Oliver Wulff / Talend Flexibles Service Enabling mit Apache CXF
Introduction Oliver Wulff Talend Professional Services Solution Architect Web Services (Axis, CXF, ) Security (WS-*, Kerberos, Web SSO, ) Corba http://owulff.blogspot.com owulff@talend.com
Agenda CXF introduction New features in 2.5 Use cases for CXF extensions: Transport Bus extension Deployment use cases Web Services in the Enterprise Security in CXF
CXF Apache CXF is an open source services framework. CXF helps you build and develop services using frontend programming APIs, like JAX-WS and JAX-RS. These services can speak a variety of protocols such as SOAP, XML/HTTP, RESTful HTTP, or CORBA and work over a variety of transports such as HTTP, JMS or Camel
CXF Apache project since 2006 Merge of Celtix, ObjectWeb XFire, Codehaus Contributors Talend Fusesource JBoss
Frontends JAX-WS 2.2 JAX-RS 1.1 Simple Dynamic Client Transports HTTP(S) JMS Camel Bindings JAXB SDO XML CXF Overview
CXF Overview Configuration Spring JMX WS-Policy API WS-* WS-Policy WS-Addressing WS-Security/Policy WS-ReliableMessaging WS-Trust WS-SecureConversation Deployment Main line Servlet Engine (Tomcat, Websphere, Weblogic, JBoss, ) OSGi (ex. Karaf) JEE Server (JCA)
CXF Overview
CXF design (1/4) Interceptor Smallest processing unit withing the processing chain when messages are sent or received (GoF, Chain of Responsibility Pattern) Add capabilities to client, server or bus (finegrained) Interceptors are grouped in phases like RECEIVE, STREAM(s), PROTOCOL(s), Core building block within CXF for extension like WS-Addressing, WS-Policy, WS-Security
CXF design (2/4) Phases of incoming chain Phases of outgoing chain
CXF design (3/4) Feature Add capabilities to client, server or bus (coarse grained) Combines the interceptors to enable a feature ex. WS-Addressing feature registers all the WS- Addressing related interceptors Registers 1 or more interceptors WS-Policy Add capabilities to an endpoint (coarse-grained) Registers 1 or more interceptors Registers assertions and assertion builders
CXF design (4/4) Bus Provides a registry of extensions, interceptors and properties Extensions for transport, binding, lifecycle management, Global scope for all client/servers within the bus scope One JVM can host several bus instances Activation of features WS-Policy Spring configuration (per bus, client/server) CXF API (client/server, Lifecycle Listener)
CXF configuration (1/2) CXF API ex. adding an interceptor to the client MyInterceptor myinterceptor = new MyInterceptor(); FooService client =... ; Client cxfclient = ClientProxy.getClient(client); cxfclient.getininterceptor().add(myinterceptor); Spring configuration ex. Configure an interceptor on the bus <bean id="myinterceptor" class="demo.interceptor.myinterceptor"/> <bean id="cxf" class="org.apache.cxf.bus.cxfbusimpl"> <property name="ininterceptors"> <ref bean="myinterceptor"/> </property> <property name="outinterceptors"> <ref bean="myinterceptor"/> </property> </bean>
CXF configuration (2/2) Spring configuration ex. Configure a feature on the server <jaxws:server id="server" servicebean="org.apache.hello_world_soap_http.greetimpl" address="http://localhost:8080/simplewithaddress"> <jaxws:features> <bean class="com.example.myfeature"/> </jaxws:features> </jaxws:server> WS-Policy configuration ex. Configure a policy in the WSDL <wsrmp:rmassertion xmlns:wsrmp="http://schemas.xmlsoap.org/ws/2005/02/rm/polic y"> <wsrmp:acknowledgementinterval Milliseconds="50000"/> </wsrmp:rmassertion>
New features in 2.5 WS-RM interoperability WS-RM 1.1 JMX instrumentation of WS-RM components WS-MetadataExchange (WS-MEX) Service providers will properly Initial OAuth support for JAX-RS services Enhanced OSGi and Karaf integration new karaf commands JMX integration
New features in 2.5 Not only a framework anymore CXF services WS-Trust Security Token Service (STS) WS-Notification service
Use case for CXF extensions (1/2) Ease of use for service developers Configuration Programming Add custom soap headers Enable locator (Talend service) Enable service activity monitoring (Talend service) Enable CXF STS integration
Use case for CXF extensions (2/2) Interceptors In/out interceptor Reads input from JAX-WS property Configuration Programming Client/ServerLifecycleListener Add interceptor to the chain if client/service is created BusExtension Register lifecycle listener when bus is started http://owulff.blogspot.com Exposure for developer Add maven dependency in your POM ready to go
Deployment use cases CXF is a framework Deployment use cases: Service enable existing application in J2EE container or servlet engine Service development (Tomcat, Karaf) ESB deployment (CXF + Camel) (non-intrusive service enabling)
Web Services in the Enterprise Requirements Loosely coupling (interface) Location transparency Failover / Load balancing / DR Interoperability across application stacks Security End-to-end service monitoring Policy management Centralized administration
Web Services in the Enterprise Think big, start small, scale fast Thing big Mature and extensible service framework Use open standards for interoperability No big upfront investments Start small Within a project Scale fast Centralized administration / management
Web Services in the Enterprise Loosely coupling Service design Governance Common service data model That s SOA SOA can be implemented with CXF but usage of CXF does not imply you do SOA
Web Services in the Enterprise Location transparency / Failover CXF provides Basic failover capabilities (endpoints configured in consumer) Extensions points FailoverFeature CXF Interface FailoverStrategy RandomStrategy SequentialStrategy RetryStrategy LoadDistributorFeature CXF Interface ConduitSelector FailoverTargetSelector LoadDistributorTargetSelector http://cxf.apache.org/docs/jax-rs-failover.html Talend provides service locator runtime which allows dynamic registration/lookup of services
Web Services in the Enterprise Interoperability across application stacks Enterprises use different web services stacks (tomcat/axis, jboss, websphere, weblogic,.net, ) Interoperability testing is huge (WS-Security, WS-RM, WS-Addressing, ) How does CXF help CXF is a framework Can be deployed in any servlet or jee container Interoperability effort reduced tremendously (CXF and.net)
Web Services in the Enterprise Security CXF STS service WS-SecurityPolicy (IssuedToken) CXF STS Client Issue (consumer), Validate (provider) Supports different security token types (SAML HOK, SAML Bearer, SecureConversation, Kerberos, custom tokens and more) AppliesTo Claims OnBehalfOf / ActAs
Web Services in the Enterprise End-to-end service monitoring SOAP message correlation end-to-end CXF provides Interceptor Intermediary detection Talend provides service activity monitoring where nodes send service monitoring data to a central monitoring server (asynchronously)
Web Services in the Enterprise Policy management CXF provides WS-Policy 1.5 support Policy enforcement on service provider Policy information point (PIP): WSDL file WS-PolicyAttachment (using Spring Resource: FileSystem, Url, ClassPathResource) PolicyInterceptorProvider Policy support: WS-RM WS-Addressing WS-Security http://cxf.apache.org/docs/ws-policy.html What is missing: Centralized policy server
Web Services in the Enterprise Centralized administration CXF provides JMX instrumentation Integration into Karaf (ConfigService, Deployment) ATOM logging (push/pull style) What is missing Web based administration console for Configuration Deployment Service infrastructure Service monitoring Talend provides an web administration console
Web Services in the Enterprise
Web Services in the Enterprise
Security in CXF Consumer/provider, SAML 2.0, STS
Security in CXF WS-Federation and CXF STS Claims
More information CXF website http://cxf.apache.org Talend website http://de.talend.com/products-application-integration/index.php Blogs: http://coheigea.blogspot.com http://www.dankulp.com/blog/ http://owulff.blogspot.com http://www.jroller.com/gmazza/