Going REST/NoXML: Embedding Jetty with Spring and JAX-RS using Apache CXF

Going REST/NoXML: Embedding Jetty with Spring and JAX-RS using Apache CXF:

For hardcore server-side Java developers, the only way to "speak" out to the world is by using APIs. Today's post is all about JAX-RS: writing and exposing RESTful services using Java.

Streaming APIs: JSON vs XML and REST is King

Streaming APIs: JSON vs XML and REST is King:

Streaming APIs are becoming more popular because of the low latency they provide. What are the common protocols and data formats of these APIs? To find out I did a simple search on APIhub, the largest repository I found for streaming APIs. Here were the results of the 104 APIs that came up… (I cut out a few of the very low-count protocols and data formats):

Web Services Are Dead -- Long Live REST

Web Services Are Dead -- Long Live REST:

Once, an endless parade of Web service protocols promised to guarantee any system could talk to any other. In the end, we got much of that interoperability via simpler means.

Why HATEOAS is not the witch to burn

Why HATEOAS is not the witch to burn:

But HATEOAS is a model that allows you to allocate to the server some of the responsibilities of your API's use cases: which are the next steps, where they are executed, whether to skip any, or to perform further redirections. HATEOAS isn't a reminescence of WS-* as much as slapping the REST label over remote procedure calls is a reminescence of RMI and CORBA (too many acronyms today!)

From database to RESTful web service to HTML5 in 10 minutes

From database to RESTful web service to HTML5 in 10 minutes:

Using NetBeans IDE 7.3, guest author and NetBeans team member Geertjan Wielenga shows us how to expose data from a database via a JAX-WS RESTful web service and how to consume the service in an HTML5 application, via a range of tools for working with HTML5, JavaScript, and CSS. All in 10 minutes.

How NOT to Design Your API.

How NOT to Design Your API.:

Recently I tweeted as a #linktuesday link the 10 Worst API Practices post from ProgrammableWeb. Today, in search of some concrete examples of APIs implementing unhelpful antipatterns, I sent out a tweet for help:

Writing REST services with JAX-RS and Spring

Writing REST services with JAX-RS and Spring:

A framework for quickly writing and deploying REST services in java. Using JAX-RS, Spring Data, Spring Integration, Hibernate.

RESTful SAML?

RESTful SAML?:

Existing brokered authentication standards such as SAML Web Browser SSO or OpenID accommodate RESTful web services for browser driven use cases. However, what about RESTful service composition patterns where identities need to be propagated across nested service invocations, or any RESTful Web service client that is not browser based for that matter? How should brokered authentication for such RESTful service calls be handled?

Securing RESTful Web Services with OAuth 2.0

Securing RESTful Web Services with OAuth 2.0:

One of the questions we get asked the most by developers and architects is: when and why would I use OAuth2? The answer, as often with such questions, is "it depends", but there are some features of OAuth2 that make it compelling in some situations, especially in systems composed of many lightweight web services, which becoming a very common architectural pattern.

How to Protect Your APIs with OAuth

How to Protect Your APIs with OAuth:

We tackle an increasingly important question in the world of APIs: Presume that you would like to create a remote API (which perhaps exposes some API is protected in such a way that: A) Only clients that you trust can access them; B) Those clients can access your API through the explicit authorization of their end-users; and C) The end-users can be authenticated with a central entity, *withouth* having to share their credentials with your API’s clients.