Save 37% off PRO during our Black Friday Sale! »

jsr356-devoxxma-2016

 jsr356-devoxxma-2016

18b9001fd20c1e089d19f4a1e994bcdc?s=128

Mahmoud Ben Hassine

November 06, 2016
Tweet

Transcript

  1. Production-ready chat server in 10 minutes with the Java API

    for WebSocket (JSR 356) Mahmoud Ben Hassine @b_e_n_a_s https://benas.github.io #jsr356-DevoxxMA
  2. Introduction #jsr356-DevoxxMA 2 @b_e_n_a_s

  3. Agenda • Introduction • Overview of WebSockets • Overview of

    JSR 356: Java API for WebSocket • Tyrus in action • Advanced topics • Monitoring • Security • Performance & Scalability • Handling disconnections #jsr356-DevoxxMA 3 @b_e_n_a_s
  4. WebSockets overview #jsr356-DevoxxMA 4 @b_e_n_a_s

  5. WebSockets overview • WebSocket: full-duplex communication channel over a single

    TCP connection • Protocol: defined by the IETF in RFC 6455 • API: defined by the W3C in Web IDL
 #jsr356-DevoxxMA 4 @b_e_n_a_s
  6. WebSockets overview • WebSocket: full-duplex communication channel over a single

    TCP connection • Protocol: defined by the IETF in RFC 6455 • API: defined by the W3C in Web IDL
 • Use cases: • chat/social apps • Real time games • Real time collaboration apps #jsr356-DevoxxMA 4 @b_e_n_a_s
  7. JSR 356 overview #jsr356-DevoxxMA 5 @b_e_n_a_s

  8. JSR 356 overview • Part of Java EE 7 #jsr356-DevoxxMA

    5 @b_e_n_a_s
  9. JSR 356 overview • Part of Java EE 7 •

    Annotated and Programmatic ways to define websocket endpoints #jsr356-DevoxxMA 5 @b_e_n_a_s
  10. JSR 356 overview • Part of Java EE 7 •

    Annotated and Programmatic ways to define websocket endpoints • Event-driven: @OnOpen, @OnClose, @OnMessage #jsr356-DevoxxMA 5 @b_e_n_a_s
  11. JSR 356 overview • Part of Java EE 7 •

    Annotated and Programmatic ways to define websocket endpoints • Event-driven: @OnOpen, @OnClose, @OnMessage • Encoders/Decoders, Path/Query parameters handling #jsr356-DevoxxMA 5 @b_e_n_a_s
  12. JSR 356 overview • Part of Java EE 7 •

    Annotated and Programmatic ways to define websocket endpoints • Event-driven: @OnOpen, @OnClose, @OnMessage • Encoders/Decoders, Path/Query parameters handling • Integration with Java EE technologies #jsr356-DevoxxMA 5 @b_e_n_a_s
  13. JSR 356 overview • Part of Java EE 7 •

    Annotated and Programmatic ways to define websocket endpoints • Event-driven: @OnOpen, @OnClose, @OnMessage • Encoders/Decoders, Path/Query parameters handling • Integration with Java EE technologies • Reference implementation: https://tyrus.java.net #jsr356-DevoxxMA 5 @b_e_n_a_s
  14. Agenda • Introduction • Overview of WebSockets • Overview of

    JSR 356: Java API for WebSocket • Tyrus in action • Advanced topics • Monitoring • Security • Performance & Scalability • Handling disconnections #jsr356-DevoxxMA 6 @b_e_n_a_s
  15. Agenda • Introduction • Overview of WebSockets • Overview of

    JSR 356: Java API for WebSocket • Tyrus in action • Advanced topics • Monitoring • Security • Performance & Scalability • Handling disconnections #jsr356-DevoxxMA 7 @b_e_n_a_s
  16. Monitoring Server side monitoring through JMX (number of open sessions,

    messages count, etc) // Endpoint-level monitoring: serverProperties.put(
 APPLICATION_EVENT_LISTENER,
 new SessionlessApplicationMonitor() ); // Session-level monitoring: serverProperties.put(
 APPLICATION_EVENT_LISTENER,
 new SessionAwareApplicationMonitor() ); #jsr356-DevoxxMA 8 @b_e_n_a_s
  17. Security (server side) #jsr356-DevoxxMA 9 @b_e_n_a_s

  18. Security (server side) #jsr356-DevoxxMA 9 @b_e_n_a_s

  19. Security (server side) • Use "wss" protocol
 #jsr356-DevoxxMA 9 @b_e_n_a_s

  20. Security (server side) • Use "wss" protocol
 • Use servlet

    security mechanisms (chapter 8 of the spec)
 #jsr356-DevoxxMA 9 @b_e_n_a_s
  21. Security (server side) • Use "wss" protocol
 • Use servlet

    security mechanisms (chapter 8 of the spec)
 • Set maximal number of open sessions
 (per application, per remote address, per endpoint) #jsr356-DevoxxMA 9 @b_e_n_a_s
  22. Security (client side) #jsr356-DevoxxMA 10 @b_e_n_a_s

  23. Security (client side) // use HTTP authentication clientProperties().put( ClientProperties.CREDENTIALS,
 new

    Credentials("user", "pwd")
 ); #jsr356-DevoxxMA 10 @b_e_n_a_s
  24. Security (client side) // use HTTP authentication clientProperties().put( ClientProperties.CREDENTIALS,
 new

    Credentials("user", "pwd")
 ); // Enable SSL SslContextConfigurator scc = new SslContextConfigurator(); scc.setTrustStoreFile("..."); scc.setTrustStorePassword("..."); SslEngineConfigurator sec = new SslEngineConfigurator(ssc, true, false, false); clientProperties().put(
 ClientManager.SSL_ENGINE_CONFIGURATOR, sec); #jsr356-DevoxxMA 10 @b_e_n_a_s
  25. Performance and Scalability #jsr356-DevoxxMA 11 @b_e_n_a_s

  26. Performance and Scalability • WebSocket performance testing is tricky: •

    File Descriptor limits • Ephemeral Port limits #jsr356-DevoxxMA 11 @b_e_n_a_s
  27. Performance and Scalability • WebSocket performance testing is tricky: •

    File Descriptor limits • Ephemeral Port limits • Clustering web socket servers is challenging: • How to talk to another session directly ? • JSR 356 API is not very friendly in regards to clustering..
 => sticky sessions +distributed cache + load balancer ? #jsr356-DevoxxMA 11 @b_e_n_a_s
  28. Performance and Scalability • WebSocket performance testing is tricky: •

    File Descriptor limits • Ephemeral Port limits • Clustering web socket servers is challenging: • How to talk to another session directly ? • JSR 356 API is not very friendly in regards to clustering..
 => sticky sessions +distributed cache + load balancer ? • Common practice: broadcast (mass-notification) • Might require mode application code (proper handling on client side) • More bandwidth usage #jsr356-DevoxxMA 11 @b_e_n_a_s
  29. Handling disconnections Automatic client reconnection ClientManager.ReconnectHandler { long getDelay(); boolean

    onConnectFailure(Exception exception); boolean onDisconnect(CloseReason closeReason); } #jsr356-DevoxxMA 12 @b_e_n_a_s
  30. Thank you! • slides: http://speakerdeck.com/benas/jsr356-devoxxma-2016 • code: http://github.com/benas/web-socket-lab #jsr356-DevoxxMA @b_e_n_a_s