Book Image

Building a RESTful Web Service with Spring

By : Ludovic Dewailly
Book Image

Building a RESTful Web Service with Spring

By: Ludovic Dewailly

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Building a RESTful Web Service with Spring
Ludovic Dewailly
Oct, 2015 | 128 pages
No titles found
Table of Contents (17 chapters)
Building a RESTful Web Service with Spring
Building a RESTful Web Service with Spring
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
A Few Basics
A Few Basics
REST principles
The Spring Framework and REST
Our RESTful web service
Summary
2
Building RESTful Web Services with Maven and Gradle
Building RESTful Web Services with Maven and Gradle
Apache Maven
Gradle
The structure of our sample web service
Developing RESTful web services
Summary
3
The First Endpoint
The First Endpoint
The Inventory service
REST and the MVC pattern
Running the service
A few words on data representation
Summary
4
Data Representation
Data Representation
The Data-Transfer-Object design pattern
The API response format
API evolutions
Summary
5
CRUD Operations in REST
CRUD Operations in REST
Mapping CRUD operations to HTTP methods
Creating resources
Updating resources
Deleting resources
Overriding the HTTP method
Summary
6
Performance
Performance
HTTP compression
HTTP caching
Room availability
Summary
7
Dealing with Security
Dealing with Security
The booking service
Authentication
Authorization
Input validation
Encryption
Summary
8
Testing RESTful Web Services
Testing RESTful Web Services
Unit testing Spring controllers
Mocking
Testing security
Integration testing
Other forms of testing
Summary
9
Building a REST Client
Building a REST Client
The basic setup
Remote versus local clients
Handling security
Exception handling
Summary
10
Scaling a RESTful Web Service
Scaling a RESTful Web Service
Clustering
Distributed caching
Asynchronous communication
Summary
Index
Index

Encryption

The most common form of encryption used to secure web services and the web in general is HTTPS. Unlike HTTP, which exchanges data between servers and clients in plain text, HTTPS encrypts the content of requests and responses so that they appear opaque to anyone listening on the network.

The literature on HTTPS is vast and readily available. In addition, support for HTTPS in software packages and hardware that is typically used in web services deployments is abundant. For these reasons, this section will not delve further into the details of using HTTPS. With the exception of building URLs for redirection, the use of a secure communication protocol has little impact on the implementation of a RESTful web service.

Storing sensitive data

In the event of a system being compromised, another point of encryption that is essential is in the persistence layer. As mentioned earlier in this chapter, it is good practice to encrypt passwords in the database, so that even if the database gets...

Previous Section
End of Section 6
Next Section