SlideShare a Scribd company logo

CXF 3.0, What's new?

Daniel Kulp
Daniel Kulp

Slides from ApacheCon 2014 in Denver

Software
1 of 23
Download to read offline
Apache CXF 3.0 What’s new? Daniel Kulp VP Open Source Development Talend
Your Speaker • VP - Open Source Development at Talend • Team of engineers devoted to Apache Projects • Worked on WebService/SOA related technology for over 10 years • Apache Software Foundation • Apache CXF - since the beginning • Apache Maven, Apache WebServices, Apache Camel, Apache ServiceMix, Apache Aries, etc… • Apache Member
A Little About Apache CXF • Entered the Apache Incubator in August 2006 • Merge of Celtix and XFire • Compete with Axis/Axis2? • Graduated in April 2008 • JAX-WS 2.x certified, JAX-RS 1.1 certified • 8 “minor” versions (2.0 - 2.7), 86 patch releases • 33 committers - 21 active
• The most complete implementation of WS-* specifications. • DOSGi Reference Implementation of OSGi Remote Service Specification • Apache CXF Fediz - Web Security Framework • Used in products by Talend, JBoss, Fuse, WSO2, Pramati, MuleSoft, TomEE, IBM, etc… • Embedded all over - Google “CXF - Service List”
2010 - Is CXF Finished? • Go into maintenance mode? NO!!!! • Development Efforts Centered around: • Deployment options • REST/JAX-RS Based Services • Services • Security
Deployment Models • Always have had • Good for standalone applications • Top notch Spring support • Good for WAR based applications (other than conflicts with various app servers) • OSGi support has “improved” • Single big bundle -> little bundles (big bundle is GONE for 3.0) • Blueprint support and enhancements • Better management
Changed for 3.0 • Major refactoring of “api”, “core”, and WSDL based APIs • No more wsdl4j.jar or neethi.jar or mail.jar needed for JAX-RS (amongst others) • Smaller core - removed a lot of duplicate functionality, unused code, deprecated code, etc…. • Better hooks for embedders like TomEE, JBoss, and Talend
REST/JAX-RS • 2.3.x-2.6.x are JAX-RS 1.1 Compliant • 2.7.x started work on JAX-RS 2.0 • Filters, Interceptors, parts of Async Invocation, dynamic features, exception classes, etc… • 3.0 will implement JAX-RS 2.0 • Client API, Bean Validation, Suspended requests
• OAuth 1, OAuth 2, SAML, Kerberos • XML Signature/Encryption • WADL generation from services • Interface generation from WADL • $filter query defined as part of Open Data Protocol • FIQL searches // Find all employees younger than 25 or older than 35 living in London! http://server.com/employees?_s=(age=lt=25,age=gt=35);city==London
Services • 2.5.0 - introduced “out of the box” services based on CXF technology • WS-Notification • Ported from ServiceMix • WS-Notification Service using ActiveMQ backend • JBI removed, pure JAX-WS API’s • API module added • WS-Eventing - new for CXF 3.0
• Security Token Service (STS) • Initially developed for a Talend Customer • Full production ready STS • Supports Issue, Validate, Cancel, Renew binding • Pluggable token validators, claims handlers, SAML customizers, etc… • Advanced use cases: KeyTypes (Public/Symmetric/ Bearer), OnBehalfOf, ActAs, Claims, etc… • Enhanced support for Roles
• WS-Discovery (CXF 2.7) • “Probe” the network for services • Services can announce their availability • Not just “software services” • ONVIF compliant IP cameras • Network Printers • Network Scanners
• XML Key Management Service (XKMS) • New for CXF 3.0, back ported for 2.7.7 • Normal - Java KeyStores • XKMS front end for organizations PKI • Supports LDAP and File based back ends
• XKMS - continued • WSS4J Crypto Providers • Adding support to CXF’s STS to validate keys via XKMS
Fediz • Framework that implements WS- Federation Passive Requestor Profile • Plugins to Tomcat to redirect to an IDP for authentication • Contains a light weight IDP • Support for Tomcat, WebSphere, Jetty, Spring Security, CXF
Security “I’m going to make CXF’s WS-Security implementation the best WS-Security implementation.” ! - Colm O hEigeartaigh http://coheigea.blogspot.com/
Security • STS, XKMS services • XACML/SAML utilities • SPNego/Kerberos profiles • Prevent various DOS attacks • ehCache based Nonce/Timestamp caches • XML based attacks (DTD, size, limits) • New algorithms
• Streaming WS-Security Implementation for 3.0 • StAX Based - MUCH lower memory • No more DOM/SAAJ (unless required) • Higher performance • Quicker failures • Support attachments
Other 3.0 Things • WS-RM updates • Full 1.1 support, tested extensively with .NET • Termination of sequences • JMX management • Support for WS-RM with WS-Security and WS- SecureConversation
• CXF specific front end code generator • Allow passing Bus instances, CXF features • Guarantees that CXF is picked up • Allows future configuration points
• New Transports • Netty based HTTP • WebSocket • New JMS Transports (no more Spring)
3.0 Roadmap • Milestone 2 released - PLEASE TEST • 3.0 by end of April • Normal 2.7.x patch releases every 8 weeks • One more 2.6.x patch release
Questions and More Information • Apache CXF • http://cxf.apache.org • users@cxf.apache.org • Me • dkulp@apache.org or dkulp@talend.com

Recommended

Apache CXF - New Features
Apache CXF - New FeaturesApache CXF - New Features
Apache CXF - New FeaturesDaniel Kulp
 
Apache CXF Security Solutions
Apache CXF Security SolutionsApache CXF Security Solutions
Apache CXF Security SolutionsDaniel Kulp
 
Apache CXF New Directions in Integration
Apache CXF New Directions in IntegrationApache CXF New Directions in Integration
Apache CXF New Directions in IntegrationDaniel Kulp
 
Integrating Apache Syncope with Apache CXF
Integrating Apache Syncope with Apache CXFIntegrating Apache Syncope with Apache CXF
Integrating Apache Syncope with Apache CXFcoheigea
 
Owin and katana
Owin and katanaOwin and katana
Owin and katanaUdaiappa Ramachandran
 
WSO2 ESB - The Fastest Open Source ESB with Superior Integration Capabilities
WSO2 ESB - The Fastest Open Source ESB with Superior Integration CapabilitiesWSO2 ESB - The Fastest Open Source ESB with Superior Integration Capabilities
WSO2 ESB - The Fastest Open Source ESB with Superior Integration CapabilitiesWSO2
 
Owin from spec to application
Owin from spec to applicationOwin from spec to application
Owin from spec to applicationdamian-h
 
Introduction to ESB Architecture and Message Flow
Introduction to ESB Architecture and Message Flow Introduction to ESB Architecture and Message Flow
Introduction to ESB Architecture and Message Flow WSO2
 

Recommended

Apache CXF - New Features
Apache CXF - New FeaturesApache CXF - New Features
Apache CXF - New FeaturesDaniel Kulp
 
Apache CXF Security Solutions
Apache CXF Security SolutionsApache CXF Security Solutions
Apache CXF Security SolutionsDaniel Kulp
 
Apache CXF New Directions in Integration
Apache CXF New Directions in IntegrationApache CXF New Directions in Integration
Apache CXF New Directions in IntegrationDaniel Kulp
 
Integrating Apache Syncope with Apache CXF
Integrating Apache Syncope with Apache CXFIntegrating Apache Syncope with Apache CXF
Integrating Apache Syncope with Apache CXFcoheigea
 
Owin and katana
Owin and katanaOwin and katana
Owin and katanaUdaiappa Ramachandran
 
WSO2 ESB - The Fastest Open Source ESB with Superior Integration Capabilities
WSO2 ESB - The Fastest Open Source ESB with Superior Integration CapabilitiesWSO2 ESB - The Fastest Open Source ESB with Superior Integration Capabilities
WSO2 ESB - The Fastest Open Source ESB with Superior Integration CapabilitiesWSO2
 
Owin from spec to application
Owin from spec to applicationOwin from spec to application
Owin from spec to applicationdamian-h
 
Introduction to ESB Architecture and Message Flow
Introduction to ESB Architecture and Message Flow Introduction to ESB Architecture and Message Flow
Introduction to ESB Architecture and Message Flow WSO2
 
OWIN and Katana Project - Not Only IIS - NoIIS
OWIN and Katana Project - Not Only IIS - NoIISOWIN and Katana Project - Not Only IIS - NoIIS
OWIN and Katana Project - Not Only IIS - NoIISBilal Haidar
 
ASP.NET: Present and future
ASP.NET: Present and futureASP.NET: Present and future
ASP.NET: Present and futureHrvoje Hudoletnjak
 
Security Patterns with WSO2 ESB
Security Patterns with WSO2 ESBSecurity Patterns with WSO2 ESB
Security Patterns with WSO2 ESBWSO2
 
Introduction to OWIN
Introduction to OWINIntroduction to OWIN
Introduction to OWINSaran Doraiswamy
 
Basic architecture
Basic architectureBasic architecture
Basic architecturerasikow
 
Wso2 tutorial
Wso2 tutorialWso2 tutorial
Wso2 tutorialArmando Ramirez Vila
 
OWIN (Open Web Interface for .NET)
OWIN (Open Web Interface for .NET)OWIN (Open Web Interface for .NET)
OWIN (Open Web Interface for .NET)Folio3 Software
 
O que é esse tal de OWIN?
O que é esse tal de OWIN?O que é esse tal de OWIN?
O que é esse tal de OWIN?Andre Carlucci
 
Restful Integration with WSO2 ESB
Restful Integration with WSO2 ESB Restful Integration with WSO2 ESB
Restful Integration with WSO2 ESB WSO2
 
Introduction to ASP.NET 5
Introduction to ASP.NET 5Introduction to ASP.NET 5
Introduction to ASP.NET 5mbaric
 
Running SOA in the Cloud: SOA CS for SOA Suite Customers
Running SOA in the Cloud: SOA CS for SOA Suite CustomersRunning SOA in the Cloud: SOA CS for SOA Suite Customers
Running SOA in the Cloud: SOA CS for SOA Suite CustomersSimon Haslam
 
Tips & Tricks for Java & SOA Cloud Service
Tips & Tricks for Java & SOA Cloud ServiceTips & Tricks for Java & SOA Cloud Service
Tips & Tricks for Java & SOA Cloud ServiceSimon Haslam
 
Agile Site built on the top of Oracle WebCenter Sites
Agile Site built on the top of Oracle WebCenter SitesAgile Site built on the top of Oracle WebCenter Sites
Agile Site built on the top of Oracle WebCenter SitesDuc Therry
 
Mini-Training Owin Katana
Mini-Training Owin KatanaMini-Training Owin Katana
Mini-Training Owin KatanaBetclic Everest Group Tech Team
 
MySQL 5.7 + Java
MySQL 5.7 + JavaMySQL 5.7 + Java
MySQL 5.7 + JavaMark Swarbrick
 
SOA & WebLogic - Lift & Shift to the Cloud
SOA & WebLogic - Lift & Shift to the CloudSOA & WebLogic - Lift & Shift to the Cloud
SOA & WebLogic - Lift & Shift to the CloudSimon Haslam
 
Protecting your site by detection
Protecting your site by detectionProtecting your site by detection
Protecting your site by detectionMarko Heijnen
 
Experiences of SOACS
Experiences of SOACSExperiences of SOACS
Experiences of SOACSSimon Haslam
 
Alfresco WebScript Connector for Apache ManifoldCF
Alfresco WebScript Connector for Apache ManifoldCFAlfresco WebScript Connector for Apache ManifoldCF
Alfresco WebScript Connector for Apache ManifoldCFPiergiorgio Lucidi
 
WebLogic Scripting Tool made Cool!
WebLogic Scripting Tool made Cool!WebLogic Scripting Tool made Cool!
WebLogic Scripting Tool made Cool!Maarten Smeets
 
FITC - Node.js 101
FITC - Node.js 101FITC - Node.js 101
FITC - Node.js 101Rami Sayar
 
Node.js 101 with Rami Sayar
Node.js 101 with Rami SayarNode.js 101 with Rami Sayar
Node.js 101 with Rami SayarFITC
 

More Related Content

What's hot

OWIN and Katana Project - Not Only IIS - NoIIS
OWIN and Katana Project - Not Only IIS - NoIISOWIN and Katana Project - Not Only IIS - NoIIS
OWIN and Katana Project - Not Only IIS - NoIISBilal Haidar
 
Security Patterns with WSO2 ESB
Security Patterns with WSO2 ESBSecurity Patterns with WSO2 ESB
Security Patterns with WSO2 ESBWSO2
 
Basic architecture
Basic architectureBasic architecture
Basic architecturerasikow
 
OWIN (Open Web Interface for .NET)
OWIN (Open Web Interface for .NET)OWIN (Open Web Interface for .NET)
OWIN (Open Web Interface for .NET)Folio3 Software
 
O que é esse tal de OWIN?
O que é esse tal de OWIN?O que é esse tal de OWIN?
O que é esse tal de OWIN?Andre Carlucci
 
Restful Integration with WSO2 ESB
Restful Integration with WSO2 ESB Restful Integration with WSO2 ESB
Restful Integration with WSO2 ESB WSO2
 
Introduction to ASP.NET 5
Introduction to ASP.NET 5Introduction to ASP.NET 5
Introduction to ASP.NET 5mbaric
 
Running SOA in the Cloud: SOA CS for SOA Suite Customers
Running SOA in the Cloud: SOA CS for SOA Suite CustomersRunning SOA in the Cloud: SOA CS for SOA Suite Customers
Running SOA in the Cloud: SOA CS for SOA Suite CustomersSimon Haslam
 
Tips & Tricks for Java & SOA Cloud Service
Tips & Tricks for Java & SOA Cloud ServiceTips & Tricks for Java & SOA Cloud Service
Tips & Tricks for Java & SOA Cloud ServiceSimon Haslam
 
Agile Site built on the top of Oracle WebCenter Sites
Agile Site built on the top of Oracle WebCenter SitesAgile Site built on the top of Oracle WebCenter Sites
Agile Site built on the top of Oracle WebCenter SitesDuc Therry
 
SOA & WebLogic - Lift & Shift to the Cloud
SOA & WebLogic - Lift & Shift to the CloudSOA & WebLogic - Lift & Shift to the Cloud
SOA & WebLogic - Lift & Shift to the CloudSimon Haslam
 
Protecting your site by detection
Protecting your site by detectionProtecting your site by detection
Protecting your site by detectionMarko Heijnen
 
Experiences of SOACS
Experiences of SOACSExperiences of SOACS
Experiences of SOACSSimon Haslam
 
Alfresco WebScript Connector for Apache ManifoldCF
Alfresco WebScript Connector for Apache ManifoldCFAlfresco WebScript Connector for Apache ManifoldCF
Alfresco WebScript Connector for Apache ManifoldCFPiergiorgio Lucidi
 
WebLogic Scripting Tool made Cool!
WebLogic Scripting Tool made Cool!WebLogic Scripting Tool made Cool!
WebLogic Scripting Tool made Cool!Maarten Smeets
 

What's hot (20)

OWIN and Katana Project - Not Only IIS - NoIIS
OWIN and Katana Project - Not Only IIS - NoIISOWIN and Katana Project - Not Only IIS - NoIIS
OWIN and Katana Project - Not Only IIS - NoIIS
 
ASP.NET: Present and future
ASP.NET: Present and futureASP.NET: Present and future
ASP.NET: Present and future
 
Security Patterns with WSO2 ESB
Security Patterns with WSO2 ESBSecurity Patterns with WSO2 ESB
Security Patterns with WSO2 ESB
 
Introduction to OWIN
Introduction to OWINIntroduction to OWIN
Introduction to OWIN
 
Basic architecture
Basic architectureBasic architecture
Basic architecture
 
Wso2 tutorial
Wso2 tutorialWso2 tutorial
Wso2 tutorial
 
OWIN (Open Web Interface for .NET)
OWIN (Open Web Interface for .NET)OWIN (Open Web Interface for .NET)
OWIN (Open Web Interface for .NET)
 
O que é esse tal de OWIN?
O que é esse tal de OWIN?O que é esse tal de OWIN?
O que é esse tal de OWIN?
 
Restful Integration with WSO2 ESB
Restful Integration with WSO2 ESB Restful Integration with WSO2 ESB
Restful Integration with WSO2 ESB
 
Introduction to ASP.NET 5
Introduction to ASP.NET 5Introduction to ASP.NET 5
Introduction to ASP.NET 5
 
Running SOA in the Cloud: SOA CS for SOA Suite Customers
Running SOA in the Cloud: SOA CS for SOA Suite CustomersRunning SOA in the Cloud: SOA CS for SOA Suite Customers
Running SOA in the Cloud: SOA CS for SOA Suite Customers
 
Tips & Tricks for Java & SOA Cloud Service
Tips & Tricks for Java & SOA Cloud ServiceTips & Tricks for Java & SOA Cloud Service
Tips & Tricks for Java & SOA Cloud Service
 
Agile Site built on the top of Oracle WebCenter Sites
Agile Site built on the top of Oracle WebCenter SitesAgile Site built on the top of Oracle WebCenter Sites
Agile Site built on the top of Oracle WebCenter Sites
 
Mini-Training Owin Katana
Mini-Training Owin KatanaMini-Training Owin Katana
Mini-Training Owin Katana
 
MySQL 5.7 + Java
MySQL 5.7 + JavaMySQL 5.7 + Java
MySQL 5.7 + Java
 
SOA & WebLogic - Lift & Shift to the Cloud
SOA & WebLogic - Lift & Shift to the CloudSOA & WebLogic - Lift & Shift to the Cloud
SOA & WebLogic - Lift & Shift to the Cloud
 
Protecting your site by detection
Protecting your site by detectionProtecting your site by detection
Protecting your site by detection
 
Experiences of SOACS
Experiences of SOACSExperiences of SOACS
Experiences of SOACS
 
Alfresco WebScript Connector for Apache ManifoldCF
Alfresco WebScript Connector for Apache ManifoldCFAlfresco WebScript Connector for Apache ManifoldCF
Alfresco WebScript Connector for Apache ManifoldCF
 
WebLogic Scripting Tool made Cool!
WebLogic Scripting Tool made Cool!WebLogic Scripting Tool made Cool!
WebLogic Scripting Tool made Cool!
 

Similar to CXF 3.0, What's new?

FITC - Node.js 101
FITC - Node.js 101FITC - Node.js 101
FITC - Node.js 101Rami Sayar
 
Node.js 101 with Rami Sayar
Node.js 101 with Rami SayarNode.js 101 with Rami Sayar
Node.js 101 with Rami SayarFITC
 
Deep Dive: Alfresco Core Repository (... embedded in a micro-services style a...
Deep Dive: Alfresco Core Repository (... embedded in a micro-services style a...Deep Dive: Alfresco Core Repository (... embedded in a micro-services style a...
Deep Dive: Alfresco Core Repository (... embedded in a micro-services style a...J V
 
Integration in the age of DevOps
Integration in the age of DevOpsIntegration in the age of DevOps
Integration in the age of DevOpsAlbert Wong
 
WSO2 Intro Webinar - Simplifying Enterprise Integration with Configurable WS...
WSO2 Intro Webinar - Simplifying Enterprise Integration with Configurable WS...WSO2 Intro Webinar - Simplifying Enterprise Integration with Configurable WS...
WSO2 Intro Webinar - Simplifying Enterprise Integration with Configurable WS...WSO2
 
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilities
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilitiesVorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilities
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilitiesDefconRussia
 
What is the OpenStack Platform? By Peter Dens - Kangaroot
What is the OpenStack Platform? By Peter Dens - KangarootWhat is the OpenStack Platform? By Peter Dens - Kangaroot
What is the OpenStack Platform? By Peter Dens - KangarootKangaroot
 
WildFly AppServer - State of the Union
WildFly AppServer - State of the UnionWildFly AppServer - State of the Union
WildFly AppServer - State of the UnionDimitris Andreadis
 
Past, Present, and Future of Apache Storm
Past, Present, and Future of Apache StormPast, Present, and Future of Apache Storm
Past, Present, and Future of Apache StormP. Taylor Goetz
 
Collector Web Services
Collector Web ServicesCollector Web Services
Collector Web Servicespublisyst
 
Confluent REST Proxy and Schema Registry (Concepts, Architecture, Features)
Confluent REST Proxy and Schema Registry (Concepts, Architecture, Features)Confluent REST Proxy and Schema Registry (Concepts, Architecture, Features)
Confluent REST Proxy and Schema Registry (Concepts, Architecture, Features)Kai Wähner
 
Application portability with kubernetes
Application portability with kubernetesApplication portability with kubernetes
Application portability with kubernetesOleg Chunikhin
 
Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018
Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018
Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018Amazon Web Services Korea
 
Quick overview of Openstack architecture
Quick overview of Openstack architectureQuick overview of Openstack architecture
Quick overview of Openstack architectureToni Ramirez
 
Getting Started with Apache CloudStack
Getting Started with Apache CloudStackGetting Started with Apache CloudStack
Getting Started with Apache CloudStackJoe Brockmeier
 
Road to Opscon (Pisa '15) - DevOoops
Road to Opscon (Pisa '15) - DevOoopsRoad to Opscon (Pisa '15) - DevOoops
Road to Opscon (Pisa '15) - DevOoopsGianluca Varisco
 
Gianluca Varisco - DevOoops (Increase awareness around DevOps infra security)
Gianluca Varisco - DevOoops (Increase awareness around DevOps infra security)Gianluca Varisco - DevOoops (Increase awareness around DevOps infra security)
Gianluca Varisco - DevOoops (Increase awareness around DevOps infra security)Codemotion
 

Similar to CXF 3.0, What's new? (20)

FITC - Node.js 101
FITC - Node.js 101FITC - Node.js 101
FITC - Node.js 101
 
Node.js 101 with Rami Sayar
Node.js 101 with Rami SayarNode.js 101 with Rami Sayar
Node.js 101 with Rami Sayar
 
Deep Dive: Alfresco Core Repository (... embedded in a micro-services style a...
Deep Dive: Alfresco Core Repository (... embedded in a micro-services style a...Deep Dive: Alfresco Core Repository (... embedded in a micro-services style a...
Deep Dive: Alfresco Core Repository (... embedded in a micro-services style a...
 
Integration in the age of DevOps
Integration in the age of DevOpsIntegration in the age of DevOps
Integration in the age of DevOps
 
WSO2 Intro Webinar - Simplifying Enterprise Integration with Configurable WS...
WSO2 Intro Webinar - Simplifying Enterprise Integration with Configurable WS...WSO2 Intro Webinar - Simplifying Enterprise Integration with Configurable WS...
WSO2 Intro Webinar - Simplifying Enterprise Integration with Configurable WS...
 
Enterprise service bus part 2
Enterprise service bus part 2Enterprise service bus part 2
Enterprise service bus part 2
 
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilities
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilitiesVorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilities
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilities
 
What is the OpenStack Platform? By Peter Dens - Kangaroot
What is the OpenStack Platform? By Peter Dens - KangarootWhat is the OpenStack Platform? By Peter Dens - Kangaroot
What is the OpenStack Platform? By Peter Dens - Kangaroot
 
WildFly AppServer - State of the Union
WildFly AppServer - State of the UnionWildFly AppServer - State of the Union
WildFly AppServer - State of the Union
 
Past, Present, and Future of Apache Storm
Past, Present, and Future of Apache StormPast, Present, and Future of Apache Storm
Past, Present, and Future of Apache Storm
 
Collector Web Services
Collector Web ServicesCollector Web Services
Collector Web Services
 
Confluent REST Proxy and Schema Registry (Concepts, Architecture, Features)
Confluent REST Proxy and Schema Registry (Concepts, Architecture, Features)Confluent REST Proxy and Schema Registry (Concepts, Architecture, Features)
Confluent REST Proxy and Schema Registry (Concepts, Architecture, Features)
 
Application portability with kubernetes
Application portability with kubernetesApplication portability with kubernetes
Application portability with kubernetes
 
Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018
Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018
Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018
 
Quick overview of Openstack architecture
Quick overview of Openstack architectureQuick overview of Openstack architecture
Quick overview of Openstack architecture
 
Fuse technology-2015
Fuse technology-2015Fuse technology-2015
Fuse technology-2015
 
Getting Started with Apache CloudStack
Getting Started with Apache CloudStackGetting Started with Apache CloudStack
Getting Started with Apache CloudStack
 
Liberty Deep Dive
Liberty Deep DiveLiberty Deep Dive
Liberty Deep Dive
 
Road to Opscon (Pisa '15) - DevOoops
Road to Opscon (Pisa '15) - DevOoopsRoad to Opscon (Pisa '15) - DevOoops
Road to Opscon (Pisa '15) - DevOoops
 
Gianluca Varisco - DevOoops (Increase awareness around DevOps infra security)
Gianluca Varisco - DevOoops (Increase awareness around DevOps infra security)Gianluca Varisco - DevOoops (Increase awareness around DevOps infra security)
Gianluca Varisco - DevOoops (Increase awareness around DevOps infra security)
 

Recently uploaded

Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidPhilip Schwarz
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024VictoriaMetrics
 
Artyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptxArtyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptxAnnaArtyushina1
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...chiefasafspells
 
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfonteinmasabamasaba
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastPapp Krisztián
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisamasabamasaba
 
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...masabamasaba
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrandmasabamasaba
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...masabamasaba
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplatePresentation.STUDIO
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...masabamasaba
 
%in Benoni+277-882-255-28 abortion pills for sale in Benoni
%in Benoni+277-882-255-28 abortion pills for sale in Benoni%in Benoni+277-882-255-28 abortion pills for sale in Benoni
%in Benoni+277-882-255-28 abortion pills for sale in Benonimasabamasaba
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...Health
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Bert Jan Schrijver
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2
 
WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...Jittipong Loespradit
 

Recently uploaded (20)

Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
 
Artyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptxArtyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptx
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
 
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
 
%in Benoni+277-882-255-28 abortion pills for sale in Benoni
%in Benoni+277-882-255-28 abortion pills for sale in Benoni%in Benoni+277-882-255-28 abortion pills for sale in Benoni
%in Benoni+277-882-255-28 abortion pills for sale in Benoni
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
 
WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go Platformless
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
 

CXF 3.0, What's new?

  • 1. Apache CXF 3.0 What’s new? Daniel Kulp VP Open Source Development Talend
  • 2. Your Speaker • VP - Open Source Development at Talend • Team of engineers devoted to Apache Projects • Worked on WebService/SOA related technology for over 10 years • Apache Software Foundation • Apache CXF - since the beginning • Apache Maven, Apache WebServices, Apache Camel, Apache ServiceMix, Apache Aries, etc… • Apache Member
  • 3. A Little About Apache CXF • Entered the Apache Incubator in August 2006 • Merge of Celtix and XFire • Compete with Axis/Axis2? • Graduated in April 2008 • JAX-WS 2.x certified, JAX-RS 1.1 certified • 8 “minor” versions (2.0 - 2.7), 86 patch releases • 33 committers - 21 active
  • 4. • The most complete implementation of WS-* specifications. • DOSGi Reference Implementation of OSGi Remote Service Specification • Apache CXF Fediz - Web Security Framework • Used in products by Talend, JBoss, Fuse, WSO2, Pramati, MuleSoft, TomEE, IBM, etc… • Embedded all over - Google “CXF - Service List”
  • 5. 2010 - Is CXF Finished? • Go into maintenance mode? NO!!!! • Development Efforts Centered around: • Deployment options • REST/JAX-RS Based Services • Services • Security
  • 6. Deployment Models • Always have had • Good for standalone applications • Top notch Spring support • Good for WAR based applications (other than conflicts with various app servers) • OSGi support has “improved” • Single big bundle -> little bundles (big bundle is GONE for 3.0) • Blueprint support and enhancements • Better management
  • 7. Changed for 3.0 • Major refactoring of “api”, “core”, and WSDL based APIs • No more wsdl4j.jar or neethi.jar or mail.jar needed for JAX-RS (amongst others) • Smaller core - removed a lot of duplicate functionality, unused code, deprecated code, etc…. • Better hooks for embedders like TomEE, JBoss, and Talend
  • 8. REST/JAX-RS • 2.3.x-2.6.x are JAX-RS 1.1 Compliant • 2.7.x started work on JAX-RS 2.0 • Filters, Interceptors, parts of Async Invocation, dynamic features, exception classes, etc… • 3.0 will implement JAX-RS 2.0 • Client API, Bean Validation, Suspended requests
  • 9. • OAuth 1, OAuth 2, SAML, Kerberos • XML Signature/Encryption • WADL generation from services • Interface generation from WADL • $filter query defined as part of Open Data Protocol • FIQL searches // Find all employees younger than 25 or older than 35 living in London! http://server.com/employees?_s=(age=lt=25,age=gt=35);city==London
  • 10. Services • 2.5.0 - introduced “out of the box” services based on CXF technology • WS-Notification • Ported from ServiceMix • WS-Notification Service using ActiveMQ backend • JBI removed, pure JAX-WS API’s • API module added • WS-Eventing - new for CXF 3.0
  • 11. • Security Token Service (STS) • Initially developed for a Talend Customer • Full production ready STS • Supports Issue, Validate, Cancel, Renew binding • Pluggable token validators, claims handlers, SAML customizers, etc… • Advanced use cases: KeyTypes (Public/Symmetric/ Bearer), OnBehalfOf, ActAs, Claims, etc… • Enhanced support for Roles
  • 12. • WS-Discovery (CXF 2.7) • “Probe” the network for services • Services can announce their availability • Not just “software services” • ONVIF compliant IP cameras • Network Printers • Network Scanners
  • 13. • XML Key Management Service (XKMS) • New for CXF 3.0, back ported for 2.7.7 • Normal - Java KeyStores • XKMS front end for organizations PKI • Supports LDAP and File based back ends
  • 14. • XKMS - continued • WSS4J Crypto Providers • Adding support to CXF’s STS to validate keys via XKMS
  • 15. Fediz • Framework that implements WS- Federation Passive Requestor Profile • Plugins to Tomcat to redirect to an IDP for authentication • Contains a light weight IDP • Support for Tomcat, WebSphere, Jetty, Spring Security, CXF
  • 16. Security “I’m going to make CXF’s WS-Security implementation the best WS-Security implementation.” ! - Colm O hEigeartaigh http://coheigea.blogspot.com/
  • 17. Security • STS, XKMS services • XACML/SAML utilities • SPNego/Kerberos profiles • Prevent various DOS attacks • ehCache based Nonce/Timestamp caches • XML based attacks (DTD, size, limits) • New algorithms
  • 18. • Streaming WS-Security Implementation for 3.0 • StAX Based - MUCH lower memory • No more DOM/SAAJ (unless required) • Higher performance • Quicker failures • Support attachments
  • 19. Other 3.0 Things • WS-RM updates • Full 1.1 support, tested extensively with .NET • Termination of sequences • JMX management • Support for WS-RM with WS-Security and WS- SecureConversation
  • 20. • CXF specific front end code generator • Allow passing Bus instances, CXF features • Guarantees that CXF is picked up • Allows future configuration points
  • 21. • New Transports • Netty based HTTP • WebSocket • New JMS Transports (no more Spring)
  • 22. 3.0 Roadmap • Milestone 2 released - PLEASE TEST • 3.0 by end of April • Normal 2.7.x patch releases every 8 weeks • One more 2.6.x patch release
  • 23. Questions and More Information • Apache CXF • http://cxf.apache.org • users@cxf.apache.org • Me • dkulp@apache.org or dkulp@talend.com