Friday, October 9, 2015

[OT] Apache CXF: Nothing Else Matters !

One can ask, do web services still matter in the today's world of emerging technologies such as Cloud and Big Data ?

Of course they do still matter. Take Big Data. The important thing to realize is as far as a remote client interacting with your HTTP server which internally initiates BigData flows is concerned it is still a client and HTTP server only - the client submits the data and gets the response it needs - the mechanism used to produce this response is, and has to be, completely opaque to the remote client, nothing unusual here, simply a proper service design leaking no implementation details to the client. In some cases one may not want to link BigData response streams to remote clients but in other cases it may make a perfect sense.

So yes, the web services do still matter because one still needs a production-quality, secure, flexible HTTP layer between the remote clients and internal data systems.

In fact, if you are an Apache CXF user, I can already hear you all saying (or even singing ?), Apache CXF: Nothing Else Matters ! Just make it loud enough to have your colleagues from the other team hear it :-)

Thursday, October 8, 2015

Make your CXF JAX-RS servers OpenId Connect ready

We've been doing a lot of work during the last year to ensure CXF developers can start experimenting fast and effectively with the latest RS security advancements such as OAuth2 and JOSE which are also the building blocks for OpenId Connect (OIDC).

With OAuth2 and JOSE modules becoming quite solid, it was time to turn the attention to OIDC, OIDC RP being a starting point - which is a mechanism to log on the users into the servers by federating to OIDC IDP providers such as Google and Facebook.  OIDC is a fairly complex protocol but with OAuth2 and JOSE covered it was not that tricky after all.

The initial result is these two demos:

1. BigQuery

This demo shows a client OAuth2 server that accesses a user's BigQuery data-sets. The demo checks a public data-set of Shakespeare works but once you have a Google Developer account you can easily create your own BigQuery data-set and use the demo to access it instead.

2. Basic OIDC

This demo shows that a server does not have to be specifically coded around OAuth2 flows to use OIDC - it only uses OIDC to log-in the users and then work with these users.

I'd like to encourage you to run these demos - ask at CXF users or #apache-cxf if you have any issues running them and start making your CXF servers OIDC-aware now !

I look forward to the feedback from the early adopters. And please watch this space - this is only a start :-)

Wednesday, October 7, 2015

Apache CXF and Aries Blueprint Everywhere

Many times, when developing JAX-RS demos, I had to solve the following issue: how to describe the demo endpoints to be run in OSGI and the same endpoints to be run in Tomcat.

Typically I'd create a Spring context file describing few JAX-RS endpoints and use it when running a demo in Tomcat. Next I'd create an equivalent Blueprint context file and run the demo in Karaf.

It works but having to duplicate the contexts in Spring and Blueprint languages is unfortunate. Granted, one can use Spring DM to run the endpoints described in Spring contexts in Karaf but OSGI developers know Spring DM is a finished line.

So we did some work first to make a CXFBlueprintServlet referencing a Blueprint context working in OSGI - the same way a CXFServlet can work with Spring contexts in OSGI with the help of Sprinjg DM.

Next, my colleague Alex suggested to have the same mechanism working in non-OSGI deployments - for the reason described above, i.e, to reuse the same context language (Blueprint) when deploying CXF endpoints to OSGI and servlet containers. As it happens Apache Aries team already did some work for supporting Blueprint in non-OSGI setups, so after doing some more work in CXF and Aries we can now have CXFBlueprintServlet loading Blueprint contexts in standalone Tomcat/Jetty too. Some work still needs to be done here, particularly ensuring such endpoints can run offline, but overall it looks promising.

The short overview is here.  Note the same web.xml and Blueprint context is used in OSGI and non-OSGI setups - the only thing which changes is a single Maven Aries dependency.

Note this mechanism works for CXF JAX-RS and JAX-WS endpoints.

If you are a Blueprint fan: Enjoy!  

Thursday, May 14, 2015

The Rise Of Apache Tika

Apache Tika is an interesting project. It is not a very big one but IMHO it is poised to become the project every team serious about doing the complex, unstructured, binary content processing will talk about and use.

The power of Apache Tika lies in the simplicity it offers for processing different types of binary and other types of complex data. Consider a simple situation: your project needs to support analyzing PDF files. One approach is to write a PDF library specific routine. This approach stops scaling as soon you need to support Excel and ODT files too. And stops working once you have a task to support a possibly unlimited number of types of data.

Apache Tika helps with generalizing the processing of arbitrary types of data and thus offers a unique opportunity for a given project to offer a real value add-on.

I really liked this presentation at the recent Apache Con NA.  It was absolutely packed with the interesting content and Chris talked a lot about applying Tika to solving the real life problems. Andriy Redko did a brilliant talk about the CXF and Tika integration. There were more Tika presentations and I regret I could not make it to all of them.

The future is bright for Tika. And for the projects that will use it :-)

Friday, May 1, 2015

Open Id Connect Certification Strategy

I've just read about an OpenId Connect Certification open strategy. IMHO it is brilliant and no doubt will guarantee a wider adoption of OIDC. Mike Jones's explanation of why it will work is a good read.

The closed (payed-only) certification model limits the adoption of a given technology by the implementors.

Thursday, April 30, 2015

[OT] Apache CXF is Electric !

I remember this day as it was yesterday. April or March of 1998. I'm in England, Stockport city centre, listening to Oasis's latest single. It was absolutely great, the energizing effect of it.

As it happens I haven't listened to Oasis for the next 17 years apart from hearing them occasionally on the local FM. But a month or so back, I finally got their disk.

"She is Electric" is one of the best songs, classical Oasis. Nearly every time I listen to it I think, well, one can definitely say "Apache CXF is Electric". Why ? Because Apache CXF is cool, active and alive !  Work with it and you will become Electric too :-)   

Friday, March 13, 2015

Talking about CXF at Apache Con NA 2015

Apache Con NA 2015 will be held in Austin, Texas on April 13-16 and as it is usually the case there will be several presentations done there about Apache CXF. There will be interesting presentations from Hadrian and JB too. There will be many other great presentations as usual.

As far as CXF presentations are concerned:

Aki Yoshida will talk about combining Swagger (Web) Sockets, Apache Olingo and CXF Web Sockets Transport - now, this is seriously cool :-) The good news the presentations will be available online for those who will not be able to see it live.

Andriy Redko will talk about something which equally rocks, about combining a CXF Search Extension (FIQL or OData/Olingo based), Apache Tika and Lucene to show the effective search support for uploaded PDF and Open Office documents.

Attending both presentations can get anyone over-excited, that is for sure :-).
This is going to be tough, choosing to which presentation to go with my other colleagues presenting on the same day.

Finally, I will do the introduction of Apache CXF JOSE implementation which I briefly introduced in the previous blog. I'll describe all that CXF JOSE project has in place, and finish with a demo.

The demo deserves a special attention: I haven't written this demo, Anders Rundgren did. The original demo is here. This appears to be like a regular JavaScript-based demo but it is bigger than that, it shows what WebCrypto can do. Supporting generic browser-based signature applications, and interoperating with target servers in a variety of formats, with JOSE one of them. So the demo will show a WebCrypto client interoperating with an Apache CXF JOSE server.

Anders has been incredibly helpful and supportive, helped me to get his demo running in no time. Anders is working on a JSON Clear Signature (JCS) initiative that offers an XML Signature like support for signing JSON documents.  JCS are easier to understand than JOSE formats where Base64URL content representations are used. I'd like to encourage the interested users experiment with JCS, and help Anders. Hopefully something similar to JCS will be supported as part of a wider JOSE effort in the future.

I'm happy as usual I've got a talk selected and my employer's support to travel to Apache Con. It is always great to talk to my colleagues who work with CXF and other Apache technologies, it is important to show others CXF is very much alive and 'looks forward'. I regret I won't see some of my team colleagues there who haven't had a chance to submit for various important reasons but overall I'm looking forward to the conference with a great anticipation. Especially because I promised someone to beat him in chess after the presentations are over :-).

See you there !