Hessian and Burlap

Using the HTTP Invoker remoting architecture is a really simple way to create distributed applications when all components use both Java and Spring. This setup is sufficient in many cases, but it is unrealistic to think that Spring, and indeed Java, will always be used in all components in a remote application.

In these cases, Hessian and Burlap provide a suitable alternative to HTTP Invoker. Hessian is a lightweight framework for the creation of web services using a binary protocol. Burlap is a similar framework, although the underlying protocol uses XML rather than a binary representation. The only implementation of Burlap available at the time of writing is for Java, although implementing Burlap in other languages should not be restrictively difficult. Hessian has, at the time of writing, three different implementations, which cover Java, Python, and C++; this makes it suitable for communicating between components written in different languages. In this section, we focus on Hessian rather than Burlap; but remember, in the context of Spring, usage of both is identical. To make the examples in this section run with Burlap instead of Hessian, replace all instances of Hessian in class names with Burlap.

The way you use Hessian and Burlap in Spring is similar to the way you use HTTP Invoker. At the server side, the Spring DispatcherServlet is responsible for dispatching incoming requests to the HessianServiceExporter that, like HttpInvokerServiceExporter, implements the Controller interface and is thus capable of handling requests passed from the DispatcherServlet.

At the client side, you access Hessian services using a proxy you create using the HessianProxyFactoryBean. Like HTTP Invoker, Hessian services support HTTP Basic authentication and whereas configuration at the server side is identical, the client side configuration for Hessian is much simpler.

In this section, you see how to expose services using Hessian and Spring, as well as how to access these services using the Spring Hessian proxy generator. You also learn how to secure your Hessian services using HTTP Basic authentication and how to configure a Hessian proxy to access a secure service.

Exposing Services Using Hessian

Like HTTP Invoker, Hessian places no constraints on the service interface or the service implementation class. This allows you to use your standard business objects and removes the need to create any special interfaces or implementations. As with HTTP Invoker, you can choose to create a specific service interface if you wish to restrict the methods that are exposed. For the example in this section, we reuse the HelloWorld interface and SimpleHelloWorld class shown in 16-2, respectively.

Because the HessianServiceExporter uses the same basic architecture as the HttpInvokerServiceExporter, configuring a HessianServiceExporter requires very similar XML. Listing 16-41 shows the definition of a HessianServiceExporter and a BeanNameUrlHandlerMapping.

Listing 16-41: Configuring a Hessian Service

image from book
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"  "http://www.springframework.org/dtd/spring-beans.dtd"> <beans>     <bean         />          <bean name="/helloWorld"              >         <property name="service">             <ref bean="helloWorldService"/>         </property>         <property name="serviceInterface">             <value>com.apress.prospring.ch16.remoting.HelloWorld</value>         </property>     </bean>     </beans>
image from book

As you can see, the only difference between this configuration and the configuration for the corresponding HTTP Invoker service shown in Listing 16-28 is that the class attribute for the /helloWorld bean is set to the HessianServiceExporter.

As with HTTP Invoker services, Hessian services are fronted by an instance of DispatcherServlet, which you need to configure in the web application deployment descriptor along with a URL mapping for the servlet. This is shown in Listing 16-42.

Listing 16-42: Configuring DispatcherServlet

image from book
    <servlet>         <servlet-name>caucho</servlet-name>         <servlet-class>                org.springframework.web.servlet.DispatcherServlet</servlet-class>         <load-on-startup>4</load-on-startup>     </servlet>          <servlet-mapping>         <servlet-name>caucho</servlet-name>         <url-pattern>/caucho/*</url-pattern>     </servlet-mapping>
image from book

Remember that the servlet name is important and indicates the name that we should give to the configuration file shown in Listing 16-43.

Listing 16-43: Configuring a Hessian Proxy

image from book
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"  "http://www.springframework.org/dtd/spring-beans.dtd"> <beans>     <bean         >         <property name="serviceUrl">             <value>http://localhost:8080/remoting/caucho/helloWorld</value>         </property>         <property name="serviceInterface">             <value>com.apress.prospring.ch16.remoting.HelloWorld</value>         </property>     </bean> </beans>
image from book

Accessing Hessian Services

Configuring a Hessian proxy is just like configuring an HTTP Invoker proxy; the only difference is that you replace HttpInvokerProxyFactoryBean with HessianProxyFactoryBean, as shown in Listing 16-43.

By now, you should be more than familiar with the details of this configuration, so we do not go into any details on it. As you can probably guess, using this proxy in a client application does not require any special handling, as you can see in Listing 16-44.

Listing 16-44: Using a Hessian Proxy

image from book
package com.apress.prospring.ch16.remoting.caucho;      import org.springframework.context.ApplicationContext; import org.springframework.context.support.FileSystemXmlApplicationContext;      import com.apress.prospring.ch16.remoting.HelloWorld;      public class HelloWorldClient {          public static void main(String[] args) {         ApplicationContext ctx = new FileSystemXmlApplicationContext(         "./ch16/src/conf/caucho/helloWorld.xml");              HelloWorld helloWorld = (HelloWorld)ctx.getBean("helloWorldService");         System.out.println(helloWorld.getMessage());     } }
image from book

Running this example displays the message "Hello World!" in the console after a short delay.

Using HTTP Basic Authentication

As with HTTP Invoker, you can secure Hessian services using HTTP Basic authentication. As we mentioned earlier, configuration at the server side is the same as it was for HTTP Invoker, but at the client side, the Hessian configuration for HTTP Basic authentication is much simpler.

Listing 16-45 shows the configuration of a new Hessian service using the MessageService interface and SimpleMessageClass that appeared in 16-21, respectively.

Listing 16-45: Configuring the Secure Message Service

image from book
<bean name="/messageServiceSecure"         >     <property name="service">         <ref bean="messageService"/>     </property>     <property name="serviceInterface">         <value>com.apress.prospring.ch16.remoting.MessageService</value>     </property> </bean>
image from book

MessageService.getMessage() method returns an instance of MessageBean, which was marked as Serializable for use in HTTP Invoker services. For Hessian services, this is not necessary because Hessian has its own serialization mechanism.

Because you have already configured container security for the sample services in Listing 16-29, all you need to do to make this service secure is add a new <url-pattern> tag to the <web-resource-collection> tag, as shown in Listing 16-46.

Listing 16-46: Adding an Additional Secure URL

image from book
   <web-resource-collection>         <web-resource-name>Secure HTTP Services</web-resource-name>         <url-pattern>/http/messageServiceSecure</url-pattern>         <url-pattern>/caucho/messageServiceSecure</url-pattern>     </web-resource-collection>
image from book

Configuring a Hessian proxy to access this secure service is much simpler than configuring an HTTP Invoker proxy to access a secure service, because the HessianProxyFactoryBean allows you to specify the user name and password you need to use for authentication using Spring DI, as shown in Listing 16-47.

Listing 16-47: Configuring a Hessian Proxy for HTTP Basic Authentication

image from book
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"  "http://www.springframework.org/dtd/spring-beans.dtd"> <beans>     <bean             >         <property name="serviceUrl">             <value>                 http://localhost:8080/remoting/caucho/messageServiceSecure             </value>         </property>         <property name="serviceInterface">             <value>com.apress.prospring.ch16.remoting.MessageService</value>         </property>         <property name="username">             <value>tomcat</value>         </property>         <property name="password">             <value>tomcat</value>         </property>     </bean> </beans>
image from book

You can use this proxy just like any other, as shown in Listing 16-48.

Listing 16-48: The MessageServiceSecureClient Class

image from book
package com.apress.prospring.ch16.remoting.caucho;      import org.springframework.context.ApplicationContext; import org.springframework.context.support.FileSystemXmlApplicationContext;      import com.apress.prospring.ch16.remoting.MessageService;      public class MessageServiceSecureClient {          public static void main(String[] args) {         ApplicationContext ctx = new FileSystemXmlApplicationContext(                 "./ch16/src/conf/caucho/messageServiceSecure.xml");              MessageService messageService = (MessageService) ctx                 .getBean("messageService");         System.out.println(messageService.getMessage());     } }
image from book

Try running this example with both valid and invalid credentials to test the security of the service.



Pro Spring
Pro Spring
ISBN: 1590594614
EAN: 2147483647
Year: 2006
Pages: 189

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net