this section, we will see how to use the JAX-RS APIs for authorizing incoming REST API calls from various clients.

Using SecurityContext APIs to control access

We started off this chapter by discussing how an application authenticates a user who is trying to access a secured resource. When a client accesses a secured resource, the server identifies and validates the requester, and on successful authentication, the requester is allowed to get inside the application. During this process, the underlying security framework generates a javax.ws.rs.core.SecurityContext ...