Exposing services using HTTP invokers
28.4 Exposing services using HTTP invokers
As opposed to Burlap and Hessian, which are both lightweight protocols using their own slim serialization mechanisms, Spring HTTP invokers use the standard Java serialization mechanism to expose services through HTTP. This has a huge advantage if your arguments and return types are complex types that cannot be serialized using the serialization mechanisms Hessian and Burlap use refer to the next section for more considerations when choosing a remoting technology. Under the hood, Spring uses either the standard facilities provided by the JDK or Apache HttpComponents to perform HTTP calls. Use the latter if you need more advanced and easier-to-use functionality. Refer to hc.apache.orghttpcomponents-client-ga for more information. Warning Be aware of vulnerabilities due to unsafe Java deserialization: Manipulated input streams could lead to unwanted code execution on the server during the deserialization step. As a consequence, do not expose HTTP invoker endpoints to untrusted clients but rather just between your own services. In general, we strongly recommend any other message format e.g. JSON instead. 4.3.9.RELEASE Spring Framework 673 If you are concerned about security vulnerabilities due to Java serialization, consider the general- purpose serialization filter mechanism at the core JVM level, originally developed for JDK 9 but backported to JDK 8, 7 and 6 in the meantime: https:blogs.oracle.comjava-platform-groupentry incoming_filter_serialization_data_a http:openjdk.java.netjeps290 Exposing the service object Setting up the HTTP invoker infrastructure for a service object resembles closely the way you would do the same using Hessian or Burlap. Just as Hessian support provides the HessianServiceExporter , Spring’s HttpInvoker support provides the org.springframework.remoting.httpinvoker.HttpInvokerServiceExporter . To expose the AccountService mentioned above within a Spring Web MVC DispatcherServlet , the following configuration needs to be in place in the dispatcher’s application context: bean name = AccountService class = org.springframework.remoting.httpinvoker.HttpInvokerServiceExporter property name = service ref = accountService property name = serviceInterface value = example.AccountService bean Such an exporter definition will be exposed through the `DispatcherServlet’s standard mapping facilities, as explained in the section on Hessian. Alternatively, create an HttpInvokerServiceExporter in your root application context e.g. in WEB-INFapplicationContext.xml : bean name = accountExporter class = org.springframework.remoting.httpinvoker.HttpInvokerServiceExporter property name = service ref = accountService property name = serviceInterface value = example.AccountService bean In addition, define a corresponding servlet for this exporter in web.xml , with the servlet name matching the bean name of the target exporter: servlet servlet-name accountExporter servlet-name servlet-class org.springframework.web.context.support.HttpRequestHandlerServlet servlet-class servlet servlet-mapping servlet-name accountExporter servlet-name url-pattern remotingAccountService url-pattern servlet-mapping If you are running outside of a servlet container and are using Oracle’s Java 6, then you can use the built- in HTTP server implementation. You can configure the SimpleHttpServerFactoryBean together with a SimpleHttpInvokerServiceExporter as is shown in this example: 4.3.9.RELEASE Spring Framework 674 bean name = accountExporter class = org.springframework.remoting.httpinvoker.SimpleHttpInvokerServiceExporter property name = service ref = accountService property name = serviceInterface value = example.AccountService bean bean id = httpServer class = org.springframework.remoting.support.SimpleHttpServerFactoryBean property name = contexts util:map entry key = remotingAccountService value-ref = accountExporter util:map property property name = port value = 8080 bean Linking in the service at the client Again, linking in the service from the client much resembles the way you would do it when using Hessian or Burlap. Using a proxy, Spring will be able to translate your calls to HTTP POST requests to the URL pointing to the exported service. bean id = httpInvokerProxy class = org.springframework.remoting.httpinvoker.HttpInvokerProxyFactoryBean property name = serviceUrl value = http:remotehost:8080remotingAccountService property name = serviceInterface value = example.AccountService bean As mentioned before, you can choose what HTTP client you want to use. By default, the HttpInvokerProxy uses the JDK’s HTTP functionality, but you can also use the Apache HttpComponents client by setting the httpInvokerRequestExecutor property: property name = httpInvokerRequestExecutor bean class = org.springframework.remoting.httpinvoker.HttpComponentsHttpInvokerRequestExecutor property28.5 Web services
Parts
» Dependency Injection and Inversion of Control Framework Modules
» Usage scenarios Introduction to the Spring Framework
» Java EE 6 and 7 Groovy Bean Definition DSL
» Core Container Improvements General Web Improvements
» WebSocket, SockJS, and STOMP Messaging Testing Improvements
» JMS Improvements Caching Improvements
» Web Improvements New Features and Enhancements in Spring Framework 1
» WebSocket Messaging Improvements Testing Improvements
» Core Container Improvements New Features and Enhancements in Spring Framework 4.2
» Data Access Improvements JMS Improvements Web Improvements
» Core Container Improvements Data Access Improvements Caching Improvements
» JMS Improvements Web Improvements WebSocket Messaging Improvements Testing Improvements
» Introduction to the Spring IoC container and beans
» Container overview The IoC container
» Bean overview The IoC container
» Dependencies The IoC container
» y.Baz beans The IoC container
» driverClassName = username = The IoC container
» email = spouse-ref = The IoC container
» y.Bar bean y.Foo constructor-arg y.Foo c:bar-ref baz-ref = y.Foo c:_0-ref _1-ref =
» y.z.MyValueCalculator b.c.ReplacementComputeValue Bean scopes
» y.Foo property Customizing the nature of a bean
» Bean definition inheritance The IoC container
» Container Extension Points The IoC container
» Annotation-based container configuration The IoC container
» Classpath scanning and managed components
» Using JSR 330 Standard Annotations
» Java-based container configuration The IoC container
» Environment abstraction The IoC container
» Registering a LoadTimeWeaver Additional Capabilities of the ApplicationContext
» The BeanFactory The IoC container
» Introduction The Resource interface
» Built-in Resource implementations Resources
» The ResourceLoaderAware interface Resources
» Resources as dependencies Application contexts and Resource paths
» Introduction Validation, Data Binding, and Type Conversion
» Validation using Spring’s Validator interface
» Resolving codes to error messages Bean manipulation and the BeanWrapper
» Spring Type Conversion Validation, Data Binding, and Type Conversion
» Spring Field Formatting Validation, Data Binding, and Type Conversion
» Configuring a global date time format
» Spring Validation Validation, Data Binding, and Type Conversion
» Introduction Feature Overview Spring Expression Language SpEL
» Expression Evaluation using Spring’s Expression Interface
» Expression support for defining bean definitions
» Language Reference Spring Expression Language SpEL
» 3e0 4 .getValueDouble. 4e0 2 .getValueDouble.
» Classes used in the examples
» Introduction Aspect Oriented Programming with Spring
» Schema-based AOP support Aspect Oriented Programming with Spring
» y.service.DefaultFooService y.SimpleProfiler aop:config
» Choosing which AOP declaration style to use
» Mixing aspect types Proxying mechanisms
» Introduction Pointcut API in Spring
» Advisor API in Spring Using the ProxyFactoryBean to create AOP proxies
» Concise proxy definitions Spring AOP APIs
» Creating AOP proxies programmatically with the ProxyFactory Manipulating advised objects
» Using the auto-proxy facility
» Using TargetSources Spring AOP APIs
» Mock Objects Unit Testing support Classes
» Overview Goals of Integration Testing
» JDBC Testing Support Annotations
» Spring TestContext Framework Integration Testing
» loginAction-ref = username = userPreferences-ref = theme =
» PetClinic Example Integration Testing
» Understanding the Spring Framework transaction abstraction
» Synchronizing resources with transactions
» Declarative transaction management Transaction Management
» y.service.DefaultFooService Transaction Management
» y.service.DefaultFooService y.SimpleProfiler y.service.DefaultFooService
» y.SimpleProfiler Transaction Management
» Programmatic transaction management Transaction Management
» Choosing between programmatic and declarative transaction management Transaction bound event
» Application server-specific integration Transaction Management
» Introduction Consistent exception hierarchy
» Annotations used for configuring DAO or Repository classes
» Introduction to Spring Framework JDBC
» Using the JDBC core classes to control basic JDBC processing and error handling
» Controlling database connections Data access with JDBC
» JDBC batch operations Data access with JDBC
» Simplifying JDBC operations with the SimpleJdbc classes
» Modeling JDBC operations as Java objects
» Common problems with parameter and data value handling
» Embedded database support Data access with JDBC
» Initializing a DataSource Data access with JDBC
» Introduction to ORM with Spring
» General ORM integration considerations
» Hibernate Object Relational Mapping ORM Data Access
» JDO Object Relational Mapping ORM Data Access
» Introduction Marshaller and Unmarshaller
» Using Marshaller and Unmarshaller
» XML Schema-based Configuration JAXB
» Castor Marshalling XML using OX Mappers
» XMLBeans JiBX Marshalling XML using OX Mappers
» XStream Marshalling XML using OX Mappers
» Introduction to Spring Web MVC framework
» The DispatcherServlet Web MVC framework
» Handler mappings Web MVC framework
» Resolving views Web MVC framework
» Using flash attributes Web MVC framework
» Building URIs Web MVC framework
» Using locales Web MVC framework
» Using themes Web MVC framework
» Spring’s multipart file upload support
» Handling exceptions Web MVC framework
» Web Security Convention over configuration support
» y.RegistrationController HTTP caching support
» Code-based Servlet container initialization
» Configuring Spring MVC Web MVC framework
» simpleDateFormat = Web MVC framework
» Introduction Thymeleaf Groovy Markup Templates
» Velocity FreeMarker View technologies
» Document views PDFExcel Property
» Feed Views JSON Mapping View
» Introduction Integrating with other web frameworks
» Common configuration Integrating with other web frameworks
» JavaServer Faces 1.2 Apache Struts 2.x
» Introduction Portlet MVC Framework
» The DispatcherPortlet Portlet MVC Framework
» The ViewRendererServlet Controllers Portlet MVC Framework
» Handler mappings Portlet MVC Framework
» Views and resolving them Multipart file upload support
» Handling exceptions Annotation-based controller configuration
» absolute-ordering absolute-ordering WebSocket API
» SockJS Fallback Options WebSocket Support
» STOMP Over WebSocket Messaging Architecture
» Introduction Controller method CORS configuration
» Global CORS configuration Advanced Customization
» Introduction Remoting and web services using Spring
» Using Hessian or Burlap to remotely call services via HTTP
» Exposing services using HTTP invokers
» Web services Remoting and web services using Spring
» JMS Remoting and web services using Spring
» Accessing RESTful services on the Client
» Introduction Accessing EJBs Enterprise JavaBeans EJB integration
» Introduction JMS Java Message Service
» Using Spring JMS JMS Java Message Service
» Sending a Message JMS Java Message Service
» Receiving a message JMS Java Message Service
» Support for JCA Message Endpoints
» Annotation-driven listener endpoints JMS Java Message Service
» JMS namespace support JMS Java Message Service
» Introduction Exporting your beans to JMX
» Controlling the management interface of your beans
» Controlling the ObjectNames for your beans
» Accessing MBeans via Proxies
» Introduction Configuring CCI JCA CCI
» Using Spring’s CCI access support
» Modeling CCI access as operation objects
» Using the JavaMail MimeMessageHelper
» Introduction The Spring TaskExecutor abstraction
» The Spring TaskScheduler abstraction
» Annotation Support for Scheduling and Asynchronous Execution
» The task namespace Task Execution and Scheduling
» Introduction A first example
» y.DefaultBookingService property Defining beans that are backed by dynamic languages
» y.DefaultBookingService property Dynamic language support
» Scenarios Dynamic language support
» Bits and bobs y.DefaultBookingService property
» Introduction Understanding the cache abstraction
» Declarative annotation-based caching Cache Abstraction
» JCache JSR-107 annotations Cache Abstraction
» Declarative XML-based caching y.service.DefaultBookService
» Configuring the cache storage name =
» Classic ORM usage Classic Spring Usage
» JMS Usage Classic Spring Usage
» Concise proxy definitions Classic Spring AOP Usage
» Using the autoproxy facility
» Using TargetSources Classic Spring AOP Usage
» Introduction XML Schema-based configuration
» Introduction Authoring the schema
» Coding a NamespaceHandler Extensible XML authoring
» BeanDefinitionParser Extensible XML authoring
» Registering the handler and the schema
» Using a custom extension in your Spring XML configuration Meatier examples
» Introduction The argument tag The bind tag
» The escapeBody tag The eval tag The hasBindErrors tag
» The htmlEscape tag The message tag
» The nestedPath tag The param tag The theme tag
» The transform tag The url tag
» Introduction The button tag The checkbox tag
» The checkboxes tag The errors tag
» The option tag The options tag
» The password tag The radiobutton tag
Show more