This past week, there was a discussion on the Apache CXF developer list about adding an enterprise grade Security Token Service (STS) into CXF. Talend has been developing an STS internally for some of our customers for a while now and we’re pretty excited to be able to contribute the results of that work back to the community. CXF 2.4.0 had a very basic “framework” for developing an STS built into it along with a simple example that showed how to use the framework to setup a very simple STS. However, most of the details of creating and verifying tokens and such was completely left to the user/developer. The new STS, while built on that same framework, has a lot more capabilities “built in” and requires significantly less work to setup.
Colm’s blog definitely covers most of the details about the functionality of the new STS. Over the upcoming weeks, he should be adding more details about how to configure and leverage many of the features he mentions. Keep an eye out on his blog for details.
I’m quite excited about this. One of my personal goals in developing Open Source software is making that software more approachable and usable in enterprise environments. Over the years, CXF has done a great job become the defacto open source services framework by trying to meet the needs of enterprise deployments. This takes it even a step further by providing the first ready made service based on CXF. Hopefully, there will be more to come. Stay tuned!
In the last week or so, there’s been a bit of work going on in CXF to improve the OSGi experience with CXF as well as make it easier to manage.
First off, Glen Mazza has done quite a bit of testing with JMX and wrote a very good blog entry about how to JMX enable your CXF services (and Metro). As part of that, he’s been testing it with various app servers and updating the documentation and such. All great work.
On the OSGi side, CXF will now register the Bus objects into the OSGi service registry. Thus, other OSGi services can query them and pull information out of them. The primary driver for this is the new Karaf WebConsole. It’s very very early (just added to the WebConsole yesterday), but you can see some of the stuff that can be queried here. Also, to make this more useful, the Bus ID now defaults to the bundle SymbolicName+”cxf” when running in OSGi. This makes it much easier in the WebConsole and in JMX to find the endpoints of interest when there are many deployed.
Combining both of the above, when running in OSGi, CXF will now lookup an MBeanServer from the container and register its MBeans automatically. With previous versions of CXF, the user would need to add a bunch of configuration into their blueprint or spring-dm configs to enable the JMX management. That will be done automatically now.
I’m quite happy with the above changes. It will really make the administrators job easier when using CXF, particularly in OSGi based ESB’s like Talend’s ESB.