Apache CXF New Directions in Integration
2 likes1,772 views
This document presents an overview of Apache CXF, focusing on its development history, features, and future roadmap. It highlights the transition from Apache's incubator to a fully graduated project, its compliance with JAX standards, and upcoming enhancements, including improved web security and service integration. Additionally, it discusses the project’s commitment to ongoing development and support for various deployment models and technologies.
Apache CXF New Directions in Integration
- 1. Apache CXF New Directions in Integration Daniel Kulp VP Open Source Development Talend
- 2. Your Speaker • VP - Open Source Development at Talend • • • Team of engineers devoted to Apache Projects Worked on WebService/SOA related technology for over 10 years Apache Software Foundation • Apache CXF - since the beginning • Apache Maven, Apache WebServices, Apache Camel, Apache ServiceMix, Apache Aries, etc… • Apache Member
- 3. A Little About Apache CXF • Entered the Apache Incubator in August 2006 • Merge of Celtix and XFire • Compete with Axis/Axis2? • Graduated in April 2008 • JAX-WS 2.x certified, JAX-RS 1.1 certified • 8 “minor” versions (2.0 - 2.7), 82 patch releases • 33 committers - 21 active
- 4. • The most complete implementation of WS-* specifications. • DOSGi Reference Implementation of OSGi Remote Service Specification • Apache CXF Fediz - Web Security Framework • Used in products by Talend, JBoss, Fuse, WSO2, Pramati, MuleSoft, TomEE, IBM, etc… • Embedded all over - Google “CXF - Service List”
- 5. 2010 - Is CXF Finished? • Go into maintenance mode? NO!!!! • Development Efforts Centered around: • Deployment options • REST/JAX-RS Based Services • Services • Security
- 6. Deployment Models • Always have had • • Top Notch Spring support • • Good for standalone applications Good for WAR based applications (other than conflicts with various app servers) OSGi support has “improved” • Single big bundle -> little bundles • Blueprint support and enhancements • Better management
- 7. Changed for 3.0 • Major refactoring of “api”, “core”, and WSDL based APIs • No more wsdl4j.jar or neethi.jar or mail.jar needed for JAX-RS (amongst others) • Smaller core - removed a lot of duplicate functionality, unused code, deprecated code, etc…. • Better hooks for embedders like TomEE, JBoss, and Talend
- 8. REST/JAX-RS • 2.3.x-2.6.x is JAX-RS 1.1 Compliant • 2.7.x started work on JAX-RS 2.0 • • Filters, Interceptors, parts of Async Invokation, dynamic features, exception classes, etc… 3.0 will be JAX-RS 2.0 compliant • Client API, Bean Validation
- 9. • OAuth 1, OAuth 2, SAML, Kerberos • WADL generation from services • Interface generation from WADL • Started discussions about RAML • FIQL searches // Find all employees younger than 25 or older than 35 living in London! http://server.com/employees?_s=(age=lt=25,age=gt=35);city==London
- 10. Services • 2.5.0 - introduced “out of the box” services based on CXF technology • WS-Notification • • WS-Notification Service using ActiveMQ backend • JBI removed, pure JAX-WS API’s • • Ported from ServiceMix API module added WS-Eventing - new for CXF 3.0
- 11. • Security Token Service (STS) • Initially developed for a Talend Customer • Full production ready STS • Supports Issue, Validate, Cancel, Renew binding • Pluggable token validators, claims handlers, SAML customizers, etc… • Advanced use cases: KeyTypes (Public/Symmetric/ Bearer), OnBehalfOf, ActAs, Claims, etc… • Enhanced support for Roles
- 12. • WS-Discovery (CXF 2.7) • “Probe” the network for services • Services can announce their availability • Not just “software services” • ONVIF compliant IP cameras • Network Printers • Network Scanners
- 13. • XML Key Management Service (XKMS) • New for CXF 3.0, back ported for 2.7.7 • Normal - Java KeyStores • XKMS front end for organizations PKI • Supports LDAP and File based back ends
- 14. • XKMS - continued • WSS4J Crypto Providers • Adding support to CXF’s STS to validate keys via XKMS
- 15. Fediz • Framework that implements WSFederation Passive Requestor Profile • Plugins to Tomcat to redirect to an IDP for authentication • Contains a light weight IDP • Soon: support for Jetty, Spring Security, CXF
- 16. Security “I’m going to make CXF’s WS-Security implementation the best WS-Security implementation.” ! - Colm O hEigeartaigh http://coheigea.blogspot.com/
- 17. Security • STS, XKMS services • XACML/SAML utilities • SPNego/Kerberos profiles • Prevent various DOS attacks • ehCache based Nonce/Timestamp caches • XML based attacks (DTD, size, limits) • New algorithms
- 18. • Streaming WS-Security Implementation for 3.0 • StAX Based • No more DOM/SAAJ (unless required) • Higher performance • Quicker failures • Support MIME attachments
- 19. Other 3.0 Things • WS-RM updates • Full 1.1 support, tested extensively with .NET • Termination of sequences • JMX management • Support for WS-RM with WS-Security and WSSecureConversation
- 20. • CXF specific front end code generator • Allow passing Bus instances, CXF features • Guarantees that CXF is picked up • Allows future configuration points
- 21. 3.0 Roadmap • A “milestone” release in the next week or so • A second milestone or beta before the end of the year • 3.0 in early Q1 • Normal 2.7.x/2.6.x patch releases every 8 weeks • Fediz 1.1 release (voting now)
- 22. Questions and More Information • Apache CXF • • • http://cxf.apache.org users@cxf.apache.org Me • dkulp@apache.org or dkulp@talend.com