web server design week 15
Download
Skip this Video
Download Presentation
Web Server Design Week 15

Loading in 2 Seconds...

play fullscreen
1 / 14

Web Server Design Week 15 - PowerPoint PPT Presentation


  • 94 Views
  • Uploaded on

Web Server Design Week 15. Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein <[email protected]> 4/21/10. Representational State Transfer. HTTP is an implementation of REST http://www.ics.uci.edu/~fielding/pubs/dissertation/rest_arch_style.htm

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Web Server Design Week 15' - asha


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
web server design week 15

Web Server DesignWeek 15

Old Dominion University

Department of Computer Science

CS 495/595 Spring 2010

Martin Klein <[email protected]>

4/21/10

representational state transfer
Representational State Transfer
  • HTTP is an implementation of REST
    • http://www.ics.uci.edu/~fielding/pubs/dissertation/rest_arch_style.htm
  • REST is best understood in contrast to Remote Procedure Call (RPC) style interfaces like SOAP
    • http://en.wikipedia.org/wiki/Representational_State_Transfer
    • http://en.wikipedia.org/wiki/SOAP_(protocol)
  • The simplest explanation is RESTful URIs are nouns, and RPC URIs are verbs
    • it is not true that REST URIs do not have arguments / query strings
  • Philosophies:
    • RPC: HTTP is just a transport protocol to tunnel an application-specific protocol; other protocols (e.g., SMTP or future protocols) can be used too
    • REST (HTTP implementation): HTTP already has basic mechanisms for almost anything you need and will be around forever. Embrace it in your system design.
all you need is crud
All You Need is CRUD…

http://en.wikipedia.org/wiki/Create,_read,_update_and_delete

example design
Example Design

http://example.com/userApp?method=getUser&arg1=X&arg2=Y

http://example.com/userApp?method=addUser&arg1=X&arg2=Y

http://example.com/userApp?method=removeUser&arg1=X&arg2=Y

http://example.com/userApp?method=updateUser&arg1=X&arg2=Y

http://example.com/userApp?method=getLocation&arg1=X&arg2=Y

http://example.com/userApp?method=addLocation&arg1=X&arg2=Y

http://example.com/userApp?method=removeLocation&arg1=X&arg2=Y

http://example.com/userApp?method=updateLocation&arg1=X&arg2=Y

http://example.com/userApp?method=listUsers&arg1=X&arg2=Y

http://example.com/userApp?method=listLocations&arg1=X&arg2=Y

http://example.com/userApp?method=findLocation&arg1=X&arg2=Y

http://example.com/userApp?method=findUser&arg1=X&arg2=Y

RPC:

http://example.com/users/

http://example.com/users/{user}

(one for each user - where {user} is either the user name or the user id)

http://example.com/findUserForm

http://example.com/locations/

http://example.com/locations/{location}

(one for each location - where {location} is the location name or the location id)

http://example.com/findLocationForm

REST:

adapted from: http://en.wikipedia.org/wiki/Representational_State_Transfer

amazon s3
Amazon S3
  • “Simple Storage Service”
    • http://aws.amazon.com/s3
    • part of a family of Amazon Web Services (AWS), including “Elastic Compute Cloud (EC2)” and “Simple Queueing Service (SQS)”
  • Premise:
    • cheap, remote storage service accessible via http
    • no initial fee, no maintenance fee
    • $0.15 per GB/month storage (first 50TB)
    • $0.10 per GB transferred
    • private/public X read/write access available
core concepts
Core Concepts
  • Registration:
    • AWS access key ID
      • semantic free name space for your account
    • Secret access key
      • used to authenticate to AWS
  • Bucket
    • namespace for referencing your objects; must be globally unique
    • you can have 1-100 buckets per AWS access key
    • buckets hold 0 or more objects
  • Object
    • files (placed in buckets); up to 5GB in a single object
    • “key” is the identifier for the object placed in a bucket
access points
Access Points
  • SOAP and REST interfaces provided
  • 3 different URLs for REST access:
    • http://s3.amazonws.com/bucket/key
    • http://bucket.s3.amazonws.com/key
    • http://bucket/key
  • Where:
    • bucket = your namespace
    • key = identifier of the object in the bucket
  • For more info:
    • http://docs.amazonwebservices.com/AmazonS3/2006-03-01/VirtualHosting.html
examples
Examples:

These are the same (& real):

http://s3.amazonaws.com/doc/2006-03-01/AmazonS3.wsdl

http://doc.s3.amazonaws.com/2006-03-01/AmazonS3.wsdl

These would be the same (but not real):

http://s3.amazonaws.com/MartinKlein/Voelkl/DNX10

http://martinkleinrackets.s3.amazonaws.com/Voelkl/DNX10

http://rackets.martinklein.org/Voelkl/DNX10

authenticating to aws
Authenticating to AWS
  • Can authenticate to AWS via:
    • “Authorization” HTTP header using the AWS authentication scheme
      • cf. “Basic” & “Digest in RFC-2616
    • URL arguments
  • http://docs.amazonwebservices.com/AmazonS3/2006-03-01/RESTAuthentication.html
  • HMAC: Keyed-Hashing for Message Authentication
    • RFC-2104: http://www.ietf.org/rfc/rfc2104.txt
authentication header example
Authentication Header Example

Authorization: AWS AWSAccessKeyId:Signature

Authorization = "AWS" + " " + AWSAccessKeyId + ":" + Signature;

Signature = Base64( HMAC-SHA1(

UTF-8-Encoding-Of( YourSecretAccessKeyID, StringToSign ) ) );

StringToSign =

HTTP-Verb + "\n" +

Content-MD5 + "\n" +

Content-Type + "\n" +

Date + "\n" +

CanonicalizedAmzHeaders +

CanonicalizedResource;

CanonicalizedResource = ….

a tour of the rest api for s3
A Tour of the REST API for S3
  • http://docs.amazonwebservices.com/AmazonS3/2006-03-01/RESTAPI.html
create a bucket
Create a Bucket

# create bucket request

PUT /[bucket-name] HTTP/1.0

Date: Wed, 08 Mar 2006 04:06:15 GMT

Authorization: AWS [aws-access-key-id]:[header-signature]

Host: s3.amazonaws.com

# create bucket response

HTTP/1.1 200 OK

x-amz-id-2: VjzdTviQorQtSjcgLshzCZSzN+7CnewvHA+6sNxR3VRcUPyO5fm…

x-amz-request-id: 91A8CC60F9FC49E7

Date: Wed, 08 Mar 2006 04:06:15 GMT

Location: /[bucket-name]

Content-Length: 0

Connection: keep-alive

Server: AmazonS3

write an object
Write an Object

# put object request

PUT /[bucket-name]/[key-name] HTTP/1.0

Date: Wed, 08 Mar 2006 04:06:16 GMT

Authorization: AWS [aws-access-key-id]:[header-signature]

Host: s3.amazonaws.com

Content-Length: 14

x-amz-meta-title: my title

Content-Type: text/plain

this is a test

# put object response

HTTP/1.1 200 OK

x-amz-id-2: wc15E1LUrjDZhNtT4QZtsbtadnOMKGjw5QTxkRDVO1owwbA6Y…

x-amz-request-id: 7487CD42C5CA7524

Date: Wed, 08 Mar 2006 04:06:16 GMT

ETag: "54b0c58c7ce9f2a8b551351102ee0938"

Content-Length: 0

Connection: keep-alive

Server: AmazonS3

gdata atom rest
GData: Atom + REST
  • http://en.wikipedia.org/wiki/Atom_(standard)
  • http://code.google.com/apis/gdata/
  • http://code.google.com/apis/base/docs/2.0/attrs-queries.html
ad