Best caching techniques for rest API using spring boot - rest

Could anyone please help me to use the best caching techniques for REST API's using spring boot. Reason looking for caching is, when database goes down we should be able to retrieve the details from cache for few API's.

Related

Apache Ignite Rest API calls. (Any Ideas about Apache Ignite SDK?)

We are trying to store data from XML in Apache ignite cache, which is set up in a Kubernates cluster in Azure. We have a spring boot application, added ignite dependency, parsing the XML using jaxb to pojos and storing the data. But the ignite cache put operation is taking a lot of time. ( Because we are dealing with 500K - 1M lines of XML
As an alternative, we trying to use this REST API calls provide by ignite itself in our application. (https://apacheignite.readme.io/docs/rest-api)
My questions:
Does anybody have working example to do this in spring boot? Can it be done using Ignite SDK? (We know we can send get and put request using rest template in spring boot.)
Is it possible to send json response to this rest API? If so, How? Examples please.
Thanks for your response. Will help us a lot.
If your underlying problem is loading 1mm records is too slow, using the REST interface is not the solution. Instead, you should consider using the DataStreamer API, which is designed to ingest large amounts of data. You probably also don't need to convert your XML objects into POJO, but that's an optimisation you might not need right now.

Keep user-speciefic data in memory using Web API

We're developing REST API using Web API for a mobile client.
There is a special need to keep user specific data on server side (expensive DAL requests).
What is the best practice to do that?
The naive way is to keep the data in the Application's memory.
Considering security issues, we're thinking of using ASP.NET Session.
What would you recommend?
3rd party cloud solution is not an option.
Thanks!

Authorization and Authentication using Jersey and Spring

I'm writing a RESTfull service using jersey and Spring 3 (including spring-security), and trying to figure out how to implement authentication and authorization.
I'm new both to jersey and to Spring so it's all a bit confusing...
Users and their roles are defined in DB. (and not defined in the web.xml or in tomcat-users)
Here are my thoughts about the Authorization part:
Since my service shouldn't necessarily serve web-apps, the authorization should be done on the REST resources (and not on pages) - how do i do this? i saw there's #RolesAllowed annotation but it seems too simple, i need more logic. i think i have to somehow activate spring security from there to use the authorization capabilities they offer.
Any suggestions as to how to do this?
For the Authentication part it seems i should use spring security's AuthenticationManager, and SessionManagement but i'm not sure how to connect it to the REST API:
1. how the API that gets the authentication request should look like?
2. if Spring handles my sessions, how can i add the authorization on my REST resources?
I'd really appreciate if you could help me clear up things...
Thanks!
Sorry, but if you're at that early stage with your Spring Security know-how I must suggest you work through the excellent tutorial first. I'm sure your questions will be answered automatically and you'll learn a lot of valuable stuff along the way.

How to secure the RESTful webservices created using Springs's REST Api?

We have a Spring web application created using Spring MVC 3.0 In the same application, we have created RESTful web services using Springs's REST API.
Now we need to secure those web services. How do we do this in spring? Can we use spring security for this? If not what are the other options?
Thanks.
It really depends on the level of security you want to impose. You could just use simple web.xml based access control with realms, usernames and passwords.
Security of your webservices is another matter. From the Spring Security FAQ:
Web applications are vulnerable to all kinds of attacks which you should be familiar with, preferably before you start development so you can design and code with them in mind from the beginning. Check out the OWASP web site for information on the major issues facing web application developers and the countermeasures you can use against them.
Spring Security is certainly an option. It is for the most part, easy (nowadays) to integrate with Spring and has a flexible authentication module.
You should also consider Apache Shiro. A comparison to Spring Security question has already been answered - Shiro vs. SpringSecurity and Shiro also integrates nicely with Spring.
There are also some other questions already answered on this topic - How to secure a service REST with spring3? and Looking for a Simple Spring security example
I do not think there is a definitive answer to the question in it's current form, but I hope this helps all the same.

why use rest api in what scenario is REST better? NoSQL

There are now REST apis for Mongodb and redis.
I can connect to those databases with my language's driver.
Or I can use the REST api. I understand that the REST api is easier to grok, and easier to convert from language to language. But there's less features.
But is there any reason to use the rest api if I'm already doing fine with the language driver?
Thanks.
In my opinion a RESTful API is useful when you have to integrate multiple different clients in heterogenous environments. It's also good when you need features that are already solved for HTTP – like caches or load-balancing.
REST resources are supposed to capture use-cases of your application. I find it highly unlikely that an API to a database would do that for you. Mostly like the native language driver is the appropriate choice.
Rich web clients can talk directly to it, without any server side mediator. Also, for instance, if you have a JCR repository with NoSQL connector on hostA and NoSQL store on hostB, you're glad for RESTful api.