1 / 24

Service Oriented Architecture

Explore the use of modules and APIs to build service-oriented architecture in Drupal, showcase functionality, and address security precautions.

scostales
Download Presentation

Service Oriented Architecture

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Service Oriented Architecture btopro @btopro http://btopro.com/ http://drupal.psu.edu/blog/1 Bryan Ollendyke

  2. My problem space for building web services • Modules to build Services into Drupal • Just a couple, there are others • Drupal / Non-drupal security precautions • Showcase functionality • Step through some endpoint code • Questions Topics

  3. LMS while serving a purpose, does not meet needs of all • Drupal based solutions in A & A since 07 • Course = Drupal 6 site • Media assets in separate D6 site Problem Space

  4. Too much functionality in 1 space • New site, new big bucket problem • Example: Student social space dependent on content related modules • P2 policy must be same for all solutions • Drupal version hard to keep up with curve • Still in D6 for all old projects • Need to bring asset management implementation to all learning tools Problems w/ D6 setup

  5. Over Crowded feature-set

  6. Suite of Tools

  7. Inflexibility

  8. Maximizing flexibility

  9. Drupal network

  10. HTTPRL • Services • XMLRPC.php • Views Data export • RestWS • cis_connector (example endpoint) • Single sign-on (via webaccess) Modules for SOA

  11. Not a service by itself (helper module) • Allows for non-blocking calls • Call own cron.phpw.o. waiting for cron to execute • Allows for queuing • Many projects integrate with it • D8 uses php lib guzzle which is similar • Performance metrics • https://drupal.psu.edu/node/790 HTTPRL

  12. https://drupal.org/project/services • Most widely used by far • Drupal as a backend • Think phone app database server • An API for building web service APIs • Effectively build from scratch • A bit complicated • Need to document new API entirely • Views integration module a plus Services

  13. Built into Drupal core (6/7) • Limited capabilities • need to write a lot of code to use • Only example I’ve seen is blog service for remote posting XMLRPC.php

  14. https://drupal.org/project/views_data_export • Simple to use, lots of formats for export • If you know views, you know data feed • Works well in conjunction with Feeds module • Good for anonymous data access • Good for limited data /API interactions Views Data export

  15. https://drupal.org/project/restws • Enable it and you have a mirror of site architecture (easy to test) • Works with any Drupal entities • {entity_type}/{id}.{format} • Built in permissions / security method • Has an endpoint module • Drupal 8 core webservice components follow a similar methodology RestWS

  16. node/7 • As xml example.com/node/7.xml • As json example.com/node/7.json • Support for .rdf (haven’t tried) • field_collection_item/13.json • Querying support too! • user.xml?name=btopro&status=1 RestWS Examples

  17. http://drupal.org/project/cis_connector • Example of the end-point I’m using • Has call wrapper for performing cached http requests cis_connector

  18. IP domain locking • "service" domain for data transmission • APIs / Call wrappers free of user/pwd • while you can write custom pathways to data, stick to well defined pipelines • force https everywhere • force all other accounts to be webaccess / psu accounts Non-Drupal Security

  19. Non-Drupal Security

  20. RestWS user locking module • Regex comparison of name involved • only 1 account for service invoking • special role for that account • Seckit module • make sure elevated roles that can trip remote jobs are well defined • field permissions module and other permission metrics important Drupal Security

  21. Hope the internet works DevOps

  22. Questions?#dcpsu@psu_drupal

More Related