Wednesday, June 27, 2012

From FIQL expressions to typed JPA queries

Imagine you are working on the RESTful service implementation that relies on JPA2 but having a bit of a difficulty coming up with an interface that can neatly let users search the service data with queries allowing to express something more interesting than just "find all the data that have a given property equal to a given value".

Yes, FIQL is fantastic and its ability to express complex queries in a fairly simple and compact way is hard to beat.  CXF  offers an option to convert the captured FIQL expressions to other query languages and representations and now JPATypedQueryVisitor for converting FIQL queries to JPA2 TypedQuery or CriteriaQuery objects has been introduced. This can help users with creating typed JPA2 queries easily and getting the most of their JPA2-based services.

Major thanks to Jeff Wang for driving this enhancement with his contributions.

Next we will try to support hierarchical queries, for example, find all the chapters with a given content from books with a given set of properties or find all the books with the given properties that only have the chapters with a given content, etc. You can expect other useful converters, example for Casandra CQL and Lucene query languages, being added in time. Finally, the support for the alternative URI query languages is also on the map.

Watch this space :-)

Monday, June 25, 2012

SAML Web SSO for CXF JAX-RS endpoints

Last week Colm announced that support for SAML Web SSO profile was available starting from CXF 2.6.1. 

We have also created a new CXF wiki page dedicated to describing the way the CXF JAX-RS applications can be protected with SAML SSO filters.

Colm has done a comprehensive testing against many popular IDP implementations which support SAML SSO and we believe that CXF offers one of the most configurable and interoperable SP SAML SSO implementations, even at this early stage.

I think it is a pretty major milestone for CXF JAX-RS and for CXF Security overall. CXF already offers a production quality WS-Trust STS implementation, Oliver has just finished the first release of Fediz. Having  a quality Service Provider SAML SSO support will help users get CXF JAX-RS endpoints integrated with the enterprise security services which is very important.

This SSO support and other SSO implementations to be supported by CXF will also make it easier to build more distributed OAuth2 applications.

We are planning  to work on a demo demonstrating SAML Web SSO in action. Stay tuned :-)

Friday, June 1, 2012

RESTful Data Updates with Talend Studio

I created a presentation few months ago which showed how one can create a simple DB browser for exploring the arbitrary databases using Talend Open Studio for ESB.

The Customers DB explorer we created last time was supporting GET queries allowing to return the list of all the customers and the individual customer records.

I've worked recently on enhancing the job that we created last time for supporting more involved GET queries as well as data updates with POST, PUT and DELETE verbs. The presentation is available here.

The demo shows the original ReadCustomers DB job, as well as ReadCustomersAndOrders one which additionally manages GET requests for all the orders of the individual customers and the individual orders only.

The CRUDOrders  job shows how to create the new orders for specific customers, update and delete the existing orders, and query the list of all the orders for all the customers. Check how easy it is to configure the job to return a status like 400 in case of attempting to add an order for a non-existent customer.

Note that in this demo I did not really focus on showing how the individual jobs can be created from scratch, in order to keep it shorter in time. There are many other presentations available from Talend Channel, in series like this one, which show how various Talend components can work together, please follow one of those presentations or this one to get more information about it.

In this demo I really wanted to highlight that REST components can manage different HTTP requests (queries, updates, etc), with different, possibly overlapping URI paths and data payloads.

The tRESTRequest component linking HTTP verbs and URI templates is based on the JAX-RS matching algorithm and you can see how flexible the configuration can be, with as many capturing templates as needed added to the relevant HTTP mappings.

More work will be needed for it to support the richer set of media types, in addition to XML, JSON and forms. More flexible support for identifying newly created resources will be needed too.  We will be showing the relevant presentations in time.

I'd like to encourage those who are interested to play with creating RESTful jobs and provide us with the feedback.

In meantime I'll work on creating a demo showing how a RESTful job can be packaged as an OSGI bundle and deployed into Karaf with HTTPS and Basic Authentication supported by the container.

Stay tuned !