Skip to main content

August Payara 5 Community Release Out Today!

by Priya Khaira-Hanks at August 17, 2022 12:48 PM

Payara Community Version 5.2022.3 is out today, bringing concurrency enhancements previously seen in Enterprise and a key security fix, solving the recently discovered CVE-2022-37422. You must update your environments to the latest version to be safe.

 


by Priya Khaira-Hanks at August 17, 2022 12:48 PM

CDI RequestScoped,Threading and the javax.enterprise.context.ContextNotActiveException

by admin at August 17, 2022 10:45 AM

Accessing a CDI @RequestScoped bean:

import javax.enterprise.context.RequestScoped;

@RequestScoped
public class Greeter {
    
    public String hello(long number){
        return "hello, duke " + number;
    }
}

asynchronously:

import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;

@Path("/hello")
@ApplicationScoped
public class GreetingResource {
    
    @Inject
    Greeter greeter;

    @GET
    @Produces(MediaType.TEXT_PLAIN)
    public String hello() {
        var numbers  = Stream.generate(System::currentTimeMillis)
        .limit(10)
        .toList();
        return numbers.parallelStream() //stream() would work...
        .map(number -> this.greeter.hello(number))
        .collect(Collectors.joining(","));
    }
}

may cause a javax.enterprise.context.ContextNotActiveException, like e.g.

javax.enterprise.context.ContextNotActiveException: javax.enterprise.context.ContextNotActiveException: RequestScoped context was not active when trying to obtain a bean instance for a client proxy of CLASS bean [class=airhacks.Greeter, id=59c45f3d436e11499d8793e2c5fc0c26ffbe3933]
- you can activate the request context for a specific method using the @ActivateRequestContext interceptor binding

The entire example was implemented, and explained, "from scratch":


by admin at August 17, 2022 10:45 AM

Microsoft is a new member of the Jakarta EE Working Group!

by Tanja Obradovic at August 16, 2022 05:15 PM

The Jakarta EE Working Group is continuously growing! We are thrilled that Microsoft has decided to join the Jakarta EE Working Group as an Enterprise member! 

Most Jakarta EE Working Group members are directly involved with development of Jakarta EE specifications or have a product implementing Jakarta EE specifications. This is not the case with Microsoft at this point.

Microsoft is one of the key cloud platform providers today, and they have already recognized the importance of Java (see: Microsoft for Java developers).They also support Jakarta EE runtimes, enabling customers to run their Jakarta EE applications on Azure (see: Java EE, Jakarta EE, and MicroProfile on Azure). 

Microsoft joining the Jakarta EE Working Group is a good indication of their dedication and recognition of the importance of Jakarta EE to their customers. By becoming a member of the Jakarta EE WG, Microsoft is enabling newly created Jakarta EE workloads to take advantage of Azure services. Jakarta EE will be well supported and served by Microsoft!

You can also read more about Microsoft perspective and reasons for joining the Jakarta EE Working Group in the announcement Microsoft joins Jakarta EE and MicroProfile Working Groups at Eclipse Foundation.


by Tanja Obradovic at August 16, 2022 05:15 PM

Adding / Merging / Joining two Collections / Lists

by admin at August 16, 2022 10:28 AM

To join to List / Collection instances, you can concat their streams:

import java.util.List;
import java.util.stream.Stream;
import org.junit.jupiter.api.Test;
public class JoiningTwoLists {

    @Test
    public void join() {
        var first = List.of(1,2);
        var second = List.of(3,4);
        var joinedList = Stream.concat(first.stream(), second.stream()).toList();
        joinedList.forEach(System.out::println);
    }
}

Prints: 1 2 3 4


by admin at August 16, 2022 10:28 AM

Hashtag Jakarta EE #137

by Ivar Grimstad at August 14, 2022 09:59 AM

Welcome to issue number one hundred and thirty-seven of Hashtag Jakarta EE!

I am enjoying a couple of weeks off so this update will be fairly short. The ballot for ratifying Jakarta EE 10 Core Profile closes on Monday. The votes on the mailing list show that the vote will pass and Jakarta EE Core 10 Core Profile is approved! It will be made available in Maven Central and on the web page as soon as the project teams get around to it.

So, what about the Jakarta EE 10 Platform and Web Profile then? If I understand it correctly, there is one test failing for Eclipse GlassFish 7 in order to pass the Jakarta EE 10 Web Profile TCK. As soon as that happens, and a certification request for GlassFish is attached to the ballot materials, both Jakarta EE 10 Platform and Jakarta EE 10 Web Profile should be ready for release reviews.


by Ivar Grimstad at August 14, 2022 09:59 AM

August Payara Enterprise Release

by Priya Khaira-Hanks at August 11, 2022 01:01 PM

Payara Platform Enterprise 5.42.0 brings 5 bug fixes, 1 improvement, 1 component upgrade and 1 key security fix - of a 0-day vulnerability in all distributions of the Payara Platform that affects web applications that are deployed in the default context root(/).  

A release of Payara 6 Community (Alpha 4) and Payara Community Version 5.2022.3 will follow next week. This will bring the fix to Community users, providing they update to these versions.


by Priya Khaira-Hanks at August 11, 2022 01:01 PM

Hashtag Jakarta EE #136

by Ivar Grimstad at August 07, 2022 09:59 AM

Welcome to issue number one hundred and thirty-six of Hashtag Jakarta EE!

The ballot for ratification of Jakarta EE 10 Core Profile is open until August 15, 2022. Members of the Jakarta EE Specification Committee have binding votes. Still, community members are encouraged to cast their non-binding votes by replying to this thread on the public specification committee mailing list.

For Jakarta EE 10 Platform and Jakarta EE 10 Web Profile, the situation is pretty much the same as last week. Eclipse GlassFish 7.0.0.M7 passes the Jakarta EE Platform TCK, but there is still work being done on the TCK for Jakarta Concurrency 3.0 to be fully included in Jakarta EE 10 Web Profile.

Jakarta MVC 2.1 is chugging along in parallel to Jakarta EE 10. The specification work is almost done, and Eclipse Krazo 3.0 passes a release candidate of the TCK. Currently, Tobias Erdle is doing an amazing job separating out some of the view engines to a separate Krazo Extensions repository. The motivation for this work is that since some of the view technologies in question are no longer actively maintained, it will lighten the maintenance burden on the Eclipse Krazo project.

The registration for EclipseCon 2022 is open. Here’s a tip for you: The best time to ask your manager for approval to go to EclipseCon is just before they head out of the door for vacation. You would be amazed at what you can get approved when they’re one click away from enabling their out-of-office notification, and a simple ‘yes’ is all it takes.

This year’s EclipseCon will take place in Ludwigsburg, Germany from October 24 to October 27.

On Monday, October 23, there will be a Jakarta EE Community Day. More details about the program for that day will be announced shortly. I will be there, and hope to see as many of you as possible!


by Ivar Grimstad at August 07, 2022 09:59 AM

Coding Microservice From Scratch (Part 6 of 7) | JAX-RS Done Right! | Head Crashing Informatics 58

by Markus Karg at August 06, 2022 03:00 PM

Write a pure-Java microservice from scratch, without an application server nor any third party frameworks, tools, or IDE plugins — Just using JDK, Maven and JAX-RS aka Jakarta REST 3.1. This seven part-video series shows you the essential steps!

In episode number 6 we turn typical boilerplate-technologies into cross-vendor / cross-product JAX-RS Runtime Extensions aka calles Jakarta REST Services.

If you like this video, please give it a thumbs up, share it, subscribe to my channel, or become my patreon https://www.patreon.com/mkarg. Thanks! 🙂


by Markus Karg at August 06, 2022 03:00 PM

Jakarta EE 10 Core Profile debuts in Open Liberty 22.0.0.9-beta

August 04, 2022 12:00 AM

Open Liberty 22.0.0.9-beta brings you the hot-off-the-press Jakarta EE 10 Core Profile. Jakarta EE 10 will be the first release to provide updates to the specifications since Java EE 8 in 2017. Jakarta EE 10 Core Profile is a subset of the specifications. The Core Profile is specifically aimed at lightweight runtimes, like Open Liberty, that are optimised for running cloud-native Java microservices. While the whole Jakarta EE 10 release is just around the corner, Open Liberty 22.0.0.9-beta provides a preview of the Core Profile subset of features for you to start exploring now.

As well as Jakarta EE 10 Core Profile, we’ve included in this beta two other Jakarta EE features: Jakarta EE 10 Expression Language 5.0, which means you can access any annotations present on a particular method using the getAnnotations() method, and more; and Jakarta Concurrency 3.0, which enhances the set of parallel and reactive programming models available to applications, and more.

But it’s not only Jakarta EE features in this release: MicroProfile OpenAPI 3.1 provides the ability to specify optional authentication for operations and multiple annotation enhancements, and Password Utilities 1.1 no longer forcefully federates stand-alone user registries.

The Open Liberty 22.0.0.9-beta includes the following beta features (along with all GA features):

Support for multipart/form-data content type (RESTful Web Services 3.1)

Jakarta RESTful Web Services 3.1 (also known as Jakarta Rest 3.1 and formerly known as JAX-RS) is now available in the Open Liberty 22.0.0.9 beta. The 3.1 implementation is based on RESTEasy and is an EE10 technology, which uses the jakarta.* package name. For more information on the changes in this release, see the Changes Since 3.0 Release section of the Jakarta RESTful Web Services Spec.

Give it a try - and if you encounter any issues, please let us know!

You can enable RESTful Web Services 3.1 by using the restfulWS-3.1 feature in your server.xml file:

<featureManager>
  <feature>restfulWS-3.1</feature>
</featureManager>

If you only need a RESTful client, use the restfulWSClient-3.1 feature instead:

<featureManager>
  <feature>restfulWSClient-3.1</feature>
</featureManager>

To learn more about RESTful Web Services or see what is coming in future releases, visit the EE4J community page.

Enhanced JSON string parsing and new serialization/deserialization options (JSON Processing 2.1 and JSON Binding 3.0)

The Jakarta JSON Processing specification enables you to parse and generate JSON strings. The Jakarta JSON Binding specification is built on top of JSON Processing and enables you to serialize and deserialize Java objects into JSON.

The Jakarta JSON Processing specification has been updated with enhancements for handling duplicate keys when parsing JSON, and better handling of the java.lang.Number superclass when generating JSON strings. The Jakarta JSON Binding specification has been updated to support polymorphism.

Open Liberty provides default implementations for both Jakarta JSON Processing and Binding. For JSON Processing, we provide the Parsson implementation. For JSON Binding, we provide the Yasson implementation. To get these default implementations you can enable the jsonp-2.1 and jsonb-3.0 features.

<featureManager>
    <feature>jsonb-3.0</feature>
    <feature>jsonp-2.1</feature>
</featureManager>

If you want to use a third-party Jakarta JSON Processing 2.1 or Binding 3.0 implementation, you can enable the jsonpContainer-2.1 or jsonbContainer-3.0 features. The JSON Container features require you to configure a Basic Extensions using Liberty Libraries (BELLs) element that points to your third-party implementation(s).

<featureManager>
    <feature>jsonbContainer-3.0</feature>
    <feature>jsonpContainer-2.1</feature>
</featureManager>

<library id="myJsonBindingProvider">
  <file name="${path.to.json.binding.provider}"/>
</library>

<bell libraryRef="myJsonBindingProvider"/>

<library id="myJsonProcessingProvider">
  <file name="${path.to.json.processing.provider}"/>
</library>

<bell libraryRef="myJsonProcessingProvider"/>

Note that enabling either the JSON-B 3.0 feature (jsonb-3.0) or the JSON-B Container 3.0 (jsonbContainer-3.0) feature automatically enables the JSON-P 2.1 feature (jsonp-2.1), unless you have enabled the JSON-P Container 2.1 feature (jsonpContainer-2.1) in order to provide a third-party implementation of JSON-P.

You can find out more about this specific update and the wider technology with the following links:

Support for build compatible extensions and observable container state events (CDI 4.0)

CDI allows objects to be bound to lifecycle contexts, to be injected, to be associated with interceptors and decorators, and to interact in a loosely coupled fashion by firing and observing events. Highlights of CDI 4.0 include support for build compatible extensions and observable container state events. This update also brings in new Jakarta EE 10 versions of the Jakarta Annotations and Jakarta Interceptors APIs.

Build compatible extensions

Previous versions of CDI allowed users to provide Portable Extensions to customize the CDI application initialization lifecycle. These Build Compatible Extensions make implementing extensions amenable to build-time processing. To implement a Build Compatible Extension, provide an implementation of the BuildCompatibleExtension interface, declared via META-INF/services. The implementation can provide methods annotated with one of the extension annotations, each of which corresponds to the extension execution phases:

  • @Discovery

  • @Enhancement

  • @Registration

  • @Synthesis

  • @Validation

For example, as part of the Enhancement phase, this implementation adds an additional MyQualifier annotation to the MyService type:

public class MyExtension implements BuildCompatibleExtension {
    @Enhancement(type=MyService.class)
    public void addMyQualifier(ClassConfig clazz) {
        clazz.addAnnotation(MyQualifier.class)
    }
}

Startup and Shutdown events

Two new observable container state events are now available: Startup and Shutdown. Applications can listen for these events to be notified when the CDI container is starting up and being shut down.

@ApplicationScoped
public class MyObserver {
    public void observeStartup(@Observes Startup startupEvent) { {
        System.out.println("CDI Container is starting");
    }

    public void observeShutdown(@Observes Shutdown shutdownEvent) { {
        System.out.println("CDI Container is stopping");
    }
}

You can control the order of multiple observer methods by using the @Priority annotation.

Empty beans.xml files

In previous versions of CDI, an empty beans.xml file indicated that an archive should be treated as an explicit bean archive (the equivalent of bean-discovery-mode="all"). In CDI 4.0, an empty beans.xml now causes an archive to be treated as an implicit bean archive (the equivalent of bean-discovery-mode="annotated"). If necessary, you can set a configuration option to enable compatibility with previous versions.

Unversioned beans.xml files

In previous versions of CDI, a non-empty beans.xml file that did not include a version attribute defaulted to bean-discovery-mode="all". In CDI 4.0, it defaults to bean-discovery-mode="annotated". However, you should properly version all beans.xml files, as shown in the following configuration example:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns="https://jakarta.ee/xml/ns/jakartaee"
    xsi:schemaLocation="https://jakarta.ee/xml/ns/jakartaee https://jakarta.ee/xml/ns/jakartaee/beans_4_0.xsd"
    version="4.0"
    bean-discovery-mode="annotated">
</beans>

Programmatic lookup of beans and instances

A new Handle API is now available to make programmatic inspection of Bean metadata easier. This avoids the need to create instances before they are actually required. You can obtain a Handle using the Instance API:

public interface Handle<T> extends AutoCloseable {
        T get();
        Bean<T> getBean();
        void destroy();
        void close();
}

Removed APIs

The following previously deprecated CDI APIs have been removed:

  • @New qualifier - replaced by @Dependent beans.

  • Bean#isNullable() - has not been used by the implementation since CDI 1.1.

  • BeanManager#fireEvent() - Use BeanManager.getEvent() instead.

  • BeanManager#createInjectionTarget(AnnotatedType) - replaced by BeanManager#getInjectionTargetFactory(AnnotatedType)

  • BeforeBeanDiscovery#addAnnotatedType(AnnotatedType) - replaced by BeforeBeanDiscovery#addAnnotatedType(AnnotatedType, String)

Configuration

The Liberty <cdi12> server.xml configuration element has been superseded by a new <cdi> element, which applies to CDI versions 1.2 and later. For example:

<cdi enableImplicitBeanArchives="false" emptyBeansXmlCDI3Compatibility="true"/>
  • The enableImplicitBeanArchives attribute is the same as it was in previous versions.

    • If set to true, which is the default, then archives that do not contain a beans.xml file are treated as Implicit Bean Archives and scanned for classes that have bean defining annotations.

    • If set to false, then archives that do not contain a beans.xml file are not scanned for annotated classes.

  • The emptyBeansXmlCDI3Compatibility attribute applies only to CDI 4.0.

    • If set to true, then an archive that contains an empty beans.xml file is treated as an explicit bean archive, as it was in CDI 3.0 and earlier.

    • If set to false, which is the default, then an archive that contains an empty beans.xml file is treated as an implicit bean archive. This is equivalent to setting bean-discovery-mode="annotated"..

To use the CDI 4.0 feature, add cdi-4.0 to your server.xml:

<featureManager>
  <feature>cdi-4.0</feature>
</featureManager>

Access any available annotations using getAnnotations() (Expression Language 5.0)

Jakarta EE 10 Expression Language 5.0 includes a number of new features, deprecations, and specification clarifications. One of the new features is the addition of the MethodReference, a new class that allows developers to access any annotations present on a particular method using the getAnnotations() method.

To enable Expression Language 5.0, add the expressionLanguage-5.0 feature to the list of features in your server.xml file:

<featureManager>
  <feature>expressionLanguage-5.0</feature>
</featureManager>

More information about Expression Language 5.0 can be found in:

Enhanced parallel and reactive programming models available to applications (Concurrency 3.0)

The Jakarta Concurrency specification enhances the set of parallel and reactive programming models available to applications, enabling tasks and completion stage actions to run with the thread context of the submitter.

Concurrency 3.0 includes the following enhancements:

  • Resource definition annotations that put applications in control of defining the concurrency constraints and thread context types that the application requires

  • Context-aware completion stages that are managed by the container

  • Asynchronous methods that are backed by context-aware completion stages

  • Improvements to Triggers for customizing the scheduling of business logic according to dates and times within one’s own time zone

  • Standardized integration for third-party providers of thread context

Enable the concurrent-3.0 feature in server.xml, along with other Jakarta EE 10 beta features that you wish to use in combination with it, for example:

<featureManager>
  <feature>concurrent-3.0</feature>
  <!-- other features that are used in the examples: -->
  <feature>cdi-4.0</feature>
  <feature>jdbc-4.2</feature>
  <feature>jndi-1.0</feature>
  <feature>restfulWS-3.1</feature>
</featureManager>

You can still configure <managedExecutorService> and other Concurrency resource types in your server.xml file as you did for previous versions of the feature. However, In Concurrency 3.0 you can define those resources within application components. With the CDI feature enabled, methods that return a CompletionStage or CompletableFuture can be designated to run asynchronously by annotating them with @Asynchronous. For example:

import jakarta.enterprise.concurrent.Asynchronous;
import jakarta.inject.Singleton;

import java.sql.*;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.CompletionException;

import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.sql.DataSource;

@Singleton
public class AccountsBean {

    @Asynchronous(executor = "java:module/concurrent/MyExecutor")
    CompletableFuture<List<Account>> findOverdue(int minDaysLate) {
        List<Account> overdueAccounts = new ArrayList<Account>();
        try {
            // Resource reference lookup requires context of the application component,
            DataSource db = InitialContext.doLookup("java:comp/env/jdbc/account-db-ref");
            ...
            return Asynchronous.Result.complete(overdueAccounts);
        } catch (NamingException | SQLException x) {
            throw new CompletionException(x);
        }
    }

    ...

When the application invokes the asynchronous method, the container intercepts the invocation and hands back a completion stage representing its eventual completion, which is arranged by the ManagedExecutorService. For example:

    @GET
    public Response remindAboutOverdueAccounts () {
        ...
        accounts.findOverdue(60).thenAccept(this::sendReminder);
        ...
    }

    void sendReminder(List<Account> overdue) {
        try {
            // Resource reference lookup requires context of the application component,
            DataSource db = InitialContext.doLookup("java:comp/env/jdbc/customer-db-ref");
            ...
        } catch (NamingException | SQLException x) {
            throw new CompletionException(x);
        }
    }

The Maven coordinates for Concurrency 3.0 are as follows:

<dependency>
    <groupId>jakarta.enterprise.concurrent</groupId>
    <artifactId>jakarta.enterprise.concurrent-api</artifactId>
    <version>3.0.0</version>
</dependency>

For more resources regarding Concurrency 3.0, reference the following links:

Document APIs where authentication is optional or complex (MicroProfile OpenAPI 3.1)

The OpenAPI specification standardizes a way of documenting REST APIs in a JSON or YAML format. The MicroProfile OpenAPI specification helps you generate and serve OpenAPI documentation for your REST applications that are built by using JAX-RS or Jakarta RESTful Web Services. This can be useful for developers to test out the API during development, or for people using the API in production.

MicroProfile OpenAPI 3.1 is a minor release that includes the following updates:

  • Some Jakarta Bean Validation annotations will now be read and their restrictions will be added to object schemas.

  • Most annotations now include an extension attribute.

  • @SecurityRequirementsSet can now be used to document operations where authentication is optional or where more than one authentication mechanism is required.

To use MicroProfile OpenAPI 3.1, add the mpOpenAPI-3.1 feature to your server.xml:

<featureManager>
    <feature>mpOpenAPI-3.1</feature>
</featureManager>

Next, deploy your rest application and then visit the /openapi endpoint to view the OpenAPI documentation, or visit /openapi/ui for a user interface where you can browse through it. You can enhance the documentation by using annotations to add things like textual descriptions to each method. The annotations are available as a Maven dependency:

<dependency>
    <groupId>org.eclipse.microprofile.openapi</groupId>
    <artifactId>microprofile-openapi-api</artifactId>
    <version>3.1-RC2</version>
</dependency>

For more information about MicroProfile OpenAPI, see the following links:

Stand-alone user registries no longer forcefully federated (Password Utilities 1.1)

The new passwordUtilities-1.1 feature no longer starts the federatedRegistry-1.0 feature or the Jakarta Connectors feature. Stand-alone user registries are no longer forcefully federated, which sometimes results in slightly different behavior.

To enable Password Utilities 1.1, add the passwordUtilities-1.1 feature to the list of features in your server.xml file:

<featureManager>
    <feature>passwordUtilities-1.1</feature>
</featureManager>

For more information about the Password Utilities, check out the feature documentation.

Try it now

To try out these features, just update your build tools to pull the Open Liberty All Beta Features package instead of the main release. The beta works with Java SE 18, Java SE 17, Java SE 11, and Java SE 8, however, the Jakarta EE 10 features are only compatible with Java SE 11 and later.

If you’re using Maven, here are the coordinates:

<dependency>
  <groupId>io.openliberty.beta</groupId>
  <artifactId>openliberty-runtime</artifactId>
  <version>22.0.0.9-beta</version>
  <type>pom</type>
</dependency>

Or for Gradle:

dependencies {
    libertyRuntime group: 'io.openliberty.beta', name: 'openliberty-runtime', version: '[22.0.0.9-beta ,)'
}

Or take a look at our Downloads page.

We welcome your feedback

Let us know what you think on our mailing list. If you hit a problem, post a question on StackOverflow. If you hit a bug, please raise an issue.


August 04, 2022 12:00 AM

How to use PostgreSQL’s JSONB data type with Hibernate

by Thorben Janssen at August 03, 2022 03:55 PM

The post How to use PostgreSQL’s JSONB data type with Hibernate appeared first on Thorben Janssen.

Most databases offer lots of proprietary features in addition to the known SQL standard. One example is PostgreSQL’s JSONB data type which allows you to…

The post How to use PostgreSQL’s JSONB data type with Hibernate appeared first on Thorben Janssen.


by Thorben Janssen at August 03, 2022 03:55 PM

View stack trace separately from messages in logged exceptions and time-based log rollover in Open Liberty 22.0.0.8

August 02, 2022 12:00 AM

Open Liberty 22.0.0.8 provides a new capability to view stack trace separately from messages in logged exceptions with new fields for Open Liberty JSON logging and for the Logstash Collector feature. This capability enables easier-to-read visualizations in downstream log analysis tools. Also new in this release is time-based log rollover, which enables you to specify a time of day for log files to roll over. This release also includes an important security vulnerability (CVE) fix, as well as many notable bug fixes.

In Open Liberty 22.0.0.8:

View the list of fixed bugs in 22.0.0.8.

Run your apps using 22.0.0.8

If you’re using Maven, here are the coordinates:

<dependency>
    <groupId>io.openliberty</groupId>
    <artifactId>openliberty-runtime</artifactId>
    <version>22.0.0.8</version>
    <type>zip</type>
</dependency>

Or for Gradle:

dependencies {
    libertyRuntime group: 'io.openliberty', name: 'openliberty-runtime', version: '[22.0.0.8,)'
}

Or if you’re using Docker:

FROM open-liberty

Or take a look at our Downloads page.

Ask a question on Stack Overflow

View stack trace separately from logged messages in logging records

The stack trace is now separated from logged messages in logging records so that log analysis tools can present them more clearly. This makes visualizations of the logs by downstream log analysis tools easier to read when you are identifying any issues encountered by the application. Previously, any logging record originating from a Java Logger object that made use of any of the methods that accept a Throwable parameter would simply append the stack trace to the existing message field. Keeping the message field solely for the logged message and having a separate field for the stack trace and exception type enhances the effectiveness of downstream log analysis tools.

Java’s Logging API provides methods that allow you to include a Throwable as a parameter. When the Throwable object is used, Open Liberty’s JSON logging provides two new fields, ibm_stackTrace and ibm_exceptionName, and the Open Liberty Logstash Collector feature provides two new fields, stackTrace and exceptionName. The stack trace fields present only the stack trace of the Throwable object. The exception name fields present the type of exception of the Throwable object.

Example:

For the example, we will only show the message log record for Open Liberty’s JSON logging.

Application with the following code snippet:

Logger logger = Logger.getLogger(MyResource.class.getCanonicalName());
Exception exception = new IllegalArgumentException("ouch");
logger.log(Level.INFO, "exception message", exception);

Previous Open Liberty JSON logging output:

{
    "type": "liberty_message",
    ...
    "message": exception message  java.lang.RuntimeException: ouch\r\n\tatmy.package.MyResource.get(MyResource.java:32)\r\n\tatmy.package.MyResource.get(MyResource.java:20)\r\n...",
    ...
}

New Open Liberty JSON logging output:

{
    "type": "liberty_message",
    ...
    "message": exception message",
    "ibm_exceptionName":"java.lang.IllegalArgumentException",
    "ibm_stackTrace":"java.lang.IllegalArgumentException: ouch\r\n\tat my.package.MyResource.get(MyResource.java:20)\r\n...",
    ...
}

Time-based log rollover for Liberty

Liberty provides a few different log files; a message.log is created by default, and a trace.log and http_access.log can be enabled for tracing and NCSA access logs respectively. Previously, these log files could be rolled over only by either server restart or by limiting the maximum log file size with the maxFileSize logging attribute. Instead of file size-based log rollover, users may want to roll over their files at periodic times to facilitate their existing log cleaning or archival processes.

Now, you can enable time-based periodic rollover of those log files at their own specified time of day by using two new optional logging configuration attributes: rolloverInterval and rolloverStartTime. Upon roll over, the file names are appended with a timestamp that corresponds to the time that the log was rolled over.

  • rolloverInterval is the desired time interval between log rollovers. Set the attribute with a positive integer followed by a unit of time, which can be days (d), hours (h), or minutes (m). For example, specify 5 hours as 5h. You can include multiple values in a single entry. For example, 1d5h is equivalent to 1 day and 5 hours.

  • rolloverStartTime is the time of day when logs first roll over and the first rollover interval duration begins. Valid values for this attribute follow a 24-hour ISO-8601 time format of HH:MM, where 00:00 represents midnight.

The two configuration attributes are optional. If neither of the attributes are set, then time-based log rollover is not enabled. If only one of the two attributes is set, then time-based log rollover is enabled, and the other attribute is set to its default. The default value for rolloverInterval is 1d, and the default value for rolloverStartTime is 00:00.

Example server.xml file configuration for log rollover in the messages.log and trace.log files by specifying the new attributes in the logging element:

<server>
   ...
    <logging rolloverStartTime="00:00" rolloverInterval="1d"/>
    ...
</server>

Example server.xml file configuration for log rollover in the http_access.log file by specifying the new attributes in the httpAccessLogging element:

<server>
   ...
    <httpAccessLogging rolloverStartTime="00:00" rolloverInterval="1d" logFormat='%h %u %{t}W "%r" %s %b' />
    ...
</server>

Example server.xml configuration for access logging, using <accessLogging/> under <httpEndpoint/>, which handles http_access.log rollover:

<server>
   ...
   <httpEndpoint id="defaultHttpEndpoint">
      <accessLogging rolloverStartTime="00:00" rolloverInterval="1d" logFormat='%h %i %u %t "%r" %s %b' />
   </httpEndpoint>
    ...
</server>

Example result of logs, rolled over every minute, with a configuration of rolloverInterval="1m" and rolloverStartTime="00:00":

Example logs

For more information about this feature, refer to the HTTP Access Logging, Liberty Logging, and Liberty Access Logging documentation.

jaxws-2.2 updates to CXF 3.4

We’ve updated jaxws-2.2 to use CXF 3.4, which is a major update coming all way up from CXF 2.6.2. Anyone using jaxws-2.2 will automatically get the update with 22.0.0.8, but don’t worry, Liberty’s zero migration means we’ve taken great care to prevent any behavior changes. The main reason for us to make this change is to make jaxws-2.2 easier to maintain and keep up-to-date going forward. We expect this to result in quicker turn around time on pulling in the latest fixes from CXF and it’s related dependencies going forward and a slightly smaller runtime footprint as well!

Security vulnerability (CVE) fixes in this release

CVE CVSS Score Vulnerability Assessment Versions Affected Notes

CVE-2022-22476

5

Identity spoofing

17.0.0.3 - 22.0.0.7

Affects the App Security 1.0, App Security 2.0, App Security 3.0 and App Security 4.0 features

For a list of past security vulnerability fixes, reference the Security vulnerability (CVE) list.

Notable bugs fixed in this release

We’ve spent some time fixing bugs. The following sections describe just some of the issues resolved in this release. If you’re interested, here’s the full list of bugs fixed in 22.0.0.8.

  • UI generated by openapi-3.1 feature doesn’t show the link specific endpoints

    An issue arose that when you clicked an endpoint in the UI that is generated by the openapi-3.1 feature, the clicked endpoint is expanded but the URL of the browser is not changed. As the result, you could not pass a link to a specific endpoint to others for reference. The URL of the browser is expected to change to show the link to the clicked endpoint.

    This issue has since been reviewed and subsequently the affected features list have been updated once the UI is shared with the mpOpenApi features. This did previously work for openapi-3.1 but had been broken by #19535 in 22.0.0.2. This issue has now been resolved.

  • Server start fails when directory has spaces

    On Windows operating system, when the server working directory is specified using the SERVER_WORKING_DIR environment variable and a space is present in the name of the server working directory, an attempt to start the server using the server script will hang and the server will not start.

    This issue was due to missing quotes in the server script and has since been resolved. You can find out more information about this fix of adding quotes to server working directory test here.

  • Port MYFACES-4432 to JSF 2.3 and Faces 3.0 (Resolve request object in facelets)

    The issue occurred when using the "@FacesConfig" annotation in a JSF 2.3 or Faces 3.0 application, the #{request} object fails to resolve. An empty string is returned instead.

    This issue has now been closed as completed in #21599

  • EJB persistent timers that were deferred during app start do not run when app finishes starting

    EJB Persistent Timers that get deferred due to the application not being started yet do not run after the application finishes starting.

    Steps to reproduce are to have a large, slowly-starting application with a number of persistent EJB timers around from a previous run. Start the server and if timing is right, the timers will never start running.

    The expected behavior is for EJB persistent timers that were deferred due to an unavailable application should run after the application becomes available again.

    This issue has been resolved by running deferred tasks after the app starts in #21616.

  • featureUpdate downloads fail in Windows, due to #20945

    The issue is caused by the inability to connect to Maven repo on Windows due to changes made in #20945. There is a need to append a forward slash (/) instead of File.separator for urls.

    Running featureUtility.exe installFeature or`featureUtility.exe installServerFeature` causes the following:

    The remote repository "https://repo.maven.apache.org/maven2/\" is missing the following artifacts: [json-1.0-22.0.0.7.pom, json-1.0-22.0.0.7.esa]
    [7/27/22, 11:31:52:318 PDT] Downloading required features ...
    [7/27/22, 11:31:52:334 PDT] Starting installation ...
    [7/27/22, 11:31:52:365 PDT] Successfully completed cleaning up temporary files.
    <---------------------> Infinity%
    java.lang.NullPointerException
    at com.ibm.ws.install.featureUtility.FeatureUtility.installFeatures(FeatureUtility.java:483)
    at com.ibm.ws.install.featureUtility.cli.InstallFeatureAction.install(InstallFeatureAction.java:241)
    at com.ibm.ws.install.featureUtility.cli.InstallFeatureAction.execute(InstallFeatureAction.java:257)
    at com.ibm.ws.install.featureUtility.cli.InstallFeatureAction.handleTask(InstallFeatureAction.java:78)
    at com.ibm.ws.install.featureUtility.cli.FeatureAction.handleTask(FeatureAction.java:100)
    at com.ibm.ws.install.featureUtility.FeatureUtilityExecutor.main(FeatureUtilityExecutor.java:58)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:566)
    at com.ibm.ws.kernel.boot.cmdline.UtilityMain.internal_main(UtilityMain.java:173)
    at com.ibm.ws.kernel.boot.cmdline.UtilityMain.main(UtilityMain.java:53)
    at com.ibm.ws.kernel.boot.cmdline.Main.main(Main.java:52)

    This issue has since been resolved by #21667 which reverts the File.separator to a forward slash and the features now install successfully.

Get Open Liberty 22.0.0.8 now


August 02, 2022 12:00 AM

Getting started with Jakarta Bean Validation

by F.Marchioni at July 31, 2022 02:29 PM

This article covers the Jakarta Bean Validation specification which allows you to express constraints on your model and create custom ones in an extensible way. Within it, we will cover the legacy from Jakarta EE Validation and the new features available since Jakarta EE 10. Jakarta Bean Validation allows you to write a constraint once ... Read more

The post Getting started with Jakarta Bean Validation appeared first on Mastertheboss.


by F.Marchioni at July 31, 2022 02:29 PM

Spring Data JDBC – Use a sequence to generate primary keys

by Thorben Janssen at July 27, 2022 02:52 PM

The post Spring Data JDBC – Use a sequence to generate primary keys appeared first on Thorben Janssen.

By default, Spring Data JDBC expects the database to provide a primary key value for every new record. The easiest way to achieve that is…

The post Spring Data JDBC – Use a sequence to generate primary keys appeared first on Thorben Janssen.


by Thorben Janssen at July 27, 2022 02:52 PM

Coding Microservice From Scratch (Part 5 of 7) | JAX-RS Done Right! | Head Crashing Informatics 57

by Markus Karg at July 23, 2022 03:00 PM

Write a pure-Java microservice from scratch, without an application server nor any third party frameworks, tools, or IDE plugins — Just using JDK, Maven and JAX-RS aka Jakarta REST 3.1. This seven part-video series shows you the essential steps!

Episode number five brings us external configuration, so Docker, Kubernetes, etc. can control our microservice from the outside.

If you like this video, please give it a thumbs up, share it, subscribe to my channel, or become my patreon https://www.patreon.com/mkarg. Thanks! 🙂


by Markus Karg at July 23, 2022 03:00 PM

Jersey 3.1.0 – Incompatibilities and changes

by Jan at July 22, 2022 05:35 PM

This article discusses backward-incompatible changes in Jersey 3.1.0. While Jersey tries to minimize these incompatible changes, the changes are forced by the Platform Specification Project, API project, security reasons, or an unstoppable evolution. Jersey 3.1.0 drops compatibility with JDK 8. … Continue reading

by Jan at July 22, 2022 05:35 PM

Getting started with JSF 4.0 on WildFly 27

by F.Marchioni at July 14, 2022 04:40 PM

This article contains a preview of Jakarta Faces 4.0 which is an MVC framework for building user interface with Jakarta EE 10. To get started with Jakarta EE 10, you need to download the latest release of WildFly 27 which you can use to preview Jakarta EE 10 features. At the time of writing, the ... Read more

The post Getting started with JSF 4.0 on WildFly 27 appeared first on Mastertheboss.


by F.Marchioni at July 14, 2022 04:40 PM

Java Reflections unit-testing

by Vladimir Bychkov at July 13, 2022 09:06 PM

How make java code with reflections more stable? Unit tests can help with this problem. This article introduces annotations @CheckConstructor, @CheckField, @CheckMethod to create so unit tests automatically

by Vladimir Bychkov at July 13, 2022 09:06 PM

Jakarta EE 10: Getting So Close, But Not There Yet!

by Tanja Obradovic at July 06, 2022 07:16 PM

While we are still looking into initiating ballots for the Jakarta EE Platform and the Profiles any day now, I wanted to let you know about the hold up!

The issues we are facing are related to passing the TCK for the Compatible Implementation. Here is the current status on the release!

Jakarta EE 10 Status 

 If you are interested in finding out more, please consider attending the Jakarta EE Platform Project calls (every Tuesday @11 am EST) published on the Jakarta EE Specification Calendar, or follow the meeting minutes!

In any case, we are only a couple of weeks away! Ultimately all Release Review PRs are ready.

 


by Tanja Obradovic at July 06, 2022 07:16 PM

The Power of Enum – Take advantage of it to make your code more readable and efficient

by otaviojava at July 06, 2022 06:51 AM

Like any other language, Java has the enum feature that allows us to enumerate items. It is helpful to list delimited items in your code, such as the seasons. And we can go beyond it with Java! It permits clean code design. Indeed, we can apply several patterns such as VO from DDD, Singleton, and […]

by otaviojava at July 06, 2022 06:51 AM

Jersey 3.1.0-M3 has been released!

by Jan at June 09, 2022 11:56 PM

Jersey 3.1.0-M3 is Jakarta RESTful Web Services 3.1 compatible implementation. And we are happy to announce that it has been finally released to maven central. Jakarta REST 3.1 Specification is a part of Jakarta EE 10, which will be released … Continue reading

by Jan at June 09, 2022 11:56 PM

Java EE - Jakarta EE Initializr

May 05, 2022 02:23 PM

Getting started with Jakarta EE just became even easier!

Get started

Hot new Update!

Moved from the Apache 2 license to the Eclipse Public License v2 for the newest version of the archetype as described below.
As a start for a possible collaboration with the Eclipse start project.

New Archetype with JakartaEE 9

JakartaEE 9 + Payara 5.2022.2 + MicroProfile 4.1 running on Java 17

  • And the docker image is also ready for x86_64 (amd64) AND aarch64 (arm64/v8) architectures!

May 05, 2022 02:23 PM

JavaEE 8 + Payara 5 + Microprofile 2.1 + Docker In about a minute

March 19, 2022 08:17 AM

Thin Wars to the rescue

It can be really easy to start on your JavaEE / JakartaEE application. It’ll take you about a minute…

In this minute you will get a project with:

  • JavaEE 8
  • MicroProfile 2.1
  • Preconfigured Payara 5 Full server docker container - ivonet/payara:5.184
  • Maven essential setup
  • Run and build scripts for all of this

The minute has started…

Enter the code below in a terminal were you want to create your project and press enter

1
2
3
4
mvn archetype:generate \
-DarchetypeGroupId=nl.ivonet \
-DarchetypeArtifactId=jakartaee8-payara-microprofile-archetype \
-DarchetypeVersion=1.0 -U

The first time you run this command, it will take just a bit more time as it will
download everything needed from the maven central repository.

you will be asked these questions:

1
2
3
4
5
Define value for property 'groupId': com.example
Define value for property 'artifactId': helloworld
Define value for property 'version' 1.0-SNAPSHOT: :
Define value for property 'package' com.example: :
Define value for property 'docker-hub-name': example

Just follow the instructions and your project will be created:

1
2
cd helloworld
./run

This will start the project in a docker container.
The docker container will be downloaded the first time and that might take more than the minute depending
on the speed of your internet connection.
After the first time it will only take seconds.

Now go to http://localhost:8080//rest/example and you will have a working
example HelloWorld application.

Done 😄

After burner

Now you can load it into your favorite IDE and start building your own stuff.
Don’t forget to read the README.md of the project to learn more about the available commands.

Have fun.

Links


March 19, 2022 08:17 AM

Take the 2022 Jakarta EE Developer Survey

by Mike Milinkovich at March 09, 2022 02:14 PM

In less than six minutes of your time, you can let the entire cloud native Java industry know what you need to support modern enterprise applications. The Jakarta EE Developer Survey is one of the largest developer surveys in the Java landscape, and the number of responses it generates clearly shows the Java ecosystem believes the results are important.

Since we first released the annual Jakarta EE Developer Survey in 2018, thousands of software developers, architects, and decision-makers from around the world have completed the survey.  They see their participation as an opportunity to:

  • Build awareness around their development focus area 
  • Share their perceptions of the cloud native Java industry with the broader ecosystem 
  • Identify their preferences and priorities for cloud native Java architectures, technologies, and tools

Tell the World What You Need in the Cloud Era

This year, we’re asking survey respondents to look ahead and share their future plans for building modern enterprise applications in the new cloud era. It’s a great way to let Java platform vendors, enterprises, and developers know where you see cloud native Java going and the types of technologies and tools you’ll need to help it get there. With this insight, everyone in the Java ecosystem — you included — will have updated information about how cloud native Java is unfolding and what it means for their strategies and businesses.

The survey is also an excellent opportunity to help the Jakarta EE Working Group understand how it can best evolve Jakarta EE to meet your cloud development requirements and goals. Working Group members are always listening carefully to Java ecosystem requirements so they can ensure Jakarta EE continues to evolve in alignment with the top industry focus areas and priorities. They want to hear from you, and completing the survey is one of the easiest and most effective ways to give them your input.

Survey Results Provide Essential Insights

Over the years, the Jakarta EE Developer Survey has provided many valuable insights into the state of the cloud native Java ecosystem, and the 2021 survey was no exception. Completed by more than 950 individuals, last year’s survey revealed some very interesting trends, including the:

  • Fast-growing adoption of Jakarta EE, making it the second-place cloud native framework for the second straight year
  • Increased interest in cloud native Java overall
  • Increased use of microservices architectures and the decline of monolithic approaches in favor of hybrid architectures
  • Need for flexible platforms that can be used to build traditional and cloud native business applications
  • Expected growth rates for Java apps in the cloud

To understand the full value of the survey results, read the 2021 Jakarta EE Developer Survey report.

Complete the Jakarta EE Developer Survey Today

We encourage all developers, architects, and decision-makers in the Java ecosystem to add their voice to the survey and help the industry gain the broadest possible view of the state of enterprise cloud native Java.

Participate in the survey here.


by Mike Milinkovich at March 09, 2022 02:14 PM

FOSDEM 2022 Conference Report

by Reza Rahman at February 21, 2022 12:24 AM

FOSDEM took place February 5-6. The European based event is one of the most significant gatherings worldwide focused on all things Open Source. Named the “Friends of OpenJDK”, in recent years the event has added a devroom/track dedicated to Java. The effort is lead by my friend and former colleague Geertjan Wielenga. Due to the pandemic, the 2022 event was virtual once again. I delivered a couple of talks on Jakarta EE as well as Diversity & Inclusion.

Fundamentals of Diversity & Inclusion for Technologists

I opened the second day of the conference with my newest talk titled “Fundamentals of Diversity and Inclusion for Technologists”. I believe this is an overdue and critically important subject. I am very grateful to FOSDEM for accepting the talk. The reality for our industry remains that many people either have not yet started or are at the very beginning of their Diversity & Inclusion journey. This talk aims to start the conversation in earnest by explaining the basics. Concepts covered include unconscious bias, privilege, equity, allyship, covering and microaggressions. I punctuate the topic with experiences from my own life and examples relevant to technologists. The slides for the talk are available on SpeakerDeck. The video for the talk is now posted on YouTube.

Jakarta EE – Present and Future

Later the same day, I delivered my fairly popular talk – “Jakarta EE – Present and Future”. The talk is essentially a state of the union for Jakarta EE. It covers a little bit of history, context, Jakarta EE 8, Jakarta EE 9/9.1 as well as what’s ahead for Jakarta EE 10. One key component of the talk is the importance and ways of direct developer contributions into Jakarta EE, if needed with help from the Jakarta EE Ambassadors. Jakarta EE 10 and the Jakarta Core Profile should bring an important set of changes including to CDI, Jakarta REST, Concurrency, Security, Faces, Batch and Configuration. The slides for the talk are available on SpeakerDeck. The video for the talk is now posted on YouTube.

I am very happy to have had the opportunity to speak at FOSDEM. I hope to contribute again in the future.


by Reza Rahman at February 21, 2022 12:24 AM

Making Readable Code With Dependency Injection and Jakarta CDI

by otaviojava at January 18, 2022 03:53 PM

Learn more about dependency injection with Jakarta CDI and enhance the effectiveness and readability of your code. Link: https://dzone.com/articles/making-readable-code-with-dependency-injection-and-jakarta-cdi

by otaviojava at January 18, 2022 03:53 PM

JConf Peru 2021 Conference Report

by Reza Rahman at January 01, 2022 09:31 PM

JConf Peru 2021 took place November 27th. This was the third time the event was held and due to the pandemic, the 2021 event was virtual and free. I am very proud to have participated as an invited speaker – the JConf series is an admirable effort by the Spanish speaking Java community to hold world-class events. My friend and Peru JUG leader Jose Diaz and his wife Miryan Ramirez have worked hard to make JConf Peru a reality. Jakarta EE had a strong presence at the event including talks on Quarkus and TomEE. I delivered three talks at the conference focused on Jakarta EE and Azure.

Powering Java on Azure with Open Liberty and OpenShift

Early in the morning I delivered my slide free talk titled “Powering Java on Azure with Open Liberty and OpenShift”. The material covers the key work Microsoft and IBM is doing to enable Jakarta EE, MicroProfile, Open Liberty and OpenShift on Azure. I demo in real time how to stand up an OpenShift cluster on Azure quickly and deploy a realistic Java EE/Jakarta EE/MicroProfile application that integrates with some services on the cloud such as a database. The essential material for the talk is available on the Microsoft documentation site as a how-to guide. A recording of the talk is now available on YouTube.

Effective Kubernetes for Jakarta EE and MicroProfile Developers

Towards mid-day, I delivered another entirely slide-free talk – “Effective Kubernetes for Jakarta EE and MicroProfile Developers”. The talk covers some of the key things Jakarta EE and MicroProfile developers need to know while using Kubernetes. This includes:

  • How Kubernetes primitives (such as deployments, services and ingress controllers) align with application server administration, clustering, auto-scaling, auto-discovery, and load-balancing.
  • How to add self-healing capabilities using Kubernetes probes and monitoring with open source tools like Prometheus/Grafana.
  • How Kubernetes can be extended using Operators to effectively manage application server clusters.
  • How the CI/CD pipeline of your application can be adapted to Kubernetes.

A recording of the talk is now available on YouTube.

All the material for the talk is available in self-paced workshop format on GitHub. The material will take you about a day to complete end-to-end (please reach out if you need any help).

Why Jakarta EE Developers are First-Class Citizens on Azure

I wrapped up the conference by delivering my talk titled “Why Jakarta EE Developers are First-Class Citizens on Azure”. This talk covers all the work Microsoft is doing by partnering with companies like Oracle, IBM and Red Hat to support Jakarta EE developers on Azure. This includes fully enabling runtimes such as WebLogic, WebSphere Traditional, WebSphere Liberty, Open Liberty and JBoss EAP on virtual machines, the Azure Kubernetes Service (AKS) and App Service (the premier PaaS platform for Azure). I also cover important work such as supporting JMS in Azure Service Bus as a well as the Jakarta EE on Azure roadmap.

There is a brief end-to-end demo that is part of the talk. You can run the demo yourself using step-by-step instructions available on GitHub to get a feel for how the Jakarta EE on Azure experience looks like (please reach out if you need help). The slides for the talk are available on Speaker Deck. The video for the talk is now posted on YouTube.

It is worth reminding that myself and my team are always ready to work closely with Java/Jakarta EE developers on Azure migrations – completely for free. To take advantage of this, you simply need to fill this survey out or reach out to me directly.

Beautiful Peru

Peru is a country rich in heritage and natural beauty. It is one of the six cradles of civilization and the center of the mighty Inca entire. I am proud to say I got to see a bit of this amazing country as part of my brief trip for the first JConf Peru. Just check out the album below of photos I took (click this link to view the album if the embedded slideshow is not working)!

All in all, I am happy to have had the opportunity to speak at JConf Peru again. I am very glad the event continued in virtual format despite the pandemic. I hope to speak there again and hopefully visit beautiful Peru again in the future.


by Reza Rahman at January 01, 2022 09:31 PM

Infinispan Apache Log4j 2 CVE-2021-44228 vulnerability

December 12, 2021 10:00 PM

Infinispan 10+ uses Log4j version 2.0+ and can be affected by vulnerability CVE-2021-44228, which has a 10.0 CVSS score. The first fixed Log4j version is 2.15.0.
So, until official patch is coming, - you can update used logger version to the latest in few simple steps

wget https://downloads.apache.org/logging/log4j/2.15.0/apache-log4j-2.15.0-bin.zip
unzip apache-log4j-2.15.0-bin.zip

cd /opt/infinispan-server-10.1.8.Final/lib/

rm log4j-*.jar
cp ~/Downloads/apache-log4j-2.15.0-bin/log4j-api-2.15.0.jar ./
cp ~/Downloads/apache-log4j-2.15.0-bin/log4j-core-2.15.0.jar ./
cp ~/Downloads/apache-log4j-2.15.0-bin/log4j-jul-2.15.0.jar ./
cp ~/Downloads/apache-log4j-2.15.0-bin/log4j-slf4j-impl-2.15.0.jar ./

Please, note - patch above is not official, but according to initial tests it works with no issues


December 12, 2021 10:00 PM

JPA query methods: influence on performance

by Vladimir Bychkov at November 18, 2021 07:22 AM

Specification JPA 2.2/Jakarta JPA 3.0 provides for several methods to select data from database. In this article we research how these methods affect on performance

by Vladimir Bychkov at November 18, 2021 07:22 AM

Eclipse Jetty Servlet Survey

by jesse at October 27, 2021 01:25 PM

This short 5-minute survey is being presented to the Eclipse Jetty user community to validate conjecture the Jetty developers have for how users will leverage JakartaEE servlets and the Jetty project. We have some features we are gauging interest in

by jesse at October 27, 2021 01:25 PM

Custom Identity Store with Jakarta Security in TomEE

by Jean-Louis Monteiro at September 30, 2021 11:42 AM

In the previous post, we saw how to use the built-in ‘tomcat-users.xml’ identity store with Apache TomEE. While this identity store is inherited from Tomcat and integrated into Jakarta Security implementation in TomEE, this is usually good for development or simple deployments, but may appear too simple or restrictive for production environments. 

This blog will focus on how to implement your own identity store. TomEE can use LDAP or JDBC identity stores out of the box. We will try them out next time.

Let’s say you have your own file store or your own data store like an in-memory data grid, then you will need to implement your own identity store.

What is an identity store?

An identity store is a database or a directory (store) of identity information about a population of users that includes an application’s callers.

In essence, an identity store contains all information such as caller name, groups or roles, and required information to validate a caller’s credentials.

How to implement my own identity store?

This is actually fairly simple with Jakarta Security. The only thing you need to do is create an implementation of `jakarta.security.enterprise.identitystore.IdentityStore`. All methods in the interface have default implementations. So you only have to implement what you need.

public interface IdentityStore {
   Set DEFAULT_VALIDATION_TYPES = EnumSet.of(VALIDATE, PROVIDE_GROUPS);

   default CredentialValidationResult validate(Credential credential) {
   }

   default Set getCallerGroups(CredentialValidationResult validationResult) {
   }

   default int priority() {
   }

   default Set validationTypes() {
   }

   enum ValidationType {
       VALIDATE, PROVIDE_GROUPS
   }
}

By default, an identity store is used for both validating user credentials and providing groups/roles for the authenticated user. Depending on what #validationTypes() will return, you will have to implement #validate(…) and/or #getCallerGroups(…)

#getCallerGroups(…) will receive the result of #valide(…). Let’s look at a very simple example:

@ApplicationScoped
public class TestIdentityStore implements IdentityStore {

   public CredentialValidationResult validate(Credential credential) {

       if (!(credential instanceof UsernamePasswordCredential)) {
           return INVALID_RESULT;
       }

       final UsernamePasswordCredential usernamePasswordCredential = (UsernamePasswordCredential) credential;
       if (usernamePasswordCredential.compareTo("jon", "doe")) {
           return new CredentialValidationResult("jon", new HashSet<>(asList("foo", "bar")));
       }

       if (usernamePasswordCredential.compareTo("iron", "man")) {
           return new CredentialValidationResult("iron", new HashSet<>(Collections.singletonList("avengers")));
       }

       return INVALID_RESULT;
   }

}

In this simple example, the identity store is hardcoded. Basically, it knows only 2 users, one of them has some roles, while the other has another set of roles.

You can easily extend this example and query a local file, or an in-memory data grid if you need. Or use JPA to access your relational database.

IMPORTANT: for TomEE to pick it up and use it in your application, the identity store must be a CDI bean.

The complete and runnable example is available under https://github.com/apache/tomee/tree/master/examples/security-custom-identitystore

The post Custom Identity Store with Jakarta Security in TomEE appeared first on Tomitribe.


by Jean-Louis Monteiro at September 30, 2021 11:42 AM

Book Review: Practical Cloud-Native Java Development with MicroProfile

September 24, 2021 12:00 AM

Practical Cloud-Native Java Development with MicroProfile cover

General information

  • Pages: 403
  • Published by: Packt
  • Release date: Aug 2021

Disclaimer: I received this book as a collaboration with Packt and one of the authors (Thanks Emily!)

A book about Microservices for the Java Enterprise-shops

Year after year many enterprise companies are struggling to embrace Cloud Native practices that we tend to denominate as Microservices, however Microservices is a metapattern that needs to follow a well defined approach, like:

  • (We aim for) reactive systems
  • (Hence we need a methodology like) 12 Cloud Native factors
  • (Implementing) well-known design patterns
  • (Dividing the system by using) Domain Driven Design
  • (Implementing microservices via) Microservices chassis and/or service mesh
  • (Achieving deployments by) Containers orchestration

Many of these concepts require a considerable amount of context, but some books, tutorials, conferences and YouTube videos tend to focus on specific niche information, making difficult to have a "cold start" in the microservices space if you have been developing regular/monolithic software. For me, that's the best thing about this book, it provides a holistic view to understand microservices with Java and MicroProfile for "cold starter developers".

About the book

Using a software architect perspective, MicroProfile could be defined as a set of specifications (APIs) that many microservices chassis implement in order to solve common microservices problems through patterns, lessons learned from well known Java libraries, and proposals for collaboration between Java Enterprise vendors.

Subsequently if you think that it sounds a lot like Java EE, that's right, it's the same spirit but on the microservices space with participation for many vendors, including vendors from the Java EE space -e.g. Red Hat, IBM, Apache, Payara-.

The main value of this book is the willingness to go beyond the APIs, providing four structured sections that have different writing styles, for instance:

  1. Section 1: Cloud Native Applications - Written as a didactical resource to learn fundamentals of distributed systems with Cloud Native approach
  2. Section 2: MicroProfile Deep Dive - Written as a reference book with code snippets to understand the motivation, functionality and specific details in MicroProfile APIs and the relation between these APIs and common Microservices patterns -e.g. Remote procedure invocation, Health Check APIs, Externalized configuration-
  3. Section 3: End-to-End Project Using MicroProfile - Written as a narrative workshop with source code already available, to understand the development and deployment process of Cloud Native applications with MicroProfile
  4. Section 4: The standalone specifications - Written as a reference book with code snippets, it describes the development of newer specs that could be included in the future under MicroProfile's umbrella

First section

This was by far my favorite section. This section presents a well-balanced overview about Cloud Native practices like:

  • Cloud Native definition
  • The role of microservices and the differences with monoliths and FaaS
  • Data consistency with event sourcing
  • Best practices
  • The role of MicroProfile

I enjoyed this section because my current role is to coach or act as a software architect at different companies, hence this is good material to explain the whole panorama to my coworkers and/or use this book as a quick reference.

My only concern with this section is about the final chapter, this chapter presents an application called IBM Stock Trader that (as you probably guess) IBM uses to demonstrate these concepts using MicroProfile with OpenLiberty. The chapter by itself presents an application that combines data sources, front/ends, Kubernetes; however the application would be useful only on Section 3 (at least that was my perception). Hence you will be going back to this section once you're executing the workshop.

Second section

This section divides the MicroProfile APIs in three levels, the division actually makes a lot of sense but was evident to me only during this review:

  1. The base APIs to create microservices (JAX-RS, CDI, JSON-P, JSON-B, Rest Client)
  2. Enhancing microservices (Config, Fault Tolerance, OpenAPI, JWT)
  3. Observing microservices (Health, Metrics, Tracing)

Additionally, section also describes the need for Docker and Kubernetes and how other common approaches -e.g. Service mesh- overlap with Microservice Chassis functionality.

Currently I'm a MicroProfile user, hence I knew most of the APIs, however I liked the actual description of the pattern/need that motivated the inclusion of the APIs, and the description could be useful for newcomers, along with the code snippets also available on GitHub.

If you're a Java/Jakarta EE developer you will find the CDI section a little bit superficial, indeed CDI by itself deserves a whole book/fascicle but this chapter gives the basics to start the development process.

Third section

This section switches the writing style to a workshop style. The first chapter is entirely focused on how to compile the sample microservices, how to fulfill the technical requirements and which MicroProfile APIs are used on every microservice.

You must notice that this is not a Java programming workshop, it's a Cloud Native workshop with ready to deploy microservices, hence the step by step guide is about compilation with Maven, Docker containers, scaling with Kubernetes, operators in Openshift, etc.

You could explore and change the source code if you wish, but the section is written in a "descriptive" way assuming the samples existence.

Fourth section

This section is pretty similar to the second section in the reference book style, hence it also describes the pattern/need that motivated the discussion of the API and code snippets. The main focus of this section is GraphQL, Reactive Approaches and distributed transactions with LRA.

This section will probably change in future editions of the book because at the time of publishing the Cloud Native Container Foundation revealed that some initiatives about observability will be integrated in the OpenTelemetry project and MicroProfile it's discussing their future approach.

Things that could be improved

As any review this is the most difficult section to write, but I think that a second edition should:

  • Extend the CDI section due its foundational status
  • Switch the order of the Stock Tracer presentation
  • Extend the data consistency discussión -e.g. CQRS, Event Sourcing-, hopefully with advances from LRA

The last item is mostly a wish since I'm always in the need for better ways to integrate this common practices with buses like Kafka or Camel using MicroProfile. I know that some implementations -e.g. Helidon, Quarkus- already have extensions for Kafka or Camel, but the data consistency is an entire discussion about patterns, tools and best practices.

Who should read this book?

  • Java developers with strong SE foundations and familiarity with the enterprise space (Spring/Java EE)

September 24, 2021 12:00 AM

GlassFish & Payara Auto-Clustering: Running Jakarta EE Highly-Available Applications in the Cloud

by Tetiana Fydorenchyk at September 21, 2021 11:19 AM

Explore automatic clusterization of Glassfish and Payara in one click with no manual configurations required. The main advantage of this solution is in automatic interconnection of multiple application server instances upon the application topology change, which implements the commonly used clustering configuration. Find out how to get auto-clustered highly available Java servers up and running in the cloud in a matter of minutes.

by Tetiana Fydorenchyk at September 21, 2021 11:19 AM

#156 Bash, Apple and EJB, TomEE, Geronimo and Jakarta EE

by David Blevins at September 14, 2021 02:07 PM

New podcast episode with Adam Bien & David Blevins.  Apple and EJB, @ApacheTomEE, @tomitribe, @JakartaEE, the benefits of code generation with bash, and over-engineering”–the 156th http://airhacks.fm

The post #156 Bash, Apple and EJB, TomEE, Geronimo and Jakarta EE appeared first on Tomitribe.


by David Blevins at September 14, 2021 02:07 PM

Top Trends in the Jakarta EE Developer Survey Results

by Mike Milinkovich at September 14, 2021 11:00 AM

Our annual Jakarta EE Developer Survey results gives everyone in the Java ecosystem insight into how the cloud native world for enterprise Java is unfolding and what the latest developments mean for their strategies and businesses. Here’s a brief look at the top technology trends revealed in this year’s survey.

For context, this year’s survey was completed by almost 950 software developers, architects, and decision-makers around the world. I’d like to sincerely thank everyone who took the time to complete the survey, particularly our survey partners, Jakarta EE Working Group members Fujitsu, IBM, Jelastic, Oracle, Payara, Red Hat, and Tomitribe, who shared the survey with their communities. Your support is crucial to help ensure the survey results reflect the viewpoints of the broadest possible Java developer audience.

Jakarta EE Continues to Deliver on Its Promise

Multiple data points from this year’s survey confirm that Jakarta EE is fulfilling its promise to accelerate business application development for the cloud.

As in the 2020 survey results, Jakarta EE emerged as the second-place cloud native framework with 47 percent of respondents saying they use the technologies. That’s an increase of 12 percent over the 2020 survey results, reflecting the industry’s increasing recognition that Jakarta EE delivers important strategic and technical benefits.

Almost half of the survey respondents have either already migrated to Jakarta EE or plan to within the next six to 24 months. Together, Java EE 8, Jakarta EE 8, and Jakarta EE 9 are now used by 75 percent of survey respondents. And Jakarta EE 9 usage reached nine percent despite the fact the software was only released in December 2020.

With the rise of Jakarta EE, it’s not surprising that developers are also looking for faster support from Java EE/Jakarta EE and cloud vendors.

Microservices Usage Continues to Increase

Interestingly, the survey revealed that monolithic approaches are declining in favor of hybrid architectures. Only 18 percent of respondents said they’re maintaining a monolithic approach, compared to 29 percent who have adopted a hybrid approach and 43 percent who are using microservices.

A little over a year ago, monolithic implementations were outpacing hybrid approaches, showing just how quickly the cloud native Java world is evolving. In alignment with these architectural trends, MicroProfile adoption is up five percent over last year to 34 percent.

Download the Complete Survey Results

For additional insight and access to all of the data collected in our 2021 Jakarta EE Developer survey, we invite everyone to download the survey results.


by Mike Milinkovich at September 14, 2021 11:00 AM

Tomcat and TomEE Clustering Automation

by Tetiana Fydorenchyk at August 18, 2021 11:29 AM

Explore the tips on how to install automatically clustered Tomcat and TomEE servers to get a highly available solution that can efficiently serve a large number of users, process a lot of traffic, and be reliable.
Tomcat TomEE Automatic Clustering

by Tetiana Fydorenchyk at August 18, 2021 11:29 AM

Jakarta Community Acceptance Testing (JCAT)

by javaeeguardian at July 28, 2021 05:41 AM

Today the Jakarta EE Ambassadors are announcing the start of the Jakarta EE Community Acceptance (JCAT) Testing initiative. The purpose of this initiative is to test Jakarta EE 9/9.1 implementations testing using your code and/or applications. Although Jakarta EE is extensively tested by the TCK, container specific tests, and QA, the purpose of JCAT is for developers to test the implementations.

Jakarta EE 9/9.1 did not introduce any new features. In Jakarta EE 9 the APIs changed from javax to jakarta. Jakarta EE 9.1 raised the supported floor to Java 11 for compatible implementations. So what are we testing?

  • Testing individual spec implementations standalone with the new namespace. 
  • Deploying existing Java EE/Jakarta EE applications to EE 9/9.1.
  • Converting Java EE/Jakarta EE applications to the new namespace.
  • Running applications on Java 11 (Jakarta EE 9.1)

Participating in this initiative is easy:

  1. Download a Jakarta EE implementation:
    1. Java 8 / Jakarta EE 9 Containers
    2. Java 11+ / Jakarta EE 9.1 Containers
  2. Deploy code:
    1. Port or run your existing Jakarta EE application
    2. Test out a feature using a starter template

To join this initiative, please take a moment to fill-out the form:

 Sign-up Form 

To submit results or feedback on your experiences with Jakarta EE 9/9.1:

  Jakarta EE 9 / 9.1 Feedback Form

Resources:

Start Date: July 28, 2021

End Date: December 31st, 2021


by javaeeguardian at July 28, 2021 05:41 AM

Jakarta EE Ambassadors Joint Position on Jakarta EE and MicroProfile Alignment

by javaeeguardian at May 11, 2021 03:32 AM

The Jakarta EE Ambassadors are encouraged by the continued progress and relevance of both Jakarta EE and MicroProfile. We believe a clear, collaborative, and complementary relationship between Jakarta EE and MicroProfile is very important for the Java ecosystem. 

Unfortunately the relationship has been unclear to many in the Java community, sometimes appearing to be disconnected, overlapping and competitive. MicroProfile builds on top of some Jakarta EE specifications and many Jakarta EE applications now use MicroProfile APIs. For the success of both, it is imperative that the technology sets clarify alignment to ensure continuity and predictability. 

The Cloud Native for Java (CN4J) Alliance was recently formed to address these concerns. The alliance is composed of members from both the Jakarta EE and MicroProfile working groups. The Jakarta EE Ambassadors view this as a positive step.  This joint position statement and the additional slide deck linked below summarize what the Jakarta EE Ambassadors would like to see from CN4J as well as the alignment between Jakarta EE and MicroProfile. 

We see Jakarta EE and MicroProfile fulfilling distinctly important roles. Jakarta EE will continue to be the stable core for a very broad ecosystem. MicroProfile will continue to strongly focus on microservices, velocity, and innovation. Our perspective on each is as follows:

Jakarta EE

  • One major release per year
  • Targets monolithic applications, microservices and standalone (Java SE/command line) applications – both on premises and on the cloud
  • Maintains a stronger commitment to backwards compatibility
  • Enables specifications to be used independently
  • Enables the ecosystem to build on Jakarta EE technologies, including MicroProfile and Spring

MicroProfile

  • Multiple releases per year
  • Targets microservices and cloud native applications
  • Strongly focuses on innovation and velocity including domains such as OpenTelemetry, gRPC, and GraphQL
  • Depends on core technologies from Jakarta EE
  • Less stringent requirements on backwards compatibility

It does appear the majority of our community would like to see eventual convergence between the technology sets. It is nonetheless understood this may not be practical in the short term or without its drawbacks. It is also clear that some very mature MicroProfile specifications like Configuration need to be used by Jakarta EE. We believe the best way to meet this need is to move these specifications from MicroProfile to Jakarta EE. The specifications being moved should adopt the jakarta.* namespace. The transition should be a collaborative effort. This is in accordance with what we believe developers have said they want, including through multiple surveys over time.

Jakarta EE also needs to make some significant changes to better serve the needs of MicroProfile and the Java ecosystem.  One key aspect of this is enabling specifications to be used independently, including standalone TCKs. Another key aspect is focusing on Jakarta EE Profiles that make the most sense today:

Core Profile

  • Core Jakarta EE specifications needed by MicroProfile
  • Some specifications moved from MicroProfile such as Configuration
  • CDI Lite

Full Profile

  • All Jakarta EE specifications
  • Deprecate/make optional older technologies

Jakarta EE and MicroProfile are both critical to the continued success of Java. We are committed to working with all key stakeholders towards a strong alignment between these technology sets. We invite all developers to join us in ensuring a bright future for both Jakarta EE and MicroProfile.

Additional Material


by javaeeguardian at May 11, 2021 03:32 AM

Your Voice Matters: Take the Jakarta EE Developer Survey

by dmitrykornilov at April 17, 2021 11:36 AM

The Jakarta EE Developer Survey is in its fourth year and is the industry’s largest open source developer survey. It’s open until April 30, 2021. I am encouraging you to add your voice. Why should you do it? Because Jakarta EE Working Group needs your feedback. We need to know the challenges you facing and suggestions you have about how to make Jakarta EE better.

Last year’s edition surveyed developers to gain on-the-ground understanding and insights into how Jakarta solutions are being built, as well as identifying developers’ top choices for architectures, technologies, and tools. The 2021 Jakarta EE Developer Survey is your chance to influence the direction of the Jakarta EE Working Group’s approach to cloud native enterprise Java.

The results from the 2021 survey will give software vendors, service providers, enterprises, and individual developers in the Jakarta ecosystem updated information about Jakarta solutions and service development trends and what they mean for their strategies and businesses. Additionally, the survey results also help the Jakarta community at the Eclipse Foundation better understand the top industry focus areas and priorities for future project releases.

A full report from based on the survey results will be made available to all participants.

The survey takes less than 10 minutes to complete. We look forward to your input. Take the survey now!


by dmitrykornilov at April 17, 2021 11:36 AM

Less is More? Evolving the Servlet API!

by gregw at April 13, 2021 06:19 AM

With the release of the Servlet API 5.0 as part of Eclipse Jakarta EE 9.0 the standardization process has completed its move from the now-defunct Java Community Process (JCP) to being fully open source at the Eclipse Foundation, including the

by gregw at April 13, 2021 06:19 AM

Undertow AJP balancer. UT005028: Proxy request failed: java.nio.BufferOverflowException

April 02, 2021 09:00 PM

Wildfly provides great out of the box load balancing support by Undertow and modcluster subsystems
Unfortunately, in case HTTP headers size is huge enough (close to 16K), which is so actual in JWT era - pity error happened:

ERROR [io.undertow.proxy] (default I/O-10) UT005028: Proxy request to /ee-jax-rs-examples/clusterdemo/serverinfo failed: java.io.IOException: java.nio.BufferOverflowException
 at io.undertow.server.handlers.proxy.ProxyHandler$HTTPTrailerChannelListener.handleEvent(ProxyHandler.java:771)
 at io.undertow.server.handlers.proxy.ProxyHandler$ProxyAction$1.completed(ProxyHandler.java:646)
 at io.undertow.server.handlers.proxy.ProxyHandler$ProxyAction$1.completed(ProxyHandler.java:561)
 at io.undertow.client.ajp.AjpClientExchange.invokeReadReadyCallback(AjpClientExchange.java:203)
 at io.undertow.client.ajp.AjpClientConnection.initiateRequest(AjpClientConnection.java:288)
 at io.undertow.client.ajp.AjpClientConnection.sendRequest(AjpClientConnection.java:242)
 at io.undertow.server.handlers.proxy.ProxyHandler$ProxyAction.run(ProxyHandler.java:561)
 at io.undertow.util.SameThreadExecutor.execute(SameThreadExecutor.java:35)
 at io.undertow.server.HttpServerExchange.dispatch(HttpServerExchange.java:815)
...
Caused by: java.nio.BufferOverflowException
 at java.nio.Buffer.nextPutIndex(Buffer.java:521)
 at java.nio.DirectByteBuffer.put(DirectByteBuffer.java:297)
 at io.undertow.protocols.ajp.AjpUtils.putString(AjpUtils.java:52)
 at io.undertow.protocols.ajp.AjpClientRequestClientStreamSinkChannel.createFrameHeaderImpl(AjpClientRequestClientStreamSinkChannel.java:176)
 at io.undertow.protocols.ajp.AjpClientRequestClientStreamSinkChannel.generateSendFrameHeader(AjpClientRequestClientStreamSinkChannel.java:290)
 at io.undertow.protocols.ajp.AjpClientFramePriority.insertFrame(AjpClientFramePriority.java:39)
 at io.undertow.protocols.ajp.AjpClientFramePriority.insertFrame(AjpClientFramePriority.java:32)
 at io.undertow.server.protocol.framed.AbstractFramedChannel.flushSenders(AbstractFramedChannel.java:603)
 at io.undertow.server.protocol.framed.AbstractFramedChannel.flush(AbstractFramedChannel.java:742)
 at io.undertow.server.protocol.framed.AbstractFramedChannel.queueFrame(AbstractFramedChannel.java:735)
 at io.undertow.server.protocol.framed.AbstractFramedStreamSinkChannel.queueFinalFrame(AbstractFramedStreamSinkChannel.java:267)
 at io.undertow.server.protocol.framed.AbstractFramedStreamSinkChannel.shutdownWrites(AbstractFramedStreamSinkChannel.java:244)
 at io.undertow.channels.DetachableStreamSinkChannel.shutdownWrites(DetachableStreamSinkChannel.java:79)
 at io.undertow.server.handlers.proxy.ProxyHandler$HTTPTrailerChannelListener.handleEvent(ProxyHandler.java:754)

The same request directly to backend server works well. Tried to play with ajp-listener and mod-cluster filter "max-*" parameters, but have no luck.

Possible solution here is switch protocol from AJP to HTTP which can be bit less effective, but works well with big headers:

/profile=full-ha/subsystem=modcluster/proxy=default:write-attribute(name=listener, value=default)

April 02, 2021 09:00 PM

Oracle Joins MicroProfile Working Group

by dmitrykornilov at January 08, 2021 06:02 PM

I am very pleased to announce that since the beginning of 2021 Oracle is officially a part of MicroProfile Working Group. 

In Oracle we believe in standards and supporting them in our products. Standards are born in blood, toil, tears, and sweat. Standards are a result of collaboration of experts, vendors, customers and users. Standards bring the advantages of portability between different implementations that make standard-based solutions vendor-neutral.

We created Java EE which was the first enterprise Java standard. We opened it and moved it to the Eclipse Foundation to make its development truly open source and vendor neutral. Now we are joining MicroProfile which in the last few years has become a leading standard for cloud-native solutions.

We’ve been supporting MicroProfile for years before officially joining the Working Group. We created project Helidon which has supported MicroProfile APIs since MicroProfile version 1.1. Contributing to the evolution and supporting new versions of MicroProfile is one of our strategic goals.

I like the community driven and enjoyable approach of creating cloud-native APIs invented by MicroProfile. I believe that our collaboration will be effective and together we will push MicroProfile forward to a higher level.


by dmitrykornilov at January 08, 2021 06:02 PM

A fishing day with Jakarta EE and MicroProfile

by Edwin Derks at December 24, 2020 09:23 AM

Over the years, several implementations of the Jakarta EE and MicroProfile platforms have been developed by vendors. Some implementations are fully compatible with these platforms, others support a subset of specifications from the platforms, or are building on top of these. Implementations are often built as an open-source project and shipped by a vendor as a product for their customers. One of the things I noticed over the years, is that these projects are often named after animals. More particularly, there are currently three Jakarta EE / MicroProfile supporting runtimes available that refer to… fish. The members of this trio in question are:

Product Name Link
Eclipse GlassFish https://glassfish.org
Payara https://www.payara.fish
Piranha https://piranha.cloud

Since they share a common aspect in their product name, does that mean that they have something other in common, or is this just a coincidence? Let’s go over the high-level purpose and product definitions to find that out.

Eclipse GlassFish

If we look at the Jakarta EE compatible products page, Eclipse GlassFish shows up as both a Jakarta EE 8 and Jakarta EE 9 compatible application server. Looking at the history of Eclipse GlassFish, this is not a surprise. Until this project was moved from Oracle to the Eclipse Foundation in 2017, it was the reference implementation application server for Java EE. After moving Java EE to the Eclipse Foundation and rebranding the platform as Jakarta EE, the official concept of a reference implementation has been dropped. Although, technically speaking, Eclipse GlassFish remains the “unofficial” reference implementation of new versions of Jakarta EE. This means that for future versions of Jakarta EE, Eclipse GlassFish can be used to test-drive updates to, or implementation of, new specifications that are going to be supported by Jakarta EE. In addition, speaking hypothetically, if no other vendors would be around to implement Jakarta EE, the Eclipse Foundation would still have its own implementation of Jakarta EE under their own roof. This is important because, without any implementations, the Jakarta EE platform is just a set of specifications that be used to build enterprise applications, but not run them. As a developer, you can easily download Eclipse GlassFish and use this application server to start a project in order to build enterprise applications. However, there are two things noteworthy that you should know:

  • This application server only implements the Jakarta EE platform. It lacks the cloud-native capabilities that the MicroProfile specifications add when compared to other application servers that implement both Jakarta EE and MicroProfile;
  • There is currently no commercial support available for Eclipse GlassFish. If you want to use this application server for your projects in production, that is perfectly fine. However, without such a support contract, in case you run into problems and are in need of a patch or fix, you are at the mercy of the community. You can file an issue in the open-source project or provide a patch there yourself in order to eventually release a new version of Eclipse GlassFish containing the fix.

Payara

Simply put, Payara is a commercially supported project that builds on Eclipse GlassFish while building their own commercial features on top of it. When we look at the Jakarta EE compatible products page, Payara shows up as a Jakarta EE 8 compatible application server. However, since Jakarta EE 9 has been released this month, and having a compatible Eclipse GlassFish application server around the corner, we can expect a Jakarta EE 9 compatible version of Payara shortly. Over the years, Payara has built an ever-growing set of commercial features in their product. These features often aim at cloud-native development. This makes Payara a good fit for running instances in microservices architectures deployed on cloud environments. In addition, the company aims to support the latest LTS releases of Java, even providing support for various JVMs that you can use to run Payara. Speaking of running Payara, you also have the option of using the full-blown application server, or a slimmed down runtime in the form of Payara Micro. In case you are a fan of Uber/Fat JAR’s, you even have the option of generating such artifacts with Payara Micro. In short, as a developer, you can use Payara for building and deploying enterprise applications in modern, cloud-native environments using some of your favorite flavors for packaging and running your applications. A few things noteworthy to mention for Payara are:

  • Payara provides support for migration from another application server to Payara in case you are interested in such a migration;
  • Payara supports both Jakarta EE and MicroProfile in order to make it a fit for running in cloud-native environments;
  • Payara provides several features for optimizing resource consumption of running Payara instances.

Piranha

Although this product references a fish, it is a new kid on the block and doesn’t share any particular existing base for Jakarta EE or MicroProfile. Piranha is not compatible with Jakarta EE or MicroProfile (yet) but supports a large part of the specifications in enterprise applications that you can build and run on Piranha. Like some other newer runtimes on the market that support Jakarta EE and/or MicroProfile specifications, it uses the best breeds of implementations or provides its own. Having that said, what are Piranha’s goals? The product definition states that you can use Piranha to build Jakarta EE and MicroProfile based applications (among other frameworks or libraries), aiming for the smallest runtime possible in order to run them. Ship less, consume less, spend less seems to be the goal, which makes sense in cloud-native environments where spending resources cost money and spending less can be beneficial. When you are interested in using Piranha as a developer, you should know these things:

  • Piranha is brand new and, as far as I know, doesn’t provide commercial support yet. However, if you are in the situation of building a non-mission-critical application from the ground up with cost efficiency in mind, starting off with Piranha should not hurt. With your feedback, you can help shape and mature the product, which can benefit you in the long run;
  • Piranha supports or integrates with other frameworks and libraries that might be a good fit for your project. This even includes GUI’s and testing, so be sure to check these out!

Conclusion

Next to these “fishy” runtimes from the Jakarta EE and MicroProfile ecosystems, there are of course several other runtimes available that you can check and try out in order to see if these are a fit for your project. I’m curious if there will be any future implementations referring to a fish, and what the idea or vision behind the name would be. How would you name your “fishy” runtime? Please reach out to me on my Twitter when you have an idea, and who knows we can start a trend or project that makes it happen.


by Edwin Derks at December 24, 2020 09:23 AM

An introduction to MicroProfile GraphQL

by Jean-François James at November 14, 2020 05:05 PM

If you’re interested in MicroProfile and APIs, please checkout my presentation Boost your APIs with GraphQL. I did it at EclipseCon 2020. Thanks to the organizers for the invitation! The slide deck is on Slideshare. I’ve tried to be high-level and explain how GraphQL differentiates from REST and how easy it is to implement a […]

by Jean-François James at November 14, 2020 05:05 PM

General considerations on updating Enterprise Java projects from Java 8 to Java 11

September 23, 2020 12:00 AM

shell11

The purpose of this article is to consolidate all difficulties and solutions that I've encountered while updating Java EE projects from Java 8 to Java 11 (and beyond). It's a known fact that Java 11 has a lot of new characteristics that are revolutionizing how Java is used to create applications, despite being problematic under certain conditions.

This article is focused on Java/Jakarta EE but it could be used as basis for other enterprise Java frameworks and libraries migrations.

Is it possible to update Java EE/MicroProfile projects from Java 8 to Java 11?

Yes, absolutely. My team has been able to bump at least two mature enterprise applications with more than three years in development, being:

A Management Information System (MIS)

Nabenik MIS

  • Time for migration: 1 week
  • Modules: 9 EJB, 1 WAR, 1 EAR
  • Classes: 671 and counting
  • Code lines: 39480
  • Project's beginning: 2014
  • Original platform: Java 7, Wildfly 8, Java EE 7
  • Current platform: Java 11, Wildfly 17, Jakarta EE 8, MicroProfile 3.0
  • Web client: Angular

Mobile POS and Geo-fence

Medmigo REP

  • Time for migration: 3 week
  • Modules: 5 WAR/MicroServices
  • Classes: 348 and counting
  • Code lines: 17160
  • Project's beginning: 2017
  • Original platform: Java 8, Glassfish 4, Java EE 7
  • Current platform: Java 11, Payara (Micro) 5, Jakarta EE 8, MicroProfile 3.2
  • Web client: Angular

Why should I ever consider migrating to Java 11?

As everything in IT the answer is "It depends . . .". However there are a couple of good reasons to do it:

  1. Reduce attack surface by updating project dependencies proactively
  2. Reduce technical debt and most importantly, prepare your project for the new and dynamic Java world
  3. Take advantage of performance improvements on new JVM versions
  4. Take advantage from improvements of Java as programming language
  5. Sleep better by having a more secure, efficient and quality product

Why Java updates from Java 8 to Java 11 are considered difficult?

From my experience with many teams, because of this:

Changes in Java release cadence

Java Release Cadence

Currently, there are two big branches in JVMs release model:

  • Java LTS: With a fixed lifetime (3 years) for long term support, being Java 11 the latest one
  • Java current: A fast-paced Java version that is available every 6 months over a predictable calendar, being Java 15 the latest (at least at the time of publishing for this article)

The rationale behind this decision is that Java needed dynamism in providing new characteristics to the language, API and JVM, which I really agree.

Nevertheless, it is a know fact that most enterprise frameworks seek and use Java for stability. Consequently, most of these frameworks target Java 11 as "certified" Java Virtual Machine for deployments.

Usage of internal APIs

Java 9

Errata: I fixed and simplified this section following an interesting discussion on reddit :)

Java 9 introduced changes in internal classes that weren't meant for usage outside JVM, preventing/breaking the functionality of popular libraries that made use of these internals -e.g. Hibernate, ASM, Hazelcast- to gain performance.

Hence to avoid it, internal APIs in JDK 9 are inaccessible at compile time (but accesible with --add-exports), remaining accessible if they were in JDK 8 but in a future release they will become inaccessible, in the long run this change will reduce the costs borne by the maintainers of the JDK itself and by the maintainers of libraries and applications that, knowingly or not, make use of these internal APIs.

Finally, during the introduction of JEP-260 internal APIs were classified as critical and non-critical, consequently critical internal APIs for which replacements are introduced in JDK 9 are deprecated in JDK 9 and will be either encapsulated or removed in a future release.

However, you are inside the danger zone if:

  1. Your project compiles against dependencies pre-Java 9 depending on critical internals
  2. You bundle dependencies pre-Java 9 depending on critical internals
  3. You run your applications over a runtime -e.g. Application Servers- that include pre Java 9 transitive dependencies

Any of these situations means that your application has a probability of not being compatible with JVMs above Java 8. At least not without updating your dependencies, which also could uncover breaking changes in library APIs creating mandatory refactors.

Removal of CORBA and Java EE modules from OpenJDK

JEP230

Also during Java 9 release, many Java EE and CORBA modules were marked as deprecated, being effectively removed at Java 11, specifically:

  • java.xml.ws (JAX-WS, plus the related technologies SAAJ and Web Services Metadata)
  • java.xml.bind (JAXB)
  • java.activation (JAF)
  • java.xml.ws.annotation (Common Annotations)
  • java.corba (CORBA)
  • java.transaction (JTA)
  • java.se.ee (Aggregator module for the six modules above)
  • jdk.xml.ws (Tools for JAX-WS)
  • jdk.xml.bind (Tools for JAXB)

As JEP-320 states, many of these modules were included in Java 6 as a convenience to generate/support SOAP Web Services. But these modules eventually took off as independent projects already available at Maven Central. Therefore it is necessary to include these as dependencies if our project implements services with JAX-WS and/or depends on any library/utility that was included previously.

IDEs and application servers

Eclipse

In the same way as libraries, Java IDEs had to catch-up with the introduction of Java 9 at least in three levels:

  1. IDEs as Java programs should be compatible with Java Modules
  2. IDEs should support new Java versions as programming language -i.e. Incremental compilation, linting, text analysis, modules-
  3. IDEs are also basis for an ecosystem of plugins that are developed independently. Hence if plugins have any transitive dependency with issues over JPMS, these also have to be updated

Overall, none of the Java IDEs guaranteed that plugins will work in JVMs above Java 8. Therefore you could possibly run your IDE over Java 11 but a legacy/deprecated plugin could prevent you to run your application.

How do I update?

You must notice that Java 9 launched three years ago, hence the situations previously described are mostly covered. However you should do the following verifications and actions to prevent failures in the process:

  1. Verify server compatibility
  2. Verify if you need a specific JVM due support contracts and conditions
  3. Configure your development environment to support multiple JVMs during the migration process
  4. Verify your IDE compatibility and update
  5. Update Maven and Maven projects
  6. Update dependencies
  7. Include Java/Jakarta EE dependencies
  8. Execute multiple JVMs in production

Verify server compatibility

Tomcat

Mike Luikides from O'Reilly affirms that there are two types of programmers. In one hand we have the low level programmers that create tools as libraries or frameworks, and on the other hand we have developers that use these tools to create experience, products and services.

Java Enterprise is mostly on the second hand, the "productive world" resting in giant's shoulders. That's why you should check first if your runtime or framework already has a version compatible with Java 11, and also if you have the time/decision power to proceed with an update. If not, any other action from this point is useless.

The good news is that most of the popular servers in enterprise Java world are already compatible, like:

If you happen to depend on non compatible runtimes, this is where the road ends unless you support the maintainer to update it.

Verify if you need an specific JVM

FixesJDK15

On a non-technical side, under support contract conditions you could be obligated to use an specific JVM version.

OpenJDK by itself is an open source project receiving contributions from many companies (being Oracle the most active contributor), but nothing prevents any other company to compile, pack and TCK other JVM distribution as demonstrated by Amazon Correto, Azul Zulu, Liberica JDK, etc.

In short, there is software that technically could run over any JVM distribution and version, but the support contract will ask you for a particular version. For instance:

Configure your development environment to support multiple JDKs

Since the jump from Java 8 to Java 11 is mostly an experimentation process, it is a good idea to install multiple JVMs on the development computer, being SDKMan and jEnv the common options:

SDKMan

sdkman

SDKMan is available for Unix-Like environments (Linux, Mac OS, Cygwin, BSD) and as the name suggests, acts as a Java tools package manager.

It helps to install and manage JVM ecosystem tools -e.g. Maven, Gradle, Leiningen- and also multiple JDK installations from different providers.

jEnv

jenv

Also available for Unix-Like environments (Linux, Mac OS, Cygwin, BSD), jEnv is basically a script to manage and switch multiple JVM installations per system, user and shell.

If you happen to install JDKs from different sources -e.g Homebrew, Linux Repo, Oracle Technology Network- it is a good choice.

Finally, if you use Windows the common alternative is to automate the switch using .bat files however I would appreciate any other suggestion since I don't use Windows so often.

Verify your IDE compatibility and update

Please remember that any IDE ecosystem is composed by three levels:

  1. The IDE acting as platform
  2. Programming language support
  3. Plugins to support tools and libraries

After updating your IDE, you should also verify if all of the plugins that make part of your development cycle work fine under Java 11.

Update Maven and Maven projects

maven

Probably the most common choice in Enterprise Java is Maven, and many IDEs use it under the hood or explicitly. Hence, you should update it.

Besides installation, please remember that Maven has a modular architecture and Maven modules version could be forced on any project definition. So, as rule of thumb you should also update these modules in your projects to the latest stable version.

To verify this quickly, you could use versions-maven-plugin:

<plugin>
      <groupId>org.codehaus.mojo</groupId>
      <artifactId>versions-maven-plugin</artifactId>
      <version>2.8.1</version>
</plugin>

Which includes a specific goal to verify Maven plugins versions:

mvn versions:display-plugin-updates

mavenversions

After that, you also need to configure Java source and target compatibility, generally this is achieved in two points.

As properties:

<properties>
        ...
    <maven.compiler.source>11</maven.compiler.source>
    <maven.compiler.target>11</maven.compiler.target>
</properties>

As configuration on Maven plugins, specially in maven-compiler-plugin:

<plugin>
    <groupId>org.apache.maven.plugins</groupId>
    <artifactId>maven-compiler-plugin</artifactId>
    <version>3.8.0</version>
    <configuration>
        <release>11</release>
    </configuration>
</plugin>

Finally, some plugins need to "break" the barriers imposed by Java Modules and Java Platform Teams knows about it. Hence JVM has an argument called illegal-access to allow this, at least during Java 11.

This could be a good idea in plugins like surefire and failsafe which also invoke runtimes that depend on this flag (like Arquillian tests):

<plugin>
    <groupId>org.apache.maven.plugins</groupId>
    <artifactId>maven-surefire-plugin</artifactId>
    <version>2.22.0</version>
    <configuration>
        <argLine>
            --illegal-access=permit
        </argLine>
    </configuration>
</plugin>
<plugin>
    <groupId>org.apache.maven.plugins</groupId>
    <artifactId>maven-failsafe-plugin</artifactId>
    <version>2.22.0</version>
    <configuration>
        <argLine>
            --illegal-access=permit
        </argLine>
    </configuration>
</plugin>

Update project dependencies

As mentioned before, you need to check for compatible versions on your Java dependencies. Sometimes these libraries could introduce breaking changes on each major version -e.g. Flyway- and you should consider a time to refactor this changes.

Again, if you use Maven versions-maven-plugin has a goal to verify dependencies version. The plugin will inform you about available updates.:

mvn versions:display-dependency-updates

mavendependency

In the particular case of Java EE, you already have an advantage. If you depend only on APIs -e.g. Java EE, MicroProfile- and not particular implementations, many of these issues are already solved for you.

Include Java/Jakarta EE dependencies

jakarta

Probably modern REST based services won't need this, however in projects with heavy usage of SOAP and XML marshalling is mandatory to include the Java EE modules removed on Java 11. Otherwise your project won't compile and run.

You must include as dependency:

  • API definition
  • Reference Implementation (if needed)

At this point is also a good idea to evaluate if you could move to Jakarta EE, the evolution of Java EE under Eclipse Foundation.

Jakarta EE 8 is practically Java EE 8 with another name, but it retains package and features compatibility, most of application servers are in the process or already have Jakarta EE certified implementations:

We could swap the Java EE API:

<dependency>
    <groupId>javax</groupId>
    <artifactId>javaee-api</artifactId>
    <version>8.0.1</version>
    <scope>provided</scope>
</dependency>

For Jakarta EE API:

<dependency>
    <groupId>jakarta.platform</groupId>
    <artifactId>jakarta.jakartaee-api</artifactId>
    <version>8.0.0</version>
    <scope>provided</scope>
</dependency>

After that, please include any of these dependencies (if needed):

Java Beans Activation

Java EE

<dependency>
    <groupId>javax.activation</groupId>
    <artifactId>javax.activation-api</artifactId>
    <version>1.2.0</version>
</dependency>

Jakarta EE

<dependency>
    <groupId>jakarta.activation</groupId>
    <artifactId>jakarta.activation-api</artifactId>
    <version>1.2.2</version>
</dependency>

JAXB (Java XML Binding)

Java EE

<dependency>
    <groupId>javax.xml.bind</groupId>
    <artifactId>jaxb-api</artifactId>
    <version>2.3.1</version>
</dependency>

Jakarta EE

<dependency>
    <groupId>jakarta.xml.bind</groupId>
    <artifactId>jakarta.xml.bind-api</artifactId>
    <version>2.3.3</version>
</dependency>

Implementation

<dependency>
    <groupId>org.glassfish.jaxb</groupId>
    <artifactId>jaxb-runtime</artifactId>
    <version>2.3.3</version>
</dependency>

JAX-WS

Java EE

<dependency>
    <groupId>javax.xml.ws</groupId>
    <artifactId>jaxws-api</artifactId>
    <version>2.3.1</version>
</dependency>

Jakarta EE

<dependency>
    <groupId>jakarta.xml.ws</groupId>
    <artifactId>jakarta.xml.ws-api</artifactId>
    <version>2.3.3</version>
</dependency>

Implementation (runtime)

<dependency>
    <groupId>com.sun.xml.ws</groupId>
    <artifactId>jaxws-rt</artifactId>
    <version>2.3.3</version>
</dependency>

Implementation (standalone)

<dependency>
    <groupId>com.sun.xml.ws</groupId>
    <artifactId>jaxws-ri</artifactId>
    <version>2.3.2-1</version>
    <type>pom</type>
</dependency>

Java Annotation

Java EE

<dependency>
    <groupId>javax.annotation</groupId>
    <artifactId>javax.annotation-api</artifactId>
    <version>1.3.2</version>
</dependency>

Jakarta EE

<dependency>
    <groupId>jakarta.annotation</groupId>
    <artifactId>jakarta.annotation-api</artifactId>
    <version>1.3.5</version>
</dependency>

Java Transaction

Java EE

<dependency>
    <groupId>javax.transaction</groupId>
    <artifactId>javax.transaction-api</artifactId>
    <version>1.3</version>
</dependency>

Jakarta EE

<dependency>
    <groupId>jakarta.transaction</groupId>
    <artifactId>jakarta.transaction-api</artifactId>
    <version>1.3.3</version>
</dependency>

CORBA

In the particular case of CORBA, I'm aware of its adoption. There is an independent project in eclipse to support CORBA, based on Glassfish CORBA, but this should be investigated further.

Multiple JVMs in production

If everything compiles, tests and executes. You did a successful migration.

Some deployments/environments run multiple application servers over the same Linux installation. If this is your case it is a good idea to install multiple JVMs to allow stepped migrations instead of big bang.

For instance, RHEL based distributions like CentOS, Oracle Linux or Fedora include various JVM versions:

olinux

Most importantly, If you install JVMs outside directly from RPMs(like Oracle HotSpot), Java alternatives will give you support:

hotspot

However on modern deployments probably would be better to use Docker, specially on Windows which also needs .bat script to automate this task. Most of the JVM distributions are also available on Docker Hub:

dockerjava


September 23, 2020 12:00 AM

Setting Up a Jakarta EE Development Environment with SDKMAN, Eclipse IDE and TomEE MicroProfile

July 29, 2020 12:00 AM

What’s up, folks?! So, in this post, I want to show you how to set up a Jakarta EE development in a clean Linux (Ubuntu) installation. We will set up Java and Maven from a version manager tool called SDKMAN, the Eclipse IDE and the TomEE Application Server. SDKMAN First of all, we need to download the Java Development Kit (JDK). Because Java and the Java Virtual Machine (JVM) are specifications we have some implementations for it, like Amazon Correto, OpenJDK, OracleJDK and many others, for this tutorial, we will use the AdoptOpenJDK.

July 29, 2020 12:00 AM

Secure your JAX-RS APIs with MicroProfile JWT

by Jean-François James at July 13, 2020 03:55 PM

In this article, I want to illustrate in a practical way how to secure your JAX-RS APIs with MicroProfile JWT (JSON Web Token). It is illustrated by a GitHub project using Quarkus, Wildfly, Open Liberty and JWTenizr. A basic knowledge of MP JWT is needed and, if you don’t feel comfortable with that, I invite […]

by Jean-François James at July 13, 2020 03:55 PM

Jakarta EE: Multitenancy with JPA on WildFly, Part 1

by Rhuan Henrique Rocha at July 12, 2020 10:49 PM

In this two-part series, I demonstrate two approaches to multitenancy with the Jakarta Persistence API (JPA) running on WildFly. In the first half of this series, you will learn how to implement multitenancy using a database. In the second half, I will introduce you to multitenancy using a schema. I based both examples on JPA and Hibernate.

Because I have focused on implementation examples, I won’t go deeply into the details of multitenancy, though I will start with a brief overview. Note, too, that I assume you are familiar with Java persistence using JPA and Hibernate.

Multitenancy architecture

Multitenancy is an architecture that permits a single application to serve multiple tenants, also known as clients. Although tenants in a multitenancy architecture access the same application, they are securely isolated from each other. Furthermore, each tenant only has access to its own resources. Multitenancy is a common architectural approach for software-as-a-service (SaaS) and cloud computing applications. In general, clients (or tenants) accessing a SaaS are accessing the same application, but each one is isolated from the others and has its own resources.

A multitenant architecture must isolate the data available to each tenant. If there is a problem with one tenant’s data set, it won’t impact the other tenants. In a relational database, we use a database or a schema to isolate each tenant’s data. One way to separate data is to give each tenant access to its own database or schema. Another option, which is available if you are using a relational database with JPA and Hibernate, is to partition a single database for multiple tenants. In this article, I focus on the standalone database and schema options. I won’t demonstrate how to set up a partition.

In a server-based application like WildFly, multitenancy is different from the conventional approach. In this case, the server application works directly with the data source by initiating a connection and preparing the database to be used. The client application does not spend time opening the connection, which improves performance. On the other hand, using Enterprise JavaBeans (EJBs) for container-managed transactions can lead to problems. As an example, the server-based application could do something to generate an error to commit or roll the application back.

Implementation code

Two interfaces are crucial to implementing multitenancy in JPA and Hibernate:

  • MultiTenantConnectionProvider is responsible for connecting tenants to their respective databases and services. We will use this interface and a tenant identifier to switch between databases for different tenants.
  • CurrentTenantIdentifierResolver is responsible for identifying the tenant. We will use this interface to define what is considered a tenant (more about this later). We will also use this interface to provide the correct tenant identifier to MultiTenantConnectionProvider.

In JPA, we configure these interfaces using the persistence.xml file. In the next sections, I’ll show you how to use these two interfaces to create the first three classes we need for our multitenancy architecture: DatabaseMultiTenantProvider, MultiTenantResolver, and DatabaseTenantResolver.

DatabaseMultiTenantProvider

DatabaseMultiTenantProvider is an implementation of the MultiTenantConnectionProvider interface. This class contains logic to switch to the database that matches the given tenant identifier. In WildFly, this means switching to different data sources. The DatabaseMultiTenantProvider class also implements the ServiceRegistryAwareService, which allows us to inject a service during the configuration phase.

Here’s the code for the DatabaseMultiTenantProvider class:

public class DatabaseMultiTenantProvider implements MultiTenantConnectionProvider, ServiceRegistryAwareService{
    private static final long serialVersionUID = 1L;
    private static final String TENANT_SUPPORTED = "DATABASE";
    private DataSource dataSource;
    private String typeTenancy ;

    @Override
    public boolean supportsAggressiveRelease() {
        return false;
    }
    @Override
    public void injectServices(ServiceRegistryImplementor serviceRegistry) {

        typeTenancy = (String) ((ConfigurationService)serviceRegistry
                .getService(ConfigurationService.class))
                .getSettings().get("hibernate.multiTenancy");

        dataSource = (DataSource) ((ConfigurationService)serviceRegistry
                .getService(ConfigurationService.class))
                .getSettings().get("hibernate.connection.datasource");


    }
    @SuppressWarnings("rawtypes")
    @Override
    public boolean isUnwrappableAs(Class clazz) {
        return false;
    }
    @Override
    public <T> T unwrap(Class<T> clazz) {
        return null;
    }
    @Override
    public Connection getAnyConnection() throws SQLException {
        final Connection connection = dataSource.getConnection();
        return connection;

    }
    @Override
    public Connection getConnection(String tenantIdentifier) throws SQLException {

        final Context init;
        //Just use the multi-tenancy if the hibernate.multiTenancy == DATABASE
        if(TENANT_SUPPORTED.equals(typeTenancy)) {
            try {
                init = new InitialContext();
                dataSource = (DataSource) init.lookup("java:/jdbc/" + tenantIdentifier);
            } catch (NamingException e) {
                throw new HibernateException("Error trying to get datasource ['java:/jdbc/" + tenantIdentifier + "']", e);
            }
        }

        return dataSource.getConnection();
    }

    @Override
    public void releaseAnyConnection(Connection connection) throws SQLException {
        connection.close();
    }
    @Override
    public void releaseConnection(String tenantIdentifier, Connection connection) throws SQLException {
        releaseAnyConnection(connection);
    }
}

As you can see, we call the injectServices method to populate the datasource and typeTenancy attributes. We use the datasource attribute to get a connection from the data source, and we use the typeTenancy attribute to find out if the class supports the multiTenancy type. We call the getConnection method to get a data source connection. This method uses the tenant identifier to locate and switch to the correct data source.

MultiTenantResolver

MultiTenantResolver is an abstract class that implements the CurrentTenantIdentifierResolver interface. This class aims to provide a setTenantIdentifier method to all CurrentTenantIdentifierResolver implementations:

public abstract class MultiTenantResolver implements CurrentTenantIdentifierResolver {

    protected String tenantIdentifier;

    public void setTenantIdentifier(String tenantIdentifier) {
        this.tenantIdentifier = tenantIdentifier;
    }
}

This abstract class is simple. We only use it to provide the setTenantIdentifier method.

DatabaseTenantResolver

DatabaseTenantResolver also implements the CurrentTenantIdentifierResolver interface. This class is the concrete class of MultiTenantResolver:

public class DatabaseTenantResolver extends MuiltiTenantResolver {

    private Map<String, String> regionDatasourceMap;

    public DatabaseTenantResolver(){
        regionDatasourceMap = new HashMap();
        regionDatasourceMap.put("default", "MyDataSource");
        regionDatasourceMap.put("america", "AmericaDB");
        regionDatasourceMap.put("europa", "EuropaDB");
        regionDatasourceMap.put("asia", "AsiaDB");
    }

    @Override
    public String resolveCurrentTenantIdentifier() {


        if(this.tenantIdentifier != null
                && regionDatasourceMap.containsKey(this.tenantIdentifier)){
            return regionDatasourceMap.get(this.tenantIdentifier);
        }

        return regionDatasourceMap.get("default");

    }

    @Override
    public boolean validateExistingCurrentSessions() {
        return false;
    }

}

Notice that DatabaseTenantResolver uses a Map to define the correct data source for a given tenant. The tenant, in this case, is a region. Note, too, that this example assumes we have the data sources java:/jdbc/MyDataSource, java:/jdbc/AmericaDB, java:/jdbc/EuropaDB, and java:/jdbc/AsiaDB configured in WildFly.

Configure and define the tenant

Now we need to use the persistence.xml file to configure the tenant:

<persistence>
    <persistence-unit name="jakartaee8">

        <jta-data-source>jdbc/MyDataSource</jta-data-source>
        <properties>
            <property name="javax.persistence.schema-generation.database.action" value="none" />
            <property name="hibernate.dialect" value="org.hibernate.dialect.PostgresPlusDialect"/>
            <property name="hibernate.multiTenancy" value="DATABASE"/>
            <property name="hibernate.tenant_identifier_resolver" value="net.rhuanrocha.dao.multitenancy.DatabaseTenantResolver"/>
            <property name="hibernate.multi_tenant_connection_provider" value="net.rhuanrocha.dao.multitenancy.DatabaseMultiTenantProvider"/>
        </properties>

    </persistence-unit>
</persistence>

Next, we define the tenant in the EntityManagerFactory:

@PersistenceUnit
protected EntityManagerFactory emf;


protected EntityManager getEntityManager(String multitenancyIdentifier){

    final MuiltiTenantResolver tenantResolver = (MuiltiTenantResolver) ((SessionFactoryImplementor) emf).getCurrentTenantIdentifierResolver();
    tenantResolver.setTenantIdentifier(multitenancyIdentifier);

    return emf.createEntityManager();
}

Note that we call the setTenantIdentifier before creating a new instance of EntityManager.

Conclusion

I have presented a simple example of multitenancy in a database using JPA with Hibernate and WildFly. There are many ways to use a database for multitenancy. My main point has been to show you how to implement the CurrentTenantIdentifierResolver and MultiTenantConnectionProvider interfaces. I’ve shown you how to use JPA’s persistence.xml file to configure the required classes based on these interfaces.

Keep in mind that for this example, I have assumed that WildFly manages the data source and connection pool and that EJB handles the container-managed transactions. In the second half of this series, I will provide a similar introduction to multitenancy, but using a schema rather than a database. If you want to go deeper with this example, you can find the complete application code and further instructions on my GitHub repository.


by Rhuan Henrique Rocha at July 12, 2020 10:49 PM

Jakarta EE Cookbook

by Elder Moraes at July 06, 2020 07:19 PM

About one month ago I had the pleasure to announce the release of the second edition of my book, now…

The post Jakarta EE Cookbook appeared first on Elder Moraes.


by Elder Moraes at July 06, 2020 07:19 PM

Workshops: Reactive Apps with Quarkus and OpenShift

by Niklas Heidloff at May 11, 2020 01:19 PM

In the context of cloud-native applications the topic ‘reactive’ becomes more and more important, since more efficient applications can be built and user experiences can be improved. If you want to learn more about reactive functionality in Java applications, read on and try out the sample application and the two new workshops.

Benefits of reactive Applications

In order to demonstrate benefits of reactive applications, I’ve developed a sample application with a web interface that is updated automatically when new data is received rather than pulling for updates. This is more efficient and improves the user experience.

The animation shows how articles can be created via curl commands in the terminal at the bottom. The web application receives a notification and adds the new article to the page.

Another benefit of reactive systems and reactive REST endpoints is efficiency. This scenario describes how to use reactive systems and reactive programming to achieve faster response times. Especially in public clouds where costs depend on CPU, RAM and compute durations this model saves money.

The project contains a sample endpoint which reads data from a database in two different versions, one uses imperative code, the other one reactive code. The reactive stack of this sample provides response times that take less than half of the time compared to the imperative stack: Reactive: 793 ms – Imperative: 1956 ms.

Workshops

I’ve written two workshops which demonstrate and explain how to build reactive functionality with Quarkus and MicroProfile and how to deploy and run it on OpenShift. You can use Red Hat OpenShift on IBM Cloud or you can run OpenShift locally via Code Ready Containers.

The sample used in the workshops leverages heavily Quarkus which is “a Kubernetes Native Java stack […] crafted from the best of breed Java libraries and standards”. Additionally Eclipse MicroProfile, Eclipse Vert.x, Apache Kafka, PostgreSQL, Eclipse OpenJ9 and Kubernetes are used.

Workshop: Reactive Endpoints with Quarkus on OpenShift

This workshop focusses on how to provide reactive REST APIs and how to invoke services reactively. After you have completed this workshop, you’ll understand the following reactive functionality:

  • Reactive REST endpoints via CompletionStage
  • Exception handling in chained reactive invocations
  • Timeouts via CompletableFuture
  • Reactive REST invocations via MicroProfile REST Client

Open Workshop

Workshop: Reactive Messaging with Quarkus on OpenShift

This workshop focusses on how to do messaging with Kafka and MicroProfile. After you have completed this workshop, you’ll understand the following reactive functionality:

  • Sending and receiving Kafka messages via MicroProfile
  • Sending events from microservices to web applications via Server Sent Events
  • Sending in-memory messages via MicroProfile and Vert.x Event Bus

Open Workshop

Next Steps

To learn more, check out the other articles of this blog series:

The post Workshops: Reactive Apps with Quarkus and OpenShift appeared first on Niklas Heidloff.


by Niklas Heidloff at May 11, 2020 01:19 PM

Monitoring REST APIs with Custom JDK Flight Recorder Events

January 29, 2020 02:30 PM

The JDK Flight Recorder (JFR) is an invaluable tool for gaining deep insights into the performance characteristics of Java applications. Open-sourced in JDK 11, JFR provides a low-overhead framework for collecting events from Java applications, the JVM and the operating system.

In this blog post we’re going to explore how custom, application-specific JFR events can be used to monitor a REST API, allowing to track request counts, identify long-running requests and more. We’ll also discuss how the JFR Event Streaming API new in Java 14 can be used to export live events, making them available for monitoring and alerting via tools such as Prometheus and Grafana.


January 29, 2020 02:30 PM

Enforcing Java Record Invariants With Bean Validation

January 20, 2020 04:30 PM

Record types are one of the most awaited features in Java 14; they promise to "provide a compact syntax for declaring classes which are transparent holders for shallowly immutable data". One example where records should be beneficial are data transfer objects (DTOs), as e.g. found in the remoting layer of enterprise applications. Typically, certain rules should be applied to the attributes of such DTO, e.g. in terms of allowed values. The goal of this blog post is to explore how such invariants can be enforced on record types, using annotation-based constraints as provided by the Bean Validation API.

January 20, 2020 04:30 PM

Jakarta EE 8 CRUD API Tutorial using Java 11

by Philip Riecks at January 19, 2020 03:07 PM

As part of the Jakarta EE Quickstart Tutorials on YouTube, I've now created a five-part series to create a Jakarta EE CRUD API. Within the videos, I'm demonstrating how to start using Jakarta EE for your next application. Given the Liberty Maven Plugin and MicroShed Testing, the endpoints are developed using the TDD (Test Driven Development) technique.

The following technologies are used within this short series: Java 11, Jakarta EE 8, Open Liberty, Derby, Flyway, MicroShed Testing & JUnit 5

Part I: Introduction to the application setup

This part covers the following topics:

  • Introduction to the Maven project skeleton
  • Flyway setup for Open Liberty
  • Derby JDBC connection configuration
  • Basic MicroShed Testing setup for TDD

Part II: Developing the endpoint to create entities

This part covers the following topics:

  • First JAX-RS endpoint to create Person entities
  • TDD approach using MicroShed Testing and the Liberty Maven Plugin
  • Store the entities using the EntityManager

Part III: Developing the endpoints to read entities

This part covers the following topics:

  • Develop two JAX-RS endpoints to read entities
  • Read all entities and by its id
  • Handle non-present entities with a different HTTP status code

Part IV: Developing the endpoint to update entities

This part covers the following topics:

  • Develop the JAX-RS endpoint to update entities
  • Update existing entities using HTTP PUT
  • Validate the client payload using Bean Validation

Part V: Developing the endpoint to delete entities

This part covers the following topics:

  • Develop the JAX-RS endpoint to delete entities
  • Enhance the test setup for deterministic and repeatable integration tests
  • Remove the deleted entity from the database

The source code for the Maven CRUD API application is available on GitHub.

For more quickstart tutorials on Jakarta EE, have a look at the overview page on my blog.

Have fun developing Jakarta EE CRUD API applications,

Phil

 

The post Jakarta EE 8 CRUD API Tutorial using Java 11 appeared first on rieckpil.


by Philip Riecks at January 19, 2020 03:07 PM

Deploy a Jakarta EE application to the root context

by Philip Riecks at January 07, 2020 06:24 AM

With the presence of Docker, Kubernetes and cheaper hardware, the deployment model of multiple applications inside one application server has passed. Now, you deploy one Jakarta EE application to one application server. This eliminates the need for different context paths.  You can use the root context / for your Jakarta EE application. With this blog post, you'll learn how to achieve this for each Jakarta EE application server.

The default behavior for Jakarta EE application server

Without any further configuration, most of the Jakarta EE application servers deploy the application to a context path based on the filename of your .war. If you e.g. deploy your my-banking-app.war application, the server will use the context prefix /my-banking-app for your application. All you JAX-RS endpoints, Servlets, .jsp, .xhtml content is then available below this context, e.g /my-banking-app/resources/customers.

This was important in the past, where you deployed multiple applications to one application server. Without the context prefix, the application server wouldn't be able to route the traffic to the correct application.

As of today, the deployment model changed with Docker, Kubernetes and cheaper infrastructure. You usually deploy one .war within one application server running as a Docker container. Given this deployment model, the context prefix is irrelevant. Mapping the application to the root context / is more convenient.

If you configure a reverse proxy or an Ingress controller (in the Kubernetes world), you are happy if you can just route to / instead of remembering the actual context path (error-prone).

Deploying to root context: Payara & Glassfish

As Payara is a fork of Glassfish, the configuration for both is quite similar. The most convenient way for Glassfish is to place a glassfish-web.xml file in the src/main/webapp/WEB-INF folder of your application:

<!DOCTYPE glassfish-web-app PUBLIC "-//GlassFish.org//DTD GlassFish Application Server 3.1 Servlet 3.0//EN"
  "http://glassfish.org/dtds/glassfish-web-app_3_0-1.dtd">
<glassfish-web-app>
  <context-root>/</context-root>
</glassfish-web-app>

For Payara the filename is payara-web.xml:

<!DOCTYPE payara-web-app PUBLIC "-//Payara.fish//DTD Payara Server 4 Servlet 3.0//EN" "https://raw.githubusercontent.com/payara/Payara-Server-Documentation/master/schemas/payara-web-app_4.dtd">
<payara-web-app>
	<context-root>/</context-root>
</payara-web-app>

Both also support configuring the context path of the application within their admin console. IMHO this less convenient than the .xml file solution.

Deploying to root context: Open Liberty

Open Liberty also parses a proprietary web.xml file within src/main/webapp/WEB-INF: ibm-web-ext.xml

<web-ext
  xmlns="http://websphere.ibm.com/xml/ns/javaee"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://websphere.ibm.com/xml/ns/javaee http://websphere.ibm.com/xml/ns/javaee/ibm-web-ext_1_0.xsd"
  version="1.0">
  <context-root uri="/"/>
</web-ext>

Furthermore, you can also configure the context of your application within your server.xml:

<server>
  <featureManager>
    <feature>servlet-4.0</feature>
  </featureManager>

  <httpEndpoint id="defaultHttpEndpoint" httpPort="9080" httpsPort="9443"/>

  <webApplication location="app.war" contextRoot="/" name="app"/>
</server>

Deploying to root context: WildFly

WildFly also has two simple ways of configuring the root context for your application. First, you can place a jboss-web.xml within src/main/webapp/WEB-INF:

<!DOCTYPE jboss-web PUBLIC "-//JBoss//DTD Web Application 2.4//EN" "http://www.jboss.org/j2ee/dtd/jboss-web_4_0.dtd">
<jboss-web>
  <context-root>/</context-root>
</jboss-web>

Second, while copying your .war file to your Docker container, you can name it ROOT.war:

FROM jboss/wildfly
 ADD target/app.war /opt/jboss/wildfly/standalone/deployments/ROOT.war

For more tips & tricks for each application server, have a look at my cheat sheet.

Have fun deploying your Jakarta EE applications to the root context,

Phil

The post Deploy a Jakarta EE application to the root context appeared first on rieckpil.


by Philip Riecks at January 07, 2020 06:24 AM

Jakarta EE: Creating an Enterprise JavaBeans Timer

by Rhuan Henrique Rocha at December 17, 2019 03:33 AM

Enterprise JavaBeans (EJB) has many interesting and useful features, some of which I will be highlighting in this and upcoming articles. In this article, I’ll show you how to create an EJB timer programmatically and with annotation. Let’s go!

The EJB timer feature allows us to schedule tasks to be executed according a calendar configuration. It is very useful because we can execute scheduled tasks using the power of Jakarta context. When we run tasks based on a timer, we need to answer some questions about concurrency, which node the task was scheduled on (in case of an application in a cluster), what is the action if the task does not execute, and others. When we use the EJB timer we can delegate many of these concerns to Jakarta context and care more about business logic. It is interesting, isn’t it?

Creating an EJB timer programmatically

We can schedule an EJB timer to runs according to a business logic using a programmatic approach. This method can be used when we want a dynamic behavior, according to the parameter values passed to the process. Let’s look at an example of an EJB timer:

import javax.annotation.Resource;
import javax.ejb.SessionContext;
import javax.ejb.Stateless;
import javax.ejb.Timeout;
import java.util.logging.Logger;

@Stateless
public class MyTimer {

    private Logger logger = Logger.getLogger(MyTimer.class.getName());
    @Resource
    private SessionContext context;

    public void initTimer(String message){
        context.getTimerService().createTimer(10000, message);
    }

    @Timeout
    public void execute(){
        logger.info("Starting");

        context.getTimerService().getAllTimers().stream().forEach(timer -> logger.info(String.valueOf(timer.getInfo())));
        

        logger.info("Ending");
    }    
}

To schedule this EJB timer, call this method:

@Inject
private MyTimer myTimer;
....
myTimer.initTimer(message);

After passing 10000 milliseconds, the method annotated with @Timeout will be called.

Scheduling an EJB timer using annotation

We can also create an EJB timer that is automatically scheduled to run according to an annotation configuration. Look at this example:

@Singleton
public class MyTimerAutomatic {

    private Logger logger = Logger.getLogger(MyTimerAutomatic.class.getName());

    @Schedule(hour = "*", minute = "*",second = "0,10,20,30,40,50",persistent = false)
    public void execute(){

        logger.info("Automatic timer executing");

    }
}

As you can see, to configure an automatic EJB timer schedule, you can annotate the method using @Schedule and configure the calendar attributes. For example:

@Schedule(hour = "*", minute = "*",second = "0,10,20,30,40,50",persistent = false)

As you can see, the method execute is configured to be called every 10 seconds. You can configure whether the timer is persistent as well.

Conclusion

EJB timer is a good EJB feature that is helpful in solving many problems. Using the EJB timer feature, we can schedule tasks to be executed, thereby delegating some responsibilities to Jakarta context to solve for us. Furthermore, we can create persistent timers, control the concurrent execution, and work with it in a clustered environment.  If you want to see the complete example, visit this repository on GitHub.

This post was released at Developer Red Hat blog and you can see here.

 


by Rhuan Henrique Rocha at December 17, 2019 03:33 AM

Modernizing our GitHub Sync Toolset

November 19, 2019 08:10 PM

I am happy to announce that my team is ready to deploy a new version of our GitHub Sync Toolset on November 26, 2019 from 10:00 to 11:00 am EST.

We are not expecting any disruption of service but it’s possible that some committers may lose write access to their Eclipse project GitHub repositories during this 1 hour maintenance window.

This toolset is responsible for syncronizing Eclipse committers accross all our GitHub repositories and on top of that, this new release will start syncronizing contributors.

In this context, a contributor is a GitHub user with read access to the project GitHub repositories. This new feature will allow committers to assign issues to contributors who currently don’t have write access to the repository. This feature was requested in 2015 via Bug 483563 - Allow assignment of GitHub issues to contributors.

Eclipse Committers are reponsible for maintaining a list of GitHub contributors from their project page on the Eclipse Project Management Infrastructure (PMI).

To become an Eclipse contributor on a GitHub for a project, please make sure to tell us your GitHub Username in your Eclipse account.


November 19, 2019 08:10 PM

Building Microservices with Jakarta EE and MicroProfile @ EclipseCon 2019

by Edwin Derks at November 01, 2019 09:02 AM

This year’s EclipseCon was my second time visiting, and simultaneously speaking at this conference. Aside from all the amazing projects that are active within the Eclipse Foundation, this year’s edition contained a long anticipated present: the release of Jakarta EE 8. Reason enough for me and two colleagues to provide a workshop where attendees could actually get hands-on with Jakarta EE 8 and it’s microservices-enabling cousin: Eclipse MicroProfile.

This workshop focusses not only on the various API’s that are provided by Jakarta EE and MicroProfile, but also on development with the Payara application server and how this all fits in a containerised environment.

The slides of the workshop can be found here:

Of course, we hope to evolve this workshop in order to get hands on with new Jakarta EE and MicroProfile features in the near future. Stay tuned!


by Edwin Derks at November 01, 2019 09:02 AM

A Tool for Jakarta EE Package Renaming in Binaries

by BJ Hargrave (noreply@blogger.com) at October 17, 2019 09:26 PM

In a previous post, I laid out my thinking on how to approach the package renaming problem which the Jakarta EE community now faces. Regardless of whether the community chooses big bang or incremental, there are still existing artifacts in the world using the Java EE package names that the community will need to use together with the new Jakarta EE package names.

Tools are always important to take the drudgery away from developers. So I have put together a tool prototype which can be used to transform binaries such as individual class files and complete JARs and WARs to rename uses of the Java EE package names to their new Jakarta EE package names.

The tools is rule driven which is nice since the Jakarta EE community still needs to define the actual package renames for Jakarta EE 9. The rules also allow the users to control which class files in a JAR/WAR are transformed. Different users may want different rules depending upon their specific needs. And the tool can be used for any package renaming challenge, not just the specific Jakarta EE package renames.

The tools provides an API allowing it to be embedded in a runtime to dynamically transform class files during the class loader definition process. The API also supports transforming JAR files. A CLI is also provided to allow use from the command line. Ultimately, the tool can be packaged as Gradle and Maven plugins to incorporate in a broader tool chain.

Given that the tool is prototype, and there is much work to be done in the Jakarta EE community regarding the package renames, I have started a list of TODOs in the project' issues for known work items.

Please try out the tool and let me know what you think. I am hoping that tooling such as this will ease the community cost of dealing with the package renames in Jakarta EE.

PS. Package renaming in source code is also something the community will need to deal with. But most IDEs are pretty good at this sort of thing, so I think there is probably sufficient tooling in existence for handling the package renames in source code.

by BJ Hargrave (noreply@blogger.com) at October 17, 2019 09:26 PM

Deploying MicroProfile Microservices with Tekton

by Niklas Heidloff at August 08, 2019 02:48 PM

This article describes Tekton, an open-source framework for creating CI/CD systems, and explains how to deploy microservices built with Eclipse MicroProfile on Kubernetes and OpenShift.

What is Tekton?

Kubernetes is the de-facto standard for running cloud-native applications. While Kubernetes is very flexible and powerful, deploying applications is sometimes challenging for developers. That’s why several platforms and tools have evolved that aim to make deployments of applications easier, for example Cloud Foundry’s ‘cf push’ experience, OpenShift’s source to image (S2I), various Maven plugins and different CI/CD systems.

Similarly as Kubernetes has evolved to be the standard for running containers and similarly as Knative is evolving to become the standard for serverless platforms, the goal of Tekton is to become the standard for continuous integration and delivery (CI/CD) platforms.

The biggest companies that are engaged in this project are at this point Google, CloudBees, IBM and Red Hat. Because of its importance the project has been split from Knative which is focussed on scale to zero capabilities.

Tekton comes with a set of custom resources to define and run pipelines:

  • Pipeline: Pipelines can contain several tasks and can be triggered by events or manually
  • Task: Tasks can contain multiple steps. Typical tasks are 1. source to image and 2. deploy via kubectl
  • PipelineRun: This resource is used to trigger pipelines and to pass parameters like location of Dockerfiles to pipelines
  • PipelineResource: This resource is used, for example, to pass links to GitHub repos

MicroProfile Microservice Implementation

I’ve created a simple microservice which is available as open source as part of the cloud-native-starter repo.

The microservice contains the following functionality:

If you want to use this code for your own microservice, remove the three Java files for the REST GET endpoint and rename the service in the pom.xml file and the yaml files.

Setup of the Tekton Pipeline

I’ve created five yaml files that define the pipeline to deploy the sample authors microservice.

1) The file task-source-to-image.yaml defines how to 1. build the image within the Kubernetes cluster and 2. how to push it to a registry.

For building the image kaniko is used, rather than Docker. For application developers this is almost transparent though. As usual images are defined via Dockerfiles. The only difference I ran into is how access rights are handled. For some reason I couldn’t write the ‘server.xml’ file into the ‘/config’ directory. To fix this, I had to manually assign access rights in the Dockerfile first: ‘RUN chmod 777 /config/’.

The source to image task is the first task in the pipeline and has only one step. The screenshot shows a representation of the task in the Tekton dashboard.

2) The file task-deploy-via-kubectl.yaml contains the second task of the pipeline which essentially only runs kubectl commands to deploy the service. Before this can be done, the template yaml file is changed to contain the full image name for the current user and environment.

apiVersion: tekton.dev/v1alpha1
kind: Task
metadata:
  name: deploy-via-kubectl
spec:
  inputs:
    resources:
      - name: git-source
        type: git
    params:
      - name: pathToDeploymentYamlFile
        description: The path to the yaml file with Deployment resource to deploy within the git source
      ...
  steps:
    - name: update-yaml
      image: alpine
      command: ["sed"]
      args:
        - "-i"
        - "-e"
        - "s;authors:1;${inputs.params.imageUrl}:${inputs.params.imageTag};g"
        - "/workspace/git-source/${inputs.params.pathToContext}/${inputs.params.pathToDeploymentYamlFile}"
    - name: run-kubectl-deployment
      image: lachlanevenson/k8s-kubectl
      command: ["kubectl"]
      args:
        - "apply"
        - "-f"
        - "/workspace/git-source/${inputs.params.pathToContext}/${inputs.params.pathToDeploymentYamlFile}"

3) The file pipeline.yaml basically only defines the order of the two tasks as well as how to pass parameters between the different tasks.

The screenshot shows the pipeline after it has been run. The output of the third and last steps of the second task ‘deploy to cluster’ is displayed.

4) The file resource-git-cloud-native-starter.yaml only contains the address of the GitHub repo.

apiVersion: tekton.dev/v1alpha1
kind: PipelineResource
metadata:
  name: resource-git-cloud-native-starter
spec:
  type: git
  params:
    - name: revision
      value: master
    - name: url
      value: https://github.com/IBM/cloud-native-starter

5) The file pipeline-account.yaml is necessary to define access rights from Tekton to the container registry.

Here are the complete steps to set up the pipeline on the IBM Cloud Kubernetes service. Except of the login capabilities the same instructions should work as well for Kubernetes services on other clouds and the Kubernetes distribution OpenShift.

First get an IBM lite account. It’s free and there is no time restriction. In order to use the Kubernetes service you need to enter your credit card information, but there is a free Kubernetes cluster. After this create a new Kubernetes cluster.

To create the pipeline, invoke these commands:

$ git clone https://github.com/ibm/cloud-native-starter.git
$ cd cloud-native-starter
$ ROOT_FOLDER=$(pwd)
$ REGISTRY_NAMESPACE=<your-namespace>
$ CLUSTER_NAME=<your-cluster-name>
$ cd ${ROOT_FOLDER}/authors-java-jee
$ ibmcloud login -a cloud.ibm.com -r us-south -g default
$ ibmcloud ks cluster-config --cluster $CLUSTER_NAME
$ export <output-from-previous-command>
$ REGISTRY=$(ibmcloud cr info | awk '/Container Registry  /  {print $3}')
$ ibmcloud cr namespace-add $REGISTRY_NAMESPACE
$ kubectl apply -f deployment/tekton/resource-git-cloud-native-starter.yaml 
$ kubectl apply -f deployment/tekton/task-source-to-image.yaml 
$ kubectl apply -f deployment/tekton/task-deploy-via-kubectl.yaml 
$ kubectl apply -f deployment/tekton/pipeline.yaml
$ ibmcloud iam api-key-create tekton -d "tekton" --file tekton.json
$ cat tekton.json | grep apikey 
$ kubectl create secret generic ibm-cr-push-secret --type="kubernetes.io/basic-auth" --from-literal=username=iamapikey --from-literal=password=<your-apikey>
$ kubectl annotate secret ibm-cr-push-secret tekton.dev/docker-0=us.icr.io
$ kubectl apply -f deployment/tekton/pipeline-account.yaml

Execute the Tekton Pipeline

In order to invoke the pipeline, a sixth yaml file pipeline-run-template.yaml is used. As stated above, this file needs to be modified first to contain the exact image name.

The pipeline-run resource is used to define input parameters like the Git repository, location of the Dockerfile, name of the image, etc.

apiVersion: tekton.dev/v1alpha1
kind: PipelineRun
metadata:
  generateName: pipeline-run-cns-authors-
spec:
  pipelineRef:
    name: pipeline
  resources:
    - name: git-source
      resourceRef:
        name: resource-git-cloud-native-starter
  params:
    - name: pathToContext
      value: "authors-java-jee"
    - name: pathToDeploymentYamlFile
      value: "deployment/deployment.yaml"
    - name: pathToServiceYamlFile
      value: "deployment/service.yaml"
    - name: imageUrl
      value: <ip:port>/<namespace>/authors
    - name: imageTag
      value: "1"
    - name: pathToDockerFile
      value: "DockerfileTekton"
  trigger:
    type: manual
  serviceAccount: pipeline-account

Invoke the following commands to trigger the pipeline and to test the authors service:

$ cd ${ROOT_FOLDER}/authors-java-jee/deployment/tekton
$ REGISTRY=$(ibmcloud cr info | awk '/Container Registry  /  {print $3}')
$ sed "s+<namespace>+$REGISTRY_NAMESPACE+g" pipeline-run-template.yaml > pipeline-run-template.yaml.1
$ sed "s+<ip:port>+$REGISTRY+g" pipeline-run-template.yaml.1 > pipeline-run-template.yaml.2
$ sed "s+<tag>+1+g" pipeline-run-template.yaml.2 > pipeline-run.yaml
$ cd ${ROOT_FOLDER}/authors-java-jee
$ kubectl create -f deployment/tekton/pipeline-run.yaml
$ kubectl describe pipelinerun pipeline-run-cns-authors-<output-from-previous-command>
$ clusterip=$(ibmcloud ks workers --cluster $CLUSTER_NAME | awk '/Ready/ {print $2;exit;}')
$ nodeport=$(kubectl get svc authors --output 'jsonpath={.spec.ports[*].nodePort}')
$ open http://${clusterip}:${nodeport}/openapi/ui/
$ curl -X GET "http://${clusterip}:${nodeport}/api/v1/getauthor?name=Niklas%20Heidloff" -H "accept: application/json"

After running the pipeline you’ll see two Tekton pods and one authors pod in the Kubernetes dashboard.

Try out this sample yourself!

The post Deploying MicroProfile Microservices with Tekton appeared first on Niklas Heidloff.


by Niklas Heidloff at August 08, 2019 02:48 PM

Jakarta EE, A de facto standard in the making

by David R. Heffelfinger at May 28, 2019 10:06 PM

I’ve been involved in Java EE since the very beginning, Having written one of the first ever books on Java EE. My involvement in Java EE / Jakarta EE has been on an education / advocacy role. Having written books, articles, blog posts and given talks in conferences about the technology. I advocate Jakarta EE not because I’m paid to do so, but because I really believe it is a great technology. I’m a firm believer that the fact that Jakarta EE is a standard, with multiple competing implementations, results in very high quality implementations, since Jakarta EE avoids vendor lock-in and encourages competition, benefiting developers.


Oracle’s donation of Java EE to the Eclipse Foundation was well received and celebrated by the Java EE community. Many prominent community members had been advocating for a more open process for Java EE, which is exactly what Jakarta EE, under the stewardship from the Eclipse Foundation provides.


There are some fundamental changes on how Jakarta EE is managed, that differ from Java EE, that benefit the Jakarta EE community greatly.

Fundamental differences between Java EE and Jakarta EE Management


Some of the differences in the way Jakarta EE is managed as opposed to Java EE are that there is no single vendor controlling the technology, there is free access to the TCK and there is no reference implementation.

No single company controls the standard

First and foremost, we no longer have a single company as a steward of Jakarta EE. Instead, we have several companies who have a vested interest in the success of the technology working together to develop the standard. This has the benefit that the technology is not subject to the whims of any one vendor, and, if any of the vendors loses interest in Jakarta EE, others can easily pick up the slack. The fact that there is no single vendor behind the technology makes Jakarta EE very resilient, it is here to stay.

TCK freely accessible

Something those of us involved heavily in Jakarta EE (and Java EE before), take for granted, but that may not be clear to others, is that Jakarta EE is a set of specifications with multiple implementations. Since the APIs are defined in a specification, they don’t change across Jakarta EE implementations, making Jakarta EE compliant code portable across implementations. For example, a Jakarta EE compliant application should run with minimal or no modifications on popular Jakarta EE implementations such as Apache Tomee, Payara, IBM’s OpenLiberty or Red Hat’s Thorntail


One major change that Jakarta EE has against Java EE is the fact that the Technology Compatibility Kit (TCK) is open source and free. The TCK is a set of test to verify that a Jakarta EE implementation is 100% compliant with all Jakarta EE specifications. With Java EE, organizations wanting to create a Java EE implementation, had to pay large sums of money to gain access to the TCK, once their implementation passed all the tests, their implementation was certified as Java EE compatible. The fact that the TCK was not freely accessible became a barrier to innovation, as smaller organizations and open source developers not always had the funds to get access to the TCK. Now that the TCK is freely accessible, the floodgates will open, and we should see a lot more quality implementations of Jakarta EE.

No reference implementation

Another major change between Java EE and Jakarta EE is that Java EE had the concept of a reference implementation. The idea behind having a Java EE reference implementation was to prove that suggested API specifications were actually feasible to implement. Having a reference implementation, however, had a side effect. If the reference implementation implemented something that wasn’t properly defined in the specification, then many developers expected all Java EE implementations to behave the same way, making the reference implementation a de-facto Java EE specification of sorts. Jakarta EE does away with the concept of a reference implementation, and will have multiple compatible implementations instead. The fact that there isn’t a reference implementation in Jakarta EE will result in more complete specifications, as differences in behavior between implementations will bring to light deficiencies in the specifications, these deficiencies can then be addressed by the community.

Conclusion

With multiple organizations with a vested interest in Jakarta EE’s success, a lowered barrier of entry for new Jakarta EE implementations, and better specifications Jakarta EE will become the de-facto standard in server-side Java development.



by David R. Heffelfinger at May 28, 2019 10:06 PM

I am an Incrementalist: Jakarta EE and package renaming

by BJ Hargrave (noreply@blogger.com) at May 17, 2019 05:11 PM


Eclipse Jakarta EE has been placed in the position that it may not evolve the enterprise APIs under their existing package names. That is, the package names starting with java or javax. See Update on Jakarta EE Rights to Java Trademarksfor the background on how we arrived at this state.

So this means that after Jakarta EE 8 (which is API identical to Java EE 8 from which it descends), whenever an API in Jakarta EE is to be updated for a new specification version, the package names used by the API must be renamed away from java or javax. (Note: some other things will also need to be renamed such as system property names, property file names, and XML schema namespaces if those things start with java or javax. For example, the property file META-INF/services/javax.persistence.PersistenceProvider.) But this also means that if an API does not need to be changed, then it is free to remain in its current package names. Only a change to the signature of a package, that is, adding or removing types in the package or adding or removing members in the existing types in the package, will require a name change to the package.

There has been much discussion on the Jakarta EE mail lists and in blogs about what to do given the above constraint and David Blevins has kindly summed up the two main choices being discussed by the Jakarta EE Specification Committee: https://www.eclipse.org/lists/jakartaee-platform-dev/msg00029.html.

In a nutshell, the two main choices are (1) “Big Bang” and (2) Incremental. Big Bang says: Let’s rename all the packages in all the Jakarta EE specifications all at once for the Jakarta EE release after Jakarta EE 8. Incremental says: Let’s rename packages only when necessary such as when, in the normal course of specification innovation, a Jakarta EE specification project wants to update its API.

I would like to argue that Jakarta EE should chose the Incremental option.

Big Bang has no technical value and large, up-front community costs.

The names of the packages are of little technical value in and of themselves. They just need to be unique and descriptive to programmers. In source code, developers almost never see the package names. They are generally in import statements at the top of the source file and most IDEs kindly collapse the view of the import statements so they are not “in the way” of the developer. So, a developer will generally not really know or care if the Jakarta EE API being used in the source code is a mix of package names starting with java or javax, unchanged since Jakarta EE 8, and updated API with package names starting with jakarta. That is, there is little mental cost to such a mixture. The Jakarta EE 8 API are already spread across many, many package names and developers can easily deal with this. That some will start with java or javax and some with jakarta is largely irrelevant to a developer. The developer mostly works with type and member names which are not subject to the package rename problem.

But once source code is compiled into class files, packaged into artifacts, and distributed to repositories, the package names are baked in to the artifacts and play an important role in interoperation between artifacts: binary compatibility. Modern Java applications generally include many 3rdparty open source artifacts from public repositories such as Maven Central and there are many such artifacts in Maven Central which use the current package names. If Jakarta EE 9 were to rename all packages, then the corpus of existing artifacts is no longer usable in Jakarta EE 9 and later. At least not without some technical “magic” in builds, deployments, and/or runtimes to attempt to rename package references on-the-fly. Such magic may be incomplete and will break jar signatures and will complicate builds and tool chains. It will not be transparent.

Jakarta EE must minimize the inflection point/blast radius on the Java community caused by the undesired constraint to rename packages if they are changed. The larger the inflection point, the more reason you give to developers to consider alternatives to Jakarta EE and to Java in general. The Incremental approach minimizes the inflection point providing an evolutionary approach to the package naming changes rather than the revolutionary approach of the Big Bang.

Some Jakarta EE specification may never be updated. They have long been stable in the Java EE world and will likely remain so in Jakarta EE. So why rename their packages? The Big Bang proposal even recognizes this by indicating that some specification will be “frozen” in their current package names. But, of course, there is the possibility that one day, Jakarta EE will want to update a frozen specification. And then the package names will need to be changed. The Incremental approach takes this approach to all Jakarta EE specifications. Only rename packages when absolutely necessary to minimize the impact on the Java community.

Renaming packages incrementally, as needed, does not reduce the freedom of action for Jakarta EE to innovate. It is just a necessary part of the first innovation of a Jakarta EE specification.

A Big Bang approach does not remove the need to run existing applications on earlier platform versions.  It increases the burden on customers since they must update all parts of their application for the complete package renaming when the need to access a new innovation in a single updated Jakarta EE specification when none of the other Jakarta EE specifications they use have any new innovations. Just package renames for no technical reason.  It also puts a large burden on all application server vendors. Rather than having to update parts of their implementations to support the package name changes of a Jakarta EE specification when the specification is updated for some new innovation, they must spend a lot of resources to support both old and new packages name for the implementations of all Jakarta EE specifications.

There are some arguments in favor of a Big Bang approach. It “gets the job done” once and for all and for new specifications and implementations the old java or javax package names will fade from collective memories. In addition, the requirement to use a certified Java SE implementation licensed by Oracle to claim compliance with Eclipse Jakarta EE evaporates once there are no longer any java or javax package names in a Jakarta EE specification. However, these arguments do not seem sufficient motivation to disrupt the ability of all existing applications to run on a future Jakarta EE 9 platform.

In general, lazy evaluation is a good strategy in programming. Don’t do a thing until the thing needs to be done. We should apply that strategy in Jakarta EE to package renaming and take the Incremental approach. Finally, I am reminded of Æsop’s fable, The Tortoise & the Hare. “The race is not always to the swift.”


by BJ Hargrave (noreply@blogger.com) at May 17, 2019 05:11 PM

Back to the top