Upgrade to Pro — share decks privately, control downloads, hide ads and more …

DevNexus 2015 - Spring Data REST: Data Meets Hypermedia

Greg Turnquist
March 11, 2015
Technology
1
200

DevNexus 2015 - Spring Data REST: Data Meets Hypermedia

Is an application without links really solved by an out-of-band document? Find out how Spring Data REST makes it simpler than ever to create RESTful endpoints driven by hypermedia. Also discover how to lock down your app, web page and REST endpoints, using Spring Security.

Greg Turnquist

March 11, 2015
Tweet

More Decks by Greg Turnquist

See All by Greg Turnquist
Live Coding Spring Data Queries to the End of the Persistence Universe
gregturn
0
43
SpringOne 2020 - Building Flexible APIs with Spring HATEOAS
gregturn
0
260
Scrivener 101 - Kentucky Christian Writers Conference 2017
gregturn
4
86
Self Publishing and Marketing
gregturn
6
93
Spinnaker: Land of a 100 Builds (SpringOne 2016)
gregturn
1
190
Introduction to Spring Data @ SpringOne Platform 2016
gregturn
1
190
Spinnaker: Land of a 1000 Builds - CF Summit 2016
gregturn
1
320
How to build a blog site
gregturn
0
130
Introduction to Spring Data
gregturn
1
290

Other Decks in Technology

See All in Technology
AOAI をきっかけに​ 社内の Azure 管理を見直した話​
recruitengineers
PRO
1
300
現代CSSフレームワークの内部実装とその仕組み
poteboy
7
3.6k
Gitlab本から学んだこと - そーだいなるプレイバック / gitlab-book
soudai
4
440
Databricks における 『MLOps』
databricksjapan
2
170
AWSに詳しくない人でも始められるコスト最適化ガイド
yuhta28
1
250
KubeConにproposalを送りたい人へのアドバイス
sat
PRO
3
260
レガシーをぶっ壊せ。AEONで始めるDevRelの話 / Qiita Night 2024-2-22
aeonpeople
3
1.3k
障害対応をちょっとずつよくしていくための 演習の作りかた
heleeen
0
230
推しは推せるときに推せ! プロダクトにフィードバックしていこう
nakasho
0
320
Compose Compiler Metricsを使った実践的なコードレビュー
tomorrowkey
1
220
20240418_Google ColabにLLMが搭載されたようなのでPython x データ分析の勉強方法を考えてみる
doradora09
0
140
エンジニアのキャリアをちょっと楽しくする3本の軸/Three Pillars to Make an Engineer's Career More Enjoyable
kwappa
0
2.7k

Featured

See All Featured
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
40
4.4k
How to Ace a Technical Interview
jacobian
272
22k
No one is an island. Learnings from fostering a developers community.
thoeni
16
2.1k
The Straight Up "How To Draw Better" Workshop
denniskardys
227
130k
Web Components: a chance to create the future
zenorocha
305
41k
Fireside Chat
paigeccino
21
2.6k
Done Done
chrislema
178
15k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
9
8.3k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
14
1.6k
A Tale of Four Properties
chriscoyier
151
22k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
34
8.9k
Building Flexible Design Systems
yeseniaperezcruz
319
37k

Transcript

  1. Unless otherwise indicated, these slides are © 2013-2014 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Spring Data REST: Data Meets Hypermedia
  2. None

  3. Greg Turnquist @gregturn [email protected] github.com/gregturn Roy Clarkson @royclarkson [email protected] github.com/royclarkson

  4. Recognize this?

  5. Recognize this? Is something missing?

  6. Recognize this? How about this?

  7. Recognize this? How about this?

  8. Is the answer…

  9. …this?

  10. “I am getting frustrated by the number of people calling

    any HTTP-based interface a REST API. Today’s example is the SocialSite REST API. That is RPC. It screams RPC…” –Roy Fielding http://roy.gbiv.com/untangled/2008/rest-apis-must-be-hypertext-driven

  11. –Roy Fielding http://roy.gbiv.com/untangled/2008/rest-apis-must-be-hypertext-driven “…What needs to be done to make

    the REST architectural style clear on the notion that hypertext is a constraint? In other words, if the engine of application state (and hence the API) is not being driven by hypertext, then it cannot be RESTful and cannot be a REST API. Period. Is there some broken manual somewhere that needs to be fixed?”

  12. Spring Data REST DEMO

  13. SQL GET /api

  14. SQL GET /api

  15. SQL GET /api Spring HATEOAS Spring Security Spring Framework

  16. SQL GET /api Spring HATEOAS Spring Security Spring Framework Spring

    Data

  17. What is Spring Data REST? • Leverages HYPERMEDIA & Internet

    standards • HAL (draft) • ALPS (draft) • URI Templates (RFC 6570) • text/uri-list mediatype (RFC 2483) • profile link relation (RFC 6906)

  18. Item resource

  19. Item defined in Java

  20. Gallery resource

  21. Gallery defined in Java

  22. How to get <dependency>
 <groupId>org.springframework.boot</groupId>
 <artifactId>spring-boot-starter-data-rest</artifactId>
 </dependency>
 <dependency>
 <groupId>org.springframework.boot</groupId>
 <artifactId>spring-boot-starter-data-jpa</artifactId>


    </dependency>

  23. –Greg Turnquist “It’s not real until it’s secured.”

  24. None

  25. –Rob Winch, Mr. Spring Security “Do not implement security on

    your own.”

  26. Use HTTPS

  27. Authentication

  28. Authorization

  29. Attack Vectors • XSS - Cross-Site Scripting • CSRF -

    Cross Site Request Forgery • clickjacking - User Interface redress attack • HSTS - HTTP Strict Transport Security

  30. Spring Security

  31. Security for images

  32. Security for users

  33. Security for users

  34. Tailoring data with projections

  35. Tailoring data with projections

  36. How to get <dependency>
 <groupId>org.springframework.boot</groupId>
 <artifactId>spring-boot-starter-security</artifactId>
 </dependency>
 <dependency>
 <groupId>org.springframework.security.oauth</groupId>
 <artifactId>spring-security-oauth2</artifactId>


    <version>2.0.6.RELEASE</version>
 </dependency>

  37. Spring Data REST DEMO

  38. Links • github.com/gregturn/spring-a-gram • https://github.com/royclarkson/spring-rest-service-oauth • twitter.com/springcentral • spring.io •

    spring.io/guides • spring.io/video • spring.io/questions

  39. Unless otherwise indicated, these slides are © 2013-2014 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Spring Data REST: Data Meets Hypermedia