Tuesday, December 3, 2013

XSl for adding soap header if missing

Today I noticed a bug in a chain of transformations; I assumed that soap header was always added. However some clients do not send soap header if it is not needed. Here is a simple xsl to add an empty soap header if it is missing:

Tuesday, October 8, 2013

Adding Checksum To HTTP Response Header of JSONX Content in Datapower

Today I exposed a web service as a restful HTTP service via Datapower. I am also one of the consumers of this restful service and I push this data to clients who are subscribed to me.

However I noticed that the data I receive does not frequently change and I do not want to push same data.

So I added a http response header in Datapower which is actually a checksum of the content I requested; in my code I check this checksum if it is different from the one I got in my previous request:

Monday, September 23, 2013

Don't forget to use NIO if you are doing Async stuff with servlet 3.0 and using Tomcat 7 or below

If you are using Servlet 3.0 API to do some async stuff, do not forget to switch to NIO Connector by setting protocol attribute of the connector element in server.xml and using an executor. There are two important reasons for this: Thread pooling and timeout behavior of AsyncListener.

About Threads

There are 10 threads in my ExecutorService to handle requests in my AsyncContext pool. Here is a sample; let's assume that we push awesome data to clients in a comet fashion such:

If you leave Tomcat 7's default configuration; you will have n+10 threads. "n" is the number of requests. This is due to nature of blocking connectors. This might be useful for some applications (where for example thread local variables are highly used etc.). However; due to nature of the asynchronous job we are doing (we are pushing data to client when an event occurs) what we like to achieve is to satisfy all the clients with less threads; since most of the time threads are doing nothing but waiting.

Change your connector to NIO and use a thread pool for the NIO connector as seen from a server.xml fragment below:/p>

Connect with jprofiler; send 500 threads with jmeter; you will see only ten threads at the front; delivering those requests to 10 worker threads we defined above. To make it really look like a node.js; set maxThreads="1" minSpareThreads="1" of executor element. There were no changes in performance in my case due to fact that I wait for a second in my loop which schedules pushes to clients; so each client is pushed once a second approximately. In real life; an event will cause this push.

I really like this architecture rather then node.js due to fact that I know exactly the thread counts and I can manage them all. And please post me why node.js is better? I just can not understand. You have more libraries in java, you can integrate with many other systems easily; you can write in java,ruby,js,groovy,scala etc..

About Timeout

If your are setting timeout on AsyncContext such:

And then add an AsyncListener to that AsyncContext; OnTimeout of AsyncListener is called depending on which connector of Tomcat you are using.

If you are using Http11Protocol (BIO): callback is called exactly the time passed from the first request. If you give a high timeout and user closes his browser; still timeout is not called and you have to push data since you are not aware of it.

If you are using org.apache.coyote.http11.Http11NioProtocol (NIO); callback is called exactly the time you set after the connection is closed (for example if the browser is closed).

Thursday, September 12, 2013

Spring Integration; WS-Outbound to Exchange Server with NTLM

Although NTLM is insecure and being deprecated; I was required to transform basic http authentication to NTLM.

First download and place jcifs.jar to your classpath: http://jcifs.samba.org/src/ (If you are using maven; upload this jar to your repo and use it in your pom as described here.)

Use the above message sender as displayed below in your ws outbound gateway.

Thursday, September 5, 2013

Datapower: Extract an URL from XML, fetching content and binary transformation

I would like to share a simple configuration I have done in order to extract an URL from given XML, fetching it and encoding the content while returning it in soap response. It might be valuable for those who are looking for selecting xml elements in xsl regardless their namespace and how to transform binary content.

First we should extract ip, port, path and query arguments and construct a full URL. No need to say that this is the worst representation for an URL; but this is what asked from us.

A sample xml is: The URL extractor XSD is (AtmesUrlExtractor.xsl in policy flow):

After extracting the URL and assigning the result to a variable atmes_fetch_url; we use fetcher component to fetch the content (in this point we reference to variable with var://context/atmes_fetch_url):

This fetcher puts content is into "PIPE". Then our binary transformer is activated:

The important thing above is call to pkcs7-convert-input.ffd. It puts all the content in a xml structure so that we can proceed with xslt although it is not an xml actually. It is very easy to understand how it works; it is a standard file in datapower. It puts all the content under object/message tag. The import thing is that you must choose it as a binary in component details screen as seen below (even if it is not a binary; a text; anything which is not xml.)

Tuesday, January 29, 2013

Maven Package/Class Restrictor Plug-In

I just wrote simple access restriction maven plug-in which you can use to break your maven build if a certain package/class/method is referenced by a certain class or package in your source code or in any jar/war/ear dependency even if you do not have it's source code.
It is useful if you do not have access to the pom of the dependencies you use. PMD can allows such controls too but you have to have it's source code and you must build them. With this plug-in; bytecodes of dependencies are checked against rules.
Details are in the github wiki.

The purpose for this artifact is to restrict access to some packages. As a architectural team, we require all teams to use only the API's we provide. Here is an excerpt from our current usage. This will evolve with time:

This plug-in produces a report named "restrict-maven-plugin.txt" under target folder. We disabled breaking the build by setting continueOnError to "true" for now. We e-mail this output to let everyone take appropriate action before we start to break maven builds. Also I wrote simple Ruby script; which re-renders the output in html. I use this output to e-mail: