SlideShare a Scribd company logo

Building Secure Mashups With OpenAjax

elliando dias
elliando dias
TechnologyBusiness
1 of 39
Download to read offline
Building Secure Mashups With OpenAjax Jon Ferraiolo IBM and OpenAjax Alliance TS-5030
You will learn: •Mashups - the promise and challenges •OpenAjax Alliance mashup initiatives You will see: •OpenAjax Mashups in action 2008 JavaOneSM Conference | java.sun.com/javaone | 2
Agenda Introducing OpenAjax Alliance Secure Mashup Initiatives Overview OpenAjax Hub 1.1 OpenAjax Metadata for Widgets Demo Summary 2008 JavaOneSM Conference | java.sun.com/javaone | 3
Why did the industry form OpenAjax Alliance? Interoperability problems across Ajax toolkits • Sometimes toolkits step on each other • Almost never do toolkits integrate with each other • Interoperability/integration is necessary for mashups to work Education • For IT managers and Web developers, Ajax can be complex and confusing – tyranny of choice Help drive the future of the Ajax ecosystem 2008 JavaOneSM Conference | java.sun.com/javaone | 4
OpenAjax Alliance – Today 2006 2007 2008 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Organizational 15 companies First meeting, -------------------- Subsequent face-to-face meetings ------------------------ join “OpenAjax” decision to form Marketing WG OpenAjax Alliance Web site, white papers 1 white paper 4 white papers 5 white papers Interoperability WG 1.0: spec & open source InteropFest Update InteropFest Finalize OpenAjax Hub 1.0 OpenAjax Hub 1.1 ServerTF, CommTF SMash,1.1 Roadmap 1.1 open source/spec OpenAjax Registry Registry first drafts Feedback IDE WG Use cases & requirements Proposals Spec Security TF White paper Liaison as needed Mobile TF White paper, Device APIs Gadgets TF Gadget metadata Runtime TF Feature list 2008 JavaOneSM Conference | java.sun.com/javaone | 5
OpenAjax Hub 1.0 What is it? • Small bit of standard JavaScript™ technology (< 3K after compaction) • Enables multiple Ajax runtimes to work together Version 1.0 features • Ajax library registration • OpenAjax.hub.registerLibrary() • Simple publish/subscribe engine (the pub sub hub) • OpenAjax.hub.publish(topicName, payload) • OpenAjax.hub.subscribe(topicName, callbackFunction) 2008 JavaOneSM Conference | java.sun.com/javaone | 6
OpenAjax Hub 1.0 – an example Assume multiple Ajax OpenAjax Hub 1.0 Example toolkits: This is a mockup of a Web • UTILS.js – Various utils, inc. XHR application that uses UI controls from multiple Ajax toolkits. • CALENDAR.js – Calendar control • DATAGRID.js – Powerful tables • CHARTS.js – Charting utilities The visual controls need to react to new server data and to each other and update their views appropriately 2008 JavaOneSM Conference | java.sun.com/javaone | 7
Example – under the hood <html> <head> <script src="OpenAjax.js"/> <script src="UTILS.js"/> <script src="CALENDAR.js"/> <script src="CHARTS.js"/> <script src="DATAGRID.js"/> <script> function MyCalendarCallback(...) { OpenAjax.hub.publish("myapp.newdate", newdate); } function NewDateCB(eventname, pubData, subData) {…} OpenAjax.hub.subscribe("myapp.newdate", NewDateCB); </script> </head> 2008 JavaOneSM Conference | java.sun.com/javaone | 8
OpenAjax InteropFests Objectives: • Verify that OpenAjax Hub is reliable, performant, and suitable • Allows members to check if they are OpenAjax Conformant Jan-March 2007 July-Sept 2007 12 toolkits participated 14 organizations, 20 toolkits participated http://www.openajax.org/member/wiki/InteropFest_2007_March http://www.openajax.org/member/wiki/InteropFest_1.0 2008 JavaOneSM Conference | java.sun.com/javaone | 9
InteropFest Participants Participating organizations Participating toolkits 24SevenOffice AjaxEngine Apache XAP Apache XAP Dojo Foundation Dojo Toolkit IBM Ext ILOG ILOG JViews DWR/Getahead IT Mill Toolkit IT Mill jMaki Lightstreamer JQuery Microsoft Lightstreamer Nexaweb Microsoft Ajax Library OpenLink SW Nexaweb Ajax Client Open Spot OAT: OpenLink AJAX Toolkit Software AG OpenSpot CalcDesk Sun Microsystems Prototype TIBCO script.aculo.us Software AG's webMethods/CAF TIBCO General Interface 24SevenOffice Vili YUI 2008 JavaOneSM Conference | java.sun.com/javaone | 10
OpenAjax Hub 1.0 status Status • Approved Specification • http://www.openajax.org/member/wiki/OpenAjax_Hub_1.0_Specification Reference implementation at SourceForge • http://openajaxallianc.sourceforge.net 2008 JavaOneSM Conference | java.sun.com/javaone | 11
Agenda Introducing OpenAjax Alliance Secure Mashups Overview OpenAjax Hub 1.1 OpenAjax Metadata for Widgets Demo Summary 2008 JavaOneSM Conference | java.sun.com/javaone | 12
Mashups – the self-service business pattern 2008 JavaOneSM Conference | java.sun.com/javaone | 13
Business value of mashups • Faster, cheaper delivery of applications • Save time and money through reuse and lightweight integration techniques • Lower skill set needed to assembly new applications • Support innovation and new business opportunities • Users empowered to innovate and explore • Gain valuable insights • Due to remixing enterprise and web information • Better align IT and business • Do-it-yourself IT will be expected by Facebook generation • Extend reach and value of SOA • Service reuse illuminates the business value of SOA 2008 JavaOneSM Conference | java.sun.com/javaone | 14
Mashup software • Mashup tools • Widget and feed discovery • Application assembly • Instant deployment • Widgets • Pre-packaged, remixable mini-applications • Usually tied to a back-end web service • Sometimes leveraging previous investment in SOA • Public or company-private • Key enabler of the long tail 2008 JavaOneSM Conference | java.sun.com/javaone | 15
Widget innovation – no shortage 2008 JavaOneSM Conference | java.sun.com/javaone | 16
Industry challenges Interoperability • Dozens of proprietary technologies • Good news: many use the “Web Runtime” (i.e., Ajax)! • Bad news: even when using the Web Runtime, widgets are not interoperable Security • The power of mashups – comes largely from discovering and integrating great widgets from 3rd parties • But 3rd party widgets might be malicious 2008 JavaOneSM Conference | java.sun.com/javaone | 17
Security vulnerabilities Web browser URL: http://example.com/mashup_builder/my_mashup1 Widget-C Widget-E (trusted) Communicates in the Company server background with one of the company’s web servers (untrusted) Communicates in the background with a Public server Message public web server passing Widget-A between (untrusted) Communicates in the the widgets background with a Public server public web server What if one of the widgets is malicious? 2008 JavaOneSM Conference | java.sun.com/javaone | 18
OpenAjax – Addressing the challenges Web browser URL: http://example.com/mashup_builder/my_mashup1 Widget-C Widget-E (trusted) Communicates in the (1) OpenAjax Hub 1.1 Company server background with one provides framework for of the company’s web loading/isolating widgetsservers (untrusted) and secure message Communicates in the management background with a Public server Message public web server passing Widget-A (4) Open source mini- between (untrusted) mashup application Communicates in the the widgets shows how to use all of background with a Public server public web server these technologies (2) OpenAjax Metadata defines an industry (3) Open source transcoders standard widget wrapper convert popular existing format proprietary gadget formats into OpenAjax Metadata 2008 JavaOneSM Conference | java.sun.com/javaone | 19
Agenda Introducing OpenAjax Alliance Secure Mashup Initiatives Overview OpenAjax Hub 1.1 OpenAjax Metadata for Widgets Demo Summary 2008 JavaOneSM Conference | java.sun.com/javaone | 20
OpenAjax Hub 1.1 – New features OpenAjax Hub 1.0 addresses pub/sub within a single browser frame OpenAjax Hub 1.1 adds the following: • Pub/sub across frames • Framework for secure mashups • Pub/sub between clients and servers (i.e., Comet) 2008 JavaOneSM Conference | java.sun.com/javaone | 21
Mashups: security issues Browser same-origin policy prevents interaction across origins Typical Solution: bypass same-origin policy by • Dynamic SCRIPT tag to another server (client-side) • Proxying content (server-side mashups) • “IFrame proxy” (window.location fragment identifier) 2008 JavaOneSM Conference | java.sun.com/javaone | 22
SMash SMash stands for “Secure Mashups” • Secure handling of 3rd party mashup components • Runs in today’s browsers (without plugins) Designed and implemented at IBM™ Research (beginning of 2007) • Open-sourced (openajaxallianc.sourceforge.net) in August 2007 • Research Paper describing SMash in WWW 2008 Conference High-level APIs, independent of implementation technology • Fragment communication, HTML5 postMessage, Java™ platform, Flash etc. • Will still work when browsers add native support for secure cross- frame messaging 2008 JavaOneSM Conference | java.sun.com/javaone | 23
OpenAjax Hub 1.1: Concepts Managed hub-instances • A frame/window can have multiple managed hub-instances • Hub-instance has one manager, multiple clients Fine-grained policy hooks for manager • For security policy, mediation between incompatible clients etc. • No policy encoded in hub Providers: Multiple communication providers for client to hub-instance communication • Provider and Hub SPI • Current providers: inline, smash (using code from SMash) 2008 JavaOneSM Conference | java.sun.com/javaone | 24
OpenAjax Hub 1.1: Architecture Gadget/Widget Support (OpenAjax or …) API Hub 1.1 Code SPI Hub 1.1 smash provider inline provider HTML5 postMessage provider (future) Gadget/Widget layer sits on top of OpenAjax Hub 1.1 Hub supports composite gadgets with • any level of nesting • any combination of gadget types (inline, iframe, …) e.g. inline gadget-foo composed of iframe gadget-bar and inline gadget-baz 2008 JavaOneSM Conference | java.sun.com/javaone | 25
OpenAjax Hub 1.1: Simple example Web browser URL: http://example.com/mashup_builder/my_mashup1 Mashup container Widget-C Widget-E Broadcast an event using connHandle.publish() Hub 1.1 (Managed Hub) Hub 1.1 Hub 1.1 inline provider inline provider smash provider smash provider Widget-A Subscribe to a topic and register a Security callback function using manager connHandle.subscribe() Invoke the callback function Hub 1.1 smash provider 2008 JavaOneSM Conference | java.sun.com/javaone | 26
OpenAjax Hub 1.1: the steps Web browser URL: http://example.com/mashup_builder/my_mashup1 Mashup container Widget-C Widget-E 1 2 Load the Initialize and widgets used 4 Broadcast an event using connHandle.publish() create a in the mashup “Managed Hub” Hub 1.1 (Managed Hub) 7 5 Hub 1.1 Hub 1.1 8 inline provider 6 inline provider smash provider 9 smash provider Widget-A Security 3 Subscribe to a topic and register a callback function using manager connHandle.subscribe() 10 12 Invoke the callback function Hub 1.1 11 smash provider 2008 JavaOneSM Conference | java.sun.com/javaone | 27
Hub 1.1 status Specification • First draft spec – far along • http://www.openajax.org/member/wiki/OpenAjax_Hub_1.1_Specific ation Reference implementation at SourceForge • First implementation (far along) • http://openajaxallianc.sourceforge.net Timeline for Hub 1.1 • Now: Detailed review within Interoperability Working Group • Spring 2008: Stable, complete spec • July-September 2008: InteropFest (with OpenAjax Metadata) • Fall 2008: Finalize and approve 2008 JavaOneSM Conference | java.sun.com/javaone | 28
Agenda Introducing OpenAjax Alliance Secure Mashup Initiatives Overview OpenAjax Hub 1.1 OpenAjax Metadata for Widgets Demo Summary 2008 JavaOneSM Conference | java.sun.com/javaone | 29
Widget innovation – no shortage 2008 JavaOneSM Conference | java.sun.com/javaone | 30
OpenAjax Metadata – industry problems IDE interoperability problem • Countless Ajax libraries • Each library has its own approach to documenting • JavaScript APIs • UI controls • As a result, difficult to deliver visual authoring tools that integrate with the full set of Ajax libraries in the industry Mashup interoperability problem • Dozens of widget formats (Google, Yahoo, Apple, Microsoft…) • Current industry situation: • Widgets developers provide multiple versions of their widgets • To do a mashup, you usually need a programmer • As a result, difficult to deliver visual mashup tools that integrate with the full set of widgets in the industry 2008 JavaOneSM Conference | java.sun.com/javaone | 31
OpenAjax Metadata – what it provides (IDE WG) Ajax library metadata “intermediary” standard • Standard XML for describing • JavaScript APIs • Widgets • Committee includes • Adobe, Aptana, Dojo, Eclipse, IBM, Microsoft, Sun, TIBCO, and Zend (Gadgets TF) Mashup gadgets “intermediary” standard • Standard XML for describing a mashup component • But mashup gadgets have special needs • List of topics that they produce and consume (i.e., pub/sub) • Security issues related to secure mashups 2008 JavaOneSM Conference | java.sun.com/javaone | 32
OpenAjax Metadata sample code <widget xmlns="http://ns.openajax.org/widgets"> <properties> <property name="Addr" type="Loc" listen="true" /> </properties> <content> <!-- HTML+JavaScript go here --> </content> </widget> 2008 JavaOneSM Conference | java.sun.com/javaone | 33
OpenAjax Metadata status Specification • First draft spec - far along • http://www.openajax.org/member/wiki/OpenAjax_Metadata_Specification Open source • Gadget transcoders • Mini mashup application Timeline for OpenAjax Metadata • Now: Finishing spec within IDE Working Group • Spring 2008: Stable, complete spec • July-September 2008: InteropFest (with OpenAjax Hub 1.1) • Fall 2008: Finalize and approve 2008 JavaOneSM Conference | java.sun.com/javaone | 34
OpenAjax – Addressing the challenges Web browser URL: http://example.com/mashup_builder/my_mashup1 Widget-C Widget-E (trusted) Communicates in the (1) OpenAjax Hub 1.1 Company server background with one provides framework for of the company’s web loading/isolating widgetsservers (untrusted) and secure message Communicates in the management background with a Public server Message public web server passing Widget-A (4) Open source mini- between (untrusted) mashup application Communicates in the the widgets shows how to use all of background with a Public server public web server these technologies (2) OpenAjax Metadata defines an industry (3) Open source transcoders standard widget wrapper convert popular existing format proprietary gadget formats into OpenAjax Metadata 2008 JavaOneSM Conference | java.sun.com/javaone | 35
OpenAjax Mashups in action 2008 JavaOneSM Conference | java.sun.com/javaone | 36
Summary Mashups offer both promise, but have challenges • Security • Interoperability OpenAjax Alliance is addressing the challenges • OpenAjax Hub 1.1 • OpenAjax Metadata 2008 JavaOneSM Conference | java.sun.com/javaone | 37
For More Information Web site: http://www.openajax.org Wiki: http://www.openajax.org/member/wiki Blog: http://www.openajax.org/blog Mail list: public@openajax.org Email: Jon Ferraiolo <jferrai@us.ibm.com> 2008 JavaOneSM Conference | java.sun.com/javaone | 38
Jon Ferraiolo, IBM & OpenAjax Alliance TS-5030 2008 JavaOneSM Conference | java.sun.com/javaone | 39

Recommended

JavaFX 2 Using the Spring Framework
JavaFX 2 Using the Spring FrameworkJavaFX 2 Using the Spring Framework
JavaFX 2 Using the Spring FrameworkStephen Chin
 
Tecnologias Oracle em Docker Containers On-premise e na Nuvem
Tecnologias Oracle em Docker Containers On-premise e na NuvemTecnologias Oracle em Docker Containers On-premise e na Nuvem
Tecnologias Oracle em Docker Containers On-premise e na NuvemBruno Borges
 
WebSocket in Enterprise Applications 2015
WebSocket in Enterprise Applications 2015WebSocket in Enterprise Applications 2015
WebSocket in Enterprise Applications 2015Pavel Bucek
 
JavaCro'15 - HTTP2 Comes to Java! - David Delabassee
JavaCro'15 - HTTP2 Comes to Java! - David DelabasseeJavaCro'15 - HTTP2 Comes to Java! - David Delabassee
JavaCro'15 - HTTP2 Comes to Java! - David DelabasseeHUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
How to Thrive on REST/WebSocket-Based Microservices
How to Thrive on REST/WebSocket-Based MicroservicesHow to Thrive on REST/WebSocket-Based Microservices
How to Thrive on REST/WebSocket-Based MicroservicesPavel Bucek
 
JavaFX 2 - A Java Developer's Guide (San Antonio JUG Version)
JavaFX 2 - A Java Developer's Guide (San Antonio JUG Version)JavaFX 2 - A Java Developer's Guide (San Antonio JUG Version)
JavaFX 2 - A Java Developer's Guide (San Antonio JUG Version)Stephen Chin
 
Java EE 8 Adopt a JSR : JSON-P 1.1 & MVC 1.0
Java EE 8 Adopt a JSR : JSON-P 1.1 & MVC 1.0Java EE 8 Adopt a JSR : JSON-P 1.1 & MVC 1.0
Java EE 8 Adopt a JSR : JSON-P 1.1 & MVC 1.0David Delabassee
 
blueMarine Or Why You Should Really Ship Swing Applications
blueMarine Or Why You Should Really Ship Swing Applications blueMarine Or Why You Should Really Ship Swing Applications
blueMarine Or Why You Should Really Ship Swing Applications Fabrizio Giudici
 

Recommended

JavaFX 2 Using the Spring Framework
JavaFX 2 Using the Spring FrameworkJavaFX 2 Using the Spring Framework
JavaFX 2 Using the Spring FrameworkStephen Chin
 
Tecnologias Oracle em Docker Containers On-premise e na Nuvem
Tecnologias Oracle em Docker Containers On-premise e na NuvemTecnologias Oracle em Docker Containers On-premise e na Nuvem
Tecnologias Oracle em Docker Containers On-premise e na NuvemBruno Borges
 
WebSocket in Enterprise Applications 2015
WebSocket in Enterprise Applications 2015WebSocket in Enterprise Applications 2015
WebSocket in Enterprise Applications 2015Pavel Bucek
 
JavaCro'15 - HTTP2 Comes to Java! - David Delabassee
JavaCro'15 - HTTP2 Comes to Java! - David DelabasseeJavaCro'15 - HTTP2 Comes to Java! - David Delabassee
JavaCro'15 - HTTP2 Comes to Java! - David DelabasseeHUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
How to Thrive on REST/WebSocket-Based Microservices
How to Thrive on REST/WebSocket-Based MicroservicesHow to Thrive on REST/WebSocket-Based Microservices
How to Thrive on REST/WebSocket-Based MicroservicesPavel Bucek
 
JavaFX 2 - A Java Developer's Guide (San Antonio JUG Version)
JavaFX 2 - A Java Developer's Guide (San Antonio JUG Version)JavaFX 2 - A Java Developer's Guide (San Antonio JUG Version)
JavaFX 2 - A Java Developer's Guide (San Antonio JUG Version)Stephen Chin
 
Java EE 8 Adopt a JSR : JSON-P 1.1 & MVC 1.0
Java EE 8 Adopt a JSR : JSON-P 1.1 & MVC 1.0Java EE 8 Adopt a JSR : JSON-P 1.1 & MVC 1.0
Java EE 8 Adopt a JSR : JSON-P 1.1 & MVC 1.0David Delabassee
 
blueMarine Or Why You Should Really Ship Swing Applications
blueMarine Or Why You Should Really Ship Swing Applications blueMarine Or Why You Should Really Ship Swing Applications
blueMarine Or Why You Should Really Ship Swing Applications Fabrizio Giudici
 
Polyglot! A Lightweight Cloud Platform for Java SE, Node, and More
Polyglot! A Lightweight Cloud Platform for Java SE, Node, and MorePolyglot! A Lightweight Cloud Platform for Java SE, Node, and More
Polyglot! A Lightweight Cloud Platform for Java SE, Node, and MoreShaun Smith
 
Serverless Java - Challenges and Triumphs
Serverless Java - Challenges and TriumphsServerless Java - Challenges and Triumphs
Serverless Java - Challenges and TriumphsDavid Delabassee
 
Java Modularity with OSGi
Java Modularity with OSGiJava Modularity with OSGi
Java Modularity with OSGiIlya Rybak
 
MVC 1.0 / JSR 371
MVC 1.0 / JSR 371MVC 1.0 / JSR 371
MVC 1.0 / JSR 371David Delabassee
 
MySQL
MySQLMySQL
MySQLPT.JUG
 
Oracle Fusion Middleware provisioning with Puppet
Oracle Fusion Middleware provisioning with PuppetOracle Fusion Middleware provisioning with Puppet
Oracle Fusion Middleware provisioning with PuppetEdwin Biemond
 
EclipseLink: Beyond Relational and NoSQL to Polyglot and HTML5
EclipseLink: Beyond Relational and NoSQL to Polyglot and HTML5EclipseLink: Beyond Relational and NoSQL to Polyglot and HTML5
EclipseLink: Beyond Relational and NoSQL to Polyglot and HTML5Shaun Smith
 
Modularization With Project Jigsaw in JDK 9
Modularization With Project Jigsaw in JDK 9Modularization With Project Jigsaw in JDK 9
Modularization With Project Jigsaw in JDK 9Simon Ritter
 
Microservices and Container
Microservices and ContainerMicroservices and Container
Microservices and ContainerWolfgang Weigend
 
Introducing Java 8
Introducing Java 8Introducing Java 8
Introducing Java 8PT.JUG
 
WebSockets in Enterprise Applications
WebSockets in Enterprise ApplicationsWebSockets in Enterprise Applications
WebSockets in Enterprise ApplicationsPavel Bucek
 
Burns jsf-confess-2015
Burns jsf-confess-2015Burns jsf-confess-2015
Burns jsf-confess-2015Edward Burns
 
JavaOne2015報告会 in Okinawa
JavaOne2015報告会 in OkinawaJavaOne2015報告会 in Okinawa
JavaOne2015報告会 in OkinawaTakashi Ito
 
Boost Your Content Strategy for REST APIs
Boost Your Content Strategy for REST APIsBoost Your Content Strategy for REST APIs
Boost Your Content Strategy for REST APIsMarta Rauch
 
Using oracle vm virtual box as your development platform
Using oracle vm virtual box as your development platformUsing oracle vm virtual box as your development platform
Using oracle vm virtual box as your development platformOTN Systems Hub
 
JDK 10 Java Module System
JDK 10 Java Module SystemJDK 10 Java Module System
JDK 10 Java Module SystemWolfgang Weigend
 
How Capgemini Built a Pan-European Tax Messaging System Using Oracle Fusion M...
How Capgemini Built a Pan-European Tax Messaging System Using Oracle Fusion M...How Capgemini Built a Pan-European Tax Messaging System Using Oracle Fusion M...
How Capgemini Built a Pan-European Tax Messaging System Using Oracle Fusion M...Capgemini
 
OpenStack and MySQL
OpenStack and MySQLOpenStack and MySQL
OpenStack and MySQLMatt Lord
 
Enterprise Java Web Application Frameworks Sample Stack Implementation
Enterprise Java Web Application Frameworks Sample Stack ImplementationEnterprise Java Web Application Frameworks Sample Stack Implementation
Enterprise Java Web Application Frameworks Sample Stack ImplementationMert Çalışkan
 
Tweet4Beer - Beertap powered by Java goes IoT and JavaFX
Tweet4Beer - Beertap powered by Java goes IoT and JavaFXTweet4Beer - Beertap powered by Java goes IoT and JavaFX
Tweet4Beer - Beertap powered by Java goes IoT and JavaFXBruno Borges
 
5G wireless technology Report
5G wireless technology Report5G wireless technology Report
5G wireless technology ReportHanamanta N B
 
Coaxial cable and its types
Coaxial cable and its typesCoaxial cable and its types
Coaxial cable and its typesAdeel Khurram
 

More Related Content

What's hot

Polyglot! A Lightweight Cloud Platform for Java SE, Node, and More
Polyglot! A Lightweight Cloud Platform for Java SE, Node, and MorePolyglot! A Lightweight Cloud Platform for Java SE, Node, and More
Polyglot! A Lightweight Cloud Platform for Java SE, Node, and MoreShaun Smith
 
Serverless Java - Challenges and Triumphs
Serverless Java - Challenges and TriumphsServerless Java - Challenges and Triumphs
Serverless Java - Challenges and TriumphsDavid Delabassee
 
Java Modularity with OSGi
Java Modularity with OSGiJava Modularity with OSGi
Java Modularity with OSGiIlya Rybak
 
Oracle Fusion Middleware provisioning with Puppet
Oracle Fusion Middleware provisioning with PuppetOracle Fusion Middleware provisioning with Puppet
Oracle Fusion Middleware provisioning with PuppetEdwin Biemond
 
EclipseLink: Beyond Relational and NoSQL to Polyglot and HTML5
EclipseLink: Beyond Relational and NoSQL to Polyglot and HTML5EclipseLink: Beyond Relational and NoSQL to Polyglot and HTML5
EclipseLink: Beyond Relational and NoSQL to Polyglot and HTML5Shaun Smith
 
Modularization With Project Jigsaw in JDK 9
Modularization With Project Jigsaw in JDK 9Modularization With Project Jigsaw in JDK 9
Modularization With Project Jigsaw in JDK 9Simon Ritter
 
Microservices and Container
Microservices and ContainerMicroservices and Container
Microservices and ContainerWolfgang Weigend
 
Introducing Java 8
Introducing Java 8Introducing Java 8
Introducing Java 8PT.JUG
 
WebSockets in Enterprise Applications
WebSockets in Enterprise ApplicationsWebSockets in Enterprise Applications
WebSockets in Enterprise ApplicationsPavel Bucek
 
Burns jsf-confess-2015
Burns jsf-confess-2015Burns jsf-confess-2015
Burns jsf-confess-2015Edward Burns
 
JavaOne2015報告会 in Okinawa
JavaOne2015報告会 in OkinawaJavaOne2015報告会 in Okinawa
JavaOne2015報告会 in OkinawaTakashi Ito
 
Boost Your Content Strategy for REST APIs
Boost Your Content Strategy for REST APIsBoost Your Content Strategy for REST APIs
Boost Your Content Strategy for REST APIsMarta Rauch
 
Using oracle vm virtual box as your development platform
Using oracle vm virtual box as your development platformUsing oracle vm virtual box as your development platform
Using oracle vm virtual box as your development platformOTN Systems Hub
 
How Capgemini Built a Pan-European Tax Messaging System Using Oracle Fusion M...
How Capgemini Built a Pan-European Tax Messaging System Using Oracle Fusion M...How Capgemini Built a Pan-European Tax Messaging System Using Oracle Fusion M...
How Capgemini Built a Pan-European Tax Messaging System Using Oracle Fusion M...Capgemini
 
OpenStack and MySQL
OpenStack and MySQLOpenStack and MySQL
OpenStack and MySQLMatt Lord
 
Enterprise Java Web Application Frameworks Sample Stack Implementation
Enterprise Java Web Application Frameworks Sample Stack ImplementationEnterprise Java Web Application Frameworks Sample Stack Implementation
Enterprise Java Web Application Frameworks Sample Stack ImplementationMert Çalışkan
 
Tweet4Beer - Beertap powered by Java goes IoT and JavaFX
Tweet4Beer - Beertap powered by Java goes IoT and JavaFXTweet4Beer - Beertap powered by Java goes IoT and JavaFX
Tweet4Beer - Beertap powered by Java goes IoT and JavaFXBruno Borges
 

What's hot (20)

Polyglot! A Lightweight Cloud Platform for Java SE, Node, and More
Polyglot! A Lightweight Cloud Platform for Java SE, Node, and MorePolyglot! A Lightweight Cloud Platform for Java SE, Node, and More
Polyglot! A Lightweight Cloud Platform for Java SE, Node, and More
 
Serverless Java - Challenges and Triumphs
Serverless Java - Challenges and TriumphsServerless Java - Challenges and Triumphs
Serverless Java - Challenges and Triumphs
 
Java Modularity with OSGi
Java Modularity with OSGiJava Modularity with OSGi
Java Modularity with OSGi
 
MVC 1.0 / JSR 371
MVC 1.0 / JSR 371MVC 1.0 / JSR 371
MVC 1.0 / JSR 371
 
MySQL
MySQLMySQL
MySQL
 
Oracle Fusion Middleware provisioning with Puppet
Oracle Fusion Middleware provisioning with PuppetOracle Fusion Middleware provisioning with Puppet
Oracle Fusion Middleware provisioning with Puppet
 
EclipseLink: Beyond Relational and NoSQL to Polyglot and HTML5
EclipseLink: Beyond Relational and NoSQL to Polyglot and HTML5EclipseLink: Beyond Relational and NoSQL to Polyglot and HTML5
EclipseLink: Beyond Relational and NoSQL to Polyglot and HTML5
 
Modularization With Project Jigsaw in JDK 9
Modularization With Project Jigsaw in JDK 9Modularization With Project Jigsaw in JDK 9
Modularization With Project Jigsaw in JDK 9
 
Microservices and Container
Microservices and ContainerMicroservices and Container
Microservices and Container
 
Introducing Java 8
Introducing Java 8Introducing Java 8
Introducing Java 8
 
WebSockets in Enterprise Applications
WebSockets in Enterprise ApplicationsWebSockets in Enterprise Applications
WebSockets in Enterprise Applications
 
Burns jsf-confess-2015
Burns jsf-confess-2015Burns jsf-confess-2015
Burns jsf-confess-2015
 
JavaOne2015報告会 in Okinawa
JavaOne2015報告会 in OkinawaJavaOne2015報告会 in Okinawa
JavaOne2015報告会 in Okinawa
 
Boost Your Content Strategy for REST APIs
Boost Your Content Strategy for REST APIsBoost Your Content Strategy for REST APIs
Boost Your Content Strategy for REST APIs
 
Using oracle vm virtual box as your development platform
Using oracle vm virtual box as your development platformUsing oracle vm virtual box as your development platform
Using oracle vm virtual box as your development platform
 
JDK 10 Java Module System
JDK 10 Java Module SystemJDK 10 Java Module System
JDK 10 Java Module System
 
How Capgemini Built a Pan-European Tax Messaging System Using Oracle Fusion M...
How Capgemini Built a Pan-European Tax Messaging System Using Oracle Fusion M...How Capgemini Built a Pan-European Tax Messaging System Using Oracle Fusion M...
How Capgemini Built a Pan-European Tax Messaging System Using Oracle Fusion M...
 
OpenStack and MySQL
OpenStack and MySQLOpenStack and MySQL
OpenStack and MySQL
 
Enterprise Java Web Application Frameworks Sample Stack Implementation
Enterprise Java Web Application Frameworks Sample Stack ImplementationEnterprise Java Web Application Frameworks Sample Stack Implementation
Enterprise Java Web Application Frameworks Sample Stack Implementation
 
Tweet4Beer - Beertap powered by Java goes IoT and JavaFX
Tweet4Beer - Beertap powered by Java goes IoT and JavaFXTweet4Beer - Beertap powered by Java goes IoT and JavaFX
Tweet4Beer - Beertap powered by Java goes IoT and JavaFX
 

Viewers also liked

5G wireless technology Report
5G wireless technology Report5G wireless technology Report
5G wireless technology ReportHanamanta N B
 
Coaxial cable and its types
Coaxial cable and its typesCoaxial cable and its types
Coaxial cable and its typesAdeel Khurram
 
Coaxial cable by alina baber
Coaxial cable by alina baberCoaxial cable by alina baber
Coaxial cable by alina baberAlina Baber
 
Coaxial Cable
Coaxial CableCoaxial Cable
Coaxial CableMissAnam
 
Population dynamics presentation
Population dynamics presentationPopulation dynamics presentation
Population dynamics presentationJackieAndrews
 

Viewers also liked (6)

5G wireless technology Report
5G wireless technology Report5G wireless technology Report
5G wireless technology Report
 
Coaxial cable and its types
Coaxial cable and its typesCoaxial cable and its types
Coaxial cable and its types
 
Population dynamics
Population dynamicsPopulation dynamics
Population dynamics
 
Coaxial cable by alina baber
Coaxial cable by alina baberCoaxial cable by alina baber
Coaxial cable by alina baber
 
Coaxial Cable
Coaxial CableCoaxial Cable
Coaxial Cable
 
Population dynamics presentation
Population dynamics presentationPopulation dynamics presentation
Population dynamics presentation
 

Similar to Building Secure Mashups With OpenAjax

Interoperable Ajax Tools And Mashups Ferraiolo
Interoperable Ajax Tools And Mashups FerraioloInteroperable Ajax Tools And Mashups Ferraiolo
Interoperable Ajax Tools And Mashups Ferraiolorajivmordani
 
What's new in Nuxeo 5.2? - Solutions Linux 2009
What's new in Nuxeo 5.2? - Solutions Linux 2009What's new in Nuxeo 5.2? - Solutions Linux 2009
What's new in Nuxeo 5.2? - Solutions Linux 2009Stefane Fermigier
 
java web framework standard.20180412
java web framework standard.20180412java web framework standard.20180412
java web framework standard.20180412FirmansyahIrma1
 
03 monoliths to microservices with java ee and spring boot
03 monoliths to microservices with java ee and spring boot03 monoliths to microservices with java ee and spring boot
03 monoliths to microservices with java ee and spring bootRam Maddali
 
The Nuxeo Way: leveraging open source to build a world-class ECM platform
The Nuxeo Way: leveraging open source to build a world-class ECM platformThe Nuxeo Way: leveraging open source to build a world-class ECM platform
The Nuxeo Way: leveraging open source to build a world-class ECM platformNuxeo
 
ECM and Open Source Software: A Disruptive Force in ECM Solutions
ECM and Open Source Software: A Disruptive Force in ECM SolutionsECM and Open Source Software: A Disruptive Force in ECM Solutions
ECM and Open Source Software: A Disruptive Force in ECM SolutionsJeff Potts
 
Beyond The Buzz: Pluggable JavaFX Corporate Applications
Beyond The Buzz: Pluggable JavaFX Corporate ApplicationsBeyond The Buzz: Pluggable JavaFX Corporate Applications
Beyond The Buzz: Pluggable JavaFX Corporate ApplicationsJAX London
 
開放原始碼 Ch1.2 intro - oss - apahce foundry (ver 2.0)
開放原始碼 Ch1.2 intro - oss - apahce foundry (ver 2.0)開放原始碼 Ch1.2 intro - oss - apahce foundry (ver 2.0)
開放原始碼 Ch1.2 intro - oss - apahce foundry (ver 2.0)My own sweet home!
 
Survey of restful web services frameworks
Survey of restful web services frameworksSurvey of restful web services frameworks
Survey of restful web services frameworksVijay Prasad Gupta
 
TDC2018SP | Trilha Cloud - Why Apache CloudStack
TDC2018SP | Trilha Cloud - Why Apache CloudStackTDC2018SP | Trilha Cloud - Why Apache CloudStack
TDC2018SP | Trilha Cloud - Why Apache CloudStacktdc-globalcode
 
Seven Simple Reasons to Use AppFuse
Seven Simple Reasons to Use AppFuseSeven Simple Reasons to Use AppFuse
Seven Simple Reasons to Use AppFuseMatt Raible
 
Monoliths to Microservices with Jave EE and Spring Boot
Monoliths to Microservices with Jave EE and Spring BootMonoliths to Microservices with Jave EE and Spring Boot
Monoliths to Microservices with Jave EE and Spring BootTiera Fann, MBA
 
PaaS Anywhere - Deploying an OpenShift PaaS into your Cloud Provider of Choice
PaaS Anywhere - Deploying an OpenShift PaaS into your Cloud Provider of ChoicePaaS Anywhere - Deploying an OpenShift PaaS into your Cloud Provider of Choice
PaaS Anywhere - Deploying an OpenShift PaaS into your Cloud Provider of ChoiceIsaac Christoffersen
 
Project report for final year project
Project report for final year projectProject report for final year project
Project report for final year projectsuneel singh
 
OpenAjax Alliance: Driving Ajax Standards and Interoperability
OpenAjax Alliance: Driving Ajax Standards and InteroperabilityOpenAjax Alliance: Driving Ajax Standards and Interoperability
OpenAjax Alliance: Driving Ajax Standards and Interoperabilityelliando dias
 

Similar to Building Secure Mashups With OpenAjax (20)

Interoperable Ajax Tools And Mashups Ferraiolo
Interoperable Ajax Tools And Mashups FerraioloInteroperable Ajax Tools And Mashups Ferraiolo
Interoperable Ajax Tools And Mashups Ferraiolo
 
What's new in Nuxeo 5.2? - Solutions Linux 2009
What's new in Nuxeo 5.2? - Solutions Linux 2009What's new in Nuxeo 5.2? - Solutions Linux 2009
What's new in Nuxeo 5.2? - Solutions Linux 2009
 
java web framework standard.20180412
java web framework standard.20180412java web framework standard.20180412
java web framework standard.20180412
 
03 monoliths to microservices with java ee and spring boot
03 monoliths to microservices with java ee and spring boot03 monoliths to microservices with java ee and spring boot
03 monoliths to microservices with java ee and spring boot
 
The Nuxeo Way: leveraging open source to build a world-class ECM platform
The Nuxeo Way: leveraging open source to build a world-class ECM platformThe Nuxeo Way: leveraging open source to build a world-class ECM platform
The Nuxeo Way: leveraging open source to build a world-class ECM platform
 
ECM and Open Source Software: A Disruptive Force in ECM Solutions
ECM and Open Source Software: A Disruptive Force in ECM SolutionsECM and Open Source Software: A Disruptive Force in ECM Solutions
ECM and Open Source Software: A Disruptive Force in ECM Solutions
 
Beyond The Buzz: Pluggable JavaFX Corporate Applications
Beyond The Buzz: Pluggable JavaFX Corporate ApplicationsBeyond The Buzz: Pluggable JavaFX Corporate Applications
Beyond The Buzz: Pluggable JavaFX Corporate Applications
 
Java Cloud and Container Ready
Java Cloud and Container ReadyJava Cloud and Container Ready
Java Cloud and Container Ready
 
開放原始碼 Ch1.2 intro - oss - apahce foundry (ver 2.0)
開放原始碼 Ch1.2 intro - oss - apahce foundry (ver 2.0)開放原始碼 Ch1.2 intro - oss - apahce foundry (ver 2.0)
開放原始碼 Ch1.2 intro - oss - apahce foundry (ver 2.0)
 
Survey of restful web services frameworks
Survey of restful web services frameworksSurvey of restful web services frameworks
Survey of restful web services frameworks
 
TDC2018SP | Trilha Cloud - Why Apache CloudStack
TDC2018SP | Trilha Cloud - Why Apache CloudStackTDC2018SP | Trilha Cloud - Why Apache CloudStack
TDC2018SP | Trilha Cloud - Why Apache CloudStack
 
Seven Simple Reasons to Use AppFuse
Seven Simple Reasons to Use AppFuseSeven Simple Reasons to Use AppFuse
Seven Simple Reasons to Use AppFuse
 
Monoliths to Microservices with Jave EE and Spring Boot
Monoliths to Microservices with Jave EE and Spring BootMonoliths to Microservices with Jave EE and Spring Boot
Monoliths to Microservices with Jave EE and Spring Boot
 
AhmedReda
AhmedRedaAhmedReda
AhmedReda
 
PaaS Anywhere - Deploying an OpenShift PaaS into your Cloud Provider of Choice
PaaS Anywhere - Deploying an OpenShift PaaS into your Cloud Provider of ChoicePaaS Anywhere - Deploying an OpenShift PaaS into your Cloud Provider of Choice
PaaS Anywhere - Deploying an OpenShift PaaS into your Cloud Provider of Choice
 
Project report for final year project
Project report for final year projectProject report for final year project
Project report for final year project
 
OpenAjax Alliance: Driving Ajax Standards and Interoperability
OpenAjax Alliance: Driving Ajax Standards and InteroperabilityOpenAjax Alliance: Driving Ajax Standards and Interoperability
OpenAjax Alliance: Driving Ajax Standards and Interoperability
 
Oracle JET overview
Oracle JET overviewOracle JET overview
Oracle JET overview
 
SunMicroSystems
SunMicroSystemsSunMicroSystems
SunMicroSystems
 
Sunstate
SunstateSunstate
Sunstate
 

More from elliando dias

Clojurescript slides
Clojurescript slidesClojurescript slides
Clojurescript slideselliando dias
 
Why you should be excited about ClojureScript
Why you should be excited about ClojureScriptWhy you should be excited about ClojureScript
Why you should be excited about ClojureScriptelliando dias
 
Functional Programming with Immutable Data Structures
Functional Programming with Immutable Data StructuresFunctional Programming with Immutable Data Structures
Functional Programming with Immutable Data Structureselliando dias
 
Nomenclatura e peças de container
Nomenclatura e peças de containerNomenclatura e peças de container
Nomenclatura e peças de containerelliando dias
 
Polyglot and Poly-paradigm Programming for Better Agility
Polyglot and Poly-paradigm Programming for Better AgilityPolyglot and Poly-paradigm Programming for Better Agility
Polyglot and Poly-paradigm Programming for Better Agilityelliando dias
 
Javascript Libraries
Javascript LibrariesJavascript Libraries
Javascript Librarieselliando dias
 
How to Make an Eight Bit Computer and Save the World!
How to Make an Eight Bit Computer and Save the World!How to Make an Eight Bit Computer and Save the World!
How to Make an Eight Bit Computer and Save the World!elliando dias
 
A Practical Guide to Connecting Hardware to the Web
A Practical Guide to Connecting Hardware to the WebA Practical Guide to Connecting Hardware to the Web
A Practical Guide to Connecting Hardware to the Webelliando dias
 
Introdução ao Arduino
Introdução ao ArduinoIntrodução ao Arduino
Introdução ao Arduinoelliando dias
 
Incanter Data Sorcery
Incanter Data SorceryIncanter Data Sorcery
Incanter Data Sorceryelliando dias
 
Fab.in.a.box - Fab Academy: Machine Design
Fab.in.a.box - Fab Academy: Machine DesignFab.in.a.box - Fab Academy: Machine Design
Fab.in.a.box - Fab Academy: Machine Designelliando dias
 
The Digital Revolution: Machines that makes
The Digital Revolution: Machines that makesThe Digital Revolution: Machines that makes
The Digital Revolution: Machines that makeselliando dias
 
Hadoop - Simple. Scalable.
Hadoop - Simple. Scalable.Hadoop - Simple. Scalable.
Hadoop - Simple. Scalable.elliando dias
 
Hadoop and Hive Development at Facebook
Hadoop and Hive Development at FacebookHadoop and Hive Development at Facebook
Hadoop and Hive Development at Facebookelliando dias
 
Multi-core Parallelization in Clojure - a Case Study
Multi-core Parallelization in Clojure - a Case StudyMulti-core Parallelization in Clojure - a Case Study
Multi-core Parallelization in Clojure - a Case Studyelliando dias
 

More from elliando dias (20)

Clojurescript slides
Clojurescript slidesClojurescript slides
Clojurescript slides
 
Why you should be excited about ClojureScript
Why you should be excited about ClojureScriptWhy you should be excited about ClojureScript
Why you should be excited about ClojureScript
 
Functional Programming with Immutable Data Structures
Functional Programming with Immutable Data StructuresFunctional Programming with Immutable Data Structures
Functional Programming with Immutable Data Structures
 
Nomenclatura e peças de container
Nomenclatura e peças de containerNomenclatura e peças de container
Nomenclatura e peças de container
 
Geometria Projetiva
Geometria ProjetivaGeometria Projetiva
Geometria Projetiva
 
Polyglot and Poly-paradigm Programming for Better Agility
Polyglot and Poly-paradigm Programming for Better AgilityPolyglot and Poly-paradigm Programming for Better Agility
Polyglot and Poly-paradigm Programming for Better Agility
 
Javascript Libraries
Javascript LibrariesJavascript Libraries
Javascript Libraries
 
How to Make an Eight Bit Computer and Save the World!
How to Make an Eight Bit Computer and Save the World!How to Make an Eight Bit Computer and Save the World!
How to Make an Eight Bit Computer and Save the World!
 
Ragel talk
Ragel talkRagel talk
Ragel talk
 
A Practical Guide to Connecting Hardware to the Web
A Practical Guide to Connecting Hardware to the WebA Practical Guide to Connecting Hardware to the Web
A Practical Guide to Connecting Hardware to the Web
 
Introdução ao Arduino
Introdução ao ArduinoIntrodução ao Arduino
Introdução ao Arduino
 
Minicurso arduino
Minicurso arduinoMinicurso arduino
Minicurso arduino
 
Incanter Data Sorcery
Incanter Data SorceryIncanter Data Sorcery
Incanter Data Sorcery
 
Rango
RangoRango
Rango
 
Fab.in.a.box - Fab Academy: Machine Design
Fab.in.a.box - Fab Academy: Machine DesignFab.in.a.box - Fab Academy: Machine Design
Fab.in.a.box - Fab Academy: Machine Design
 
The Digital Revolution: Machines that makes
The Digital Revolution: Machines that makesThe Digital Revolution: Machines that makes
The Digital Revolution: Machines that makes
 
Hadoop + Clojure
Hadoop + ClojureHadoop + Clojure
Hadoop + Clojure
 
Hadoop - Simple. Scalable.
Hadoop - Simple. Scalable.Hadoop - Simple. Scalable.
Hadoop - Simple. Scalable.
 
Hadoop and Hive Development at Facebook
Hadoop and Hive Development at FacebookHadoop and Hive Development at Facebook
Hadoop and Hive Development at Facebook
 
Multi-core Parallelization in Clojure - a Case Study
Multi-core Parallelization in Clojure - a Case StudyMulti-core Parallelization in Clojure - a Case Study
Multi-core Parallelization in Clojure - a Case Study
 

Recently uploaded

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 

Recently uploaded (20)

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 

Building Secure Mashups With OpenAjax

  • 1. Building Secure Mashups With OpenAjax Jon Ferraiolo IBM and OpenAjax Alliance TS-5030
  • 2. You will learn: •Mashups - the promise and challenges •OpenAjax Alliance mashup initiatives You will see: •OpenAjax Mashups in action 2008 JavaOneSM Conference | java.sun.com/javaone | 2
  • 3. Agenda Introducing OpenAjax Alliance Secure Mashup Initiatives Overview OpenAjax Hub 1.1 OpenAjax Metadata for Widgets Demo Summary 2008 JavaOneSM Conference | java.sun.com/javaone | 3
  • 4. Why did the industry form OpenAjax Alliance? Interoperability problems across Ajax toolkits • Sometimes toolkits step on each other • Almost never do toolkits integrate with each other • Interoperability/integration is necessary for mashups to work Education • For IT managers and Web developers, Ajax can be complex and confusing – tyranny of choice Help drive the future of the Ajax ecosystem 2008 JavaOneSM Conference | java.sun.com/javaone | 4
  • 5. OpenAjax Alliance – Today 2006 2007 2008 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Organizational 15 companies First meeting, -------------------- Subsequent face-to-face meetings ------------------------ join “OpenAjax” decision to form Marketing WG OpenAjax Alliance Web site, white papers 1 white paper 4 white papers 5 white papers Interoperability WG 1.0: spec & open source InteropFest Update InteropFest Finalize OpenAjax Hub 1.0 OpenAjax Hub 1.1 ServerTF, CommTF SMash,1.1 Roadmap 1.1 open source/spec OpenAjax Registry Registry first drafts Feedback IDE WG Use cases & requirements Proposals Spec Security TF White paper Liaison as needed Mobile TF White paper, Device APIs Gadgets TF Gadget metadata Runtime TF Feature list 2008 JavaOneSM Conference | java.sun.com/javaone | 5
  • 6. OpenAjax Hub 1.0 What is it? • Small bit of standard JavaScript™ technology (< 3K after compaction) • Enables multiple Ajax runtimes to work together Version 1.0 features • Ajax library registration • OpenAjax.hub.registerLibrary() • Simple publish/subscribe engine (the pub sub hub) • OpenAjax.hub.publish(topicName, payload) • OpenAjax.hub.subscribe(topicName, callbackFunction) 2008 JavaOneSM Conference | java.sun.com/javaone | 6
  • 7. OpenAjax Hub 1.0 – an example Assume multiple Ajax OpenAjax Hub 1.0 Example toolkits: This is a mockup of a Web • UTILS.js – Various utils, inc. XHR application that uses UI controls from multiple Ajax toolkits. • CALENDAR.js – Calendar control • DATAGRID.js – Powerful tables • CHARTS.js – Charting utilities The visual controls need to react to new server data and to each other and update their views appropriately 2008 JavaOneSM Conference | java.sun.com/javaone | 7
  • 8. Example – under the hood <html> <head> <script src="OpenAjax.js"/> <script src="UTILS.js"/> <script src="CALENDAR.js"/> <script src="CHARTS.js"/> <script src="DATAGRID.js"/> <script> function MyCalendarCallback(...) { OpenAjax.hub.publish("myapp.newdate", newdate); } function NewDateCB(eventname, pubData, subData) {…} OpenAjax.hub.subscribe("myapp.newdate", NewDateCB); </script> </head> 2008 JavaOneSM Conference | java.sun.com/javaone | 8
  • 9. OpenAjax InteropFests Objectives: • Verify that OpenAjax Hub is reliable, performant, and suitable • Allows members to check if they are OpenAjax Conformant Jan-March 2007 July-Sept 2007 12 toolkits participated 14 organizations, 20 toolkits participated http://www.openajax.org/member/wiki/InteropFest_2007_March http://www.openajax.org/member/wiki/InteropFest_1.0 2008 JavaOneSM Conference | java.sun.com/javaone | 9
  • 10. InteropFest Participants Participating organizations Participating toolkits 24SevenOffice AjaxEngine Apache XAP Apache XAP Dojo Foundation Dojo Toolkit IBM Ext ILOG ILOG JViews DWR/Getahead IT Mill Toolkit IT Mill jMaki Lightstreamer JQuery Microsoft Lightstreamer Nexaweb Microsoft Ajax Library OpenLink SW Nexaweb Ajax Client Open Spot OAT: OpenLink AJAX Toolkit Software AG OpenSpot CalcDesk Sun Microsystems Prototype TIBCO script.aculo.us Software AG's webMethods/CAF TIBCO General Interface 24SevenOffice Vili YUI 2008 JavaOneSM Conference | java.sun.com/javaone | 10
  • 11. OpenAjax Hub 1.0 status Status • Approved Specification • http://www.openajax.org/member/wiki/OpenAjax_Hub_1.0_Specification Reference implementation at SourceForge • http://openajaxallianc.sourceforge.net 2008 JavaOneSM Conference | java.sun.com/javaone | 11
  • 12. Agenda Introducing OpenAjax Alliance Secure Mashups Overview OpenAjax Hub 1.1 OpenAjax Metadata for Widgets Demo Summary 2008 JavaOneSM Conference | java.sun.com/javaone | 12
  • 13. Mashups – the self-service business pattern 2008 JavaOneSM Conference | java.sun.com/javaone | 13
  • 14. Business value of mashups • Faster, cheaper delivery of applications • Save time and money through reuse and lightweight integration techniques • Lower skill set needed to assembly new applications • Support innovation and new business opportunities • Users empowered to innovate and explore • Gain valuable insights • Due to remixing enterprise and web information • Better align IT and business • Do-it-yourself IT will be expected by Facebook generation • Extend reach and value of SOA • Service reuse illuminates the business value of SOA 2008 JavaOneSM Conference | java.sun.com/javaone | 14
  • 15. Mashup software • Mashup tools • Widget and feed discovery • Application assembly • Instant deployment • Widgets • Pre-packaged, remixable mini-applications • Usually tied to a back-end web service • Sometimes leveraging previous investment in SOA • Public or company-private • Key enabler of the long tail 2008 JavaOneSM Conference | java.sun.com/javaone | 15
  • 16. Widget innovation – no shortage 2008 JavaOneSM Conference | java.sun.com/javaone | 16
  • 17. Industry challenges Interoperability • Dozens of proprietary technologies • Good news: many use the “Web Runtime” (i.e., Ajax)! • Bad news: even when using the Web Runtime, widgets are not interoperable Security • The power of mashups – comes largely from discovering and integrating great widgets from 3rd parties • But 3rd party widgets might be malicious 2008 JavaOneSM Conference | java.sun.com/javaone | 17
  • 18. Security vulnerabilities Web browser URL: http://example.com/mashup_builder/my_mashup1 Widget-C Widget-E (trusted) Communicates in the Company server background with one of the company’s web servers (untrusted) Communicates in the background with a Public server Message public web server passing Widget-A between (untrusted) Communicates in the the widgets background with a Public server public web server What if one of the widgets is malicious? 2008 JavaOneSM Conference | java.sun.com/javaone | 18
  • 19. OpenAjax – Addressing the challenges Web browser URL: http://example.com/mashup_builder/my_mashup1 Widget-C Widget-E (trusted) Communicates in the (1) OpenAjax Hub 1.1 Company server background with one provides framework for of the company’s web loading/isolating widgetsservers (untrusted) and secure message Communicates in the management background with a Public server Message public web server passing Widget-A (4) Open source mini- between (untrusted) mashup application Communicates in the the widgets shows how to use all of background with a Public server public web server these technologies (2) OpenAjax Metadata defines an industry (3) Open source transcoders standard widget wrapper convert popular existing format proprietary gadget formats into OpenAjax Metadata 2008 JavaOneSM Conference | java.sun.com/javaone | 19
  • 20. Agenda Introducing OpenAjax Alliance Secure Mashup Initiatives Overview OpenAjax Hub 1.1 OpenAjax Metadata for Widgets Demo Summary 2008 JavaOneSM Conference | java.sun.com/javaone | 20
  • 21. OpenAjax Hub 1.1 – New features OpenAjax Hub 1.0 addresses pub/sub within a single browser frame OpenAjax Hub 1.1 adds the following: • Pub/sub across frames • Framework for secure mashups • Pub/sub between clients and servers (i.e., Comet) 2008 JavaOneSM Conference | java.sun.com/javaone | 21
  • 22. Mashups: security issues Browser same-origin policy prevents interaction across origins Typical Solution: bypass same-origin policy by • Dynamic SCRIPT tag to another server (client-side) • Proxying content (server-side mashups) • “IFrame proxy” (window.location fragment identifier) 2008 JavaOneSM Conference | java.sun.com/javaone | 22
  • 23. SMash SMash stands for “Secure Mashups” • Secure handling of 3rd party mashup components • Runs in today’s browsers (without plugins) Designed and implemented at IBM™ Research (beginning of 2007) • Open-sourced (openajaxallianc.sourceforge.net) in August 2007 • Research Paper describing SMash in WWW 2008 Conference High-level APIs, independent of implementation technology • Fragment communication, HTML5 postMessage, Java™ platform, Flash etc. • Will still work when browsers add native support for secure cross- frame messaging 2008 JavaOneSM Conference | java.sun.com/javaone | 23
  • 24. OpenAjax Hub 1.1: Concepts Managed hub-instances • A frame/window can have multiple managed hub-instances • Hub-instance has one manager, multiple clients Fine-grained policy hooks for manager • For security policy, mediation between incompatible clients etc. • No policy encoded in hub Providers: Multiple communication providers for client to hub-instance communication • Provider and Hub SPI • Current providers: inline, smash (using code from SMash) 2008 JavaOneSM Conference | java.sun.com/javaone | 24
  • 25. OpenAjax Hub 1.1: Architecture Gadget/Widget Support (OpenAjax or …) API Hub 1.1 Code SPI Hub 1.1 smash provider inline provider HTML5 postMessage provider (future) Gadget/Widget layer sits on top of OpenAjax Hub 1.1 Hub supports composite gadgets with • any level of nesting • any combination of gadget types (inline, iframe, …) e.g. inline gadget-foo composed of iframe gadget-bar and inline gadget-baz 2008 JavaOneSM Conference | java.sun.com/javaone | 25
  • 26. OpenAjax Hub 1.1: Simple example Web browser URL: http://example.com/mashup_builder/my_mashup1 Mashup container Widget-C Widget-E Broadcast an event using connHandle.publish() Hub 1.1 (Managed Hub) Hub 1.1 Hub 1.1 inline provider inline provider smash provider smash provider Widget-A Subscribe to a topic and register a Security callback function using manager connHandle.subscribe() Invoke the callback function Hub 1.1 smash provider 2008 JavaOneSM Conference | java.sun.com/javaone | 26
  • 27. OpenAjax Hub 1.1: the steps Web browser URL: http://example.com/mashup_builder/my_mashup1 Mashup container Widget-C Widget-E 1 2 Load the Initialize and widgets used 4 Broadcast an event using connHandle.publish() create a in the mashup “Managed Hub” Hub 1.1 (Managed Hub) 7 5 Hub 1.1 Hub 1.1 8 inline provider 6 inline provider smash provider 9 smash provider Widget-A Security 3 Subscribe to a topic and register a callback function using manager connHandle.subscribe() 10 12 Invoke the callback function Hub 1.1 11 smash provider 2008 JavaOneSM Conference | java.sun.com/javaone | 27
  • 28. Hub 1.1 status Specification • First draft spec – far along • http://www.openajax.org/member/wiki/OpenAjax_Hub_1.1_Specific ation Reference implementation at SourceForge • First implementation (far along) • http://openajaxallianc.sourceforge.net Timeline for Hub 1.1 • Now: Detailed review within Interoperability Working Group • Spring 2008: Stable, complete spec • July-September 2008: InteropFest (with OpenAjax Metadata) • Fall 2008: Finalize and approve 2008 JavaOneSM Conference | java.sun.com/javaone | 28
  • 29. Agenda Introducing OpenAjax Alliance Secure Mashup Initiatives Overview OpenAjax Hub 1.1 OpenAjax Metadata for Widgets Demo Summary 2008 JavaOneSM Conference | java.sun.com/javaone | 29
  • 30. Widget innovation – no shortage 2008 JavaOneSM Conference | java.sun.com/javaone | 30
  • 31. OpenAjax Metadata – industry problems IDE interoperability problem • Countless Ajax libraries • Each library has its own approach to documenting • JavaScript APIs • UI controls • As a result, difficult to deliver visual authoring tools that integrate with the full set of Ajax libraries in the industry Mashup interoperability problem • Dozens of widget formats (Google, Yahoo, Apple, Microsoft…) • Current industry situation: • Widgets developers provide multiple versions of their widgets • To do a mashup, you usually need a programmer • As a result, difficult to deliver visual mashup tools that integrate with the full set of widgets in the industry 2008 JavaOneSM Conference | java.sun.com/javaone | 31
  • 32. OpenAjax Metadata – what it provides (IDE WG) Ajax library metadata “intermediary” standard • Standard XML for describing • JavaScript APIs • Widgets • Committee includes • Adobe, Aptana, Dojo, Eclipse, IBM, Microsoft, Sun, TIBCO, and Zend (Gadgets TF) Mashup gadgets “intermediary” standard • Standard XML for describing a mashup component • But mashup gadgets have special needs • List of topics that they produce and consume (i.e., pub/sub) • Security issues related to secure mashups 2008 JavaOneSM Conference | java.sun.com/javaone | 32
  • 33. OpenAjax Metadata sample code <widget xmlns="http://ns.openajax.org/widgets"> <properties> <property name="Addr" type="Loc" listen="true" /> </properties> <content> <!-- HTML+JavaScript go here --> </content> </widget> 2008 JavaOneSM Conference | java.sun.com/javaone | 33
  • 34. OpenAjax Metadata status Specification • First draft spec - far along • http://www.openajax.org/member/wiki/OpenAjax_Metadata_Specification Open source • Gadget transcoders • Mini mashup application Timeline for OpenAjax Metadata • Now: Finishing spec within IDE Working Group • Spring 2008: Stable, complete spec • July-September 2008: InteropFest (with OpenAjax Hub 1.1) • Fall 2008: Finalize and approve 2008 JavaOneSM Conference | java.sun.com/javaone | 34
  • 35. OpenAjax – Addressing the challenges Web browser URL: http://example.com/mashup_builder/my_mashup1 Widget-C Widget-E (trusted) Communicates in the (1) OpenAjax Hub 1.1 Company server background with one provides framework for of the company’s web loading/isolating widgetsservers (untrusted) and secure message Communicates in the management background with a Public server Message public web server passing Widget-A (4) Open source mini- between (untrusted) mashup application Communicates in the the widgets shows how to use all of background with a Public server public web server these technologies (2) OpenAjax Metadata defines an industry (3) Open source transcoders standard widget wrapper convert popular existing format proprietary gadget formats into OpenAjax Metadata 2008 JavaOneSM Conference | java.sun.com/javaone | 35
  • 36. OpenAjax Mashups in action 2008 JavaOneSM Conference | java.sun.com/javaone | 36
  • 37. Summary Mashups offer both promise, but have challenges • Security • Interoperability OpenAjax Alliance is addressing the challenges • OpenAjax Hub 1.1 • OpenAjax Metadata 2008 JavaOneSM Conference | java.sun.com/javaone | 37
  • 38. For More Information Web site: http://www.openajax.org Wiki: http://www.openajax.org/member/wiki Blog: http://www.openajax.org/blog Mail list: public@openajax.org Email: Jon Ferraiolo <jferrai@us.ibm.com> 2008 JavaOneSM Conference | java.sun.com/javaone | 38
  • 39. Jon Ferraiolo, IBM & OpenAjax Alliance TS-5030 2008 JavaOneSM Conference | java.sun.com/javaone | 39