tag:blogger.com,1999:blog-32899022519674975932024-02-07T20:13:46.090-08:00Musings about web servicesSergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.comBlogger230125tag:blogger.com,1999:blog-3289902251967497593.post-49411171683433245052021-12-23T15:20:00.000-08:002021-12-23T15:20:48.246-08:00I'm anything but tired when I work with Quarkus<p>Things have been hectic in <a href="https://quarkus.io/">Quarkus</a> in 2021 for everyone involved - and therefore it is important, when contributing to such an active project, to listen to good music. </p><p>Luckily I have rediscovered the music and songs of Bruce Springsteen and his band. Of course I've heard it before, I bought a CD with his best songs about 10-15 years ago, but somehow listening to it did not inspire me back then, not sure if it happened to you at some point as well.</p><p>But something has changed this year. I have bought a new set of CDs and started listening to Bruce Springsteen again, sometimes when I was coding but more often when driving after work when I can make the music very loud 😀.</p><p>It is amazing how much power, energy and positive messaging is emanating from so many of Bruce Springsteen's songs.</p><p></p><p>I honestly don't understand how I managed before without listening to them. I feel energized after it - and I start looking to the next day of exciting coding even if it was busy today in <a href="https://quarkus.io/">Quarkus</a>. <a href="https://www.youtube.com/watch?v=x7lfzARGXGw">I'm anything but tired when I work with Quarkus</a> 😀.<br /></p><p></p><p>And I hope all of you who have discovered and started embracing <a href="https://quarkus.io/">Quarkus</a> have felt the same this year.</p><p></p><p>Happy Christmas and New Year to All. <a href="https://www.youtube.com/watch?v=MtrOYsNCPmg">Enjoy !</a><br /></p><p><br /></p><p><br /></p>Sergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.com0tag:blogger.com,1999:blog-3289902251967497593.post-27678372854899102012019-03-21T05:52:00.000-07:002019-03-21T05:52:49.713-07:00Quarkus is all about Developer JoyNo doubt that you, being an open source developer, have already browsed through the <a href="https://github.com/quarkusio">QuarkusIO</a> GitHub projects, been impressed by the <a href="https://quarkus.io/">cool Quarkus web site</a>, and <a href="https://twitter.com/QuarkusIO?lang=en">seen a lot of very positive feedback</a> about this truly innovative project which will disrupt the current application runtime ecosystem.<br />
<br />
So, I'm not going to go into the details into why <a href="https://github.com/quarkusio/quarkus">Quarkus</a> is such a brilliant project from the technical point of view. I'd only touch on why the <a href="https://quarkus.io/vision/developer-joy">Developer Joy</a> is what <a href="https://github.com/quarkusio/quarkus">Quarkus</a> is all about IMHO. <br />
<br />
I'm not a member of the Quarkus core team, but I was privileged to witness the launch of the project and observe the team doing the final preparations for the few days. It was obvious that what was really driving this talented team was the desire to make the features and the documentation as <b>simple</b> and <b>accessible</b> as possible from the very start. <br />
<br />
Back in the Apache CXF days, I tried very hard with my dear Apache CXF colleagues, to make things as simple as possible for the users. Those of you who followed our progress will hopefully agree.<br />
<br />
So, please believe me, and hope you don't mind me saying it, I do see when making the developers happy is what really drives a team. I trust you will confirm it yourself after working with <a href="https://github.com/quarkusio/quarkus">Quarkus</a>.<br />
<br />
Get engaged with the project which will fly, become the part of its community now.<br />
<br />
Finally, what about a link to some nice music ? Back in May 2018, I <a href="http://sberyozkin.blogspot.com/2018/05/thorntail-bird-brings-new-day-in.html">blogged about Thorntail v4</a>. As you know by now, Thorntail v4 has not materialized. But, consider Thorntail v4 be an early version of <a href="https://github.com/quarkusio/quarkus">Quarkus</a>, given the core Thorntail v4 contributors helped to shape <a href="https://github.com/quarkusio/quarkus">Quarkus</a>. So that blog post of mine was not a complete flop :-). Besides I had a link there to the most beautiful piece of music, albeit that was a mix one.<br />
<br />
So here is a <a href="https://www.youtube.com/watch?v=OWFc5mkABNo">real one</a>. Because it is real now, here comes another new day, here comes <a href="https://github.com/quarkusio/quarkus">Quarkus</a> !<br />
<br />
Enjoy ! <br />
<br />Sergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.com0tag:blogger.com,1999:blog-3289902251967497593.post-23252652969195425072018-10-03T04:00:00.001-07:002018-10-03T04:00:37.213-07:00[OT] Your Software Project is the Best Thing About You The open source software project you've been contributing to 'encapsulates' your thoughts, ideas, energy, drive to help. It is quite obvious if you start thinking about it.<br />
<br />
The API you have contributed to does not have to be perfect, what makes a difference is that you will 'connect' with the developers and users all around the world who have downloaded the released library. The fewer bugs the project has the better you are represented :-).<br />
<br />
It is quite possible then that your software project is one of the <a href="https://www.youtube.com/watch?v=W4TvIu1Q5pk">best things about you</a> :-).<br />
Sergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.com0tag:blogger.com,1999:blog-3289902251967497593.post-28511388857162052402018-08-13T08:40:00.000-07:002018-08-13T08:40:59.230-07:00Thorntail Goes Total JOSE<a href="http://jose.readthedocs.io/en/latest/">JOSE</a> is a set of modern security specifications developed by the best security experts in the industry. It has not always had the best press, with some weaknesses being identified. But it is still evolving, the JOSE libraries become more robust and it is always worth remembering that no ideal security specification exists, a given security mechanism always needs to be applied very carefully, with the support from the experts.<br />
<br />
You may or may not be surprised but JOSE is nearly everywhere now. Many of the current leading SSO providers use <a href="http://openid.net/connect/">OIDC</a>. They use ID and access tokens which are JOSE instances, JWT tokens, typically signed or even encrypted using the <a href="https://tools.ietf.org/html/rfc7515">JOSE JWS</a> and/or <a href="https://tools.ietf.org/html/rfc7516">JOSE JWE</a> mechanisms.<br />
<br />
<a href="https://github.com/thorntail/thorntail">Thorntail</a> has been OIDC/JOSE aware for a while. For a start it offers a comprehensive <a href="https://www.keycloak.org/">Keycloak</a> integration which not only lets users easily secure their HTTP endpoints with the Keycloak adapters but also offers a pretty unique Keycloak Server integration which will be the topic of one of the next posts.<br />
<br />
Next, Thorntail provided an integration with <a href="https://www.eclipse.org/community/eclipse_newsletter/2017/september/article2.php">Microprofile JWT</a>, the effort led by Red Hat. It offers an easy access to the individual claims inside a validated JWT token - often it is not enough for the endpoint to validate the token, it may need to make some application specific decisions based on the token content.<br />
<br />
Finally, to complete the picture, Thorntail master now offers a support for the generic JOSE, for the users be able to experiment with protecting their data using all that JOSE offers today: signing and/or encrypting the arbitrary data, complete payloads or only their specific parts, using the Java JKS or JOSE <a href="https://tools.ietf.org/html/rfc7517">JWK</a> key stores.<br />
<br />
The application code will be able to inject <a href="https://github.com/thorntail/thorntail/blob/master/fractions/jose/src/main/java/org/wildfly/swarm/jose/Jose.java">Jose</a> and configure its properties in YAML files like this <a href="https://github.com/thorntail/thorntail/blob/master/testsuite/testsuite-jose/src/test/resources/project-jws-compact-unencoded.yml">one</a>. Currently both <a href="http://cxf.apache.org/docs/jax-rs-jose.html">Apache CXF JOSE</a> and <a href="https://bitbucket.org/b_c/jose4j/wiki/Home">Jose4J</a> are being tested as <a href="https://github.com/thorntail/thorntail/blob/master/fractions/jose/src/main/java/org/wildfly/swarm/jose/Jose.java">Jose</a> implementations. The CXF implementation is currently offered by default - it has proven itself in the production and it also supports JWS and JWE JSON formats , but please do not be concerned if you prefer a quality <a href="https://bitbucket.org/b_c/jose4j/wiki/Home">Jose4J</a> library - we hope the users will show the interest in this feature over time and then we can easily offer a Jose4J option out of the box as well. <br />
<br />
Have a look at <a href="https://github.com/thorntail/thorntail-examples/tree/master/security/jose">the demo</a> please. It shows how JOSE can be used to sign the data in the detached mode. It is actually a very cool feature which is not well known due to JOSE being primarily used in the OIDC/OAuth2 space for now, as opposed to in the regular HTTP service communications. It allows to create a custom envelope where the data to be protected go alongside the signature. Yes, no need to come up with yet another specification to standardize on the envelope format, just choose whatever bean format you prefer, choose the data to be signed, and where the signature in this bean has to be collocated, it is so good.<br />
<br />
So, here you go. Are you interested in the modern security ? If yes - see what Thorntail can do.<br />
<br />
Enjoy!Sergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.com0tag:blogger.com,1999:blog-3289902251967497593.post-13304099086539654532018-05-10T03:38:00.000-07:002018-06-06T09:07:30.914-07:00Thorntail Bird Brings New Day in Container Development<a href="https://github.com/wildfly-swarm">WildFly Swarm</a> <a href="https://irc-source.com/channel/freenode/%23thorntail">team</a> started thinking about renaming the project awhile back, with the <a href="https://groups.google.com/forum/#!msg/thorntail/2x64m7eokxQ/K8JYTFZJAAAJ">first message</a> to the community coming in February.<br />
<br />
<a href="https://github.com/kenfinnigan">Ken</a> and <a href="https://github.com/bobmcwhirter">Bob</a> have put a lot of effort into finalizing the process, with the announcements <a href="https://groups.google.com/forum/#!topic/thorntail/53Y2C4CvOQQ">starting</a> <a href="https://groups.google.com/forum/#!topic/thorntail/3LNulXvkmyA">coming</a> this week, the week of <a href="https://www.redhat.com/es/summit/2018">Red Hat Summit</a>. <br />
<br />
The most exciting part is the fact that a new <a href="https://github.com/thorntail">Thorntail Project</a> GitHub organization has been created with the main concepts of this new 4.x line being captured <a href="https://docs.thorntail.io/4.0.0-SNAPSHOT/#_concepts">here</a>. <br />
<br />
It is going to be a very cool project. For a start, many tests run in Docker Machine. The new project already ships and will add the best and proven components, ready to run in the micro services and Cloud centric environments. It is expected to be light-weight and easy to work with. I hope you are already forking <a href="https://github.com/thorntail/thorntail/tree/4.x">the repository</a> while you are reading this post :-).<br />
<br />
<a href="https://www.youtube.com/watch?v=vw8tnR_slMI">Here Comes Another New Day</a>. New Day in the application container development. Start enjoying it now ! <br />
<br />Sergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.com0tag:blogger.com,1999:blog-3289902251967497593.post-64054211436022906852018-02-13T13:28:00.001-08:002018-02-13T13:28:07.658-08:00Adieu Talend, Hello Red Hat !Seems it was nearly yesterday when I joined Talend seven years ago. Time has flown so fast... Next week I will be returning to Red Hat but first I will talk a bit about my years with Talend.<br />
<br />
I'd like to believe that working for Talend has helped me become a better engineer, grow in confidence. And what about those unforgettable Talend R&D events :-) ? No doubt, it has been an interesting and exciting journey. <br />
<br />
It has not been easy to find a link to a piece of music which would associate well with the company, but I think I've got it in the end. The text there is a bit sombre, but the music reflects well what I'd like to remember about Talend, the energy and the style: enjoy <a href="https://www.youtube.com/watch?v=8kmzvE6su5I&list=RD8kmzvE6su5I">Ave Cesaria By Stromae</a>. Thank you Talend, Goodbye.<br />
<br />
And now I'll be heading back to Red Hat :-). I will be joining a <a href="http://wildfly-swarm.io/">WildFly Swarm</a> team and I look forward to and optimistic about it and the new challenge. I'll have to learn new things. I will enjoy it too. And in time, after I settle well, I will return to this blog and talk about WildFly Swarm and other related projects.<br />
<br />
Stay Tuned !Sergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.com0tag:blogger.com,1999:blog-3289902251967497593.post-68768400026893866312018-02-08T08:57:00.000-08:002018-02-08T08:57:40.297-08:00Apache CXF Story Will ContinueWhen I started working on Apache CXF full time it was already a well established project, shipping a production quality JAX-WS and an early JAX-RS implementations.<br />
<br />
During the next N years, with some short breaks, all of us did put a lot of effort into supporting the CXF community, keeping enhancing the JAX-RS, various security features, fixing lots and lots of bugs, and trying to support the idea that "CXF was more than just a library" :-).<br />
<br />
I'm curious, how many SOAP or pure HTTP calls have been made over the years with the help of CXF ? Sometimes one can read: "This product supports thousands of transactions per minute". Would be fun to read somewhere that "CXF has supported several millions of service calls over 10 years" :-). Or how many downloads have been made ? Who knows...<br />
<br />
It is satisfying to see that today the users keep coming to CXF and ask questions and open new issues. No doubt it has helped many users, helped to completely mainstream JAX-WS and then JAX-RS, alongside its Jersey and RestEasy 'colleague' frameworks.<br />
<br />
No doubt the Apache CXF story will continue and I've been happy to be part of this story. Thank You !<br />
<br />
Sergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.com0tag:blogger.com,1999:blog-3289902251967497593.post-63564706438083589812017-12-27T09:26:00.001-08:002017-12-27T09:26:55.087-08:00[OT] Work Next Year the way Arsenal and Liverpool played their football I've been lacking the ideas on how to write the regular and last off-topic post of the year, thinking which piece of music I should link to.<br />
<br />
And then the inspiration came from the completely unexpected source.<br />
<br />
Those of you who follow Arsenal FC in the English Premier League know that Arsenal can either draw against Liverpool but in such a way that fans will remember it for years (yes, that Liverpool 4 to Arsenal 4 draw), or, most likely, lose badly to this Merseyside team, something like 1:4 or similar.<br />
<br />
So less than a week earlier, Arsenal was playing with Liverpool in London, losing 0:2. Oh well, most Arsenal fans thought, one of those days which can only be described in <a href="https://en.wikipedia.org/wiki/Fever_Pitch">Fever Pitch</a>. Then, in the 2nd half, after the few minutes, while the fans were having <a href="http://www.bbc.com/sport/live/football/40956002?ns_mchannel=social&ns_source=twitter&ns_campaign=bbc_live&ns_linkname=5a3d74b5e4b0f9d014c49adb%26Get%20Involved%26&ns_fee=0#post_5a3d74b5e4b0f9d014c49adb">mince pies and tea</a>, Arsenal were 3:2 up, with Liverpool managing to equalize. The game saw many mistakes and brilliant moves and fans just had the day of the year watching the game. I liked this <a href="http://www.bbc.com/sport/live/football/40956002?ns_mchannel=social&ns_source=twitter&ns_campaign=bbc_live&ns_linkname=5a3d7b49e4b06f06e8399248%26FULL-TIME%26&ns_fee=0#post_5a3d7b49e4b06f06e8399248">summary</a>.<br />
<br />
How would I translate that to a New Year wish for you, the software engineers ? Here it is:<br />
<br />
Enjoy your work next year, try to do something extraordinary, something new, and don't be afraid to make mistakes :-)<br />
<br />
Happy New Year !<br />
<br />
<br />Sergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.com0tag:blogger.com,1999:blog-3289902251967497593.post-66529994760836985072017-12-27T08:56:00.001-08:002017-12-27T08:56:29.884-08:00Get OpenAPI v3 JSON with CXF Now ! The Apache CXF has done some initial work to have <a href="https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.0.md">OpenAPI v3</a> JSON reported from the JAX-RS endpoints. <br />
<br />
Andriy Redko has started with the OpenApiFeature implementation which depends on the latest OpenApi v3 aware swagger-core and swagger-jaxrs libraries and demoed it <a href="https://github.com/apache/cxf/tree/master/distribution/src/main/release/samples/jax_rs/description_openapi_v3">here</a>.<br />
<br />
In meantime I did a <a href="http://cxf.apache.org/docs/swagger2feature.html#Swagger2Feature-ConvertingtoOpenAPIJSON">Swagger2 to OpenApi v3 JSON conversion filter</a> which reacts to openapi.json queries by converting Swagger2 swagger.json produced by Swagger2Feature to openapi.json with the idea of making it easier for the existing upstream code (which has already integrated Swagger2Feature) to start experimenting with OpenAPI v3, before doing the switch to the new feature (and dependencies). <br />
<br />
This effort is still a work in progress but the results in both cases are promising. The new feature and the conversion filter will require some more improvements but you can start experimenting with them right now. And if you are someone like me then you will be positively surprised that SwaggerUI 3.6.1 and newer can handle both Swagger2 and OpenAPI v3 JSON :-).<br />
<br />
Enjoy !Sergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.com0tag:blogger.com,1999:blog-3289902251967497593.post-37302637196366888602017-12-27T08:36:00.001-08:002017-12-30T13:21:46.619-08:00Simple Reuse of org.reactivestreams in CXFI mentioned earlier that one could link RxJava2 Flowable with JAX-RS AsyncResponse with Subscriber which will do the best effort at streaming the data pieces converted to JSON array elements, <a href="http://cxf.apache.org/docs/jax-rs-rxjava.html#JAX-RSRxJava-CombiningFlowablewithAsyncResponse">see this example</a>.<br />
<br />
That works but requires the application code refer to both JAX-RS AsyncResponse and CXF specific JsonStreamingAsyncSubscriber (RxJava2 specific at the earlier stage), as opposed to simply returning Flowable from the resource method.<br />
<br />
In meantime, John Ament added the initial <a href="https://projectreactor.io/">Reactor</a> integration code, and as part of this work John also provided the org.reactivestreams compatible JsonStreamingAsyncSubscriber to be optionally used with the CXF Reactor invoker.<br />
<br />
As a result we've found the opportunity to do some refactoring and introduce the simple org.reactivestreams <a href="https://github.com/apache/cxf/tree/master/rt/rs/extensions/reactivestreams/src/main/java/org/apache/cxf/jaxrs/reactivestreams/server">utility module</a> which is now reused between CXF RxJava2 <a href="https://github.com/apache/cxf/blob/master/rt/rs/extensions/rx/src/main/java/org/apache/cxf/jaxrs/rx2/server/ReactiveIOInvoker.java#L48">invoker</a> and Reactor <a href="https://github.com/apache/cxf/blob/master/rt/rs/extensions/reactor/src/main/java/org/apache/cxf/jaxrs/reactor/server/ReactorInvoker.java#L32">invoker</a>: the <a href="https://github.com/apache/cxf/blob/master/rt/rs/extensions/reactivestreams/src/main/java/org/apache/cxf/jaxrs/reactivestreams/server/AbstractReactiveInvoker.java">common invoker code</a> both invokers delegate to will check if JSON is expected and if yes then will register <a href="https://github.com/apache/cxf/blob/master/rt/rs/extensions/reactivestreams/src/main/java/org/apache/cxf/jaxrs/reactivestreams/server/JsonStreamingAsyncSubscriber.java">JsonStreamingAsyncSubscriber</a> as org.reactivestreams.Subscriber with org.reactivestreams.Publisher which can be either RxJava2 Flowable or Reactor Flux.<br />
<br />
The end result is that users can now write simpler code by returning <a href="https://github.com/apache/cxf/blob/master/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/reactive/RxJava2FlowableService.java#L81">Flowable</a> or <a href="https://github.com/apache/cxf/blob/master/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/reactor/FluxService.java#L51">Flux</a> from the service methods.<br />
<br />
It is an interesting but simple example of reusing the org.reactivestreams aware code between different org.reactivestreams implementations.Sergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.com0tag:blogger.com,1999:blog-3289902251967497593.post-90347917411745281122017-09-12T09:20:00.000-07:002017-09-12T11:55:27.797-07:00The Real Data Processing with Apache Beam and TikaIf we talk about the data injestion in the big data streaming pipelines it is fair to say that in the vast majority of cases it is the files in the CSV and other text, easy to parse formats which provide the source data.<br />
<br />
Things will become more complex when the task is to read and parse the files in the format such as PDF. One would need to create a reader/receiver capable of parsing the PDF files and feeding the content fragments (the regular text, the text found in the embedded attachments and the file metadata) into the processing pipelines. That was tricky to do right but you did it just fine.<br />
<br />
The next morning you get a call from your team lead letting you know the customer actually needs the content injested not only from the PDF files but also from the files in a format you've never heard of before. You spend the rest of the week looking for a library which can parse such files and when you finish writing the code involving that library's not well documented API all you think of is that the weekends have arrived just in time. <br />
<br />
On Monday your new task is to ensure that the pipelines have to be initialized from the same network folder where the files in PDF and other format will be dropped. You end up writing a frontend reader code which reads the file, checks the extension, and then chooses a more specific reader. <br />
<br />
Next day, when you are told that Microsoft Excel and Word documents which may or may not be zipped will have to be parsed as well, you report back asking for the holidays...<br />
<br />
I'm sure you already know I've been preparing you for a couple of good news.<br />
<br />
The first one is a well known fact that Apache Tika allows to write a generic code which can collect the data from the massive number of text, binary, image and video formats. One has to prepare or update the dependencies and configuration and have the same code serving the data from the variety of the data formats.<br />
<br />
The other and main news is that Apache Beam 2.2.0-SNAPSHOT now ships a new <a href="https://github.com/apache/beam/tree/master/sdks/java/io/tika">TikaIO module</a> (thanks to my colleague <a href="http://blog.nanthrax.net/">JB</a> for reviewing and merging the PR). With Apache Beam capable of running the pipelines on top of Spark, Flink and other runners and Apache Tika <a href="https://github.com/apache/beam/blob/master/sdks/java/io/tika/src/test/java/org/apache/beam/sdk/io/tika/TikaIOTest.java#L43">taking care of various file formats</a>, you get the most flexible data streaming system.<br />
<br />
Do give it a try, help to improve TikaIO with new PRs, and if you are really serious about supporting a variety of the data formats in the pipelines, start planning on integrating it into your products :-)<br />
<br />
Enjoy! <br />
<br />
<br />
<br />Sergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.com0tag:blogger.com,1999:blog-3289902251967497593.post-57093771145042429222017-09-06T05:50:00.000-07:002017-09-06T05:50:25.328-07:00Mostly On Topic: CXF and Swagger Integration Keeps Getting BetterWhile thinking about a title of this post I thought the current title line, with the " Keeps Getting Better" finishing touch may work well; I knew I used a similar line before, and after looking through my posts I found <a href="http://sberyozkin.blogspot.ie/2008/12/cxf-jaxrs-keeps-getting-better.html">it</a>.<br />
<br />
Oh dear. I'm transported back to 2008, I can see myself, 9 years younger, walking to the Iona Technologies office, completely wired on trying to stop the Jersey JAX-RS domination :-), spotting an ad of the latest Christina Aguilera's <a href="https://en.wikipedia.org/wiki/Keeps_Gettin%27_Better:_A_Decade_of_Hits">albom</a> on the exit from the Lansdowne Dart station and thinking, it would be fun, trying to blog about it and link to CXF, welcome to the start of the [OT] series. I'm not sure now if I'm more surprised it was actually me who did write that post or that 9 years later I'm still here, talking about CXF :-).<br />
<br />
Let me get back to the actual subject of this post. You know CXF started quite late with embracing Swagger, and I'm still getting nervous whenever I remind myself Swagger does not support 'matrix' parameters :-). But the Swagger team has done a massive effort through the years, my CXF hat is off to them.<br />
<br />
I'm happy to say that now Apache CXF offers one of the best Swagger2 integrations around, at the JSON only and UI levels and it just <b>keeps getting better</b>.<br />
<br />
We've talked recently with Dennis Kieselhorst and one can now configure Swagger2Feature with the <a href="http://cxf.apache.org/docs/swagger2feature.html#Swagger2Feature-New:ConfiguringfromPropertiesfile">external properties file</a> which can be especially handy when this feature is auto-discovered.<br />
<br />
Just at the last minute we resolved an issue reported by a CXF user to do with accessing Swagger UI from the <a href="https://cwiki.apache.org/confluence/display/CXF20DOC/Swagger2Feature#Swagger2Feature-ReverseProxy">reverse proxies</a>.<br />
<br />
Finally, Freeman contributed a java2swagger Maven plugin.<br />
<br />
Swagger 3 will be supported as soon as possible too.<br />
<br />
Enjoy!Sergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.com0tag:blogger.com,1999:blog-3289902251967497593.post-26630265042106564382017-08-31T04:35:00.000-07:002017-08-31T04:44:47.721-07:00Apache CXF 3.2.0 NIO ExtensionIn CXF 3.2.0 we have also introduced a <a href="http://cxf.apache.org/docs/jax-rs-nio.html">server-side NIO extension</a> which is based on
the very first JAX-RS API prototype done by Santiago <span class="st">Pericas-Geertsen</span>. The client NIO API prototype was not ready but the server one had some promising start. It was
immediately implemented in CXF once a long-awaited 1st 2.1 API jar got
published to Maven.<br />
<br />
However, once the JAX-RS 2.1 group finally resumed its work
and started working on finalizing NIO API, the early NIO API was unfortunately dropped (IMHO it could've stayed as an entry point, 'easy' NIO API),
while the new NIO API did not materialize primarily due to the time constraints of the JCP process.<br />
<br />
The spec leads did all they could but it was too tight for them to make it right. As sad as it was, they did the right decision, rather then do something in a hurry, better do it right at some later stage...<br />
<br />
It was easily the major omission from the final 2.1 API. How long JAX-RS users will wait till the new JAX-RS version will get finalized with the new NIO API becoming available to them given that it takes years for major Java EE umbrella of various specs be done ?<br />
<br />
In meantime the engineering minds in SpringBoot and RxJava and other teams will come up with some new brilliant ways of doing it. There will be not 1 but several steps ahead.<br />
<br />
Which brings me to this point: if I were to offer a single piece of advice to Java EE process designers, I'd recommend them to make sure that the new features can be easily added after the EE release date with the minor EE releases embracing these new features to follow soon, without waiting for N years. If it were an option then we could've seen a JAX-RS 2.2 NIO in say 6 months - just a dream at the moment, I know. The current mechanism where EE users wait for several years for some new features is out of sync with the competitive reality of the software industry and only works because of the great teams around doing EE, the EE users loyalty and the power of the term 'standard'. <br />
<br />
Anyway, throwing away our own implementation of that NIO API prototype now gone from 2.1 API just because it immediately became the code supporting a non-standard feature was not a good idea.<br />
<br />
It offers an easy link to the Servlet 3.1 NIO extensions from the JAX-RS code and offers the real value. Thus the code stayed and is now available for the CXF users to experiment with.<br />
<br />
It's not very shiny but it will deliver. Seriously, if you need to have a massive InputStream copied to/from the HTTP connection with NIO and asynchronous callbacks involved, what else do you need but a <a href="http://cxf.apache.org/docs/jax-rs-nio.html">simple and easy way</a> to do it from the code ? Well, nothing can be simpler than <a href="http://cxf.apache.org/docs/jax-rs-nio.html#JAX-RSNIO-EvenEasierNIOWrite">this option</a> for sure.<br />
<br />
Worried a bit it is not a standard feature ? No, it is fine, doing it the CXF way is a standard :-)<br />
Sergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.com0tag:blogger.com,1999:blog-3289902251967497593.post-17516925374288961622017-08-31T04:33:00.000-07:002017-08-31T04:33:01.904-07:00JAX-RS 2.1 is ReleasedJAX-RS 2.1 (JSR 370) has been finally <a href="https://www.jcp.org/en/jsr/detail?id=370">released</a> and JAX-RS users can now start looking forward to experimenting with the new features very soon, with a number of final JAX-RS 2.1 implementations being already available (such as Jersey) or nearly ready to be released.<br />
<br />
<a href="http://cxf.apache.org/docs/jax-rs.html#JAX-RS-CXF3.2.0">Apache CXF 3.2.0</a> is about to be released shortly, and all of the <a href="http://cxf.apache.org/docs/jax-rs-basics.html#JAX-RSBasics-WhatisNewinJAX-RS2.1">new JAX-RS 2.1 features</a> have been implemented: reactive client API extensions, client/server Server Sent Events support, returning CompletableFuture from the resource methods and other minor improvements.<br />
<br />
As part of the 2.1 work (but also based on the CXF JIRA request) we also introduced RxJava Observable and recently - RxJava2 Flowable/Observable client and server <a href="https://cwiki.apache.org/confluence/display/CXF20DOC/JAX-RS+RxJava">extensions</a>. One can use them as an alternative to using CompletableFuture on the client or/and the server side. Note, the combination of <a href="https://cwiki.apache.org/confluence/display/CXF20DOC/JAX-RS+RxJava#JAX-RSRxJava-CombiningFlowablewithAsyncResponse">RxJava2 Flowable with JAX-RS AsyncResponse</a> on the server is quite cool.<br />
<br />
The other new CXF extension which was introduced as part of the JAX-RS 2.1 work is the NIO extension, this will be a topic of the next post.<br />
<br />
Pavel Bucek and Santiago Pericas-Geertsen were the great JAX-RS 2.1 spec leads. <a href="http://aredko.blogspot.ie/">Andriy Redko</a> spent a lot of his time with getting CXF 3.2.0 JAX-RS 2.1 ready.Sergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.com0tag:blogger.com,1999:blog-3289902251967497593.post-6512672582627127082017-07-13T02:11:00.000-07:002017-07-13T02:11:33.502-07:00[OT] I Work with CXF and I Want It That WayThe time has come for a regular OT post.<br />
<br />
The journey of the software developer is always about finding the home where he or she can enjoy being every day, can look forward to contributing to the bigger effort every day.<br />
<br />
In addition to that the journey of the web services developer is always about finding the web services framework which will help with creating the coolest HTTP service on the Web. We all know there are many quality HTTP service frameworks around.<br />
<br />
My software developer's journey so far has been mostly about supporting one of such web services frameworks, Apache CXF. It has been a great journey.<br />
<br />
Some of you helped by using and contributing to Apache CXF earlier, some of you are long term Apache CXF users and contributors, preparing the ground for the new users and contributors who are yet to discover CXF.<br />
<br />
No matter which group you are in, even if you're no longer with CXF, I'm sure you've had that feeling at least once that you'd like your CXF experience last forever :-).<br />
<br />
Listen to a <a href="https://www.youtube.com/watch?v=4fndeDfaWCg&list=RD4fndeDfaWCg#t=0">message from the best boys band in the world</a>. Enjoy :-) <br />
<br />
<br />
<br />
<br />Sergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.com0tag:blogger.com,1999:blog-3289902251967497593.post-29591792951698335962017-07-03T06:12:00.002-07:002017-07-03T06:12:20.106-07:00Multiple JWE Encryptions POC With Apache CXF in two hoursThe summer has been great so far, and as usual, instead of watching yet another sport event final, you've decided to catch up with your colleagues after work and do a new round of the <a href="http://cxf.apache.org/docs/jax-rs-jose.html">Apache CXF JOSE</a> coding. Nice idea they said.<br />
<br />
The idea of creating an application processing the <a href="https://tools.ietf.org/html/rfc7516#appendix-A.4">content encrypted for the multiple recipients</a> has captured your imagination.<br />
<br />
After reviewing the <a href="http://cxf.apache.org/docs/jax-rs-jose.html#JAX-RSJOSE-JWEJSON">CXF JWE JSON</a> documentation you've decided to start with the following <a href="https://github.com/apache/cxf/blob/master/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jose/jwejws/JAXRSJweJsonTest.java#L95">client code</a>. This code creates a client proxy which posts some text.<br />
<br />
JWE JSON filter registered with the proxy will encrypt whatever the content the proxy is sending (does not have to be only text) only once, and the content encrypting key (CEK) will be encrypted with the recipient specific encrypting keys. Thus if you have 2 recipients then CEK will be encrypted twice.<br />
<br />
Registering the <a href="https://github.com/apache/cxf/blob/master/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/jwejson1.properties">jwejson1.properties</a> and <a href="https://github.com/apache/cxf/blob/master/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/jwejson2.properties">jwejson2.properties</a> with the proxy instructs the JWE JSON filter that a JWE JSON container for 2 recipients needs to be created, that the content encryption algorithm is A128GCM and key encryption algorithm is A128KW, and each recipient is using its own symmetric key encryption key. Each recipient specific entry will also include a 'kid' key identifier of the key encryption key for the service to figure out which JWE JSON entry is targeted at which recipient.<br />
<br />
Setting up the client took you all one hour.<br />
<br />
Next task was to prototype a service code. <a href="https://github.com/apache/cxf/blob/master/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jose/BookStore.java#L104">That was even easier</a>. Loading the recipient specific properties, locating a recipient specific entry and getting the decrypted content was all what was needed.<br />
<br />
Two hours in total. Note I did not promise it would take you 30 mins to do all the POC, it would've been really a child's play which is not realistic. With the two hours long project it is more complex, it felt like it was a walk in the park :-)<br />
<br />
<br />
<br />
Sergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.com0tag:blogger.com,1999:blog-3289902251967497593.post-53198794949960312132017-06-16T08:47:00.002-07:002017-06-16T08:47:54.254-07:00How to do JOSE in Apache CXF service codeThis blog entry continues the series started with <a href="https://datatracker.ietf.org/wg/jose/charter/">the introduction</a> to Apache CXF <a href="https://datatracker.ietf.org/wg/jose/charter/">JOSE</a> implementation followed recently with the post talking about the signing of <a href="http://sberyozkin.blogspot.ie/2017/05/signing-http-attachments-with-apache.html">HTTP attachments</a>. <br />
<br />
So CXF helps with shipping JOSE filters which can protect the application data by wrapping them into JOSE JWS or JWE envelopes or verify that the data has been properly encrypted and/or signed. In these cases the application code is not even aware that the JOSE processors are involved.<br />
<br />
How would one approach the task of signing/verifying and/or encrypting/decrypting the data <a href="http://cxf.apache.org/docs/jax-rs-jose.html#JAX-RSJOSE-JOSEinJAX-RSapplicationcode">directly in the application code</a> ? For example, what if an individual property of the bigger payload needs to be JOSE protected ?<br />
<br />
The most obvious approach is to use either CXF JOSE or the preferred 3rd party library to deal with the JOSE primitives in the application code. This is <a href="http://cxf.apache.org/docs/jax-rs-jose.html#JAX-RSJOSE-Option1:ProcessJOSEdirectly">Option 1</a>. It is a must option if one needs to have a closer control over the JOSE envelope creation process.<br />
<br />
Or you can basically do nearly nothing at all and let CXF handle it for you, this is <a href="http://cxf.apache.org/docs/jax-rs-jose.html#JAX-RSJOSE-Option2:UseJOSElibraryhelpersandEndpointConfiguration">Option 2</a>. This is a CXF Way Option - make it as easy as possible for the users to embrace the advanced technologies fast. It is not though only about making it easy - but is also about having a more flexible and even portable JOSE-aware code.<br />
<br />
In this case such requirements as "sign only" or "encrypt only" or "sign and encrypt" and similarly for the "verify/decrypt" are not encoded in the code - it is managed at the time of configuring the JOSE helpers from the application contexts (by default they only sign/verify).<br />
<br />
Likewise, the signature and encryption algorithm and key properties are controlled externally. <br />
<br />
I know, it is hard to believe that it can be so easy. Try it to believe it. Enjoy !<br />
<br />
<br />
<br />Sergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.com0tag:blogger.com,1999:blog-3289902251967497593.post-77960261135183765222017-05-23T03:17:00.000-07:002017-05-23T03:17:35.314-07:00Signing HTTP Attachments with Apache CXF JOSE <a href="https://datatracker.ietf.org/wg/jose/charter/">JOSE</a>, the primary mechanism for securing various OAuth2/OIDC tokens, slowly but surely is becoming the main technology for securing the data in the wider contexts. <a href="https://datatracker.ietf.org/wg/jose/charter/">JOSE</a>, alongside <a href="https://datatracker.ietf.org/wg/cose/charter/">COSE</a>, will become more and more visible going forward.<br />
<br />
I talked about Apache CXF <a href="https://datatracker.ietf.org/wg/jose/charter/">JOSE</a> <a href="http://cxf.apache.org/docs/jax-rs-jose.html">implementation</a> in <a href="http://sberyozkin.blogspot.ie/2016/05/practical-cryptography-with-apache-cxf.html">this post</a>. One of the practical aspects of this implementation is that one can apply <a href="https://datatracker.ietf.org/wg/jose/charter/">JOSE</a> to <a href="http://cxf.apache.org/docs/jax-rs-jose.html#JAX-RSJOSE-JOSEJAX-RSFilters">securing the regular HTTP payloads</a>, with the best attempt at keeping the streaming going made by the sender side filters, with the JOSE protection of these payloads (JWS signature or JWE encryption) being able to 'stay' with the data even beyond the HTTP request-response time if needed. <br />
<br />
In CXF 3.1.12 I have enhanced this feature to support the <a href="http://cxf.apache.org/docs/jax-rs-jose.html#JAX-RSJOSE-SigningandVerificationofHTTPAttachments">signing of HTTP attachments</a>. It depends on <a href="http://cxf.apache.org/docs/jax-rs-jose.html#JAX-RSJOSE-JWSwithDetachedContent">JWS Detached Content</a> and <a href="http://cxf.apache.org/docs/jax-rs-jose.html#JAX-RSJOSE-JWSwithUnencodedPayload">Unencoded Content</a> features which allow to integrity-protect the payload which can continue flowing to its destination in a clear form.<br />
<br />
Combining it with the super-flexible mechanism of processing the attachments in Apache CXF, and particularly with the newly introduced <a href="http://cxf.apache.org/docs/jax-rs-multiparts.html#JAX-RSMultiparts-MultipartFilters">Multipart filters</a> which let pre-process individual multipart attachment streams, helped produce the final solution. <br />
<br />
Besides, as part of this effort, the <a href="http://cxf.apache.org/docs/jax-rs-jose.html#JAX-RSJOSE-OptionalprotectionofHTTPheaders">optional binding of the outer HTTP headers</a> to the secure JWS or JWE payloads has also been realized.<br />
<br />
Be the first in experimenting with this IMHO very cool feature, try it and provide the feedback, enjoy ! <br />
<br />
<br />Sergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.com0tag:blogger.com,1999:blog-3289902251967497593.post-63842588005784749232017-05-18T02:23:00.002-07:002017-05-18T02:23:34.943-07:00Distributed Tracing with CXF: New FeaturesAs you may already know Apache CXF has been offering a simple but effective support for tracing CXF client and server calls with <a href="http://sberyozkin.blogspot.ie/2015/11/htrace-your-apache-cxf-service-flows.html">HTrace</a> since 2015.<br />
<br />
What is interesting about this feature is that it was done after the <a href="http://aredko.blogspot.ie/">DevMind</a> attended to Apache Con NA 2015 and got inspired about integrating CXF with HTrace.<br />
<br />
You'll be glad to know this feature has now been enhanced to get the trace details <a href="https://cwiki.apache.org/confluence/display/CXF20DOC/Using+Apache+HTrace#UsingApacheHTrace-PropagatingTraceDetailsToLogs">propagated to the logs</a> which is the least intrusive way of working with HTrace though should you need more advanced control, CXF will help, <a href="https://cwiki.apache.org/confluence/display/CXF20DOC/Using+Apache+HTrace#UsingApacheHTrace-Example#2:ClientandServerwithnestedtrace">see this section for example</a>.<br />
<br />
CXF has also been <a href="https://cwiki.apache.org/confluence/display/CXF20DOC/Using+OpenZipkin+Brave">integrated with Brave</a>. That should do better for CXF OSGI users. The integration work with Brave 4 is <a href="https://issues.apache.org/jira/browse/CXF-7247">under way now</a>.Sergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.com0tag:blogger.com,1999:blog-3289902251967497593.post-33987407172093826142016-12-19T05:35:00.001-08:002016-12-19T05:35:40.511-08:00[OT] You worked with CXF, Have a Great Time OutApache CXF has had a good year, with thanks to you using it, reporting the issues, asking the questions, with some of you spending a lot of your own time on helping improving it and keeping it flying and alive.<br />
<br />
Time has come for a well deserved break. Have a Great <a href="https://www.youtube.com/watch?v=MFbOE5GuiBE">Time Out</a>, enjoy it ! <br />
<br />
<br />Sergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.com0tag:blogger.com,1999:blog-3289902251967497593.post-13941355182165117282016-11-29T05:01:00.000-08:002016-11-30T03:45:49.534-08:00Bean Validation for CXF JAX-RS ProxiesIf you work with CXF JAX-RS Client proxies and have been thinking for a while, wouldn't it be good to have the proxy method parameters validated with the Bean Validation annotations, before the remote invocation is done, then a good news is, yes, starting from CXF 3.1.9 (which is due soon) it will be easy to do, have a look at <a href="https://github.com/apache/cxf/blob/master/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/validation/spring/JAXRSClientServerValidationSpringTest.java#L105">this test</a> please.<br />
<br />
If you have the code which is considered to be safe with the respect to how it initializes the entities which will be posted to the remote targets then the client side bean validation might not be needed.<br />
<br />
It can be more useful for the cases where the proxies are collecting the data from the databases or some other external sources - using the bean validation check to minimize the risk of posting some not well initialized data can indeed help.<br />
<br />
I'd like to thank Johannes Fiala for encouraging us to have this feature implemented.<br />
<br />Sergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.com0tag:blogger.com,1999:blog-3289902251967497593.post-71855816956261761972016-10-21T04:52:00.000-07:002016-10-21T05:03:32.126-07:00Fediz OIDC Story will continue at Apache Con EU 2016<a href="http://events.linuxfoundation.org/events/apachecon-europe">ApacheCon Europe 2016</a> will be held in Seville Spain, Nov 16-18, with <a href="http://events.linuxfoundation.org/events/apache-big-data-europe">Apache Big Data</a> starting on Monday Nov 14.<br />
<br />
<a href="http://coheigea.blogspot.ie/">Colm</a> and myself will <a href="http://sched.co/8ULu">continue talking about Fediz OpenId Connect</a> following our <a href="http://sberyozkin.blogspot.ie/2016/04/talking-about-fediz-oidc-at-apache-con.html">presentation earlier this year</a>.<br />
<br />
Would you like to hear about our continuous effort to make the development of OpenId Connect applications with the help of Apache CXF OIDC, OAuth2 and JOSE code nearly as easy as writing a simple JAX-RS server and contributing to the idea of making OIDC going mainstream ?<br />
<br />
Interested in making your own application server going OIDC way but concerned about the development costs ? See how Fediz IDP became OIDC-ready fast.<br />
<br />
You are interested in the WEB security, and thinking about where to start contributing to ?<br />
<br />
<a href="http://sched.co/8ULu">Join us</a> :-). At the very least <a href="http://www.apachecon.com/">join all of us</a>, listen to many interesting talks from my Talend, CXF and Apache SF colleagues. See you there !Sergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.com0tag:blogger.com,1999:blog-3289902251967497593.post-22405053291514673822016-09-29T06:21:00.003-07:002016-09-29T07:17:05.068-07:00CXF JAX-RS 2.0 - Perfect HTTP Spark Streaming ConnectorEven the most conservative among us, the web services developers, will be better off admitting sooner rather than later that Big Data is not something that can be ignored, it has become a major technology in the software industry and will continue becoming even more 'influential' with the <a href="https://en.wikipedia.org/wiki/Internet_of_things">Internet of things</a> wave coming in. <br />
<br />
Where will it place your typical HTTP service which GETs some data for the users from some data store or accepts some POSTs with the new data ?<br />
<br />
While I'm somewhat concerned seeing BigData consumers collecting the sources via a variety of custom optimized protocols and low-level transports like TCP, I firmly believe HTTP connectors should and will play a big role in
connecting the WEB users with the Big Data processing chains.<br />
<br />
HTTP, being so widely used, is a perfect frontend to the local networks where the nodes process the data, and while HTTP is synchronous for a typical interaction, JAX-RS 2.0 REST services can be quite smart. A variety of typical REST patterns can be employed, for example, a POST request handler with the data to be run through a BigData chain can let the application thread deal with it while respond to the user immediately, offering a link with a job id where the status can be monitored or the results returned from. Or the handler can rely on the suspended HTTP invocations and start streaming the results back as soon they become available.<br />
<br />
I have created a <a href="http://spark.apache.org/docs/latest/streaming-programming-guide.html">Spark Streaming</a> <a href="https://github.com/apache/cxf/tree/master/distribution/src/main/release/samples/jax_rs/spark">demo</a> showing some of the possible approaches. This demo is a work in progress and I will appreciate a feedback from the Spark experts on how the demo can be improved. <br />
<br />
The demo relies completely on JAX-RS 2.0 <a href="https://jax-rs-spec.java.net/nonav/2.0-rev-a/apidocs/javax/ws/rs/container/AsyncResponse.html">AsyncResponse</a> - the typical pattern is to resume it when some response data are available - and what is good it can be suspended multiple times to do a fine grained optimization of the way the service code returns the data. <a href="https://jax-rs-spec.java.net/nonav/2.0-rev-a/apidocs/javax/ws/rs/core/StreamingOutput.html">StreamingOutput</a> is another piece - it allows writing the data back to the user as soon as they become available. FYI, CXF ships a typed analog, called <a href="https://github.com/apache/cxf/blob/master/rt/rs/extensions/rx/src/main/java/org/apache/cxf/jaxrs/rx/server/StreamingAsyncSubscriber.java#L84">StreamingResponse</a>, you can see how it is being indirectly used in this <a href="https://github.com/apache/cxf/blob/master/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/reactive/ReactiveService.java#L92">RxJava Observable test code</a>.<br />
<br />
But let me get back to the demo. It shows two types of <a href="http://spark.apache.org/docs/latest/streaming-programming-guide.html#input-dstreams-and-receivers">Receivers</a> in action. <a href="https://github.com/apache/cxf/blob/master/distribution/src/main/release/samples/jax_rs/spark/src/main/java/demo/jaxrs/server/simple/StreamingService.java">This demo service</a> shows how an HTTP InputStream can be converted to a List of Strings with a custom Receiver making them available to Spark. <a href="https://github.com/apache/cxf/blob/master/distribution/src/main/release/samples/jax_rs/spark/src/main/java/demo/jaxrs/server/simple/StreamingService.java">The service</a> currently creates a streaming context per every request which I imagine may not be quite perfect but my tests showed the service performing quite well when the <a href="https://github.com/apache/cxf/blob/master/distribution/src/main/release/samples/jax_rs/spark/src/main/java/demo/jaxrs/server/simple/StreamingService.java#L158">input set is parallelized</a> - less than a sec for a half of MB PDF file.<br />
<br />
Speaking of PDFs and other binary files. One of the service methods uses a beautiful <a href="https://tika.apache.org/">Apache Tika</a> Parser API which is wrapped in this <a href="https://github.com/apache/cxf/tree/master/rt/rs/extensions/search/src/main/java/org/apache/cxf/jaxrs/ext/search/tika">CXF extension</a>. <a href="https://github.com/apache/cxf/blob/master/distribution/src/main/release/samples/jax_rs/spark/src/main/java/demo/jaxrs/server/simple/StreamingService.java#L94">These few lines of code</a> is what it takes to have a service enabled for it to push the content of either PDF or OpenOffice documents to the Spark pipeline (I only added PDF and OpenOffice Tika Parser dependencies to the demo so far). I'm sure you are now starting wondering why Tika API is still not used in your JAX-RS services which parse PDF only with the PDF specific API :-)<br />
<br />
I keep getting distracted. Back to the demo again. <a href="https://github.com/apache/cxf/blob/master/distribution/src/main/release/samples/jax_rs/spark/src/main/java/demo/jaxrs/server/socket/StreamingService.java">This demo service</a> is a bit more closer to the real deployment scenario. It uses a default Spark Socket receiver - JAX-RS 2.0 service, being a good HTTP frontend, forwards the HTTP stream data to the internal Spark Streaming TCP server which processes the data and makes them available to a JAX-RS AsyncResponse handler which is also acting as a Socket server. The correlation between a given HTTP request and the Spark output data is achieved with a custom protocol extension. I can imagine it will be easier with an internal Kafka receiver which is something that the demo will be enhanced with to try later on.<br />
<br />
In both cases, the demo streams the response data pieces back to the user as soon as they become available to the JAX-RS AsyncResponse handler.<br />
<br />
Additionally, the demo shows a CXF JAX-RS Oneway extension <a href="https://github.com/apache/cxf/blob/master/distribution/src/main/release/samples/jax_rs/spark/src/main/java/demo/jaxrs/server/simple/StreamingService.java#L111">in action</a>. HTTP Client will get a 202 status back immediately while the service will continue with processing the request data.<br />
<br />
I'm sure the demo will need more work but I also hope there's enough material there for you to start experimenting. Give it a try please and watch for the updates. I think it will be very interesting to see how this demo can also be written with <a href="http://beam.incubator.apache.org/">Apache Beam</a> API, check this <a href="http://blog.nanthrax.net/2016/08/apache-beam-in-action-same-code-several-execution-engines/">blog entry</a> for the good introduction.<br />
<br />
Enjoy ! Sergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.com0tag:blogger.com,1999:blog-3289902251967497593.post-69841748076761229122016-09-29T04:38:00.001-07:002016-09-29T04:38:31.540-07:00Progress In The JAX-RS 2.1 spaceFor those of you thinking what is going to happen to JAX-RS a good news is that JAX-RS 2.1 will live, surely it was the only possible outcome given the quality and the popularity of JAX-RS 2.0.<br />
<br />
Check out this <a href="https://oracle.rainfocus.com/scripts/catalog/oow16.jsp?event=javaone&search=Con7983&search.event=javaone">Java One 2016 Key Note</a>, and I will continue standing by <a href="http://sberyozkin.blogspot.ie/2015/11/jax-rs-21-specification-work-has-started.html">my assertion</a> that even more is to come from JAX-RS. <br />
<br />
<br />
As far as Apache CXF is concerned, <a href="http://aredko.blogspot.ie/">Andriy</a> has been working hard on a JAX-RS 2.1 branch where he implemented a 2.1 Server Sent Events API. And after <a href="http://marek.potociar.net/">Marek</a> released the very first <a href="http://search.maven.org/#artifactdetails%7Cjavax.ws.rs%7Cjavax.ws.rs-api%7C2.1-m01%7Cjar">JAX-RS 2.1 API artifact</a> to Central Andriy merged his work to the CXF 3.2.0 master branch.<br />
<br />
It is very good because we can now start working toward releasing CXF 3.2.0 with this early JAX-RS 2.1 API to be implemented for the CXF users to experiment with - JAX-RS 2.0 users will be able to migrate to CXF 3.2.0 without changing anything in their services code.<br />
<br />
The new JAX-RS 2.1 features (SSE, NIO and Reactive Invokers, with the early API improvements likely to happen during the coming specification work) are cool and it is worth taking the hats off to the engineering minds of the Jersey team for the top work they did.<br />
<br />
<br />
<br />
<br />
<br />
<br />Sergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.com0tag:blogger.com,1999:blog-3289902251967497593.post-35861859292960890072016-09-28T09:43:00.000-07:002016-09-28T09:43:30.180-07:00[OT] Become Most Enigmatic Person in The Office - Discover CXFGoing the winding Apache CXF path is not that scary for a web services developer - some features may not be there just yet but you may discover something new instead, while helping driving the CXF forward along the way.<br />
<br />
<a href="https://www.youtube.com/watch?v=MV_3Dpw-BRY">Have no fear</a>, answer the call, help your team discover what Apache CXF really is. And become the most popular and enigmatic person in your office :-) <br />
<br />Sergey Beryozkinhttp://www.blogger.com/profile/06251894780466207746noreply@blogger.com0