Book Image

Building a RESTful Web Service with Spring

By : Ludovic Dewailly
Book Image

Building a RESTful Web Service with Spring

By: Ludovic Dewailly

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Building a RESTful Web Service with Spring
Ludovic Dewailly
Oct, 2015 | 128 pages
No titles found
Table of Contents (17 chapters)
Building a RESTful Web Service with Spring
Building a RESTful Web Service with Spring
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
A Few Basics
A Few Basics
REST principles
The Spring Framework and REST
Our RESTful web service
Summary
2
Building RESTful Web Services with Maven and Gradle
Building RESTful Web Services with Maven and Gradle
Apache Maven
Gradle
The structure of our sample web service
Developing RESTful web services
Summary
3
The First Endpoint
The First Endpoint
The Inventory service
REST and the MVC pattern
Running the service
A few words on data representation
Summary
4
Data Representation
Data Representation
The Data-Transfer-Object design pattern
The API response format
API evolutions
Summary
5
CRUD Operations in REST
CRUD Operations in REST
Mapping CRUD operations to HTTP methods
Creating resources
Updating resources
Deleting resources
Overriding the HTTP method
Summary
6
Performance
Performance
HTTP compression
HTTP caching
Room availability
Summary
7
Dealing with Security
Dealing with Security
The booking service
Authentication
Authorization
Input validation
Encryption
Summary
8
Testing RESTful Web Services
Testing RESTful Web Services
Unit testing Spring controllers
Mocking
Testing security
Integration testing
Other forms of testing
Summary
9
Building a REST Client
Building a REST Client
The basic setup
Remote versus local clients
Handling security
Exception handling
Summary
10
Scaling a RESTful Web Service
Scaling a RESTful Web Service
Clustering
Distributed caching
Asynchronous communication
Summary
Index
Index

Authentication

Authentication deals with ensuring that users are who they say they are. There are several approaches to authenticate users. This section will describe a few of the mechanisms provided by HTTP.

HTTP Basic authentication

This is the simplest form of authentication in the HTTP specification. It relies on a username and password combination being passed as an Authorization header to any HTTP request that mandates authentication.

When a client issues a request to an endpoint that requires authentication, the server will respond with a HTTP 401 Not Authorized response. The response will include the following header:

WWW-Authenticate: Basic realm="myRealm"

This header instructs the client that the user must be authenticated using the Basic scheme. Modern browsers will automatically prompt users for their credentials upon receiving such a response, and re-issue the request with the Authorization header. This header should contain the scheme followed by the username and password combination...

Previous Section
End of Section 3
Next Section