Index
A
- AccessDecisionVoter / Securing Alice's accounts
- access_decision_mgr
- access_decision_voters / Time to add security to our application
- ACID properties
- AffirmativeBased policy / Time to add security to our application
- AOP
- about / AOP from 10,000 feet, AOP is a paradigm, not a library
- crosscutting, versus hierarchical / Crosscutting versus hierarchical
- crosscutting elements / Crosscutting elements
- performance cost / Performance cost of AOP
- AOP module, Spring Python
- application, scaling
- about / Scaling our application
- single-node backend, converting into multiple instances / Converting the single-node backend into multiple instances
- round-robin dispatcher, creating / Creating a round-robin dispatcher
- client configuration, adjusting / Adjusting client configuration without client code knowing its talking to multiple node backend
- ApplicationContext
- about / Container versus Context
- features / Container versus Context
- application security
- testing / Testing application security
- app_context.py file / Creating a skeleton CherryPy app
- aspects, testing
- service, testing / Testing our service
- atomicity, ACID properties
- audit logs
- creating / Creating audit logs
- authenticate method / Coding a custom authentication provider
- authenticationProcessingFilter / Time to add security to our application
- auth_manager
- automated testing
- about / How much testing is enough?
- AutoTransactionalObject / Making transfers transactional
B
- BadCredentialsException / Coding a custom authentication provider
- Bank class / Applying transactions to non-transactional code
- BankException class / Adding overdraft protection to withdrawals
- banking application
- creating / Creating a banking application
- transactions, adding / Creating a banking application
- requisites / Requirements for a good bank
- building / Building a skeleton web application
- securing / Securing the application
- basic customer functions, building / Building some basic customer functions
- customer features, coding / Coding more features
- issues, customer features / Issues with customer features
- logs, accessing remotely / Remotely accessing logs
- audit logs, creating / Creating audit logs
- BindAuthenticator
- about / Configuring LDAP-based security
C
- CachedWikiTest method / Confirming that our service is correctly woven into the API
- caching
- adding, to Spring Python objects / Adding caching to Spring Python objects
- advisors, applying to service / Applying many advisors to a service
- CachingInterceptor
- caching service wiring in API
- caching_advisor
- cherrypy-app.py file / Creating a skeleton CherryPy app
- CherryPy framework
- cherrypySessionStrategy() / Time to add security to our application
- classic SQL issue
- about / The classic SQL issue
- code, parameterizing / Parameterizing the code
- multiple lines of query code, replacing with one line of Spring Python / Replacing multiple lines of query code with one line of Spring Python
- classic transaction issue
- about / Classic transaction issues, Getting transactions right is hard
- simplifying, @transactional used / Simplify by using @transactional
- closeAccount operation / Adding the ability to close an account
- close_account operation / Adding the ability to close an account
- coily
- plugin approach / Plugin approach of Coily
- key functions / Key functions of coily
- commands / Key functions of coily
- parts, requirements / Required parts of a plugin
- commands, coily
- --help / Key functions of coily
- --list-installed-plugins / Key functions of coily
- --list-available-plugins / Key functions of coily
- --install-plugin / Key functions of coily
- --uninstall-plugin / Key functions of coily
- --reinstall-plugin / Key functions of coily
- conn.rollback() / Creating a banking application
- connection.commit() / Creating a banking application
- connection.rollback() / Creating a banking application
- ConsensusBased policy / Time to add security to our application
- consistent, ACID properties
- context aware objects
- about / Context aware objects
- controller.py file / Creating a skeleton CherryPy app
- controller object / Building some basic customer functions
- convert_to_upper / Configuring LDAP-based security
- CORBA
- crosscutting elements, AOP
- about / Crosscutting elements
- Join point / Crosscutting elements
- Pointcut / Crosscutting elements
- Advice / Crosscutting elements
- Aspect / Crosscutting elements
- Advisor/interceptor / Crosscutting elements
- customer features, banking application
- coding / Coding more features
- main page, updating / Updating the main page with more features
- openAccount operation, redefining / Refining the ability to open an account
- closeAccount operation, adding / Adding the ability to close an account
- withdraw operation, adding / Adding the ability to withdraw money
- deposit operation, adding / Adding the ability to deposit money
- transfer operation, adding / Adding the ability to transfer money
- account history, viewing / Showing account history
- customer functions, banking application
- building / Building some basic customer functions
- custom security extension
- coding / Coding our own security extension
- custom authentication provider, coding / Coding a custom authentication provider
D
- data access layer
- testing, mocks used / Testing our data access layer with mocks
- DatabaseTemplate
- about / The Spring triangle—Portable Service Abstractions
- Portable Service Abstraction / The Spring triangle—Portable Service Abstractions
- using, for retrieving objects / Using DatabaseTemplate to retrieve objects
- queries, mapping by convention / Mapping queries by convention over configuration
- queries, mapping into dictionaries / Mapping queries into dictionaries
- tables, mapping / DatabaseTemplate and ORMs
- SQLAlchemy, using / DatabaseTemplate and ORMs
- solutions / Solutions provided by DatabaseTemplate
- set of operations / Solutions provided by DatabaseTemplate
- ORMs, working with / How DatabaseTemplate and ORMs can work together
- DatabaseUserDetailsService
- about / Configuring SQL-based security
- DefaultLdapAuthoritiesPopulator
- about / Configuring LDAP-based security
- Dependency Injection
- deposit function / Making new functions play nice with existing transactions
- deposit operation / Adding the ability to deposit money
- DictionaryRowMapper
- durable, ACID properties
E
- encoder attribute / Configuring LDAP-based security
F
- factory object / Building some basic customer functions
- FilterChainProxy / Securing the application
- filter_security_interceptor
- flight reservation system
- building / Building a flight reservation system
- booking application, building / Building a web app the fastest way
- flight_listings function / Looking up existing flights
- footer() function / Building web applications ignoring security
G
- group_role_attr / Configuring LDAP-based security
- group_search_filter / Configuring LDAP-based security
H
- header() function / Building web applications ignoring security
- html() function / Building web applications ignoring security
I
- images / Creating a skeleton CherryPy app
- index function / Building some basic customer functions
- InMemoryUserDetailsService / Time to add security to our application
- installation
- Spring Python / Installing Spring Python
- invocation.proceed()
- IoC
- production code, swapping / Swapping production code with test doubles
- about / More about Inversion of Control
- adding, to application / Adding Inversion of Control to our application
- adding, to test / Adding Inversion of Control to our test
- debate, in dynamic languages / Debate about IoC in dynamic languages
- isloated, ACID properties
- issues
- Java code wrapping / Issues with wrapping Java code
- issues, customer features
- about / Issues with customer features
- users accounts, securing / Securing Alice's accounts
- overdraft protection, adding to withdrawals / Adding overdraft protection to withdrawals
- transfers, making transactional / Making transfers transactional
J
- Jython
K
- key functions, coily
- about / Key functions of coily
L
- lazy objects
- about / Lazy objects
- LDAP
- about / Configuring LDAP-based security
- LDAP-based security
- configuring / Configuring LDAP-based security
- LdapAuthenticationProvider
- about / Configuring LDAP-based security
- log method / Creating audit logs
M
- message parameter / Building some basic customer functions
- mocks
- multiple security providers
- benefits / Using multiple security providers is easy
- using / Using multiple security providers is easy
- users, migrating from old to new login system / Migrating from an old security solution to a new one
- multiple user communities, supporting / Supporting multiple user communities
- redundant security access, providing / Providing redundant security access
N
- new security requirements
- handling / Handling new security requirements
- authentication, confirming / Authentication confirms "who you are"
- authorization, confirming / Authorization confirms "what you can do"
O
- ObjectContainer
- about / Container versus Context
- ApplicationContext / Container versus Context
- features / Container versus Context
- Object Relational Mappers (ORMs)
- about / Adding in some useful templates
- openAccount function / Building some basic customer functions
- open_account operation / Refining the ability to open an account
- ORMs
- about / DatabaseTemplate and ORMs
- DatabaseTemplate, working with / How DatabaseTemplate and ORMs can work together
- OwnerVoter / Securing Alice's accounts
P
- parts, coily
- requisites / Required parts of a plugin
- __init__.py file / Required parts of a plugin
- plugin_path, __init__.py file / Required parts of a plugin
- name, __init__.py file / Required parts of a plugin
- PasswordComparisonAuthenticator / Configuring LDAP-based security
- password_attr_name attribute / Configuring LDAP-based security
- password_encoder / Time to add security to our application
- PerformanceInterceptor
- perf_advisor
- post processor objects
- about / Post processor objects
- programmatic transactions
- about / Programmatic transactions
- IoC container, configuring with / Configuring with the IoC container
- IoC container, configuring without / Configuring without the IoC container
- advantages / @transactional versus programmatic
- disadvantages / @transactional versus programmatic
- properties, transactions
- atomicity / Transactions and their properties
- consistent / Transactions and their properties
- isolated / Transactions and their properties
- durable / Transactions and their properties
- property driven objects
- about / Property driven objects
- prototype-scoped object
- about / Scoped objects
- ProxyFactoryObject
- Pyro
- Pyro library
- PyroProxyFactory / Making our application distributed without changing the client
- PyroServiceExporter / Adjusting client configuration without client code knowing its talking to multiple node backend, Remotely accessing logs
R
- raw_history / Remotely accessing logs
- redirectStrategy() / Time to add security to our application
- RegexpMethodPointcutAdvisor
- Remote Method Invocation (RMI)
- RoleVoter / Securing Alice's accounts
- ROLE_CUSTOMER / Securing Alice's accounts
- role_prefix / Configuring LDAP-based security
- RoundRobinDispatcher class / Creating a round-robin dispatcher
S
- scoped objects
- about / Scoped objects
- singleton-scoped object / Scoped objects
- prototype-scoped object / Scoped objects
- security
- requisites / Problems with coding security by hand
- issues / Problems with coding security by hand
- authentication, confirming / Authentication confirms "who you are"
- authorization, confirming / Authorization confirms "what you can do"
- testing / Testing application security
- SecurityContextHolder / Authorization confirms "what you can do", Accessing security data from within the app
- security data
- accessing, within app / Accessing security data from within the app
- security_advisor
- service attribute / Making our application distributed without changing the client
- service method / Making our application distributed without changing the client
- service_host attribute / Making our application distributed without changing the client
- service_port attribute / Making our application distributed without changing the client
- simple application, converting into distributed application
- about / Converting a simple application into a distributed one on the same machine
- service, fetching from IoC container / Fetching the service from an IoC container
- client, creating / Creating a client to call the service
- without, changing the client / Making our application distributed without changing the client
- SimpleRowMapper
- simple SQL query
- writing, Python's database API used / The classic SQL issue
- singleton-scoped object
- about / Scoped objects
- skeleton CherryPy app
- creating / Creating a skeleton CherryPy app
- skeleton web application, banking application
- building / Building a skeleton web application
- Spring Java application
- migrating, to Python / Migrating a Spring Java application to Python
- SpringJavaConfig / Migrating a Spring Java application to Python
- Spring Python
- for Python developers / Spring Python for Python developers
- for Java developers / Spring Python for Java developers, Installing from a pre-built binary download
- extending / Extending Spring Python
- installing / Installing Spring Python
- user community / Spring Python community, Summary
- Dependency Injection mechanism, using / Dependency Injection a.k.a. the Hollywood principle
- ObjectContainer / Container versus Context
- lazy objects / Lazy objects
- scoped objects / Scoped objects
- property driven objects / Property driven objects
- post processor objects / Post processor objects
- context aware objects / Context aware objects
- automated testing / How much testing is enough?
- Portable Service Abstractions / The Spring Triangle—Portable Service Abstractions
- ACID properties, defining / How Spring Python lets us define a transaction's ACID properties
- integrating, with Java application / Moving from sample Python data to real Java data, Summary
- Spring Python, for Java developers
- Spring Python, for Python developers
- about / Spring Python for Python developers
- non-invasive nature, exploring / Exploring Spring Python's non-invasive nature
- templates, adding / Adding in some useful templates, Spring Python for Java developers
- Spring Python installation
- about / Installing Spring Python
- environment, setting up / Setting up an environment for Spring Python
- installing, from binary / Installing from a pre-built binary download
- installing, from source / Installing from source
- Spring Python objects
- caching, adding / Adding caching to Spring Python objects
- Spring Python Security
- challenges / Some of the challenges with Spring Python Security
- references / Some of the challenges with Spring Python Security
- Spring Python’s AOP module
- Spring triangle
- SpringWikiController / Authorization confirms "what you can do"
- SQL
- about / The classic SQL issue
- SQL-based security
- configuring / Configuring SQL-based security
- SQLAlchemy / DatabaseTemplate and ORMs
- statistics method / Swapping production code with test doubles
- stubs
T
- @transactional
- advantages / @transactional versus programmatic
- disadvantages / @transactional versus programmatic
- @transactional decorator
- about / Simplify by using @transactional
- threading.local() / Accessing security data from within the app
- TransactionManager / Making transfers transactional
- transactions
- properties / Transactions and their properties
- about / Transactions and their properties
- propagation / Transactions and their properties
- new functionality, adding / Making new functions play nice with existing transactions
- applying, to non-transactional code / Applying transactions to non-transactional code
- testing / Testing your transactions
- TransactionTemplate
- about / More about TransactionTemplate
- transfer function / Simplify by using @transactional
- transfer method / Simplify by using @transactional
- transfer operation / Adding the ability to transfer money
U
- UnanimousBased policy / Time to add security to our application
- user community, Spring Python
- about / Spring Python community, Summary
- userPassword attribute / Configuring LDAP-based security
- user_details_service
V
- view.py file / Creating a skeleton CherryPy app
W
- web application
- building / Building web applications ignoring security
- high level view / Looking at our web application from 10,000 feet
- security features, adding / Time to add security to our application
- WikiService / Swapping production code with test doubles
- wiki_service
- security_advisor / Applying many advisors to a service
- perf_advisor / Applying many advisors to a service
- caching_advisor / Applying many advisors to a service
- withdraw function / Making new functions play nice with existing transactions
- withdraw operation / Adding the ability to withdraw money