Book Image

Building a RESTful Web Service with Spring

By : Ludovic Dewailly
Book Image

Building a RESTful Web Service with Spring

By: Ludovic Dewailly

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Building a RESTful Web Service with Spring
Ludovic Dewailly
Oct, 2015 | 128 pages
No titles found
Table of Contents (17 chapters)
Building a RESTful Web Service with Spring
Building a RESTful Web Service with Spring
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
A Few Basics
A Few Basics
REST principles
The Spring Framework and REST
Our RESTful web service
Summary
2
Building RESTful Web Services with Maven and Gradle
Building RESTful Web Services with Maven and Gradle
Apache Maven
Gradle
The structure of our sample web service
Developing RESTful web services
Summary
3
The First Endpoint
The First Endpoint
The Inventory service
REST and the MVC pattern
Running the service
A few words on data representation
Summary
4
Data Representation
Data Representation
The Data-Transfer-Object design pattern
The API response format
API evolutions
Summary
5
CRUD Operations in REST
CRUD Operations in REST
Mapping CRUD operations to HTTP methods
Creating resources
Updating resources
Deleting resources
Overriding the HTTP method
Summary
6
Performance
Performance
HTTP compression
HTTP caching
Room availability
Summary
7
Dealing with Security
Dealing with Security
The booking service
Authentication
Authorization
Input validation
Encryption
Summary
8
Testing RESTful Web Services
Testing RESTful Web Services
Unit testing Spring controllers
Mocking
Testing security
Integration testing
Other forms of testing
Summary
9
Building a REST Client
Building a REST Client
The basic setup
Remote versus local clients
Handling security
Exception handling
Summary
10
Scaling a RESTful Web Service
Scaling a RESTful Web Service
Clustering
Distributed caching
Asynchronous communication
Summary
Index
Index

Handling security

In Chapter 7, Dealing with Security, we learned to apply security to RESTful endpoints. For instance, we discussed how to set up the HTTP Basic authentication for the booking service. We can expand on the previous section's example and add security handling. The next two sections illustrate how to handle both the Basic and Digest authentications.

The Basic authentication

This authentication scheme requires the Authorization header to contain the username/password pair encoded in Base64. This is easily achieved by modifying the client as follows:

public RemoteBookingServiceClient(String serviceUrl, String username, String password) {

  template = new RestTemplate();
  String credentials = Base64.getEncoder().encodeToString((username + ":" + password).getBytes());
  template.getInterceptors().add((request, body, execution) -> {
    request.getHeaders().add("Authorization", "Basic " + credentials);
    return execution.execute(request, body);
  });
}

This new constructor takes...

Previous Section
End of Section 4
Next Section