Bestand wählen
Merken

Ember & SOA: Stumbling towards SOA

Zitierlink des Filmsegments
Embed Code

Automatisierte Medienanalyse

Beta
Erkannte Entitäten
Sprachtranskript
if you look on language and a lot and the
the Hi
everybody today I'm talking about Amber and SOA and this is the cover ways that you might adapt Inbar into a service-oriented architecture type of an environment in some ways I think a better talk a better title for this talk is stumbling Towards as the story of cloud each are and the reason this is a better title I think is that as a way isn't a specification there's not an RFC that you can read and go implement it's more of a way of thinking about designing applications and systems of applications and the decisions that you make are going to be highly dependent on what your requirements are and what you hope to get out of it so this is the story of some things that I've done and singles that I've set and the ways that I worked to meet those calls is really the story of me taking had an app that looks kind like this
big monolithic rails and turning it into a collection of apps that all work together to reach the same goal
so here's what we look at today where you
look at 1 of the 1st steps that you need to take to get started doing SOA with and perhaps other Morgan look at how authentication works in this type of environment and then finally we're gonna look at how you deploy these things out into alive environment but of course we actually start counting at 0 and we need a little bit of context and talk about Goals and Requirements the 1st will that about me my name is Jeremy Green I hear some things that I meant
to drumming encoding entrepreneurship photography brewing I am also 1 of the organizers of the OK ruby Group here's some ways that you can contact me and you have any questions or criticisms of this feel free tweak near e-mail me of any check out my website or to let so planets the is an
HTR photo-processing automation app and waits the odds stands for is high dynamic range and high that dynamic range is that measurement between the lightest part of a scene and the darkest part of a scene when you're taking a photo knowing that really is an all informative so better question is quite age the and the reason that you wanted HTR is because we take a photo you really don't want either 1 of these the 1 on the left is kind of overexposed the sky but the foreground and the ground looks great but then the 1 on the right style looks nice but foreground is underexpose his very dark so instead you would end up with something like that's where everything is exposed well in the
sky and on the ground and you've got a lot of detail but really good color so the is a process for taking a series of less than optimal photos and combining them into something that's a little more attractive so 1st thing when you talk about a square the Goals and Requirements of moving into an SOA environment for me my main goal is to have small focused apps I won't have little tiny apps that I could test well they didn't have a lot of the concern was leaking from part to part when they have single sign-on and single sign users and I want to minimize code duplication in particular I didn't wanna have to build sign forms into each 1 of my amber apps only support a variety of apps service types I need some that adjusts the NOL rails and some that would be absence that have a mashup of rails out with ember on top of it and I wanted to be friendly to people and robots so the 1st step is getting started but it's
really pretty much a walk in the park 1st thing you do is you start up a local service you know my
case amusing rails I built the very simple rails app that is just a Jason API and then you can figure amber data to know how to find that so you know just a new rest adapter your setting the host to the whatever your the location that services of better than hard-coding and I like to rely on
environment variables to hold the information about where to look so for local development you could just exported or maybe set up a body in the file and then you're gonna configure your build tools to allow you to pull from that environment variable to set up your host It's worth noting that you need to
be careful about response codes for Jason requests but you wanna be sure that you send meaningful response codes and aren't just issuing a redirect to some other place the reason for that is that within Ajax requests it can't follow the redirect and so if you issued a redirect you have to have some code in there that expect inspects the response though check to see if it's 3 0 2 if so you might need to inspected the location it's trying to redirect you to for some you or else you might want to actually follow the redirection for other you where else you might not want to add but little messy it's better if you can use 4 1 on so that your code can respond to it easily and from there you pretty much just proceed as normal of four year in graph you're going to do all the normal stuff set routs controllers models components templates because just a normal development cycle so congratulations once you get that far you're now doing it so it so the next bit as authentication and this comes into play really pretty
early because you to get very far down the road before it becomes important to know which user is interacting with the system so that you can in my case associate the photos that they upload with their account and keep them separate from photos the uploaded by other users so we can look at how login with Facebook works to get an idea of how to do this and it's not that we're gonna use login with Facebook to handle authentication for it's just that that's a a method that people are pretty familiar with in terms of distributed authentication when you enable login with Facebook for your site you not asking somebody to give you an e-mail and password in order to log in you don't get back to Facebook and what Facebook figure out what's the e-mail address is the password correct and then they just get redirected back to your site as that uses and so we can use the same technology that Facebook users and that's a lot
and off is an open standard for delegated authorization this is what powers most of the login with whatever options EC anywhere on the web whether it's log Twitter along and get along and the Facebook etc. so let's take a brief look at how off works
and this'll be an intro if you're not familiar with that or if you have seen this before will be very brief review so let's say that you got a client who wants to get some things on the web they
should get to some protected resource on your server and your services wait you need to be loved and see this I can't lacy just yet so instead of sending him to up the sign on page what happens is that they get a redirect browser does restless 1st do follows the redirect and you end up at the off providers though off provider this point is gonna ask you sign in by sending a sign-in page this is displayed in the browser the user can fill out the form do what they need to do then eventually that forms can get posted that go off provided the provider is going to verify the credentials and if everything works and the user is able to login then no off providers in a redirect back to the original service and then at that point the services you know OK this person is logged in and I can show them this top secret information so here between the service and no off provider is where what happens and these diagrams are very simplified their lotta redirects happening in there that I'm not showing just because it's time outside the scope of this discussion if you should know about how it works it looks something kind a like this not really of I'll be speaking at rails Conf next month about a service-oriented authentication well going to some more details about how all this off stuff works if you're interested so the next thing you know is how does EMBA interact with off
and the answer is that were just basically doing regular offsetting obsession based authentication for Jason API services so this looks a little something like this the client is the issue of of get to
the emperor application application is guest returning Barack that's going get loaded up in the browser at this point you could opt to give the user loading message or you were logging UN message something that lets them know what's happening at that point then Barack will try to retrieve some data from the API provided and the provider will return for 1 on off right saying this user is not allowed to access this resource so at that point the EMBA at will redirect to a specific URL on the API service that is responsible for setting up the authentication at that point the API is in redirects again to the off provider where again though a providers and eventually deliver to the browser just assign informed ask the user to sign once the users fill out the form and posted that active though off provider but again the redirect is going to happen they're gonna get returns to the API which will then start the session love and then and then eventually redirect back to the Amber app this A-B loaded in the browser and then at this point the user can interact with the act as normal data requests to and from the API service will work because it's all happening within a session so what is the code look like for the at
they're really only 2 bits of this 1st is just retrieve some data it to be some data that you try to retrieve immediately as soon as the app is ready like trying to get a user record or it could just be normal data retrieval it needs to happen within Iraq based on whatever rout the users trying to hit the next that is just new handle authorization errors so the 1st bit is pretty easy and the way I do is
when have that is ready I just try to get information about who is the current user I do this by registering a ready function in my application create method that just gets a hold of that data store just look up the user by ID and and if it finds it then it such that in a variable on that handling authorization errors is also pretty easy inside
of me where set up you rested or your application application after and I'm extending off of the EMBA data rested after of I just register custom Ajax error function and what this function does is anytime there's an Ajax it's going inspect the J. query XH R object that comes back look to see if the status codes for 1 and if so then it builds a new location that is the URL for the authentication point on API service and that's the set document or location to be the new location and that achieves the redirect another way that you might go about this is using
token-based authentication I have to say that I haven't actually implemented this yet it's something I've started to toy with and have run a couple of local test by having deployed it so where your mileage may vary on how all this works for you so the basic patterns can happen here
is again the clients discrete request and Braque them graphs can get loaded in the browser and start working from their them rabbits in a check in the local store to see if there's an authentication token it can use since were seeing that the user is not signed and yet at this point there's no poker so then then Bratton the perhaps is to redirect them to the off provider itself at this point worst skipping a step of redirecting to the API service 1st respond directly to the 0 off provider though offer writers again the return a please sign in page that's going to form for the user to fill out once the user has completed the form and its straight sign and they're with Simon but it's going go back the off writer and at this point they're gonna be redirected again hearing this redirect sequence had though offer writer could write the token into the local store so that it's been available for the Amber the browsers to follow that redirect and that back at the it's the loading the browser start working at this point then Braque when it looks to find an authentication token in local store it'll find it and at that point they can send to get to the API service to retrieve from data at this point the API service needs to off indicate that token to make sure that it's a balance so it's going to send a request to though are provided to verify OK assuming that it's a valid token offer writers to respond with 200 OK and then that's going to tell the API service that it's OK to allow the you see that data thus the overview of how token-based authentication work so the next that is
leaving local host and this is all about how do you deployed this stuff off of your development machine and into a life environment and there are a couple of tricky things that come up here that you don't encounter when you're just developing locally they you need to know about when you go to deploy these are all cross-domain issues I'm posting each of my services at a subdomain of my main domain and by default some things just don't work across subdomains unless you take steps to allow them to work so the 1st thing I ran into was that
I would see this in the network tab where it would say that a request had been canceled so I don't really know what that meant and confoundingly when I went to look at my rails consul I would
see that the request had made it to the API service API service done what it needed to do in return 200 OK as far as a server was concerned everything's fine after just a little bit head-scratching I finally remembered I should check the
JavaScript script consul 10 I found a message about the request not being allowed by the access control our origins luckily there's a good tool that allows us to fix this problem it's called course not that it's cross origin resource sharing and
what this is is just a way that allows a site tell browsers that it's willing to provide content and services to other sites in rails this is really easy to set up the the gem called rack costly and your
gem file and then an application be you do just a little bit of configuration to tell it which origin domains are allowed what resources they're allowed to access with what headers and with what methods so once you do that in
response headers you'll see a bunch of new headers they get set all these relate to access control and when you have that then will start to allow your request were if you wanted to make a public
open API that doesn't need authentication you might do something like this for your course settings that just tells it allow any headers and you probably only 1 just to get you probably really don't wanna do this you don't want to allow any methods on any resource for many domains but if you think that you need to do this I would encourage you learn about cross-site scripting and realize why this might be a bad idea maybe you do need to do it but if you do you can indeed take some other precautions to make sure that you don't have some unintended consequences so the next thing I ran into is the Ajax cooking problem
and what it looks like is that's the
request will be sent by the browser but it would return for 1 unauthorized confusingly if I click on that you are l there that was trying to get it would open up in the browser and would show me that it had returned and J. of this can be very
confusing until you understand that by default J. query does not send cookies
with Ajax requests and so this prevents the session based authentication from working of and it's only within a judge quests if you make the same request in the browser just the work because the cookies are being sent of so J. Gray has something called with credentials that we can
use to make this work it's possible the set with credentials just on each request but that can be kind of problematic and there's not really a very clear way to do that on a request by request basis in in the data so what I've done is I've set up by Ajax prefilter that is
wrong every time J. Gray tries to make any judge request and what this does is just immediately prior to the request leaving the browser the with credentials option is set to TRUE on the X H R object very simple but once you do that it allows things work you see in the Council
that the request was made and came back and in the network that you'll see that it
worked and you can inspect the response so to wrap up things that you need to do
our understand your requirements and understand how that is going to affect the decisions that you might make from there you just set up authentication so that you can keep track of which user is doing what within the system take a few steps to ready things for deployment and then you just enjoy year SOA thanks for watching here's my contact info again and I'll season and the and the kind of thing and the and the the the the the the the occurrence of the global world the the of the and my the
Umwandlungsenthalpie
App <Programm>
Formale Sprache
Systemaufruf
Kartesische Koordinaten
Physikalisches System
Kombinatorische Gruppentheorie
Überlagerung <Mathematik>
Entscheidungstheorie
Videokonferenz
Serviceorientierte Architektur
Menge
Korrelation
Datentyp
Programmierumgebung
Streuungsdiagramm
Serviceorientierte Architektur
App <Programm>
Font
Bit
Authentifikation
Datentyp
Dienst <Informatik>
Kontextbezogenes System
Programmierumgebung
Kontextbezogenes System
App <Programm>
Web Site
Prozess <Informatik>
Freeware
Dynamik
Selbst organisierendes System
Gruppenkeim
Green-Funktion
Fastring
Spannweite <Stochastik>
Demoszene <Programmierung>
Digitale Photographie
Mereologie
Automorphismus
Brennen <Datenverarbeitung>
Einflussgröße
Mashup <Internet>
Prozess <Physik>
App <Programm>
Extrempunkt
Code
Bildschirmmaske
Digitale Photographie
Vorzeichen <Mathematik>
Typentheorie
Code
Datentyp
App <Programm>
Extremwert
Gebäude <Mathematik>
Reihe
Einfache Genauigkeit
Vorzeichen <Mathematik>
Varietät <Mathematik>
Roboter
Einfache Genauigkeit
Dienst <Informatik>
Quadratzahl
Mereologie
Single Sign-On
Kantenfärbung
Programmierumgebung
Varietät <Mathematik>
Variable
Dienst <Informatik>
Elektronische Publikation
Namensraum
Konfigurationsraum
Information
URL
Softwareentwickler
Elektronische Publikation
Programmierumgebung
Figurierte Zahl
Web Site
Bit
Facebook
Decodierung
Adressraum
Login
Term
Code
Komponente <Software>
Informationsmodellierung
Authentifikation
Digitale Photographie
Gamecontroller
Endogene Variable
Zusammenhängender Graph
Passwort
Softwareentwickler
E-Mail
Figurierte Zahl
Assoziativgesetz
Graph
Template
Routing
Endogene Variable
Login
Dreiecksfreier Graph
Codierung
Gamecontroller
Authentifikation
Facebook
URL
Modelltheorie
Normalvektor
Ordnung <Mathematik>
Autorisierung
Client
Facebook
Benutzerbeteiligung
Standardabweichung
Offene Menge
Autorisierung
Login
Konfiguration <Informatik>
Standardabweichung
Leistung <Physik>
Punkt
Browser
Interaktives Fernsehen
Vorzeichen <Mathematik>
Service provider
Homepage
Client
Bildschirmmaske
Dienst <Informatik>
Diagramm
Vorzeichen <Mathematik>
Autorisierung
Server
Authentifikation
Information
Information Retrieval
Autorisierung
App <Programm>
Fehlermeldung
Bit
Punkt
Browser
Vorzeichen <Mathematik>
Routing
Kartesische Koordinaten
Service provider
Code
Datensatz
Bildschirmmaske
Dienst <Informatik>
Code
Autorisierung
Authentifikation
URL
Normalvektor
Message-Passing
Fehlermeldung
Autorisierung
Lineares Funktional
Fehlermeldung
Punkt
Abfrage
Kartesische Koordinaten
Objekt <Kategorie>
Dienst <Informatik>
Funktion <Mathematik>
Menge
Gauß-Fehlerintegral
Codierung
Authentifikation
URL
Information
Strom <Mathematik>
Speicher <Informatik>
Fehlermeldung
Stellenring
Folge <Mathematik>
Punkt
Browser
Diskrete Gruppe
Ungerichteter Graph
Login
Service provider
Homepage
Client
Bildschirmmaske
Vorzeichen <Mathematik>
Endogene Variable
Mustersprache
Speicher <Informatik>
Gerade
Softwaretest
Stellenring
Validität
Token-Ring
Vorzeichen <Mathematik>
Summengleichung
Dienst <Informatik>
Token-Ring
Authentifikation
Videospiel
Virtuelle Maschine
Domain <Netzwerk>
Domain-Name
Dienst <Informatik>
Datennetz
Browser
Element <Gruppentheorie>
Softwareentwickler
Default
Programmierumgebung
Bit
Elektronische Publikation
Prozess <Informatik>
Gemeinsamer Speicher
Spielkonsole
Element <Gruppentheorie>
Indexberechnung
Sichtenkonzept
Inverser Limes
Quellcode
Dienst <Informatik>
Datennetz
Parametersystem
Server
Gamecontroller
Skript <Programm>
Message-Passing
Router
Domain-Name
Bit
Dienst <Informatik>
Web Site
Konfiguration <Informatik>
Browser
Browser
Content <Internet>
Web Site
Kartesische Koordinaten
Dienst <Informatik>
Elektronische Publikation
Konfigurationsraum
Offene Menge
Spielkonsole
Cookie <Internet>
Element <Gruppentheorie>
Web Site
E-Mail
Endogene Variable
Quellcode
Spezialrechner
Domain-Name
Menge
Offene Menge
Datennetz
Endogene Variable
Gamecontroller
Authentifikation
E-Mail
Retrievalsprache
Quellcode
Elektronische Publikation
Funktion <Mathematik>
Datennetz
Browser
Element <Gruppentheorie>
Browser
Cookie <Internet>
Default
Cookie <Internet>
Authentifikation
Abfrage
Default
Objekt <Kategorie>
Konfiguration <Informatik>
Funktion <Mathematik>
Browser
Cookie <Internet>
Basisvektor
Konfiguration <Informatik>
Objekt <Kategorie>
Offene Menge
Fehlermeldung
Transinformation
Datennetz
Spielkonsole
Cookie <Internet>
Element <Gruppentheorie>
Physikalisches System
E-Mail
Endogene Variable
Entscheidungstheorie
Spezialrechner
Quellcode
Weg <Topologie>
Funktion <Mathematik>
Authentifikation
Rhombus <Mathematik>
Endogene Variable
Hochvakuum
Information
Funktor

Metadaten

Formale Metadaten

Titel Ember & SOA: Stumbling towards SOA
Untertitel The story of CloudHDR
Serientitel EmberConf 2014
Autor Green, Jeremy
Lizenz CC-Namensnennung - Weitergabe unter gleichen Bedingungen 3.0 Unported:
Sie dürfen das Werk bzw. den Inhalt zu jedem legalen und nicht-kommerziellen Zweck nutzen, verändern und in unveränderter oder veränderter Form vervielfältigen, verbreiten und öffentlich zugänglich machen, sofern Sie den Namen des Autors/Rechteinhabers in der von ihm festgelegten Weise nennen und das Werk bzw. diesen Inhalt auch in veränderter Form nur unter den Bedingungen dieser Lizenz weitergeben.
DOI 10.5446/35007
Herausgeber Confreaks, LLC
Erscheinungsjahr 2014
Sprache Englisch

Inhaltliche Metadaten

Fachgebiet Informatik
Abstract A breakdown of the general architecture that was used for building CloudHdr. The entire system is composed of 3 main "service" apps, and a collection of Ember apps each aimed at a different vertical slice of user facing functionality. Topics include auth from the Ember apps to services, cross domain issues for data transfer, and handling file uploads.

Ähnliche Filme

Loading...
Feedback