The Rise Of Apache Tika
1 week ago

By Sergey Beryozkin
Apache Tika is an interesting project. It is not a very big one but IMHO it is poised to become the project every team serious about doing the complex, unstructured, binary content processing will talk about and use.

The power of Apache Tika lies in the simplicity it offers for processing different types of binary and other types of complex data. Consider a simple situation: your project needs to support analyzing PDF files. One approach is to write ...
Continue reading →

Opend Id Connect Certification Strategy
3 weeks ago

By Sergey Beryozkin
I've just read about an OpenId Connect Certification open strategy. IMHO it is brilliant and no doubt will guarantee a wider adoption of OIDC. Mike Jones's explanation of why it will work is a good read.

The closed (payed-only) certification model limits the adoption of a given technology by the
Continue reading →

[OT] Apache CXF is Electric !
3 weeks ago

By Sergey Beryozkin
I remember this day as it was yesterday. April or March of 1998. I'm in England, Stockport city centre, listening to Oasis's latest single. It was absolutely great, the energizing effect of it.

As it happens I haven't listened to Oasis for the next 17 years apart from hearing them occasionally on the local FM. But a month or so back, I finally got their disk.

"She is Electric" is one of the best songs, classical Oasis. Nearly every time I listen to it ...
Continue reading →

Talking about CXF at Apache Con NA 2015
2 months ago

By Sergey Beryozkin
Apache Con NA 2015 will be held in Austin, Texas on April 13-16 and as it is usually the case there will be several presentations done there about Apache CXF. There will be interesting presentations from Hadrian and JB too. There will be many other great presentations as usual.

As far as CXF presentations are concerned:

Aki Yoshida will talk about combining Swagger (Web) Sockets, Apache Olingo and CXF Web Sockets Transport - now, this is seriously cool ...
Continue reading →

Apache CXF is getting JOSE ready
2 months ago

By Sergey Beryozkin
I've already talked about JOSE on this blog. In my opinion, it is one of the key technologies, alongside OAuth2, that will deeply affect the way developers write secure HTTP RS services in the years to come.

A one sentence summary: one can use JOSE to secure, sign and/or encrypt a data content in any format, JSON, text, binaries, anything. JOSE is a key component of an advanced OAuth2 application, but also is a good fit for securing the regular HTTP ...
Continue reading →

Camel CXFRS Improvements
2 months ago

By Sergey Beryozkin
Camel CXFRS is one of the oldest Camel components which was created by Willem Jiang, my former colleague back from IONA Technology days, and maintained by Willem since its early days.

Camel is known to be a very democratic project with respect to supporting all sort of components, and it has many components that can deal with HTTP invocations. CXFRS is indeed just one of them but as you can guess from its name it is dedicated to supporting HTTP ...
Continue reading →

[OT] U2: "We were pilgrims on our way"
5 months ago

By Sergey Beryozkin


"The Miracle (of Joey Ramone)" from the last U2 "Songs of Innocence" album is a refreshing song. The actual album's content is strong. Not necessarily easy to listen though but it is been played in my car's CD player more or less every time I go driving for the last few weeks. The trick is, after listening to it for the first time, do a few days pause, and then listen again with a volume much higher than last time. It's a blast.

I still do like U2 ...
Continue reading →

No Data No Fun !
5 months ago

By Sergey Beryozkin
Continuing with the theme of T-shirts, I'd like to let you know "No Data No Fun" is a cool line printed on my T-shirt I got at a Talend R&D summit organized at a second-to-none level back in early October. I guess having a collection of good T-Shirts is one of the real perks of the developers involved into the open source development :-)

"No Data No Fun" is also one of the themes behind Talend's continued investment into the tooling which ...
Continue reading →

Get into OAuth2 with Client Credentials Grant
5 months ago

By Sergey Beryozkin
One of the possible barriers toward OAuth2 going completely mainstream is the likely association of OAuth2 with what big social media providers do and the assumption OAuth2 is only suitable for their business, for the way their users interact with these providers.

In fact, OAuth2 is more embracing. Client Credentials grant, one of several standard OAuth2 grants,  provides the easy path for the traditional clients toward starting working with ...
Continue reading →

Observations about ApacheCon EU 2014
6 months ago

By Sergey Beryozkin
You may be thinking now, after reading my previous post, that all I was doing at ApacheCon EU 2014 was looking at T-shirts people were wearing :-). This post is an attempt to convince you it was not the case.

First of all, ApacheCon EU 2014, as it is usually the case with Apache conferences, was a great opportunity to meet the fellow open source developers.
Chatting to the guys I work with at Apache CXF and other projects, sharing a joke or two along ...
Continue reading →

[OT] The best T-shirt I've seen at Apache Con EU 2014
6 months ago

By Sergey Beryozkin
This is the first post about Apache Con EU 2014 held in beautiful Budapest I've been lucky to attend to.

One of the nice things about being an ApacheCon visitor is that one can see lots of cool T-shirts. The official T-shirts (I do treasure them) and other T-shirts with some great lines or digits printed on them. The T-shirts that many software geeks would be happy to wear. And indeed the visitors at ApacheCon EU 2014 had a lot of different T-shirts ...
Continue reading →

Meet the CXF team at ApacheCon EU
6 months ago

By Sergey Beryozkin
ApacheCon EU will be held next week in Budapest, the nice capital of Hungary, and a number of my Talend and CXF colleagues will be there talking about CXF, Fediz, Syncope.

Please check the schedule.

Apache will be starting celebrating its 15th anniversary at the conference too, it is amazing that the organization is  relatively young, I thought it has been around for much longer given how popular and visible Apache is.

It is going to be exciting ...
Continue reading →

JSR-370: Even Better JAX-RS on the way
6 months ago

By Sergey Beryozkin
No doubt JAX-RS 2.0 (JSR-339) has been, is and will be a success - a lot has been written  about the top features JAX-RS 2.0 offers. It is still very much a relevant story for many developers who have their REST services being migrated to JAX-RS 2.0, it is not always easy for a given production to switch to a new specification's API fast.

But JAX-RS 2.0 is not the end of JAX-RS as such. So the fact JSR-370 (JAX-RS 2.1) is now active is a very ...
Continue reading →

CXF becomes friends with Tika and Lucene
7 months ago

By Sergey Beryozkin
You may have been thinking for a while: would it actually be cool to get some experience with Apache Lucene and Apache Tika and enhance the JAX-RS services you work upon along the way ? Lucene and Tika are those cool projects people are talking about but as it happens there has never been an opportunity to use them in your project...

Apache Lucene is a well known project where its community keeps innovating with improving and optimizing the ...
Continue reading →

[OT] Wake Up To CXF Revolution !
9 months ago

By Sergey Beryozkin
It's the end of the summer, still warm outside, and your friends from the Big Data team have millions of millions of records processed per second with Hadoop and give the happy smiles of those who are doing something new and cool. And you have GET, POST, may be PUT, then again GET. Occasional DELETE and if you are really lucky, you've got PATCH in the logs. You are starting wondering, is it really still cool, be a web service  developer, does ...
Continue reading →

Learn JOSE and become a better Web Service Developer
9 months ago

By Sergey Beryozkin
The work around OAuth2 and JOSE in particular has inspired me.

So much that I've ordered several books from Amazon.co.uk - and it's been quite a while since the idea of buying a book occurred to me; and several books in the age of Google ? - see, it did inspire me.

Sometimes we the developers think that we know all and if not all then we think we won't need that extra piece of knowledge, being the experts we are. The software engineering is not easy. ...
Continue reading →

JAX-RS is not only about REST
9 months ago

By Sergey Beryozkin
I've been planning to post this 'philosophical' piece for a while.

The JAX-RS specification (Java API for RESTful services) has really got off the ground long time ago. JAX-RS 2.0 with its new brilliant features, with three JAX-RS 2.0 frameworks around (there will possibly be more, we never know), is and will further contribute to the popularity of JAX-RS.

JAX-RS 2.1 work will go ahead  soon enough and it will be another great specification, I've ...
Continue reading →

OAuth2 - the future of HTTP web services
1 year ago

By Sergey Beryozkin
If the only thing that you've heard about OAuth2 is that it is "insecure" then I'd like to say it is impossible to come up with the generic specification that will ensure the security of your application.
If you have invested some time into analyzing the specific OAuth2 flows and found the conditions under which the security can be breached then it is obvious that a care needs to be applied to whatever OAuth2 flow is deployed depending on how open the ...
Continue reading →

The Tom EE Tribe Time
1 year ago

By Sergey Beryozkin
You do not have to have any specific experience with Tom EE to become a fan. You do not even have to download it. You only have to talk or listen to David Blevins, a long time EE practitioner and the leader of TomiTribe, the real business around Tom EE, to feel excited and realize Tom EE is coming near you if not now but very soon.

We are the fans of TomEE+ of course :-).

You can become the member of the Tom EE(i) Tribe too, play with Tom EE and ...
Continue reading →

Observations about Apache Con NA 2014
1 year ago

By Sergey Beryozkin
It has been a while since I visited Apache Con last time, so I was happy I got a chance to go to Apache Con NA 2014 held in Denver, nice 'mile high' city, April 7-9.

It may be quite a cliche thing to say but the most rewarding thing about visiting Apache Con is about socializing with the fellow team mates, committers and visitors, seeing people you have talked with over the years but not realizing how impressive they look like in the real life :-). ...
Continue reading →

Feeling Hawkish about OAuth2 ?
1 year ago

By Sergey Beryozkin
You all know the recent OAuth history of course, Eran Hammer, the author of  popular OAuth1 specification, leaving the OAuth2 work group, with OAuth2 not getting much of a praise from Eran afterwards.
 
Eran has started several projects afterwards, Hawk and Oz in particular.  The former is the evolution of the MAC draft Eran and others authored as part of the OAuth2 work, the latter is the alternative to OAuth2.

Now, I do like the OAuth2 ...
Continue reading →

You're gonna be a star with CXF !
1 year ago

By Sergey Beryozkin
I've happened to listen to one of my favorite songs, All the Way to Reno from R.E.M, just recently, which probably shows me being not exactly very young :-).

Apparently the text has a lot of subtle meanings but one really can't beat its gentle rhythm leading to the listener having a kind of 'life is good' feeling, being optimistic.

"You're gonna be a star", you really can and you will...Feeling the excitement has gone out of the web services ...
Continue reading →

Use OAuth2 tokens to protect CXF SOAP endpoints
1 year ago

By Sergey Beryozkin
So you are a happy Apache CXF developer working with its second-to-none WS SOAP front-end, creating SOAP endpoints protected by WS-Security. Your friends from the other team have deployed few CXF JAX-RS endpoints protected by the OAuth2 filter validating the incoming OAuth2 tokens with the remote OAuth2 server.

Now, you really, really, really want to get your SOAP client code use OAuth2 tokens too, the same tokens non-SOAP RS clients use to access RS ...
Continue reading →

Stateless OAuth2 providers in CXF 3.0.0
1 year ago

By Sergey Beryozkin
Writing a proper OAuth2 data provider typically involves persisting the data such as access token, refresh token and transient authorization code representations in the storage of some sort (relational database, etc).

It is also a well-known fact that major OAuth2 providers often have the access token state encrypted - the clients effectively keep the token state, the server does not need to worry about persisting and looking up the tokens. It is ...
Continue reading →

CXF 3.0.0 Milestone1 is out !
1 year ago

By Sergey Beryozkin
CXF 3.0.0 Milestone1 has been released this week.  We have all worked very hard on getting this new major release out.

Here is what is new:

- CXF has become more modular. For example, CXF JAX-RS frontend in CXF 2.7.x or earlier has WSDL4J library dependency. Removing it completely proved very hard earlier, but Dan got involved and now the JAX-RS frontend has a minimum number of strong dependencies.

- JAX-RS 2.0 has been completely implemented. ...
Continue reading →

CXF 3.0 Trunk is JAX-RS 2.0 Ready
1 year ago

By Sergey Beryozkin
It took us some time to get the core JAX-RS 2.0 API completely implemented.

As I mentioned in my previous post the API is rich and powerful, so indeed it required quite a bit of effort to get it all supported but I'm happy to confirm that after resolving a CXF JIRA issue two days ago to do with supporting 2.0 Fluent Client API it is done now, CXF 3.0 Trunk is JAX-RS Ready.

As far as supporting new Client API is concerned, for the most part it has been ...
Continue reading →

JAX-RS 2.0 is out !
1 year ago

By Sergey Beryozkin
You may have already heard JAX-RS 2.0 (JSR-339) has been released. This is a very good news for Java developers building their RESTful HTTP applications and here are the reasons why.

The 2.0 API  offers a lot of new enhancements on top of already very capable JAX-RS 1.1 (JSR-311) API and spec. It has really been a very serious push to the next level across all the API and the specification text. And what is really good is that the community can ...
Continue reading →

[OT] Apache CXF is more than just a library, you know!
2 years ago

By Sergey Beryozkin
Those of you living in Ireland who tune to listen to a brilliant NewsTalk team will recognize where I've got the idea for this regular, first half of the year, off-topic post :-), indeed, it is from NewsTalk being "more than just news, you know!".

So I got inspired and decided to do this short entry and suggest to you, the developers of web services, that CXF is more just a library,

It is the home, blueprint for developing the modern, secure web ...
Continue reading →

On the way to making CXF JAX-RS run easily in your application container
2 years ago

By Sergey Beryozkin
Awhile back I posted an entry on how to get CXF JAX-RS loaded successfully within your favorite Java EE application container, and specifically within the containers like JBoss or Glassfish which have their preferred JAX-RS implementations actively supported.

I think it was a good enough initial step but it proved to be quite incomplete, with users reporting CXF failing to handle the objects of some of JAX-RS core types like Response.

In this rather ...
Continue reading →

Use SAML2 Assertions as OAuth2 Token Grants or Authenticators with CXF
2 years ago

By Sergey Beryozkin
OAuth2 allows third-party clients to use different types of grants in order to request access tokens. The specification defines a number of grant types to get some specific flows supported, but also allows for extensions - one can use whatever custom grant is required in a particular scenario.

SAML2 Bearer Assertion Profiles  and JWT Bearer Token Profiles standardize  two such extension grants, SAML2 Bearer Assertions and JWT Bearer Tokens ...
Continue reading →
More Articles (+10)

Pages

Subscribe to Talend Community Coders aggregator - Sergey Beryozkin