2. Topics for Today
• Single Sign On with CAS
• Lung Cancer Explorer Changes
• Introduction to RESTful Web Services
• RESTful Services
• LCDB
• ProbeMapper
• JSON Table Schema Serialization/Deserialization
• Authentication with CasHmac
• Authorization with CasHmac
• Graph Databases with Neo4j
3. Single Sign on with CAS
• “Central Authentication Service”
• Open Source Project available at http://www.jasig.org/cas
• Runs on Tomcat (no need for additional servers)
• Integrates with Web Applications without modification
• Proxy Support for Web Services
5. Lung Cancer Explorer
• Meta Analysis
• Survival Analysis with Group Segmentation
• Dataset Suggestions
• Dataset Filtering
• Analysis Caching with Redis
6. Intro to RESTful Web Services
• Terminology
• Representational State Transfer
• GET, DELETE, PUT, POST
• Benefits
• Popular and simple (vs. SOAP)
• Responds with valid JavaScript (JSON)
• Supported by many open-source frameworks
• Very easy to consume
• Purpose
• Provide data to applications
• Expose services to outside applications
11. New RESTful Web Services
• LCDB
• Datasets (GET, DELETE, and PUT)
• Patients (GET, DELETE, and PUT)
• Samples (GET, DELETE, and PUT)
• Expression Data (GET, DELETE, and PUT)
• Histologies
• Normalizations
• Races
• Smoking Statuses
• Tissues
12. New RESTful Web Services
• ProbeMapper (migrated from SOAP)
• Authorities
• Platforms (GET, DELETE, and PUT)
• Probes (GET, DELETE, and PUT)
• Genes
• Genes for Probes (GET, DELETE, and PUT)
• Probes for Genes
• Lung Cancer Explorer uses ProbeMapper
13. JSON Table Schema
• For more
information:http://www.dataprotocols.org/en/latest/json-
table-schema.html
• A “simple schema for tabular data”
• Saves bandwidth by assuming a consistent format
• Speeds our implementations of ProbeMapper and LCDB with
our custom Jacksonate serializer/deserializer.
• See https://github.com/QBRC/Jacksonate
• See https://github.com/QBRC/Guiberest
14. Authentication with CasHmac
• Supports CAS for authentication
• Supports HMAC for authentication
• User has and ID and a Secret Key
• Request information is combined into a string
• User’s Secret Key is used to create a hash from the string
• User’s ID is sent with the request
• Server looks up user’s Secret Key based on ID
• Server recreates hash and verifies that it matches the client’s
hash that was included with the request.
• See https://github.com/QBRC/CasHmac
• See https://github.com/QBRC/Guiberest
15. Authorization with CasHmac
• Method-based authorization by Role
• ACL-based: Access Control List
• Authorization to access/update/delete a specific object
• Authorization may be tied to dependent objects
• Allows us to annotate our classes for security
16. Graph Databases with Neo4j
• See http://www.neo4j.org/
• Graph Databases:
• Store objects
• Focus on relationships between objects (uses verbs)
• Jonathan -> (is employed by) -> QBRC
• Jeff -> (supervises) -> Jonathan
• Allow very fast retrieval of objects based on their relationships to
one another
• Neo4j and Bioinformatics:
http://watch.neo4j.org/video/47275633
17. Summary
• Single Sign On with CAS
• Lung Cancer Explorer Changes
• RESTful Services
• Graph Databases with Neo4j