Accelerating Server Side Programming with Java Server Pages (JSP) Atif Aftab Ahmed Jilani.
Server-side Java Programming
-
date post
13-Sep-2014 -
Category
Technology
-
view
5.862 -
download
0
description
Transcript of Server-side Java Programming
Server-side OpenSocial Java programming
Chris Schalk, Google Developer Advocate
10/04/2009
2
Agenda
• OpenSocial Background
• OAuth Background
• OpenSocial Java Client Libraries
• 2-legged and 3-legged OAuth Access
• Connecting to a Google Friend Connect site
3 3
OpenSocial Background
4
What is OpenSocial?
“OpenSocial defines a common set of APIs based on Open Standardsfor building social applications across multiple websites”
5
What is OpenSocial?
Before OpenSocial…
6
What is OpenSocial?
Standards Based
7
What is OpenSocial?
8
Who owns OpenSocial?
?
9
Who owns OpenSocial?
?
OpenSocial is managed under the auspices of the“OpenSocial Foundation” - http://www.opensocial.org
No!
10
Who's Using it?
and many more...
11
Who's Using it?
12
OpenSocial Roadmap
• Version 0.5 was released in a “developer release” on Nov1st 2007.
• First “sandbox” was made available on Orkut
• Version 0.6 was released in December 2007• Initial version of Shindig server software was launched as Apacheincubator project• Other sandboxes came live - Hi5, Ning, Plaxo …
• Version 0.7 (production) was released in January 2008• MySpace, Hi5, Orkut began running 0.7
13
OpenSocial Roadmap
• Version v0.8/0.8.1• Released in late 2008
• Contains a RESTful protocol, RPC protocol
• OpenSocial Client Libraries launched in Dec 08
• Specification:http://www.opensocial.org/Technical-Resources/opensocial-spec-v081
14
OpenSocial 0.9 - Current
• Key Goal:
– Enable a faster development experience that is both secure andefficient
Core principles:
• Client-side and server-side processing
• Standard set of tags with extensibility model
– Example: <os:ShowPerson>
15
Where can you find info on OpenSocial?
http://wiki.opensocial.org
16 16
OAuth Background
17
OAuth 101
What is OAuth?
• A standard, open protocol for secure APIauthorization for :
– Desktop
– Web
– Mobile
• OAuth provides an API to access to secure datawhile protecting account credentials.
• More info:
http://oauth.net
18 18
OpenSocial Java client libraries
19
Introducing the OpenSocial Client Libraries
19
http://code.google.com/p/opensocial-php-client http://code.google.com/p/opensocial-ruby-clienthttp://code.google.com/p/opensocial-python-clienthttp://code.google.com/p/opensocial-java-client
A set of client libraries for that enabledirect communication to an OpenSocialserver.
• Client libraries exist for PHP, Ruby, Python and Java• Supports both REST and RPC protocols• Documentation Wiki pages• Sample applications provided
20
RESTful and RPC protocols
Sample: Using the OpenSocial client library to Fetch a user’s friends
OpenSocialClient c = new OpenSocialClient("myhost.com");
c.setProperty(OpenSocialClient.Properties.REST_BASE_URI, "http://localhost:8080/social/rest/"); try { OpenSocialPerson p = c.fetchPerson("john.doe"); System.out.println(p.getDisplayName());
Collection<OpenSocialPerson> friends = c.fetchFriends("john.doe"); for (OpenSocialPerson friend : friends) { System.out.println(friend.getDisplayName()); }
} catch (Exception e) {
}
21
Demonstration: Working with the OpenSocial Javaclient library
21
22 22
2-legged and 3-legged OAuth access
23
Demonstration: Connecting to an OpenSocialcontainer using 2-legged OAuth
23
http://code.google.com/p/opensocial-java-client/wiki/TwoLeggedOAuthJava
(2-legged)
24
Examining 2-legged OAuth access
• Does not offer universal access to the container
– Specifically tied to a single application installed on the container
– Uses hardcoded token values
• Consumer Key
• Consumer Secret
• Application security is left to the calling application
• Pros:
– Technically easy to implement
– Good for background data fetch
• Cons:
– Can only access social data associated with single application onthe container
– Security can be compromised if Consumer key/secret obtained
25
Demonstration: Connecting to an OpenSocialcontainer using 3-legged OAuth
25
http://wiki.opensocial.org/index.php?title=Social_Website_Tutorial
(3-legged)
26
Examining 3-legged OAuth access
27
Examining 3-legged OAuth access
• Offers universal access to the container
– User provides their own credentials to container to allow accessto data
• Application security is entirely under control of container
• Pros:
– Not hardcoded to specific application since user providescredentials, so access can be for anyone
• Cons:
– Always have to go through access request step
• “Doing the Dance…”
– Not meant for automated data transactions
28 28
Connecting to a Google FriendConnect Site
29
Demonstration: Connecting to Google Friend Connectfrom an independent website
29
http://plane-crazy.appspot.com
‘fcauth’ security token
30
Useful Links
OpenSocial Homepage & specification: http://www.opensocial.org
OAuth website:• http://oauth.net
2 legged OAuth tutorial (in the wiki):• http://code.google.com/p/opensocial-java-client/
3 legged OAuth tutorial: “social website tutorial”:• http://wiki.opensocial.org/index.php?title=Social_Website_Tutorial
Google Friend Connect:• http://google.com/friendconnect• http://code.google.com/apis/friendconnect
Plane Crazy example app:• http://plane-crazy.appspot.com
31
Questions
Q&A
Thank You!