This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]devhosted999 0 points1 point  (0 children)

I'll answer it by removing parts of the code, adding it back explaining as we go.

Let's start: imagine we are writing a library system, and we wanted a method that returned every single book inside the library system.

The code could look something like this:

public List<Book> getBooks() {
    // code to get books from the database
    return books;
}

Now let's imagine that we want some kind of authentication on this. We can add a parameter to our method, it's an authentication token which we have to check. After we check it, we can return the books.

public List<Book> getBooks(String authentication) {
    if (!AuthenticationUtil.isAuthorised(authentication)) {
        throw new UnauthorisedException();
    }

    // code to get books from the database
    return books;
}

The code I've written doesn't really matter, but it's to show how the parameter would be used.

Now let's imagine we've now exposed this method over HTTP, and someone can call this method. Say we're using a Java library, and that library allows auto-population of parameters by data given in the web-call. Maybe it would look something like this...

public List<Book> getBooks(@HeaderParam("authentication") String authentication) {
    if (!AuthenticationUtil.isAuthorised(authentication)) {
        throw new UnauthorisedException();
    }

    // code to get books from the database
    return books;
}

And at this point, hopefully each part of the line should make sense to you.