REST web apis

Overview

RESTful web services are built to work best on the Web. Representational State Transfer (REST) is an architectural style that specifies constraints, such as the uniform interface, that if applied to a web service induce desirable properties, such as performance, scalability, and modifiability, that enable services to work best on the Web. In the REST architectural style, data and functionality are considered resources and are accessed using Uniform Resource Identifiers (URIs), typically links on the Web. The resources are acted upon by using a set of simple, well-defined operations. The REST architectural style constrains an architecture to a client/server architecture and is designed to use a stateless communication protocol, typically HTTP. In the REST architecture style, clients and servers exchange representations of resources by using a standardized interface and protocol. (as defined in https://docs.oracle.com/javaee/6/tutorial/doc/gijqy.html). 

Technology and Security

The services employ an implementation of the SpringBoot technology which allows each service to run standalone instead of running inside an applications server such as Apache Tomcat.

These services will use SSL and require a certificate.  Clients will either need a public key or must trust all certificates.

Configuration

The following directories are required on the host server

  • /srv/uconn_configs/webapi
  • /srv/uconn_configs/webapi/config
  • /srv/uconn_configs/webapi/security

Common properties files contained in the /config directory.  Key stores necessary to security the services are contained in the /security directory.

The initial configuration is as follows:

  • /srv/uconn_configs/webapi/config/db-config.properties
  • /srv/uconn_configs/webapi/config/ldap-config.properties
  • /srv/uconn_configs/webapi/config/ldap-client.properties
  • /srv/uconn_configs/webapi/config/affiliations.properties
  • /srv/uconn_configs/webapi/config/security.properties
  • /srv/uconn_configs/webapi/security/aewebapi.jks

Each service resides in a directory under the ../webapi directory for  example, the first rest service is financialwebapis it resides in /srv/uconn_configs/webapi/financialwebapis directory.  This contains the jar file, start and stop scripts and a /logs directory for the application log.

Configuration files

db-config.properties

#
#    database access properties
#
# kfs
datasource.kfsUrl=jdbc:oracle:thin:@<host name>:1521:<SID>
datasource.kfsUsername=<user name>
datasource.kfsPassword=<password>
datasource.kfsConnPoolName=UcpKfsPool
#
#   common values
#
datasource.factoryClassName=oracle.jdbc.pool.OracleDataSource
datasource.validationQuery=select 1 from dual
datasource.poolMaxActive=100
datasource.poolMaxIdel=100
datasource.maxWait=30000
datasource.initialSize=10
datasource.connTo=60
datasource.maxIdle=100
datasource.minIdle=10
datasource.maxActive=500


ldap-config.properties

ldap.username=uid=uits-kuali,ou=accounts,ou=ldap,dc=uconn,dc=edu
ldap.password=<password>
ldap.url=ldap://ldap.uconn.edu
ldap.wrturl=ldap://master.ldap.uconn.edu
ldap.base=dc=uconn,dc=edu
ldap.name=cn
ldap.uid=uid
ldap.lastName=sn
ldap.building=buildingName
ldap.deptNumber=departmentNumber
ldap.displayName=displayName
ldap.deptNumber=departmentNumber
ldap.employeeNumber=employeeNumber
ldap.firstName=givenName
ldap.middleName=initials
ldap.location=l
ldap.email=mail
ldap.postalAddr=postalAddress
ldap.postalCode=postalCode
ldap.registeredAddress=registeredAddress
ldap.state=st
ldap.street=street
ldap.telephoneNumber=telephoneNumber
ldap.title=title
ldap.displayGivenName=displayGivenName
ldap.displayMiddleName=displayMiddleName
ldap.displaySn=displayLastName
ldap.affiliation=eduPersonAffiliation
ldap.personEntitlement=eduPersonEntitlement
ldap.primaryAffiliation=eduPersonPrimaryAffiliation
ldap.phoneNumber=publishedTelephoneNumber
ldap.active=uconnActive
ldap.deptName=uconnDepartment
ldap.uconnPersonAffiliation=uconnPersonAffiliation
ldap.uconnPersonPrimaryAffiliation=uconnPersonPrimaryAffiliation
ldap.dateOfBirth=uconnPersonDateOfBirth
ldap.emplId=uconnPersonEmplID
ldap.payrollId=uconnPersonPayrollID
ldap.unit=uconnUnit
ldap.unitNumber=uconnUnitNumber
ldap.uconnPublished=uconnPublished
ldap.uconnPublishedEmail=uconnPublishedEmail
ldap.payrollIdLen=10
ldap.employeeIdLn=10
ldap.empIdLn=7
ldap.searchLimit=100


security.properties

config.location=file:/srv/uconn_configs/webapi

ssl.port=<ssl port>
ssl.keyStore=${config.location}/security/aewebapi.jks
ssl.keyStorePassword=<password>
ssl.keyStoreType=JKS
ssl.keyAlias=<keystore alias>

ldap-client.properties

####
### ldap service url
#dev
ldapsearch.serviceurl=http://dev.aeweb.uconn.edu:8054/webapi/searchldap/
#production
ldapsearch.serviceurl=https://prod.aeweb.uconn.edu:8054/webapi/searchldap/

ldapsearch.netid=byNetId?netId
ldapsearch.netidlist=byNetIdList
ldapsearch.department=byDepartment?departmentNumber
ldapsearch.employeeid=byEmployeeId?employeeId
ldapsearch.name=byName
ldapsearch.payrollid=byPayrollId?payrollId
ldapsearch.emailaddress=byEmailAddress
ldapsearch.netidorname=byNetIdorName


affiliations.properties

    affilitations.defaultAcctReportName=accountManagerAffiliations.csv
    affilitations.defaultGrpRoleReportName=groupRoleAffiliations.csv
    
    affilitations.mailHostName=smtp.uconn.edu
    affilitations.mailPropName=mail.smtp.host 
    affilitations.mailFromAddr=noreply@uconn.edu
    affilitations.mailToAddress=david.chudnow@uconn.edu
    affilitations.mailSubjectGroup=KFS Groups and Roles Affiliations Report
    affilitations.mailSubjectAcct=KFS FO and Acct Mgrs Affiliations Report
    affilitations.mailBody=Attached is report of individuals that have roles or are in KFS groups and do not have any affiliations with the university;