What Not How - Posts tagged 'event-driven'

Google Micro Conference

2007-10-05T11:22:00Z

Last night's Google London Open Source Jam (also here) was on the subject of the 'Web' (didn't they invent that? Oh no, that was Microsoft).

This event has been getting better and better each time I've attended. There were some very interesting lightning talks held together with a tight structure and plenty of chance to chat, drink cold Leffe and eat cold pizza. And nick [transatlantic translation: 'steal'] the Green & Black's chocolate.

An ideal Micro Conference...

I arrived late (it starts at 6pm) and spent some time catching up with ex-Thoughtworks colleagues, so I missed Dion "Ajaxian" Almaer's Google Gears slideset from FOWA. Go there now and check it out.

Thus the first talk I saw was a nifty piece of widgetry by Steven Goodwin called WARP. In WARP, interacting with a page of 'applets' changed the URL to encode those applets' current state. If you link to the current page, it will always show that state. Very long URLs, you can imagine. None of that fancy Ajax stuff. RESTful, dare I say. Nice API server-side for unpacking your applet params.

A trip to the lavatories [transatlantic translation: 'restroom'/'bathroom'] revealed that they are, indeed, doing that Testing in the Toilet project in Google. It works, too! I learned something. Other intelligence on Google's Inner Workings include confirmation of the beanbags and of the high quality, free grub to which I have already alluded.

A nice bloke from Yahoo! (Tom Hughes-Croucher: another spy?) came along to sell his idea that, in the collaborative world of open-minded hackers, we who run websites could help each other with our 404s. If I get a 404, I use the referrer link to tell you, via some RESTful POST, that your link to me is bust (assuming I don't intend to fix it myself).

I think the world is a little more selfish, so you need to decide who hurts more - the site who sends their visitors to a dead-end, or the site delivering that dead-end to a new visitor. I suspect the latter, by a small margin, as it's not exactly a nice welcome. So it's up to them to let the new visitor down more gently, and to notify the publisher of the broken link with little or no cost to them. For example, a really sociable 404-ing site could just redirect the hapless visitor back to the referring page, adding '?broken=links' to the URL - hopefully to be picked up by log scanning scripts at the referring site.

Next up, yours truly taking yet another chance to promote his excellent Micro Web thingy. Couple of people asked about it afterwards - including that nice chap from Yahoo! Also, a smart - and nice - chap called Toby (this one?) got me into a deep discussion on imperative vs. event-driven vs. state-driven programming. He was apparently an old-timer like me, as he was able to engage in dewy-eyed Functional Programming recollections. I managed to give out about four full colour printouts about the Micro Web, and to collect some good calling cards.

However, Joe Walnes, even a pint down in the pub afterwards, still refused to sign up for Micro Web duties. This in spite of over three years of intensive lobbying, including eight months of me working Trojan-horse-like in his kitchen, on The 2005 Implementation.

Another ex-Thoughtworks colleague, Simon Stewart took yet another chance to promote his promising Webdriver thingy. And a very interesting project it is becoming. Still needs more work - on IE support, etc - but I'll probably be using it in my new job at the Financial Times.

Another ex-Thoughtworks colleague, Chris Matts took a chance to promote his and Andy Pols' interesting new Dream Machine thingy. Perhaps a bit like Cambrian House - you put your dreams and ideas into it and people expand on them. Chris is a natural on-stage - and even used the age-old trick of promising lots of money for no effort, to get our attention at the start.

All I could come up with for the Micro Web was 'Cheaper, Wider, Faster'...

Updated: added reference to Dion Almaer, details about WARP, swapped in the picture of TWers that I was waiting for and fixed a minor blunder thanks to that ever-sharp ThoughtWorker, Dan Bodart..

How Ruby can enable the Web 2.0 Platform

2007-06-26T15:17:00Z

Web 2.0's definition includes seeing the Web as an application platform. Which means it is in competition with Java and .Net, and with SOA, for both local and widely distributed applications.

If the Web is going to be a platform, the skills you need to learn to program it are the core Web 2.0 technologies such as Ajax, JSON, Atom, Microformats and OpenID.

And Ruby. This language, that's capturing the hearts of many Web 2.0 programmers, is ideal for easing the transition from the Java and .Net platforms to the Web platform, as I will show.

Even if you're part of a big company that is generally immune to the latest trends, the marriage of Ruby and the Web-as-platform may be something to prepare for. It could even displace your SOA agenda...

Few would disagree that the Ruby language is riding the wave generated by Ruby-on-Rails. In turn, Rails is riding the Web 2.0 wave, coming as it does from underpinning the very Web 2.0 37signals product suite.

Rails and Ruby have tapped into the tech Zeitgeist of friendly, simple and powerful. The speed with which the Ruby and Rails communities have delivered the key components of Web 2.0 is matched by the speed at which Ruby and Rails books are leaving the shelves.

What is the ideal platform of Web 2.0? Will it be Rails and Ruby? Will Ruby ride the Web 2.0 wave into the mainstream in the same way Java rode the Web 1.0 wave?

Well, here's the problem with that question: Web 2.0 is supposed to be primarily about the Web itself as the platform, as explained first by Tim O'Reilly and then by a thousand Web 2.0 vendors and industry watchers after him.

Web-as-platform is not just vendor hype or pundit hand-waving. Let's think about what O'Reilly meant by that.

Web as Platform

Web 2.0 is about making the Web more interactive, and thus able to support applications where Java and .Net would once have been considered the sole delivery platforms.

The fact that the technologies of the Web can be turned to this use is a shift with far-reaching implications.

Broadly, the shift we are seeing is from the one-way, static document delivery of Web 1.0 towards the two-way, dynamic data exchange of Web 2.0.

This fundamental repurposing is delivering more complex, interactive applications that work inside our browsers and which fully leverage the benefits of online operation.

Web 2.0 is bringing the user and their stuff into the very Web that they hitherto only passively consumed. This network-enablement of the user in turn enables their social networking and their shared creativity and self-expression.

Web 2.0 has tapped into a deep human need - a fact reflected in the vast traffic volumes and correspondingly vast valuations of Web 2.0 startups that we're currently seeing.

But Web 2.0 is not just for the startups: Enterprise Web 2.0 is coming! The bigco.com site is going to be looking a little, well, static and lifeless when compared to the new sites that are springing up everywhere, and that most of BigCo's employees are using. Further, BigCo can gain huge benefits from Web 2.0 approaches empowering and connecting those employees on the Intranet. And that Intranet is an ideal platform for deploying company-wide, interactive applications.

This shift in the Web to two-way dynamic data is being powered by a set of technologies that a Web platform programmer is going to have to learn.

Web 2.0 Platform Technologies

Anything that claims to be an application platform must support data. Web 2.0 is above all the data Web. Web 2.0 is about semantics, not free text and font sizes. Hence, it inevitably starts with data-oriented formats such as XHTML, YAML and JSON. In Web 2.0 more than ever, we talk about data not documents and about separating data from its presentation. CSS is big in Web 2.0, for good reason (not just for gradient fills). Inside the page of a self-respecting Web 2.0 application, you'll often find Microformats - again, semantics in the page: publishing concise data of widely-understood standard formats. Some of those Microformats may be tags, and in Web 2.0 the simplest and most powerful semantics are those little pivot points in Webspace.

Again, if you're going to be a general purpose platform, you need to be able to fetch, update, notify and display that data. Web 2.0 integration usually happens via JSON data structures and REST interfaces (some of which, especially those based on AtomPub, are true REST). Following on from the data-like pages we serve to browsers, come the data-like feeds we publish to feed readers and to other applications. After feeds, the core technology that gives Web 2.0 its dynamism and interactivity is Ajax and DHTML, and increasingly Comet (server push to the browser). The core technology that gives Web 2.0 its users is increasingly OpenID.

All of the above are open technologies. You can do Web 2.0 without proprietary technologies, just like Web 1.0. Indeed, keeping to the principles that made the Web successful is also essential to the success of Web 2.0. The Web platform is the first application platform that has to consider scalability and interoperability, and will ignore them at its cost. I have written before about open data, use of standard data formats and using REST properly to avoid creating unscalable, walled-garden sites. You don't need Flash or SilverLight, you don't need vast amounts of custom Javascript, you don't need function calls tying you to your servers.

Programming the Web 2.0 Platform

So, we've got the dynamic data that you'd expect of a would-be platform. But how to drive changes in those data? How do we program the Web platform to animate all this data?

All Rails programmers will know the above technology list; it comes with the territory. The Web 2.0 Platform can be very succesfully powered by Rails and Ruby. Ruby and Rails make Web 2.0 applications simple and quick to program, addressing many of the needs of simple Web 2.0 applications out of the box. There's little doubt that Ruby and Rails will have a secure future riding the Web 2.0 wave.

However, for many Web 2.0 applications, programming may not even be necessary, at least not in the procedural or imperative style programmers expect.

Look back to the early 90's: 'Web 1.0' made a whole class of applications easy to write without programming: applications for navigating information. You just wrote in HTML, declaratively.

Now look back at the long path of evolution of Java, through J2EE, Spring, AOP, IoC, Domain Driven Design, POJOs. All trying to achieve the simple goal of 'remove all that MVC and persistence stuff and let us concentrate on business or domain objects'. But they never quite seemed to get it right.

But then Rails comes along, and has succeeded by simple virtue of concentrating on easy manipulation of the 'Intel Inside' of Web 2.0 - data.

It's reminiscent of the 'Naked Objects' approach to application building with minimal programming (just business or domain code in POJOs that expose state into the GUI and are transparently persisted). The Streamlined project takes Rails even further down this path. Rails' nearest competitor, Django, has an admin interface that works in a similar way, automatically generating edit pages based on the data model.

Web 2.0 is about data, about semantics. Web 2.0 is inherently declarative. So Web 2.0 applications can be written declaratively - Web 2.0 mashups can be just wired together and their data animated by business rules. A bit like programming spreadsheets.

Teqlo, Coghead, Pipes, DabbleDB, LongJump, Popfly, AppExchange and Wyaworks are all examples of the different ways to program the new Web 2.0 platform without imperative code.

That's what we mean by Web-as-platform - not only is the underlying programming language irrelevant, it will often not even be needed, certainly for simple data manipulation applications and for many simple mashups. Being RESTful gives you a massive head start in this, of course.

While Rails is already in the game with its innate understanding of Web 2.0 techniques and philosophies, Ruby itself has a huge amount to offer the would-be declarative programmer, who is making the transition to this new Web platform from their traditional Java or .Net platform. In particular, it is easy to write your domain logic in a declarative style in Ruby: they call them 'DSLs' these days, but the idea is the same in most examples I've seen.

Web 2.0 - The Web Redux

Now, if you've been following this blog, you'll know I have a few opinions on Declarative Web 2.0 and on patterns for programming REST. Essentially I argue that, if you want to play in the Web 2.0 platform game, you don't want to be writing screeds of Javascript functions that call more functions on your servers.

I recently presented some ideas along these lines at the WWW2007 conference, entitled 'The Micro Web: putting the Web back into Web 2.0', where I also showed a demo written in Python.

This approach combines my Distributed Observer Pattern with Comet push to enable highly dynamic Web 2.0 applications to be coded RESTfully and declaratively, with zero Javascript. The Distributed Observer Pattern offers a clean programming model for animating the Web 2.0 dynamic-data technology set I described above.

I believe the Observer Pattern is core to the way we'll be programming when the Web 2.0 Platform hits mainstream. It enables the kind of event- and rule-driven programming that matches the characteristics of the Web 2.0 dynamic data platform. As a further killer benefit, it also directly addresses the optimal utilisation of multicore processors.

I am currently porting my Python implementation of this approach to Ruby, in the Redux project on Rubyforge. Redux stands for 'Ruby Event-Driven Update Exchange'. It uses the highly scalable EventMachine epoll-based event loop to power its event-driven architecture. This will be essential when Redux is asked to scale up a Comet-based application.

Like Rails, Redux will be a Web (2.0) application framework, but unlike Rails, it puts the Observer Pattern and event- and rule-driven programming at its core.

Redux's headline is 'Web 2.0 in-a-box' or 'Naked Objects on the Web'.

Conclusion

If you're in BigCo, and are responsible for setting BigCo's technical strategy, then train your Java devs up on Web 2.0 core technologies such as Ajax, JSON, Atom, Microformats and OpenID.

And fire up their enthusiasm by tapping into Ruby (perhaps via JRuby) on your way to the Web 2.0 platform.

Learn patterns for mashing and integrating. Learn about REST and event- and rule-driven programming, including declarative DSLs.

When this Web platform hits BigCo, you will probably find that its REST or ROA style make your SOA integration strategy look rather complex and unweildy.

Check out the Distributed Observer Pattern, and download Redux when it's done (I'll let you know if you subscribe here!).

In 2007 and beyond, its the Web itself that's the platform, not Java or .Net. But if you want to get there via a language-based platform, Ruby could be the best way to transition to it.

Note: Everything I said about Ruby and Rails applies equally in technical terms to Python and Django, but regardless of the significant benefits of the latter, Ruby and Rails have the Web 2.0 market and mindshare. I'll probably switch this blog from Django to Redux sometime this year..

The Distributed Observer Pattern | The REST Dialogues

2007-06-20T22:42:00Z

In an exclusive nine-part dialogue with an imaginary eBay Architect, we present an accessible discussion of the REST vs. SOA issue.

Although eBay have what they call a 'REST' interface, it is, in fact, a STREST interface, and only works for a few of the many function calls that they make available via SOAP (GetSearchResults, GetItem, GetCategoryListings, etc).

In this dialogue series, I argue the case for eBay to adopt a truly REST approach to their integration API.

Part 5: The Distributed Observer Pattern

eBay Architect: So, can you summarise your argument that 'REST isn't just about reading and writing data', and explain your view on RESTful business logic?

Duncan Cragg: OK. The whole collection of related resources determines where things stand at any given time.

Resources are masters of their own destiny - guided by rules declared in the standard to which their content type conforms.

These rules, or business logic, run on notification of any declarations of the state of peer resources, or on arrival of any state via POST. Such peer states and POSTs are not commands, although it is possible to go ahead and define a special command or edit command content type.

The rules aim to satisfy the business or domain constraints on the mutual states of these resources - updating and creating resources accordingly and causing appropriate side-effects outside the server, such as financial transactions and emails.

These transformations are state driven. Even though the 'tension' in unresolved rules may be detected by events, that tension exists, not in those events as such, but in resource state.

eA: That sounds like a core difference to SOA.

DC: Indeed. It's a Resource-Oriented Architecture. And ROAs are declarative, not imperative like SOAs.

We have a world of resources declaring their current state, and resources settling into new states depending on the current state of related resources. These state changes can be driven by hard-coded resource animation logic, or by simpler, clearer, more scalable, declarative state transformation rules.

eA: Remind me of those patterns for notifying state change.

DC: Resource states are either polled via GET or actively notified via POST. Such actively POSTed state could be from a resource that also happens to be GETable, could be simply a link to such a resource, or could cause such a GETable resource to be created on the target server. Alternatively, the POSTed state could be considered too transient to record in a GETable resource, but can still trigger transformation in its target resource.

The above eBay examples used the pattern of 'server creates GETable copy of POSTed resource', and also 'second server hosts GETable copy of POST-notified resource'.

What I have described is a general programming model because, in general, such simple, declarative, transformational mechanisms are Turing Complete.

eA: I'm sure it's a novel perspective - even to RESTians! Again, do you have any high-level RESTian support for this?

DC: Any web resource that is a derivative of, or is dependent on, one or more other resources is using this approach.

Like I said before, there is an example of a similar approach by Joe Gregorio on his 'Well-Formed Web' site for alerting resources to peer resources of mutual interest.

Every time you would POST some data, consider making that data GETable and POST its URI instead, as a notification of the data existing.

eA: GETable POST data? You sure that's REST-compliant?

DC: In REST integration, things become more symmetric than in the client-server Web, or rather, the 'client-resource' Web. We can start to talk about the 'resource-resource' Web!

But anyway, we're already halfway to the symmetric resource-resource Web when we POST - not to a service, but to a URI. Resources can already both issue and receive state, which is a pretty symmetric state of affairs.

eA: I never thought of it that way - I keep forgetting that you can POST right back to a resource you just fetched.

DC: But think one step on: the POSTed data has a Content-Type but no URI!

Why not close the loop and have this POSTed data be a first-class resource (with a URI) that POSTs itself to the target. And it can itself GET that target or be POSTed to by that target in return.

That really is a Resource-Oriented Architecture. Once resources are seen as equal and active participants in RESTful integration, it becomes irrelevant whether their state is transferred by GET or by POST.

eA: I'm still having trouble with this pattern of POST just being a pro-active GET.

DC: Making POSTed data GETable more correctly moves the responsibility to the target resource to fetch the incoming resource state when its ready (rather than being bombarded by state it hasn't asked for).

Once the target is interested, updates can be POSTed directly as they happen, to prevent the target polling, or notification of an updated URI POSTed to trigger the target to re-GET the changed resource when it wants (thereby updating the caches).

eA: Hmm - makes clients look like servers..

DC: Since our 'clients' in REST integration are also 'servers' in other contexts, it is easier to set up client-side resources than on the browser-based Web. One objection to cookies on the Web is that they are state or resource that has no URI. So give your 'client' state a URI! And put any client-specific server resources on your own 'client' host.

eA: Is anyone doing this sort of thing?

DC: Well, in fact there are many examples of this POST-notification of a GETable resource already happening between web sites. Like submitting a link to your site to an indexing engine and letting it crawl (or poll) it.

Trackback pings are another example: POST a URI along with a sample of your page. And the Microformat rel-tag adds your article to Technorati's tag index when you ping their servers with the URI of the article.

Further, imagine POSTing to some new site a link to your hCard on your own server, to save you having to type your name and address again. And you'd never need to manually update sites when your address changes: just ping 'em all.

eA: Ah - but I thought all URIs should be GETable. The ping URI you're POSTing to in these examples isn't always one that you can also GET!

DC: Indeed - so think how much more powerful it would be if we did close the loop and provide or create a GETable resource to POST these notifications to.

For example, imagine a page containing an hCalendar event. Now point to it with a rel="attending" link. When the hCalendar discovers your intention (using a direct POST ping of your page's URI to the hCalendar page's URI - or perhaps through the referrer trick from people clicking through), it adds your referring page to a list of attendees inside the hCalendar. The hCalendar could either contain lists of backlinks to the attendee's pages, which may in turn carry hCards, or it could contain lists of complete hCards copied over.

eA: Sounds like a good use of Microformats.

DC: These examples make crawling and polling (even with If-Modified-Since et al) look like a clumsy version of the more proactive POST.

Web Feeds and general publish-subscribe are further examples where POST may be used to notify changes on a resource - giving the feed consumer first-class resource status with their own URI.

eA: I'd never think of using HTTP in this way.

DC: Obviously this only applies where the feed consumer is a visible and POSTable server and where timeliness is crucial. And probably where the number of subscribers is relatively small, unless asynchronous I/O and an event-driven architecture are employed, and you don't wait for the response to each POST.

This isn't done now simply because of the asymmetry of the current Web, an asymmetry which we are free of in REST integration.

eA: What about all those REST rules about idempotent and unsafe methods?

DC: We're not mixing GET and POST in that sense, just turning the tables on the asymmetric Web. GET is still cacheable, and we can POST a link to cause a cached GET.

I believe this is a more-constrained REST style, not disjoint to REST. It is at least an ROA! It may fall foul of REST's client-server constraint, since we're now in server-server territory with integration applications. Also, the concept of 'Hypertext as the Engine of Application State' is something that may take some refitting to the mutual state dependency model. However, I believe it's most important to focus on maintaining the benefits of REST and its key elements of standard content types at URIs.

I call this symmetric REST integration style the 'Distributed Observer Pattern'.

eA: Quickly summarise the 'Distributed Observer Pattern'.

DC: OK, the Distributed Observer Pattern is 'symmetric REST'. A resource subscribes to a peer resource via a GET that supplies its own URI, and is notified of subsequent state changes in that resource through a POST back.

eA: That was too quick. Tell me the details!

DC: OK, here are four. First, a POST can be either the whole new state or the fact of the change, allowing the subscriber to GET the resource when it's ready (and thereby fill any caches).

Secondly, you can use either the Referer header or perhaps the Content-Location header in POST and GET requests to indicate the origin POSTer or GETter URI. Alternatively, you can send this origin resource URI using the Cookie header, echoing its use in the normal browser client-server case to identify the pseudo-resource of a browser user.

POSTed state notifications may be unsolicited by a prior GET subscription, when the POST target is clearly open to them (as in the ping notification examples). These can be seen as 'subscribe to anyone', and may be combined with a corresponding 'GET anyone' crawling process, without explicit subscription.

Finally, POST notifications may be targetted to single resources to ask them to update: the Distributed Observer Pattern way of achieving the client-server editing function. These now become 'edit suggestions' of the POSTer resource - putting the target back in control of its own destiny and integrity.

eA: And why should I use the Distributed Observer Pattern?

DC: The Distributed Observer Pattern supports the programming model of inter-dependent resources whose own state is a function of their peers' state, driven by declarative rules. It's a very general ROA programming model.

In Part 6: Content-Types and URIs.

Note that the opinions of our imaginary eBay Architect don't necessarily represent or reflect in any way the official opinions of eBay or the opinions of anyone at eBay.

Indeed, I can't guarantee that the opinions of our real blogger necessarily represent or reflect in any way the official opinions of Roy Fielding...

Inter-Enterprise REST Integration | The REST Dialogues

2007-04-08T13:38:00Z

In an exclusive nine-part dialogue with an imaginary eBay Architect, we present an accessible discussion of the REST vs. SOA issue.

In this dialogue series, I argue the case for eBay to adopt a truly REST approach to their integration API.

Part 4: Inter-Enterprise REST Integration

Duncan Cragg: OK - I've demonstrated how you can replace imperative, function-call API-driving with a clean, declarative, RESTful interaction, driven by simple business rules.

We had servers run by eBay and clients run by the public, in the same way your SOAP API is used.

eBay Architect: Ah: that's something SOA has that REST doesn't!

DC: What? What's that?

eA: Services are all about Enterprise Integration: about servers talking to servers. In REST you're all about clients talking to servers. The Web is essentially only browser clients talking to Web servers. With Web Services, you can do more serious Enterprise Integration.

DC: You never give up do you? So you want 'serious' integration. Is that within or between enterprises?

eA: Let's say between.

DC: Fine. We'll use the same example as before: it's just a variation on the Patterns used.

We can standardise a more general version of the eBay schemas for Items, Offers, ResponseToBestOffers and so on. Anyone can put their own Items, Offers, etc. up on their own servers, or on some public auction service site. Everyone can do auctions with eBay and with anyone else who decides to set up.

Even, say, a new Google auction site: let's call it 'gBay'!

eA: Ha! OK, let's go through this slowly: you have eBay and 'gBay' sites, with sets of users on each. Now Ernie wants to sell his old laptop on eBay, so creates a new Item for it. Gordon is registered to gBay and needs a cheap laptop.

DC: Great - well the first thing is search. As an interoperable site, gBay offers a broad search across both gBay sale Items and eBay ones - cached and indexed internally. The gBay search database would be filled by crawling eBay URIs and even by running queries on eBay.

eA: Mm. Have to check the T's & C's...

DC: So Gordon on gBay finds Ernie's laptop on eBay. The presentation of this eBay sale item will be given the gBay style, but calling out directly to the eBay data and images.

eA: OK, now let's say Gordon decides to make an offer.

DC: So an Offer resource is created on gBay referring to the laptop on eBay. Then through a notification, the Item on eBay is alerted to this Offer.

eA: What's notified, to where?

DC: There's a number of possible patterns. Before, we had the pattern of POSTing a resource to a server that then creates the GETable version.

However, now gBay is hosting the Offer, so the internal mechanisms for notification are no longer available.

So gBay could suggest an update through APP or a simpler POST to a collection of Offer entries within the eBay Item to point to this, now remote, Offer.

Perhaps the gBay Offer can simply be POSTed wholesale to the eBay Item.

Or just a link to it.

Or eBay may poll, read a feed or search gBay for new Offer URIs, putting them into Offer lists as they come up.

An unusual approach (thanks to Joe Gregorio) would be for gBay to GET the eBay Item, with the Offer marked in a Referer: header.

eA: Plenty of patterns to choose from. So there are some Offers on eBay, some on gBay. The Item lists its Offers in a rank as before, as they appear through this notification.

Now, let's say Ernie wants to accept Gordon's Offer on gBay.

DC: OK, assuming he can see the Offers the same regardless of host, he just chooses Gordon's Offer on the offer listing for his Item and accepts it.

eA: So we need to create a ResponseToBestOffer on eBay.

DC: Yes. Now the patterns are reversed, because eBay needs to notify gBay this time - of its ResponseToBestOffer.

Pub-Sub and Observer Pattern

DC: Again, it can do this by POSTing the ResponseToBestOffer to each Offer on gBay in turn, or can POST the actual Item itself to each Offer, where the Item has a link to the ResponseToBestOffer.

That would implement a logical subscription to the Item from each of the Offers on it.

eA: It sounds to me like POSTing several times to implement this pub-sub pattern is physically inefficient, even if it's logically correct. Especially when it's the same information repeated from eBay to gBay servers.

DC: Yes, indeed: a single notification to gBay would be better, letting gBay handle the propagation of subscription responses. This would in effect treat gBay as a proxy cache, and the notification as a cache invalidation event on gBay's copy of the eBay Item.

eA: What URI on gBay would you POST this eBay Item to?

DC: Something like http://gbay.com/ebay.com/item/4243 - to a copy of itself. You could also GET this cached copy if you wanted.

eA: OK, what next?

DC: In gBay the losing Offers get updated on receipt of this ResponseToBestOffer state. Gordon's Offer gets set to 'won'. In eBay, all the losing Offers are updated to 'lost'. The laptop Item gets marked 'sold', with a link to the ResponseToBestOffer, which links to the Offer that won.

It is possible to implement this internally in eBay (and that pub-sub cache invalidation propagation in gBay) using the Observer Pattern. and an event-driven server.

eA: Makes sense - you mean something like SEDA?

DC: Yep.

So the Offers all subscribe to the Item to watch for its status switching to 'sold' and to see if they won. Conversely, the Item can subscribe to the Offers: maybe the Offers could change or be withdrawn, and the Item needs to keep itself updated accordingly.

eA: Wow - symmetric subscription - the two-way Observer Pattern!

OK, what next?

DC: The eBay laptop Item resource will be further updated by its owner with paid, shipped, refunded, etc., as it currently is within eBay.

eA: Hold on, you're mixing patterns: you had the Observer Pattern on the Item just now: the Item observes the Offers. The Offers' state can be POSTed to the Item, whose own state may then change according to its rules.

But you then mix patterns by allowing a POST directly to the Item from the Item's owner, to update a couple of fields.

In one, the Item chooses what its state will be according to the state of its peers, and in the other, it's told, not according to a peer state, but some POST content type.

That doesn't seem neat or symmetric.

DC: It's true that these interaction styles differ: the Observer Pattern or pub-sub approach is peer-to-peer (resource-to-resource as equals watching each other); and in this scenario it's also server-to-server.

The direct edit request is more a client-server pattern, where the server resource - the Item - is considered under the control of a client.

However, the Item is always in control of its own state, and can even ignore a request by its owner if that request doesn't match its internal integrity rules.

The Item supporting both styles at the same time is absolutely fine.

Actually, you could see these two styles as aspects of the same peer-to-peer pattern: introduce a resource in the client that holds edit requests, to which the Item subscribes. It all ends up being much the same.

Transactions, Trust

eA: Right, now what if you have a race, where the ResponseToBestOffer is created at the same time as an Offer is changed or withdrawn?

Don't you need some kind of two-phase commit or distributed transaction logic?

DC: Of course not. It's the same as in the real world: as long as it all settles in the end and the rules are followed. The ResponseToBestOffer cites what state of the Offer it is accepting. If that changes for any reason, the ResponseToBestOffer is void.

It's about state and state consistency in REST, as opposed to the SOA style of maintaining total control at all times.

There will be temporary states that trigger the rules and that need to be resolved. That's the programming and distribution model. Tolerance of transient states is what makes this model so robust.

eA: Surely there are some legal and contract issues? How is this exchange legally binding?

DC: You can digitally sign the Item, Offer and ResponseToBestOffer resources, and each side needs to keep records of the history. Then it's down to agreements between eBay and gBay and the local laws in force.

eA: What about buyer and seller ratings and feedback?

DC: Ernie in eBay and Gordon in gBay can happily publish feedback about each other, and Ernie will be able to see Gordon's rating via eBay's interface, or directly on gBay.

As for aggregated ratings from several buyer/seller interactions: a person's rating is a function of the ratings of all those they have dealt with. These ratings can be fetched by GET from remote sites, and combined with internally-held ratings, depending on the trust of one site over another site's ratings.

eA: So how do we trust these ratings across sites?

DC: We have to trust eBay that it trusts gBay. This is one of the basics of distributed systems. In a monolithic system you have a single trust domain: all parts can trust each other.

Split the application up across multiple trust domains and you need authentication and crypto. You can't get way from needing peer trust structures built up explicitly through crypto, agreement and contract and/or implicitly through past successful experience.

eA: Can you be more specific?

DC: Normally, a GET for a resource or a POST of some data comes with a header identifying the GETer or POSTer. The resource can also be signed by a user on a site or by the site itself as a proxy.

Or, if you have an agreement with the site, you just need to use https to ensure you've got a secure connection with that site, then needn't have individual signatures.

eA: Where's the Single Sign On and Identity in all this? We've got users working across multiple sites.

DC: Well, gBay is the holder of the Gordon identity or persona - and it manages his world view. Gordon on gBay needs his identity to mean something on eBay, but we don't want him to have to create an account on eBay or to have to tell gBay his eBay login details to work on both sites. So he expects gBay and eBay to have come to some agreements about technology and policy.

In REST, we don't have sessions and logins - we have identity, which implies asymmetric (private/public key) crypto for signatures and security. We have a number of tools available to us, including OpenID and https, as well as resource signing.

eA: Here's a question for you: how would you manage a single shopping trolley for Gordon on gBay, containing and allowing payment for eBay goods?

DC: ShoppingTrolley resource, links to eBay and gBay items. At checkout, smaller eBay-Items-only ShoppingTrolley resource POSTed to eBay along with CreditCard resource (again, you can sign the ShoppingTrolley and encrypt the data).

eA: So, as eBay, why should we integrate the seller ratings of someone on gBay? Or get gBay's for-sale items coming up in our searches? Or accept Offers and ShoppingTrolleys from gBay? We don't control or trust them, and don't want to send traffic or business over to them.

DC: Fair enough, for now. I'm only describing what's technically possible. Like I said before, you may revisit your stance on interoperability and mutual agreements one day soon.

Also, what if your business decides this year to set up a commercial partnership with another similar business and the managers come to you asking how it's all going to work together internally?

You'll find having good REST interoperability already in place a huge asset for internal integration! You'll also find that an interop-friendly approach makes developing internal 'mashups' much easier.

Better Than SOA

eA: I still can't see why all this is better than our SOAP approach, though: it just seems like the same things are happening at the end of the day - that it's only a change of perspective.

DC: Well, a minute ago, you were challenging using REST for anything other than simple data manipulation. Now I've shown you the power of a REST approach can be easily extended to a clean, simple, scalable, interoperable, general, declarative programming model. And you're still not satisfied!

eA: Ha! OK. So tell me why this programming model is so scalable and interoperable compared with the SOAP API and normal function calls.

DC: It's scalable because of all the reasons I mentioned before: the cacheability of the basic data operations and their parallelisability through URI partitioning. updated - I meant data partitions not operation partitions!

Plus now we have parallelisability of the application of the business rules. There's nothing more parallelisable than a declarative system.

eA: If you say so! OK, perhaps you could elaborate on that; it sounds like a new point.

DC: It is: when you're leading the computer step-by-step through a process, you have to handle concurrency yourself. That's the 'How' of 'What not How'.

Conversely, when you simply declare 'What' the rules are, the computer is free to go off and do things as concurrently as the rules and the data separation allow.

eA: Mm. OK. Interoperability?

DC: It's interoperable again for the reasons I mentioned before. Firstly, the power of the URI; this scenario is a full player in the Web: you can share links to Items around and go fetch your Offers and Feedbacks with a simple HTTP GET. You can make things happen by POSTing to the relevant URI, given its content type.

There's also the expectation of standard Content-Types, sub-types and schemas in GET and POST, rather than custom eBay WSDLs and schemas, that I mentioned before.

eA: Like you said, you already mentioned these things. Anything to add now that we're doing business rules?

DC: Yes; when data is your interface and resource transformation your basic programming model, resource data types become part of your 'programming language'. As such, there is great benefit in sharing data types to allow such programming across multiple domain boundaries.

SOA, on the other hand, encourages inventing your own 'programming language' every time. It's a much more brittle model and mind-set.

You can't GET your RespondToBestOffer function call, but I can GET the ResponseToBestOffer! It's basically a more mashable approach to distributed programming.

In Part 5: The Distributed Observer Pattern.

Note that the opinions of our imaginary eBay Architect don't necessarily represent or reflect in any way the official opinions of eBay or the opinions of anyone at eBay.

Indeed, I can't guarantee that the opinions of our real blogger necessarily represent or reflect in any way the official opinions of Roy Fielding...

Business Functions | The REST Dialogues

2007-01-10T14:21:00Z

In an exclusive nine-part dialogue with an imaginary eBay Architect, we present an accessible discussion of the REST vs. SOA issue.

In this dialogue series, I argue the case for eBay to adopt a truly REST approach to their integration API.

Part 3: Business Functions

Duncan Cragg: So, where did we get to? Oh yes: the REST recipe for scalable and interoperable distributed systems!

We can read data at a URI with GET. We will usually understand that data when we get it, because it has a standard content type at a number of layers - perhaps from character set up to Microformat via XML and XHTML.

We can cache the data if the response allows it.

Then we can POST back our own content to the same URI - if we believe that this resource is interested and that it will do something we want.

Finally, the content we GET has more URIs that we can use in the same way.

eBay Architect: Simple enough.

DC: In fact, these are essentially the constraints of REST as formulated by Roy Fielding. Note that Fielding hardly mentions actual verbs in his thesis: he, in fact, gives special mention to GET and PUT, which is consistent with the basic 'state transfer' concept - one verb for each direction. The Web (and I) prefer POST to PUT!

Although we expect the resource to change in some way - perhaps change, create more resources or delete resources, the resource can actually do what it likes when POSTed to, as long as it conforms to its declared standard.

Don't forget that REST doesn't require direct resource editing as either a necessary or sufficient mode of interaction, and that in general a resource can do what it likes on receipt of incoming content, as long as both sides have agreed in advance.

eA: How do you know what a resource will do, then?

DC: The standard to which the POST target conforms will declare the type of the POSTed content and set the POSTer's expectations of the consequence of such a POST.

HTML, of course, is a bit vague and low-level about what you can POST - it's either name/value pairs or files, with no promise about what will happen afterwards. This is because a human is directly involved in the interaction. In contrast, we're discussing the general REST integration case here, where higher-level, more complex, machine-generated POST types are expected.

eA: This all sounds fine to me. But, like I said, our API has more complex business functions in it that go beyond simple data read and write.

DC: What sort of functions were you referring to?

eA: There's many of them. Functions like PlaceOffer, RespondToBestOffer, CompleteSale, SendInvoice.

These are real functions, not getting, setting or adding data.

DC: Indeed, and as such form an excellent exercise to demonstrate the general power of REST!

eA: Show me how. What's the trick?

DC: The trick is simply to identify your resources, then to discover or define how their state depends on related resources and POSTed content, using transformation rules, or 'animation' code.

Indeed, if the state of a resource depends on the state of other resources - or POSTed data - via a transformation, then you have a complete, general programming model.

eA: You mean my 'real functions'?

DC: Yes - a resource can do any 'real functions' just by watching resource changes via GET or receiving resource data via POST on its URI and then mechanically transforming itself according to its internal rules - as defined by standard, convention or agreement.

Data operations are enough to enable much more than just data operations, as long as you have the internal transformation rules in place that animate the data in the face of current state.

eA: What does this mean to an eBay Architect? How does that help with placing offers and responding to offers? How do I send an invoice?

A REST eBay Transaction

DC: OK, first identify your resources: let's look at what resources are implied by your list. You mentioned PlaceOffer, RespondToBestOffer, CompleteSale, SendInvoice.

So, it looks like we have this list of resource types: User, Item, Offer, ResponseToBestOffer, Feedback, Invoice.

Notice how, when we go from function (RespondToBestOffer!) to resource (ResponseToBestOffer), we change the names from an imperative instruction style to a declarative state style. This is a crucial change in mind-set.

eA: Um - the CompleteSale function isn't just for adding feedback, it allows paid and shipped to be set on an Item.

DC: Exactly: paid and shipped status are attributes of the actual Item being sold; the Item would be updated directly to complete a sale. However, it makes sense to put Feedback in its own separate resource.

Admittedly, this is just my initial analysis. I'm sure it could get more complex on closer inspection; I'm just trying to be illustrative. And I don't necessarily understand the whole eBay auction process, so please forgive any slip-ups there!

eA: OK. Now you said that we should define how these resources depend on each other and on POSTed content, using transformation rules. Take me through that.

DC: Sure. There are two API Users: Sam the Seller and Bill the Buyer.

Sam POSTs his Item resource, and eBay's servers create a linkable copy server-side, returning the URI in the 'Location:' header of the POST response.

Note that a server doesn't always need to create a linkable copy of what's POSTed to it, but that's the pattern I'll use in these examples.

Let's say Sam the Seller is posting a Fixed Price Item with Best Offers switched on - since you've mentioned RespondToBestOffer. Here, people can suggest a near, lower offer and a bit of negotiating can take place. Not the usual eBay auction but a simpler interaction that is perhaps more generally-applicable in e-commerce.

eA: Let Bill do a PlaceOffer, then: any transformations now?

DC: Yes. A number of people, including Bill, POST Offers linking to the Item and see these Offers created on the server.

eA: So how does Sam get to know about the Offers on his Item?

DC: Ah - that's your first transformation! Each time an Offer is POSTed referring to an Item, the target Item itself is updated. In particular, the Item has a sub-container with a list of current Offers on it, ordered by value.

At any time, anyone can fetch their own resources, and some owned by others, with a GET. Sam can GET his Item and its list of current Offers; Bill can also see the Item, and GET his Offer. Items and Offers thus refer to one another by internal links that everyone can understand because they understand URIs.

eA: Is this transformation really that big a deal?

DC: Not hugely. This transformation rule encapsulates the commonly-occurring concept in commerce of a range of values of multiple bids on some sale item - such as found in real estate and in financial markets.

A further business transformation rule may perhaps have Offers running a 'best-offer' status flag that is kept consistent with that Offer's relative state.

As you can see, and as is often the case in REST and declarative programming generally, these business rules are very simple.

eA: So, Sam sees a number of Offers. Let's say Bill has the highest and Sam wants to take it.

DC: Sam then POSTs a ResponseToBestOffer, accepting, and linking to, Bill's Offer. Again, Sam gets the server-side URI of his ResponseToBestOffer for future reference.

eA: This is where I'd call the RespondToBestOffer function.

DC: Yep. Now, you have this state: an Item from Sam and a list of Offers on that Item, with a Best Offer from Bill. Onto that overall state arrives Sam's ResponseToBestOffer referring to and accepting Bill's Offer.

This new state is 'in tension': it's not yet mutually self-consistent with the business rules - which say that we have a sale.

To resolve the tension, something's got to change. So all the losing Offers get updated to 'lost', and Bill's to 'won'. The Item gets updated to 'sold', with a link to Bill's Offer.

Now we're back in harmony again after some simple transformations on our resources.

eA: Mm. That's an interesting perspective.

DC: Yes, instead of calling functions, we're asserting state and then applying rules to bring the state into a configuration consistent with those rules.

eA: OK. So let's go back to my SOAP function list: CompleteSale. You said paid and shipped from CompleteSale are on the Item - but they still need to be actioned. And we still need to add Feedback.

DC: Clearly, you can set the paid and shipped status of an Item using POST to the Item's URI, just like in the simpler data setting examples before.

Always remember, though, that an Item is responsible for its own integrity - it may change spontaneously according to its internal transformation rules, or may change directly via User POSTs - but only if it will be consistent with its internal integrity rules.

eA: Feedback?

DC: Adding Feedback happens by the seller POSTing a Feedback resource to the URI of the buyer User's Feedback collection, which then returns a URI for the server-created copy.

A number of Feedback resources can be aggregated into a rating on a User resource; another simple transformation, where the rating is dependent on the state of the collection of Feedback resources.

eA: That's a point - what URI did you POST your Items and Offers to before, to get them created on the server?

DC: A seller User can keep a collection of current Items to POST to; a buyer User can keep a collection of current Offers.

It's just like in the Atom Publishing Protocol: new Items are POSTed to the seller's Item collection, new Offers either to a buyer's Offer collection or directly to the relevant Item - either way should cause the Offer to be added to the other Offer list.

eA: OK. SendInvoice? This has the side-effect of sending an email - now there's an imperative!

DC: Not when you think declarative!

To send an Invoice, just POST it to the buyer User's Invoice collection to get it created on the server with its URI.

Creation of the Invoice resource then triggers notification to the recipient by email. This email can either include an entire copy of the Invoice, or have a nice RESTful link back to the actual Invoice resource.

Email notification in a REST perspective falls into the same category as Web Feeds and POST - it's a proactive way to get resource state or state change out to an interested party.

Note that, like all interactions in this approach, it's not event-driven - it's state-driven. If you keep re-POSTing the same Invoice, or Item or Offer, it only gets created once, and the email only needs to be sent once!

eA: All these resources floating around - how do you manage them? You mentioned the Item and Offer collections.

DC: A seller's User resource would collect resources together like Items and ResponseToBestOffers. A buyer's User resource would have links to their collections of Offers, Invoices and Feedbacks. Buyers can also be sellers, of course.

These collections all form good candidates for viewing through a feed reader, or feed reading widget. For example, you could subscribe to your Item's collection of Offers to see new offers come in. You might subscribe to the Item collection of a seller whose goods often interest you. You would almost certainly have a subscription to the collection of Feedbacks about you...

This kind of thing falls naturally out of the REST approach, as long as collections have their own URI. Note that, unlike Web Feeds, such collections should contain links to their contents, perhaps alongside some summary information, not entire copies of their contents' text!

In Part 4: Inter-Enterprise REST Integration.

Note that the opinions of our imaginary eBay Architect don't necessarily represent or reflect in any way the official opinions of eBay or the opinions of anyone at eBay.

Indeed, I can't guarantee that the opinions of our real blogger necessarily represent or reflect in any way the official opinions of Roy Fielding...

eBay's Working Architecture

2006-12-14T14:15:00Z

There were two things I knew about eBay's Architecture - that they use J2EE and that they seem to like SOA. Both are approaches I give, ahem, special mention to on all my pages at the bottom of the left-hand column.

So it was with some apprehension that I opened up this (PDF) slide pack from Dan Pritchett and Randy Shoup of eBay, presented at SD Forum 2006 recently. I was expecting my prejudices around the issues and techniques of scaling web sites to be challenged, at least.

Instead, I found one after another of my scaling beliefs met. There was, indeed, a mention of J2EE - specifically the one where they said they threw most of it out! And a mention of SOA - the tiny line between two boxes on one slide connecting the 'Transaction Platform' to the 'Fraud' system!

The rest of the slides talked about sensible engineering practices such as cacheing, partitioning, statelessness, event-driven architectures and horizontal scaling. I was surprised to see XSL mentioned at the front end but, hey, it's a Declarative technology - so I'm not complaining!

It's a must-read document for anyone considering scaling a website. As it happens, I'm currently considering scaling a Web 2.0 site for a client at ThoughtWorks, so it's really put me in the right frame of mind. There's a summary of the talk by Johannes Ernst if, like me, you resist clicking PDF links.

Dan, of course, is the eBay Architect who has responded to the first two episodes of my REST Dialogues. I recommend his blog - even to the SOA-averse!

The Right Way to do Ajax is Declaratively

2006-07-13T14:33:00Z

Don't write your interactive Web application in custom Javascript! The Web's Declarative nature needn't be broken just because you want two-way dynamic data instead of one-way documents on your site.

Instead, write Declaratively to generic Javascripts, plugins and browser features such as Hijax, hInclude, XForms, SVG, XBL, etc.

This is the last of my XTech 2006-inspired articles. (I know: XTech was some weeks ago now, but I'm sure you'll have noticed that this is a 'contemporary article' blog, not a news blog!)

The theme for XTech 2006 was 'Building Web 2.0', and as a Web 2.0 Conference (don't tell O'Reilly), there was tons of Ajax... And as this is essentially an XML Conference, there was also a strong Declarative theme.

And the right way to do Ajax is Declaratively!

Ajax Lightning Demos

Simon Willison presided over this session. The demo that impressed me most was Hijax: Progressive Enhancement with Ajax, whose paper is here.

Hijax takes the view that you should design for no Ajax, then hijack the links, form posts and page construction in Ajax to speed it up, rather than designing for Ajax in the first place and excluding users without a capable browser. This is related to the AHAH idea.

So you don't build your application in Javascript, but simply enhance the existing Web model, running all the page's behaviour back on the server which owns it. Much more Declarative!

Web 2.0 On Speed

Mark Nottingham is one of those people whose blogs are top of my feed list. He currently works for Yahoo! This talk was about using some basic techniques to ensure Web 2.0 doesn't grind to a halt with all those dynamic and personalised pages. Simple fixes can get you very far: faster servers like lighttpd, various cacheing tricks, etc. Yahoo! should be implementing his ideas and insights on their sites (hopefully Mark will then go on to tell their API designers how to do REST...)

The main idea that interested me was using Ajax for client-side page construction (think client-side SiteMesh) and for inserting personalised URLs into the page.

It's a bit like Hijax, that I mentioned above. Mark says:

What I would like to see is for common JS functions like this to be sifted out and standardised as declarative markup...

This is good stuff (assuming you agree with us that Declarative is good!). See more in the summary and slides, and in Mark's hInclude proposal.

Ditching the database: XML and the PHP webapp

David Megginson basically said we should work in XML throughout our web apps: cache XML as your datastore, keeping all the little snippets that make up your pages - dynamic and static - cached in memory, then just send XML snippets from the server cache to the Ajax client to render, etc. This is rather like Mark Nottingham's tip above on client-side page assembly to achieve greater cacheability.

Paper here.

Introduction to XHTML2 and XForms

The flamboyant-looking and entertaining Steven Pemberton of the W3C presented a fast-paced and in-depth overview of XHTML2 and XForms.

Unless I missed something, it looks to me like XHTML2 has taken a perfect trajectory between backwards-compatible concepts, semantics and syntax and abstract idealism. XHTML2 appears to cleanly fix all the outstanding problems with HTML once and for all.

Now, part of XHTML2 is XForms. XForms does the same cleaning up job on HTML forms that XHTML2 does on HTML.

The important thing to know is that it works as an XML 'schema constraints engine'. That is, it returns to the server a fully-semantically-valid chunk of XML on a form submission. The 'schema' can include some static data pulled in from a separate URL to populate drop-downs, etc.

Yet it is more than this: I asked if it was Turing Complete, and Steven said yes. You can program an application using it.

And that application will be programmed Declaratively!

I can define the constraint that some output element be dependent on some input, then if the user changes the input, the output changes accordingly.

It's like Declarative Ajax. There were further talks on XForms which I cover just below.

Of course, I asked if it was RESTful, and it seems it was, mostly. The issue was that a URL may bring you in an editor XForms page, which then itself brings in some data underneath.

The editor XForms page is the bookmarkable thing but you don't see the URL of the populating data, so that's not bookmarkable. The page may change according to this data, but bookmarking what you see still only bookmarks the editor, not the editor plus the current visible data.

Also, even though XForms is amazingly programmable, it is still a forms system at heart. For example, you have explicit input and output elements; you can't get input events off the DOM and rewrite the DOM as output.

Slides here.