Skip to content

Instantly share code, notes, and snippets.

@AdamBien
Last active December 14, 2019 21:52
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save AdamBien/46045e87888329caa3f8c29b2d56f3ea to your computer and use it in GitHub Desktop.
Save AdamBien/46045e87888329caa3f8c29b2d56f3ea to your computer and use it in GitHub Desktop.
69thAirhacksQ&A.md

Ask questions and see you at December, 9th, 8pm CET: http://www.ustream.tv/channel/adambien

Also checkout recent episode:

68 airhacks.tv

Please keep the questions Jakarta EE-stic. Means: as short and as concise as only possible. Feel free to ask several, shorter questions.

@kovica
Copy link

kovica commented Nov 5, 2019

I have seen you using VS Code in last couple of videos.
Could you please explain what extensions do you use and why.

@mlemnian
Copy link

mlemnian commented Nov 5, 2019

Hi Adam,

in the following Scenario:

  • Backend-Logic is secured by permission.
  • permissions are associated to groups (roles) and users are associated to groups (roles)
  • There are scheduled Job that are forced to use the same Backend-Logic

I've the following problem:

  • Is there a Standard JEE way of running those jobs with a principal. Currently we're using an ugly (WebSphere) construct like: LoginContext context = new LoginContext("WSLogin", new WSCallbackHandlerImpl(user, password)); context.login();

Many Thanks,
Martin

@victorroeder
Copy link

victorroeder commented Nov 5, 2019

Hello Adam,
first of all thanks for your maven archetypes.
But they do not consider the 'package' parameter so that the package/directory within the created project is always com.airhacks.

Thus I started with one of them and extend the javaee7-archetype and created a pull-request.
(I commited with snapshot version '1.4-SNAPSHOT' in pom.xml and README.md. Please note this, when you do a release.)

Would be great if you could merge it, this would make it easier to use this archetype. If you don't mind, I could also adapt the other archetypes accordingly.

ONE OTHER NOTE: It seems that your new jakarta-ee archetype is missing in the Maven Central Repository...

Many thanks,
Victor

@mlemnian
Copy link

mlemnian commented Nov 5, 2019

Hi Adam,

In a my current project, I received an swagger 2.0 yaml-file from an external system.
I created a rest-client using io.swagger:swagger-codegen-maven-plugin.
But now I've some questions:

  1. How would you handle source code generations?
    1.1 check in the description files like (wsdls, xmls, yamls) and generate the source code during the build
    or
    1.2 generate the source code once and check in the generated sources
  2. swagger-codegen-maven-plugin forces me to decide what rest-client and json framework to use:
    2.1 jersey1 - HTTP client: Jersey client 1.18. JSON processing: Jackson 2.4.2
    2.2 jersey2 - HTTP client: Jersey client 2.6
    2.3 feign - HTTP client: Netflix Feign 8.1.1. JSON processing: Jackson 2.6.3
    2.4 okhttp-gson (default) - HTTP client: OkHttp 2.4.0. JSON processing: Gson 2.3.1
    2.5 retrofit - HTTP client: OkHttp 2.4.0. JSON processing: Gson 2.3.1 (Retrofit 1.9.0)
    2.6 retrofit2 - HTTP client: OkHttp 2.5.0. JSON processing: Gson 2.4 (Retrofit 2.0.0-beta2)
    2.7 google-api-client - HTTP client: google-api-client 1.23.0. JSON processing: Jackson 2.8.9
    2.8 rest-assured - HTTP client: rest-assured : 3.1.0. JSON processing: Gson 2.6.1. Only for Java8

That means that the client generation is fine for stand alone java clients, but not for clients running in an application server.
I thought I should rely on what the application server provides e.g. JAX-RS X.Y-Client-API instead of an actual implementation. But that would mean I can't use the plugin anymore.
The openapi-generator with https://github.com/OpenAPITools/openapi-generator/blob/master/docs/generators/jaxrs-spec.md could work, but that would mean that the external system needs to migrate from swagger 2.0 to openapi 3.0. They rejected that request.

I could also use the same framework that is used in the target application server (Websphere 9 classic!). After some research I found out that Websphere 9 classic uses Wink?! with Jackson. But this combination is also not provided by the maven-plugin.

Many Thanks,
Martin

@amihaiemil
Copy link

amihaiemil commented Nov 14, 2019

Hi Adam,

Do you know of any "full-flow" Oauth2 implementation for Jakarta EE or Quarkus? What I mean is the complete flow, let's say authentication via Github:

  1. user accesses secured JAX-RS resource
  2. user is redirected to Github Login Page and grants permition
  3. user is redirected back to the JAX-RS resource, now having access.

I am aware of Quarkus' Oauth2 Authorization flow, but in this case Quarkus only takes care of validating the token, no actual redirections are performed, as I understand.

I am looking for something that offers everything out-of-the-box, including redirection. Ideally, I'd like to annotate my JAX-RS resources with e.g. @RolesAllowed("github"), setup the configs with clientId and secret provided by Github after registering my app -- that's it.

Thank you,
Mihai

@robert-niestroj
Copy link

Regarding covicas comment: what are you'r general thoughts on using VS Code for java programming?

@niftydevelopment
Copy link

niftydevelopment commented Nov 18, 2019

Thank you for the super interesting http://airhacks.fm podcasts 😀

I have followup question regarding Microprofile in a Kubernetes cluster:
Is XA transactions managing a write to DB and to a MQ queue a liable solution (classic two face commit)?

Due to the volatile nature of pods the discussion at work goes something like:
XA is supported via JTA in Wildfly 18 (no surprise). But due to the volatile nature of Kubernetes pods, maybe not the right way to go.

Simplest possible flow of two face commit within a Pod / Wildfly / MicroProfile instance:

  • Consume a MQ message.
  • Execute some business logic and persist to DB.
  • Write MQ message with result to the operation.

I really have trouble seeing this be a reliable solution due to that (in case of crash) the pod can respawn in a stateless manner anywhere in the cluster.

It could be that all MicroProfile instances using XA need to use PersistentVolume and PersistentVolumeClaim in order to give the JTA Transaction Manager state fullness and the ability to recover.

If my question makes any sense, could you please point me in the right direction.

Tnx in advance.

@wodarski
Copy link

wodarski commented Nov 18, 2019

Is it possible using MicroProfile JWT for Authentication but fetch user groups/roles from an external webservice instead of JWT groups claim for Authorization?

@ciment7
Copy link

ciment7 commented Nov 20, 2019

Hello Adam,

Is it possible to setup timeout for JAX-RS endpoints globally? I use payara 5.191. In admin console, I found in network settings and also in http listener some properties to setup timeout, but it doesn`t work.

Finally I used @timeout annotation from microprofile library, which it works, but only when I do some business logic without calling rest client. This annotation doesnt work when I do rest call to fetch data from other microservice. (my explanation why it doesnt work: establishing an HTTP connection and then reading from it are blocking operations. Interrupting the thread has no effect. )

Could you give me some examples how to setup max timeout for JAX-RS endpoints? Thanks.

@ciment7
Copy link

ciment7 commented Nov 20, 2019

Do you have some best practice how to use jersey client effectively?

In my Java EE application, I created Client -> ClientBuilder.newClient(..) as singleton with Lock.READ

....
 @Lock(LockType.READ)
    public WebTarget target(String url) {
        return client.target(url);
    }.....

I have performance issue in my microservice-oriented application. In distributed tracing, I see suspicious behaviour. Microservice A fetched some data from microservice B and it took 10 s, but from perspective of microservice B, executing took only 200ms. It seems like network problem or problem to use transport layer effectively by jersey client.

This behaviour can only see during high load. I changed singleton to stateless EJB, but no difference. I used connection - HttpPoolingConnectionManager with ApacheConnectorProvider, but also no change.

Thanks.

@mlemnian
Copy link

mlemnian commented Nov 20, 2019

Hi Adam,

  1. Who would you prevent cascading service calls (like Service A --> Service B --> ... -->Severice Z) in a micro service landscape with multiple dev-teams.

  2. Who can I prevent (or detect) that my micro service architecture "evolves" into a SOA-Hell. Fun Fact: My customer tries to create an REST-API integration layer for all business applications, which is in fact an ESB with JSON and REST instead of XML and SOAP.

Many Thanks,
Martin

@mb-dbc-dk
Copy link

Do you have some best practice how to use jersey client effectively?

In my Java EE application, I created Client -> ClientBuilder.newClient(..) as singleton with Lock.READ

....
 @Lock(LockType.READ)
    public WebTarget target(String url) {
        return client.target(url);
    }.....

I have performance issue in my microservice-oriented application. In distributed tracing, I see suspicious behaviour. Microservice A fetched some data from microservice B and it took 10 s, but from perspective of microservice B, executing took only 200ms. It seems like network problem or problem to use transport layer effectively by jersey client.

This behaviour can only see during high load. I changed singleton to stateless EJB, but no difference. I used connection - HttpPoolingConnectionManager with ApacheConnectorProvider, but also no change.

Thanks.

@ciment7 You've probably already checked, but since it looks like a situation, that we've run into, I just want to validate. Do your service B have enough http-worker threads? For instance for payara-micro (as far as I can read) this defaults to 10, which quite often isn't enough, if your service spends more than a few ms in processing.

@ciment7
Copy link

ciment7 commented Nov 22, 2019

Do you have some best practice how to use jersey client effectively?
In my Java EE application, I created Client -> ClientBuilder.newClient(..) as singleton with Lock.READ

....
 @Lock(LockType.READ)
    public WebTarget target(String url) {
        return client.target(url);
    }.....

I have performance issue in my microservice-oriented application. In distributed tracing, I see suspicious behaviour. Microservice A fetched some data from microservice B and it took 10 s, but from perspective of microservice B, executing took only 200ms. It seems like network problem or problem to use transport layer effectively by jersey client.
This behaviour can only see during high load. I changed singleton to stateless EJB, but no difference. I used connection - HttpPoolingConnectionManager with ApacheConnectorProvider, but also no change.
Thanks.

@ciment7 You've probably already checked, but since it looks like a situation, that we've run into, I just want to validate. Do your service B have enough http-worker threads? For instance for payara-micro (as far as I can read) this defaults to 10, which quite often isn't enough, if your service spends more than a few ms in processing.

@mb-dbc-dk yes. I setup 200 http threads, and also I use bulkhead pattern with porcupine library . For asynchronous processing I use other tread-pool with 300 threads.

@cbustamantem
Copy link

Hi Adam!!
What would be the best practice for this issue, i have several microservices proyects, and each one require some parts of others, Example, the service of Credits, requiere the entities of the clients service, and so on, for that reason, my solution was to create a common project for each service, (client-commons, credits-commons) when i need a entity or a data structure from another i use the "commons parts" like a maven dependency, is any other elegant solution for this?

Thanks.

@ares3
Copy link

ares3 commented Dec 2, 2019

Hi Adam,
thanks for providing this very informatic and pragmatic content to the community. Also airhacks.fm makes my way to the office nice.

You mentioned in one of your last episodes that you are building a hardware cluster. How is the status? Could you please provide a little bit more information about this project.

In the past you had an episode where you bought your private server hardware, I found this episode also very interesting.

Thank you!

@robert-niestroj
Copy link

robert-niestroj commented Dec 3, 2019

Hi,
question about microservices architecture and reporting. Let's say you are doing software for the environmental ministry have following domian-oriented microservices and :

  • companies
  • water
  • air
  • wastes
  • forests

Now you need to do a report for a certain company which does buisness in air and water. The report needs to be exported to PDF or Excel.

How you design this?
Where you put the logic for aggregating data from 3 microservices?
Where you have the components to export data to Excel or PDF?
Does each microservices have Apache POI for Excel and iText for PDF creation?

@sjetesjete
Copy link

Hi Adam,
could you please comment on https://thoughts-on-java.org/dont-expose-entities-in-api/ ? What are your experiences towards that?

Greetings from Frankfurt am Main.

@whyvrafvr
Copy link

whyvrafvr commented Dec 9, 2019

Hi Adam.

Thanks a lot for your work, you’re awesome 😎!

Do you know if it possible to use Microprofile config with DataSource annotation?
Payara offers a specific Tag ${MPCONFIG-foo} but it’s necessary to declare the variable foo using asadmin command line.
I guess we cannot use the default property file at the present time.

Working with docker and Kubernetes, we’ve decided to use environment variables but if you have a tip about using the microprofile properties, that’s perfect 👌

@ciment7
Copy link

ciment7 commented Dec 9, 2019

Hi Adam,
Do you have some experience how to protect open api endpoint generated by microprofile library to fetch open api files?
I don`t want to expose my API on production.

Thanks

@srnjak
Copy link

srnjak commented Dec 14, 2019

Hi Adam,

I have a project, where JUnit5 is used as testing framework. I would like to add some integration tests for JAX-RS functionality. After searching on internet, it became obvious that Arquillian doesn't support this version of JUnit.

What would be the best approach to make it possible to run Arquillian?
I was thinking about having JUnit5 and 4 as testing dependencies in the same project, but - is that even possible?

Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment