Scribd Logo
Загрузить

Добро пожаловать в Scribd!

  • CON7844 RESTful Web Services and Oracle Database

    Загружено:

    suchai
    46 просмотров16 страниц
    Oracle Openworld CON7844 RESTful Web Services and Oracle Database

    Авторское право

    © © All Rights Reserved

    Доступные форматы

    PPTX, PDF, TXT или читайте онлайн в Scribd

    Этот документ был вам полезен?

    Это неприемлемый материал?

    Пожаловаться на этот документ
    Oracle Openworld CON7844 RESTful Web Services and Oracle Database

    Авторское право:

    © All Rights Reserved
    Скачайте в формате PPTX, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    46 просмотров16 страниц

    CON7844 RESTful Web Services and Oracle Database

    Загружено:

    suchai
    Oracle Openworld CON7844 RESTful Web Services and Oracle Database

    Авторское право:

    © All Rights Reserved
    Скачайте в формате PPTX, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    из 16

    RESTful Services & Oracle

    Database
    Oracle RESTful Data Services

    Colm Divilly
    Consulting Member of Technical Staf
    Oracle Database Tools
    September, 2014

    Copyright 2014, Oracle and/or its affiliates. All rights reserved. |

    Safe Harbor Statement


    The following is intended to outline our general product direction. It is
    intended for information purposes only, and may not be incorporated
    into any contract. It is not a commitment to deliver any material, code,
    or functionality, and should not be relied upon in making purchasing
    decisions. The development, release, and timing of any features or
    functionality described for Oracles products remains at the sole
    discretion of Oracle.

    Copyright 2014, Oracle and/or its affiliates. All rights reserved. |

    Program Agenda
    1

    Oracle REST Data Services Overview

    New Features

    Filtering REST Collections

    Oracle NoSQL Database Support

    Securing RESTful Services

    Copyright 2014, Oracle and/or its affiliates. All rights reserved. |

    Oracle REST Data Services


    Overview

    Declaratively transform database data into


    JSON, and other Web interchange formats, and
    expose that data over HTTP with strong support
    for key principals of the REST style.
    Uniform Methods: GET, POST, PUT, DELETE, PATCH
    Hyperlinks As The Engine of Application of Application State
    (HATEOAS)
    Entity Tags, Conditional Operations, Optimistic Locking
    Secured with Industry Standard protocols: HTTPS, OAuth 2.0
    Copyright 2014, Oracle and/or its affiliates. All rights reserved. |

    New Features
    New JSON format
    Based on JSON Schema.
    All Oracle products converging on same syntax.
    Improved Standalone Mode
    Uses Jetty instead of Grizzly.
    HTTPS support.
    Well Proven
    Copyright 2014, Oracle and/or its affiliates. All rights reserved. |

    New Features
    Much Improved Install
    java -jar ords.w ar, sets everything up, db connections,
    db schema install, launch standalone
    Get to fully installed and configured ORDS in
    minutes.
    Expose tables and views as REST collections with a
    couple of clicks in SQL Developer.
    Copyright 2014, Oracle and/or its affiliates. All rights reserved. |

    New Features
    Filter and project within REST collections.
    Protect REST Endpoints with OAuth 2.0 & first party
    cookie based authentication.

    Copyright 2014, Oracle and/or its affiliates. All rights reserved. |

    Oracle NoSQL Database Support

    Expose NoSQL Tables as JSON REST


    Collections
    Supports CRUD operations on tables
    Supports query on tables
    Secure access in same manner as other
    ORDS REST Services
    Copyright 2014, Oracle and/or its affiliates. All rights reserved. |

    REST Collection Filtering

    Filter resource collections using a JSON


    based syntax
    Sub select specific items in the collection
    Project subset of columns in the collection
    Modify ordering of items in the collection
    Copyright 2014, Oracle and/or its affiliates. All rights reserved. |

    Securing RESTful Services: OAuth 2.0

    OAuth 2.0 is an industry standard protocol for


    controlling third party access to REST APIs.
    The short version:
    Registered third party apps use an
    access token to prove they are
    authorised by a user to make access on
    the user's behalf.
    Copyright 2014, Oracle and/or its affiliates. All rights reserved. |

    Securing RESTful Services: OAuth 2.0

    3 Steps:
    Register client application
    Start Approval Flow, approve
    access
    Submit request with access token
    Copyright 2014, Oracle and/or its affiliates. All rights reserved. |

    Securing RESTful Services: Cookie Auth


    For first party applications only! Meaning the first party application
    MUST reside on the same origin as the REST API, so that the
    browser's 'Same Origin' Policy applies.
    Third party origins are NOT permitted to use Cookie Auth, and we
    specifically prevent 3rd party origins using Cookie Auth, because of
    the security risks involved.
    Cookies are ALWAYS sent by the browser, this is what makes webapps susceptible to Cross Site Request Forgery (CSRF) attacks. OAuth
    access tokens are not sent automatically, the client needs to
    manually add the token to each request, this prevents CSRF attacks.
    Copyright 2014, Oracle and/or its affiliates. All rights reserved. |

    Oracle REST
    Data Services
    Questions & Answers?

    Copyright 2014, Oracle and/or its affiliates. All rights reserved. |

    Copyright 2014, Oracle and/or its affiliates. All rights reserved. |

    Вам также может понравиться