Deploying a NinjaFramework Application on OpenShift

Deploy a fat jar to OpenShift… Hmmmmm

A NinjaFramework application is built and deployed as a fat jar by default. Given this fact, I popped this question on StackOverflow. I figured that one would need to be some kind of Maven guru in order to build some kind of configuration to deploy it on OpenShift. Not so as it turns out. The guys at NinjaFramework have once again come up trumps. It turns out the process is effortless. This blog describes the steps involved from beginning to end. This process uses Netbeans.

Continue reading “Deploying a NinjaFramework Application on OpenShift”

JSON Web Token (JWT) with CORS Stateless REST Service with Facebook Authentication

Introduction

This blog will demonstrate how to authenticate a REST(ish) service with Facebook authentication, using a JSON Web Token (JWT).

This blog is follows on from previous blogs:

  1. Cross-Origin-Resource-Sharing (CORS) is detailed here http://outbottle.com/understanding-cross-origin-resource-sharing-cors-by-example/.
  2. Creating the REST Service and HTML5 Client is detailed here http://outbottle.com/cors-stateless-rest-service-with-detached-html5-client/.
  3. Adding authentication using Facebook is detailed here (but does not use JWT) http://outbottle.com/cors-stateless-rest-service-with-facebook-authentication/

The previous blogs led up to situation where the user is able to authenticate with Facebook thus receiving a Facebook authentication token. Authentication with Facebook results in a request being sent to our REST service. The intent of that request is to authenticate with our Rest service. The request contains the Facebook authentication token and the users Facebook email address (from their Facebook profile). The Rest Service will receive the Facebook authentication token from the client, it then invokes Facebook itself using RestFB to retrieve the users profile. The email address received from the client is now compared with the email address taken from the Facebook profile just retrieved via RestFB.

  • If the email addresses match, the user is authentic. (Now the REST service generates a token for the client which identifies that client. Any time the client wants to invoke the service, it supplies that token).
  • If the email addresses do not match, the client supplied a valid Facebook authentication token but for a different account; reject this user.
  • If the profile cannot be retrieved, the client may have supplied an invalid Facebook authentication token; reject this user.

If the email addresses match, the user is authentic. At this point in the previous blog, the server just responds to the client with an email address, i.e. the matched email address. The client stores this and passes it to the service in a request-header on each request. Our REST service will use this each time to extract the user from persistence.

There are a couple of problems with this approach.

  1. The email address in transit is exposed unless HTTPS is used. HTTPS should be used so this is not such a big issue.
  2. The email address alone may not be sufficient information. Date/Time issued or Date/Time expires may be of use so that the token can be expired after a defined idle period.
  3. Data other than the email address may be required, i.e. a bunch of key-value pairs.

This blog will take the existing application created here http://outbottle.com/cors-stateless-rest-service-with-facebook-authentication/ and enhance it use a JWT token.

A Maven project and HTML5 client are available for download at the bottom of this blog.

Continue reading “JSON Web Token (JWT) with CORS Stateless REST Service with Facebook Authentication”

CORS Stateless REST Service with Facebook Authentication

Introduction

This blog will demonstrate one way to enable authentication with Facebook on a Stateless CORS enabled REST service.

The CORS REST service will be created using the Ninja Framework.

Facebook authentication is via the Facebook JavaScript API.

RestFB is used to consolidate the authentication with the REST Service.

This blog is follows on from previous blogs:

  1. CORS Cross-Origin-Resource-Sharing is detailed here http://outbottle.com/understanding-cross-origin-resource-sharing-cors-by-example/.
  2. Creating the REST Service and HTML5 Client is detailed here http://outbottle.com/cors-stateless-rest-service-with-detached-html5-client/.

This blog focuses on adding authentication using Facebook to the application.

The HTML5 application and NinjaFramework Maven application are available for download at the bottom of this page.

Continue reading “CORS Stateless REST Service with Facebook Authentication”

CORS Stateless REST Service with detached HTML5 client

Introduction

This blog will detail in precise steps how to create a stateless REST service that is consumed by a HTML5 client on another domain. The HTML5 client could easily be a Cordova or Phonegap app.

The HTML5 client is simple and basic just for demonstration purposes. It shows the characteristics necessary for Cross-Origin-Resource-Sharing (CORS) communication.

The REST service is also simple. It demonstrates how to enable CORS on the server application.

While both Client and Server projects are proliferated throughout this blog, the completed artifacts are available for download at the bottom of this page.

Related Posts

Authenticating a REST Service using Facebook authentication http://outbottle.com/cors-stateless-rest-service-with-facebook-authentication/

Adding JSON Web Token (JWT) enhancements to “Authenticating a REST Service using Facebook authentication” http://outbottle.com/json-web-token-jwt-with-cors-stateless-rest-service-with-facebook-authentication/

Continue reading “CORS Stateless REST Service with detached HTML5 client”