Re: looking into using restlets
Hello stack, you can you use either DomRepresentation [1] or SAXRepresentation [2] according to your preference with the following code (sample of POST request) : Client client = new Client(Protocol.HTTP); Response response = client.post(http://localhost:80/essai/;, your representation); System.out.println(response.getStatus()); best regards, Thierry Boileau [1] : http://www.restlet.org/documentation/1.0/api/org/restlet/resource/DomRepresentation.html [2] : http://www.restlet.org/documentation/1.0/api/org/restlet/resource/SaxRepresentation.html On 11/5/07, stack leet [EMAIL PROTECTED] wrote: Hello All, After reading the restlet tutorial and I'm convinced that Restlets are the way to go for a project I am working on. In essence I want to create a web service which stores and retrieves XML documents. My question is, I know how to create a client which can request a document from this webservice, but how do I go about sending a byte[] representation of an XML document (or a Set of XML documents) to the server?
Re: [newbie] Start using 1.1 SNAPSHOT - Maven Repo ?
Hello Jean-Yves, the maven repository is located at the following URL: maven.restlet.org. But, at this time, no snapshot of release 1.1 has been published in Maven since the first public release of restlet 1.1 will be delivered in a few weeks (release 1.1 M1). However a zip file can be downloaded at this url: http://www.restlet.org/downloads; (and follow the link older releases). If you can wait tomorrow morning, we can generate a new archive. best regards, Thierry Boileau On 11/6/07, Jean-Yves Cronier [EMAIL PROTECTED] wrote: I want to test latest development (of RESTlet 1.1), particularly JAXB extension. Where is the Maven repository to access latest SNAPSHOT of RESTlet 1.1 ?
Re: Client X509Certificate attribute using the AJP connector
Hi Jerome, Regarding Jetty, AJP and the client certificates, I submitted a patch a couple of days ago for Jetty, as there was a small bug: http://jira.codehaus.org/browse/JETTY-457 I'm please to say Greg Wilkins (Jetty) has already incorporated the changes in Jetty 6.1.6rc1. I'll try to provide more details and examples later on this week. I've just spotted a thread on this list about 2-way certificate authentication which seems relevant. Bruno. Jerome Louvel wrote: Hi Bruno, Thanks for the details. Do you have pointers to how this mechanism precisely works in Tomcat and/or Jetty? Also, if you could open an RFE and summarize our discussion that would be a good step forward. Best regards, Jerome
Re: [newbie] Start using 1.1 SNAPSHOT - Maven Repo ?
Hi all, Maybe should also publish snapshots in the Maven repository? If we do so, we should follow the Maven naming conventions for version numbers. Note: we don't internally use Maven to build Restlet code base, but we know how to publish Maven artifacts. Best regards, Jerome 2007/11/6, Thierry Boileau [EMAIL PROTECTED]: Hello Jean-Yves, the maven repository is located at the following URL: maven.restlet.org. But, at this time, no snapshot of release 1.1 has been published in Maven since the first public release of restlet 1.1 will be delivered in a few weeks (release 1.1 M1). However a zip file can be downloaded at this url: http://www.restlet.org/downloads; (and follow the link older releases). If you can wait tomorrow morning, we can generate a new archive. best regards, Thierry Boileau On 11/6/07, Jean-Yves Cronier [EMAIL PROTECTED] wrote: I want to test latest development (of RESTlet 1.1), particularly JAXB extension. Where is the Maven repository to access latest SNAPSHOT of RESTlet 1.1 ?
Reaching target Resources that do not exist
Hello, I'd like to model resources using Restlet in a similar way as Section 12 of the tutorial (Reaching target Resources). As a simple example, I'd like to map URIs like /users/{user}/birthday to read the full name of a user from a database (or hash-table). As far as I understand the tutorial, I can create a Resource class (for example BirthdayResource) that reads the username from the attribute in the constructor and reads the birthday from the database. Then, it can attach it to the router using something like this: router.attach(/users/{user}/birthday, BirthdayResource.class); The problem is that some username values might not be in this database, in which case I'd like to return a NOT FOUND response. Where is the right place to look whether-or-not the resource actually exists? Shouldn't this be done before the Resource instance is created? Where does this fit in the router/attach model? Best wishes, Bruno.
Re: Client X509Certificate attribute using the AJP connector
Hi Jerome, I haven't tried any code yet, but I think I found what was going on by looking at some of the code. What I'm talking about is related to the first modification mentioned in http://restlet.tigris.org/issues/show_bug.cgi?id=281 (using getPeerCertificates()). When using servlets, the specification states that client certificates should be presented in attribute javax.servlet.request.X509Certificate as a java.security.cert.X509Certificate[] (Section 5.7 of spec 2.2 and Section SRV.4.7 of spec 2.3). I think the modification made to use getPeerCertificates() aimed to achieve this, by putting this information in attribute org.restlet.https.clientCertificates of a Restlet Request. (Out of curiosity, why use a List and not an array? Although Restlets are not Servlets, it might have made porting some code a bit easier. I don't think it really matters, though.) By looking at the current code in SVN, this feature seems to be implemented in com.noelios.restlet.http.HttpServerConverter (method toRequest). Unfortunately, this relies on HttpServerCall.getSslSession(), which is implemented in SimpleCall, but not JettyCall (which I believe is the one used by AJP). Perhaps this is not quite the right place to abstract this. Indeed, when using Jetty directly or AJP (or the ServletCall I guess), the HttpServerCall does not get to see the SslSession, but the relevant information regarding the client certificate can still be exposed. I reckon it should be possible to convert the content of Servlet Request attribute javax.servlet.request.X509Certificate into org.restlet.https.clientCertificates when using these other connectors. To be more specific regarding AJP, the mod_jk configuration of Apache Httpd is at: http://tomcat.apache.org/connectors-doc/reference/apache.html In particular, to pass the chain of certificate, this should be used: JkOptions +ForwardSSLCertChain Passing this from the AJP connection to the servlets is done in Jetty in this file: https://svn.codehaus.org/jetty/jetty/trunk/extras/ajp/src/main/java/org/mortbay/jetty/ajp/Ajp13Connection.java All I've just mentioned is about the SSL certificate attributes, but I guess it could be useful to expose the SSL cipher, which is String in javax.servlet.request.cipher_suite. The servlet spec version 2.3 also defines javax.servlet.request.key_size, which should be an Integer. I'm not sure from which specification the javax.servlet.request.ssl_session attribute comes from, but it's in the Jetty code mentioned above. The other piece of information that would be interesting to get (especially the context of AJP and probably Servlets) is the remote user. Servlets have a getRemoteUser() method which returns a String. This is visible via Apache-Httpd - AJP - Jetty (and Tomcat, if tomcatAuthentication is disabled in its AJP configuration, see http://tomcat.apache.org/tomcat-6.0-doc/config/ajp.html ). This is useful for delegating the authentication task to existing modules of Apache Httpd (which is also something I'm looking into, aside from certificates). Unfortunately, as far as I know, Restlet Requests do not have a getRemoteUser() method. Perhaps it would be a good idea to pass this, when it exists, as another attribute, say org.restlet.remote_user? I guess it could be used by other protocols than HTTP/HTTPS. I could try to write a patch, but since it may modify the API (or at least the interfaces), it might be better if someone more experienced with the code does it. I'm going to copy and paste all this in an RFE. I hope this clarifies what I was trying to get in the first place. Thank you, Bruno. Bruno Harbulot wrote: Hi Jerome, Regarding Jetty, AJP and the client certificates, I submitted a patch a couple of days ago for Jetty, as there was a small bug: http://jira.codehaus.org/browse/JETTY-457 I'm please to say Greg Wilkins (Jetty) has already incorporated the changes in Jetty 6.1.6rc1. I'll try to provide more details and examples later on this week. I've just spotted a thread on this list about 2-way certificate authentication which seems relevant. Bruno.
Re: Client X509Certificate attribute using the AJP connector
Bruno Harbulot wrote: I could try to write a patch, but since it may modify the API (or at least the interfaces), it might be better if someone more experienced with the code does it. I'm going to copy and paste all this in an RFE. Here it is: http://restlet.tigris.org/issues/show_bug.cgi?id=376 Best regards, Bruno.
Re: Reaching target Resources that do not exist
Hi Bruno, on one hand, you define a route which binds all uris such as /users/{user}/birthday to a new instance of the BirthdayResource class. On the other hand, the resource is in charge to perform the request, that is to say return a representation (if any) in case of GET requests, delete the resource in case of DELETE request, etc. The resource knows what happens and what to do. In your case, the birthday resource is responsible to get the user (if any), and return a representation of the user's birthday only if the user exists. For example: 1- the BirthdayResource constructor looks for the user and store it as an attribute 2- the getRepresentation(Variant) method returns a representation only if the user attribute is not null I hope this will help you. Do you expose a lot of attributes such as birthday? best regards, Thierry Boileau Hello, I'd like to model resources using Restlet in a similar way as Section 12 of the tutorial (Reaching target Resources). As a simple example, I'd like to map URIs like /users/{user}/birthday to read the full name of a user from a database (or hash-table). As far as I understand the tutorial, I can create a Resource class (for example BirthdayResource) that reads the username from the attribute in the constructor and reads the birthday from the database. Then, it can attach it to the router using something like this: router.attach(/users/{user}/birthday, BirthdayResource.class); The problem is that some username values might not be in this database, in which case I'd like to return a NOT FOUND response. Where is the right place to look whether-or-not the resource actually exists? Shouldn't this be done before the Resource instance is created? Where does this fit in the router/attach model? Best wishes, Bruno.
Unable to cleanly undeploy restlet application from servlet container
When I try to undeploy my restlet application from a running servlet container it can't remove the deployed app completely because it seems unable to delete com.noelios.restlet.jar from the exploded WAR contents. I assume there is still some resource in use within the reference implementation code (possibly because of the way I'm using it?) but I can't figure out what. Does anyone have any experience with this problem or something similar, and what I can do to work around it? I've tried a variety of app servers (Tomcat 6.0, Sun App Server PE 9, BEA WebLogic 9.2), and they've all shown the same behavior. Here's my super-stripped-down test application: import org.restlet.*; import org.restlet.data.*; public class SimpleApp extends Application { public SimpleApp(Context context) { super(context); } public Restlet createRoot() { return new Restlet() { public void handle(Request rqst, Response resp) { resp.setEntity( rqst.getResourceRef().toString(), MediaType.TEXT_PLAIN); } }; } } I build this application into a WAR with a web.xml file like the sample shown in question 2 of the developer FAQ. I should mention that if I stop and restart the app server before ever accessing my web service then it undeploys correctly (the code has to be loaded and executed for the problem to occur). I'd appreciate any help or advice you can give. Hayden
RE: Router.attach Patterns
Hi Alex, Thanks for sharing all the details. 1) For the root attachment issue, you can use this approach instead: // To match only URIs that are strictly equal to / Template template = router.attach(/, rootRestlet).getTemplate(); template.setMatchingMode(Template.MODE_EQUALS); // To match all other URIs router.attach(/, everythingElseRestlet); 2) For the mapping of URIs with a .js extension to a resource you can do: Template template = router.attach(/{foo}.js).getTemplate(); template.setMatchingMode(Template.MODE_EQUALS); template.getDefaultVariable().setType(TYPE_URI_ALL); or template.getVariables().put(foo, new Variable(TYPE_URI_ALL)); Does that cover all your needs or am I still missing something ? Best regards, Jerome -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de Alex Milowski Envoyé : lundi 5 novembre 2007 22:17 À : discuss@restlet.tigris.org Objet : Re: Router.attach Patterns On 11/5/07, Jerome Louvel [EMAIL PROTECTED] wrote: Hi Alex, As you probably know, we already have a way to specify the type of each variable in an URI template via the org.restlet.util.Variable class and the Template.variables and Template.defaultVariable properties. Could you describe the use case(s) that would require a full regex syntax in URI templates ? The problem is that if you look at the specification for URI templates[1], it explains how templates can be used to create URI values and not how they are matched. In fact, I can't really find that information anywhere except in the code. Unfortunately, looking at the URI templates specification, I can find inconsistencies between generating and matching URI values. One of the examples is: http://example.com/{q} http://example.com/hello#world where q=hello#world. If you tried to use the URI template http://example.com/{q};, you'd get 'hello' for the variable 'q' because the default is to use a URI segment rather than the remaining URI path. In several of my applications I need to be able to match a remaining URI path. When I've developed custom code, I attach a Finder to do that but I have problems when the root needs to be handled differently than its sub-resources. I've run into trouble with simple applications that are configured from a configuration file where the match pattern is specified and a restlet is attached for all sub paths. For example, if you want to map: / - RootRestlet.class /.* - EverythingElseRestlet.class you can use the two templates: / - RootRestlet.class /{name} - EverythingElseRestlet.class Now, that does the right thing only because any resource below the root must have an additional segment in typical directory hierarchy paths. The problem is that the Request instance now has a Reference where the getRemainingPart() does not return the whole subpath without prefixing the name attribute value. Then you have special case your attached Restlet to deal with that oddity. Certainly the above problem can be solved by allowing more control over the Route or by messing with the template used by the route. It just seems incomplete that you can attach a Restlet to a template/pattern that says all sub resources but not the root without messing up the getRemainingPart() call. Another simple use case is knocking out a URI (e.g. a moved or bad resource) from amongst valid ones by mapping it to a error handling resource. For example, you might want to find all paths then end with .js under a certain resource. [1] http://bitworking.org/projects/URI-Templates/draft-gregorio-ur itemplate-01.html --Alex Milowski
Re: [newbie] Start using 1.1 SNAPSHOT - Maven Repo ?
Jerome Louvel contact at noelios.com writes: Hi all, Maybe should also publish snapshots in the Maven repository? If we do so, we should follow the Maven naming conventions for version numbers. Note: we don't internally use Maven to build Restlet code base, but we know how to publish Maven artifacts. Best regards, Jerome We at Overstock.com would love it if you put 1.1 snapshots into the Maven repository. We have to do some really ugly gyrations to use 1.1m1 (current) in our Maven environment. BTW, I'm new to Maven 2 but I think it much preferable to ant, esp. for Restlet development. The jar dependency problem expressed recently is much less an issue with Maven 2 dependency management. Sean
RE: Restlet GPL version?
Hi Rob, As a benefit of having the JCA process in place (http://www.restlet.org/community/contribute), we can offer Restlet under GPL v3 as well. I've updated the web site to mention this new option: http://www.restlet.org/about/legal Best regards, Jerome -Message d'origine- De : Rob Heittman [mailto:[EMAIL PROTECTED] Envoyé : lundi 5 novembre 2007 22:41 À : discuss Objet : Restlet GPL version? Restlet is available under GPL as one of the licensing choices. I think GPL2 was the only valid choice at the time that http://www.restlet.org/about/legal was authored, and it links to it at http://www.opensource.org/licenses/gpl-license.php. Is it the intent to keep Restlet available only under GPL2, or is GPL3 (http://www.gnu.org/licenses/gpl.html) also an option? The reason I ask has to do with license incompatibility, the inability to link together GPL2 and GPL3 code into a single program and apply the correct license for the aggregate work ... unless the feeling is that the Classpath exception circumvents that limitation (... and I'm not sure about that). I have hit GPL3 now in several other licenses ... - R
Re: Reaching target Resources that do not exist
Hi Thierry, Thierry Boileau wrote: on one hand, you define a route which binds all uris such as /users/{user}/birthday to a new instance of the BirthdayResource class. On the other hand, the resource is in charge to perform the request, that is to say return a representation (if any) in case of GET requests, delete the resource in case of DELETE request, etc. The resource knows what happens and what to do. I see. So I guess it would be fair to consider that the Resource object is more or less the equivalent of a closure representing the dispatch of a request to the resource. In your case, the birthday resource is responsible to get the user (if any), and return a representation of the user's birthday only if the user exists. For example: 1- the BirthdayResource constructor looks for the user and store it as an attribute 2- the getRepresentation(Variant) method returns a representation only if the user attribute is not null I think I found my mistake. In Resource.handleGet(), it's the fact there isn't any Variant that leads to a CLIENT_ERROR_NOT_FOUND response status. However, I was using this in the constructor, whether-or-not the resource existed: getVariants().add(new Variant(MediaType.TEXT_PLAIN)); Therefore, I shouldn't add any variant before I've made sure the resource exists. If a transactional database is used in the back-end, I suppose that adding the Variants ought to be done as part of the transaction that reads or write data corresponding to the Resource. Such a transaction could be in the constructor of the Resource. I hope this will help you. Yes, cheers. Do you expose a lot of attributes such as birthday? Not really at the moment, that was just an example. As you can guess from my questions, I'm still learning about the framework. I have a REST-based model in mind for my application that I would have implemented with servlets, by I thought I'd be good to investigate restlets. So far, so good, but I'm not sure I'll use the Resource part of the framework. I'm indeed planning to make a lot of short requests and I'm a bit concerned about creating a new instance of a Resource for every request in terms of performance. I guess using a Restlet directly might be more efficient in some cases. Best regards, Bruno.
Re: HEAD not well supported?
Hi all, The refactoring based on this discussion is done in SVN trunk. See this issue for few more details: http://restlet.tigris.org/issues/show_bug.cgi?id=361 I've also updated the 1.1 snapshot at: http://www.restlet.org/downloads/1.1/current.zip Best, Jerome