Iam trying to implement static code analysis for Apache Camel not only for java but also XML based DSL.Is there any SCA Tool available?
Do you refer to the Camel routes as you want some kind of analysis of those? As Apache Camel is just regular Java code, then any regular SCA tools you can use
There is a good list on wikipedia
https://en.wikipedia.org/wiki/List_of_tools_for_static_code_analysis
That said we are working on a "code/route coverage" tool that you run as part of unit tests, and then it can report which parts of your Java or XML routes have been covered or not. That work is still ongoing, you can follow the ticket:
https://issues.apache.org/jira/browse/CAMEL-8657
I believe you can certainly create a custom Sonar XPath rule using the XML plug in e.g. testing elements exist with certain attributes.
Related
I am trying to implement an API gateway which has java plugin support. Have analyzed Kong, APIMan, APIsix, of which APIsix seems to be the best fit. But when i am trying to see the java plugin support, the github for java plugin runner displays as "This project is currently considered experimental."
https://github.com/apache/apisix-java-plugin-runner
So wanted to check with community, if that plugin is experimental and is there any other way to use ApiSix for production with java plugins enabled.
Anymore options for java enabled plugin API gateways are also welcomed.
So I'll quote out the reply that I had received for the same question on the slack channel from one of the maintainers of the project, for reference.
In fact, from some information I’ve gathered, there are already some users using it in production environments.
I can’t give an answer about whether it should be marked as production-ready or not. Here are some facts.
the design pattern, API interface and custom development approach of this project has not changed significantly since its inception, and should not be a major upheaval in the future, as it follows some common gateway design approaches in the Java world.
it is currently used in a rather primitive way, requiring clone project source code, but in the Java world, mature projects should import dependencies and use them by defining GAV in the dependency file.
Based on this, I think it is now production-ready in terms of stability, but not enough on other levels.
Apache APISIX Slack channel has the same question, link: https://the-asf.slack.com/archives/CUC5MN17A/p1653908139962639
Back to this question: Java Plugin Runner is used in production by some community users.
Here's the thing, from what I know, It has been used in a production environment in China(You can refer to this from the community bio-weekly talk).
So I would suggest you can try it.
Also, the plugin is still relatively easy to suit and I think could be better customized to suit your needs.
Let me preface this with the fact that I am still very new to Apache Camel. I'm still trying to understand how it all works, and what needs to be done (and HOW to do it) to achieve a particular effect.
I am trying to develop a Spring Boot application that will use Apache Camel to handle the transmission (and possibly also receipt) of data to/from a number of possible sources and destinations. The purpose of the application is to provide a means to produce/generate network traffic, at the network application level, that will be fed into another Spring Boot application - let's call this the target. We are trying to observe and measure the effects various network loads have on the target.
We would like to be able to transmit data via a number of protocols, including: ftp, http/s, file systems (nfs), various mail protocols (smtp, pop) and data streaming protocols for voice and video. There may be other protocols added at a later time. The data itself is irrelevant, we just need to be able to transmit data via various protocols with various loads.
These applications/services will be running in a containerized environment (Docker) that will be run within our local development and test environment, as well as possibly in a cloud environment, such as AWS. We have used Docker, Ansible, Terraform and are currently working towards using Kubernetes and Istio to manage the configuration, deployment, and operation of these applications.
We need to be able to provide specific configurations of Camel routes for particular deployments.
It would appear that the preferred method to configure Camel routes is via Java DSL, rather than XML DSL. The Camel documentation and nearly every other source of information I've found have a strong bias towards using Java DSL. Examples of XML DSL route configuration are far and few.
My initial impression is that going the Java DSL route (excuse the pun), would not work well with our need to be able to deploy a Camel application with a specific route configuration. It seems like you are required to have Java DSL defined route configurations hardwired into the code.
We think that it will be easier to provide a specific route configuration via an XML file that can be included in a deployment, hence why I've been trying to investigate and experiment with XML DSL. Perhaps we are mistaken in this regard.
My question to the community is: Considering what I've described above, can the Java DSL approach be used to meet the requirements as I've described them? Can we use Java DSL in a way that allows for dynamic route configuration? Keep in mind we would not be attempting to change configuration during operation, just in the course of performing a deployment.
If Java DSL could be used for this purpose, it would be very much appreciated if pointers to documentation, examples, etc. could be provided.
For your use cases you could use XML DSL also. Anyhow below book covers most aspects Camel development with examples. In this book authors describes XML DSL use for most of java DSL examples.
https://www.manning.com/books/camel-in-action-second-edition
In below github repository you can find the source code for all the examples listed in above book.
https://github.com/camelinaction/camelinaction2
Simple tutorial and github repository for Apache Camel using Spring boot.
https://www.baeldung.com/apache-camel-spring-boot
https://github.com/eugenp/tutorials/tree/master/spring-boot-modules/spring-boot-camel
Maven Plugin for build and deployment of spring boot container application into Kubernetes cluster
https://maven.fabric8.io/
In case if your company can afford some funding for your effort look at below link which provides commercial offerings around Camel.
https://camel.apache.org/manual/latest/commercial-camel-offerings.html
Thanks
Madhu Gupta
Our team has a few projects which use the Java DSL for building routes. In order to make them dynamic, there are control structures for iterating and setting endpoints based off configurations. That works for us because the routes are basically all the same, just with different sources and sinks.
If you could dynamically add/change the XML DSL files in a way that doesn't involve redeploying your application, that might be a viable route to follow. One might, for example, change the camel.springboot.xml-routes property to point to a folder which changes as needed.
I have a use case where I would like build a common interface or service which can update entities of application. Example case is shown as below:
Now every application has to handle update functionality of entities. Rather than implementing update functionality in n application module. I would like to build a common interface or server in spring boot.
Service will be like below:
My question is how to design service/interface which can used for above scenario. Any api or tool which can help me to achieve this. I dont want to write code for update in every application module.
Thanks in advance.
Last year I was thinking about the similar concept to yours, but in Apache Camel framework context. I haven't got enough time and motivation to do so, but your post encouraged me to give it a try - perhaps mostly because I've found your concept very similar to mine.
This is how I see it:
So basically I considered an environment with application that might uses N modules/plugins that enriches application's features, i.e. processing feature etc. Application uses module/plugin when it is available in the classpath - considering Java background. When the module is not available application works without its functionality like it was never there. Moreover I wanted to implement it purely using framework capabilities - in this case Spring - without ugly hacks/ifs in the source code.
Three solutions come to my mind:
- using request/response interceptors and modifying(#ControllerAdvice)
- using Spring AOP to intercept method invocations in *Service proxy classes
- using Apache Camel framework to create a routes for processing entities
Here's the brief overview of POC that I implemented:
I've chosen Spring AOP because I've never been using it before on my own.
simple EmployeeService that simulates saving employee - EmployeeEntity
3 processors that simulates Processing Modules that could be located outside the application. These three modules change properties of EmployeeEntity in some way.
one Aspect that intercepts "save" method in EmployeeService and handles invocation of available processors
In the next steps I'd like to externalize these Processors so these are some kind of pluggable jar files.
I'm wondering if this is something that you wanted to achieve?
link to Spring AOP introduction here: https://docs.spring.io/spring/docs/5.0.5.RELEASE/spring-framework-reference/core.html#aop
link to repository of mentioned POC: https://github.com/bkpawlowski/spring-aop
I'm trying to find any open-source or commercial implementation of Attribute-Based Access Control(ABAC) paradigm that will work together with Spring Security or Apache Shiro frameworks. Right now I can't find any of them.
I don't think I'm a first one who needs such kind of functionality - so could you please recommend frameworks that will support this ?
Also, can Permissions in Apache Shiro be considered as a particular case of ABAC paradigm implementation ?
jCasbin is a powerful and efficient open-source access control library for Java projects. It provides support for enforcing authorization based on various access control models. ABAC is one of the models that is supported by jCasbin.
ABAC: syntax sugar like a resource. The owner can be used to get the attribute for the resource.
In jCasbin, an access control model is abstracted into a CONF file based on the PERM metamodel (Policy, Effect, Request, Matches). So switching or upgrading the authorization mechanism for a project is just as simple as modifying a configuration. You can customize your own access control model by combining the available models. For example, you can get RBAC roles and ABAC attributes together inside one model and share one set of policy rules.
It supports Spring boot via plugin: jcasbinspring-boott-plugin
Also, there is another opensource project called EasyAback. (The original project documents are written in Russian and I translated them and moreover added some other documents and diagram link)
This github sample shows how ABAC can be implemented on top of spring-security framework using Spring Expression Language (SPEL). An excellent blog describes the sample code using a simple web app. Having come from an XACML background I found this project to be very familiar to XACML. It essentially maps XACML concepts to define policy's in JSON (instead of XACML / XML) and using a familiar spring-security API and framework.
Disclaimer: I work for Axiomatics
Axiomatics provides an Attribute Based Access Control (ABAC) implementation that integrates with different environments:
Native Spring Security integration
integration with other Java apps via our SDK and API
integration with API gateways e.g. Apigee
database security
We have had customers integrate with Apache Shiro . Apache Shiro are a simplified form of ABAC. They can be integrated with ABAC.
Axiomatics' implementation relies on XACML.
For an open source Java alternative, you can find several on the XACML Wikipedia page: AuthzForce, Apache OpenAZ, WSO2 Balana. For AuthzForce, you can find Java code samples of ABAC/XACML authorization filters using either an embedded Java PDP or a (remote) RESTful PDP.
I would like to set up an infrastructure for integration testing.
Currently we bootstrap tomcat using maven and then execute httpunit tests.
But the current solution has few drawbacks.
Any changes committed to the database need to be rollback manually in the end if the test
Running code coverage on integration test is not straight forward (we are using sonar).
My goals are:
Allow automatic rollback between tests (hopefully using String #transaction and #rollback)
Simple straight forward code coverage
Using #RunWith that will bootstrap the system from JUnit and not externally
Interacting with live servlets and javascript (I consider switching from httpuinit to selenium…)
Reasonable execution time (at least not longer than the existing execution time)
The goals above look reasonable to me and common to many Java/J2ee projects.
I was thinking to achieve those goals by using Arquillian and Arquillian Spring Framework Extension component.
See also https://github.com/arquillian/arquillian-showcase/
Does anyone have and experience with Arquillian and with Arquillian Spring Framework Extension?
Can you share issues best practices and lesson learned?
Can anyone suggest an alternative approach to the above?
I can't fully answer your question. only some tips
Regarding the automatic rollback. In my case. Using liquibase to init the test data on "hsqldb" or "h2" which could be set as in-memory pattern. Then no need to roll back.
For Arquillian. It's a good real testing approach. What i learned is that "Arauillian Spring Framework Extension" is just a extension. You have to bind to a specific container like "jboss, glasshfish,tomcat" to make the test run.
But i don't know how to apply for a spring-based javaSE program which do not need application server support.
My lesson learned is the jboss port conflict. since jboss-dist is set 8080 as default http port. But our company proxy is same as 8080. So i can't use maven to get the jboss-dist artifact.
Hope others can give more info.