diff --git a/blog_tags.json b/blog_tags.json index 7a6de887c..88f60fc1b 100644 --- a/blog_tags.json +++ b/blog_tags.json @@ -86,7 +86,8 @@ "featured": "true" },{ "name": "microprofile", - "posts": ["microprofile-7", "24.0.0.12", + "posts": ["cloudant-with-open-liberty", + "microprofile-7", "24.0.0.12", "24.0.0.10", "24.0.0.9", "rethinking-microservices", "24.0.0.9-beta", "liberty-on-amazon-ecs", "24.0.0.8-beta", @@ -591,7 +592,7 @@ }, { "name": "data-sources", - "posts": ["24.0.0.8-beta", + "posts": ["cloudant-with-open-liberty", "24.0.0.8-beta", "24.0.0.6-beta", "simplifying-nosql-database-integration-with-jakarta-nosql", "jakarta-nosql-in-action-meet-jnopo-game", "jakarta-nosql-challenge-switching-nosql-easily", "24.0.0.5-beta", "24.0.0.4-beta", diff --git a/posts/2024-12-03-24.0.0.12.adoc b/posts/2024-12-03-24.0.0.12.adoc index 374e2f3f2..a9c1156b2 100644 --- a/posts/2024-12-03-24.0.0.12.adoc +++ b/posts/2024-12-03-24.0.0.12.adoc @@ -10,6 +10,9 @@ seo-description: The 24.0.0.12 release introduces support for MicroProfile 7.0, blog_description: The 24.0.0.12 release introduces support for MicroProfile 7.0, a major MicroProfile release. It also provides a way to handle incompatible client versions when you use SameSite cookies. open-graph-image: https://openliberty.io/img/twitter_card.jpg open-graph-image-alt: Open Liberty Logo +blog-available-in-languages: +- lang: ja + path: /ja/blog/2024/12/03/24.0.0.12.html --- = MicroProfile 7.0 and improvements for SameSite cookie handling in 24.0.0.12 David Mueller diff --git a/posts/2024-12-9-cloudant-with-open-liberty.adoc b/posts/2024-12-9-cloudant-with-open-liberty.adoc new file mode 100755 index 000000000..b266050c0 --- /dev/null +++ b/posts/2024-12-9-cloudant-with-open-liberty.adoc @@ -0,0 +1,235 @@ +--- +layout: post +title: "Access IBM Cloudant with Open Liberty using CDI" +categories: blog +author_picture: https://avatars3.githubusercontent.com/revijay +author_github: https://github.com/revijay +seo-title: Access IBM Cloudant NoSQL database with Open Liberty using CDI - OpenLiberty.io +seo-description: Using Cloudant with Open Liberty previously meant enabling the cloudant-1.0 feature and configuring several elements in server.xml. With CDI and MicroProfile Config, you can easily configure access to Cloudant with a CDI producer. The cloudant-1.0 feature was implemented using Java Cloudant Client library which is no longer supported, so in this demonstration we are using the new Cloudant SDK for Java. +blog_description: "Using Cloudant with Open Liberty previously meant enabling the cloudant-1.0 feature and configuring several elements in server.xml. With CDI and MicroProfile Config, you can easily configure access to Cloudant with a CDI producer. The cloudant-1.0 feature was implemented using Java Cloudant Client library which is no longer supported, so in this demonstration we are using the new Cloudant SDK for Java." +open-graph-image: https://openliberty.io/img/twitter_card.jpg +open-graph-image-alt: Open Liberty Logo +--- += Access IBM Cloudant with Open Liberty using CDI +Reshmi Vijayan +:imagesdir: / +:url-prefix: +:url-about: / + +Cloudant, an IBM-managed NoSQL database built on top of Apache CouchDB, provides a robust, flexible, and highly scalable NoSQL database solution that is tailor-made for cloud-native applications. Cloudant with Open Liberty offers a seamless way to build, deploy, and scale your Java applications with efficient scalable data storage. + +Previously, using Cloudant with Open Liberty meant enabling the `cloudant-1.0` feature and configuring several elements in the `server.xml` file. The `cloudant-1.0` feature was implemented using Java Cloudant Client library, which is no longer supported, so in this demonstration we are using the new Cloudant SDK for Java. With CDI and MicroProfile Config, you can easily configure access to Cloudant with a CDI producer (for an introduction to using CDI producers, see the https://openliberty.io/guides/cdi-intro.html[Injecting Dependencies into Microservices guide]). + +As a result, if you are migrating from using the `cloudant-1.0` feature to the new Cloudant SDK for Java, you should remove the `cloudant-1.0` feature from your server.xml file. This not only streamlines your configuration but also aligns with the new simplified approach of using the Cloudant CDI producer for integration. + +== Bundle the Cloudant SDK for Java + +Prior to implementing the functionality, make sure to configure the essential dependencies in your application. Depending on your build tool (Maven or Gradle), you can include the necessary Cloudant SDK libraries by adding the corresponding dependency. + +* For Maven: Add the following dependency in pom.xml file: + +[source, xml] +---- + + com.ibm.cloud + cloudant + x.x.x + +---- +Be sure to check for the latest version on link:https://central.sonatype.com/?smo=true[Maven Central]. + +* For Gradle: In your build.gradle file, add the following inside the dependencies block: + +[source, groovy] +---- +dependencies { + implementation 'com.ibm.cloud:ibm-cloud-sdk-core:x.x.x' +} +---- + +If you have multiple applications accessing Cloudant, instead of bundling the Cloudant SDK for Java with each application, you can configure a shared library in your `server.xml` like this: +[source, xml] +---- + + + + + + + + + + + +---- + +== A CDI producer for Cloudant +With a CDI producer, you can easily provide a Cloudant client to your application and inject the client into various parts of the application in a type-safe and flexible way, with the benefits of dependency injection (such as lifecycle management and configuration). Also, we are using link:{url-prefix}/guides/microprofile-config-intro.html[MicroProfile Config] to simplify the configuration of the Cloudant driver. +This example demonstrates how to create a CDI producer to inject a Cloudant client: +[source, java] +---- +@ApplicationScoped +public class CloudantProducer { + + @Inject + @ConfigProperty(name = "cloudant.host", defaultValue = "localhost") + String host; + + @Inject + @ConfigProperty(name = "cloudant.port", defaultValue = "5984") + String port; + + @Inject + @ConfigProperty(name = "cloudant.username") + String username; + + @Inject + @ConfigProperty(name = "cloudant.password") + String encodedPassword; + + @Produces + public Cloudant createCloudant() { + String password = PasswordUtil.passwordDecode(encodedPassword); + BasicAuthenticator authenticator = new BasicAuthenticator.Builder() + .username(username) + .password(password) + .build(); + + Cloudant service = new Cloudant("cloudant", authenticator); + service.setServiceUrl("http://" + host + ":" + port); + + return service; + } +} +---- +One advantage of using a CDI producer is that you can tailor it to your needs. For improved security, the `createCloudant` method uses Open Liberty's password decoding, which requires the following Maven dependency: +[source,xml] +---- + + com.ibm.websphere.appserver.api + com.ibm.websphere.appserver.api.passwordUtil + 1.0.95 + +---- +You must also enable the Password Utilities feature in your `server.xml` file: +[source, xml] +---- +passwordUtilities-1.0 +---- +Now, by placing the following snippet in your ``microprofile-config.properties`` or `server.env` file, the values for user and password will be pulled into the CloudantProducer class: +[source, text] +---- +cloudant.user=admin +cloudant.password={aes}AEEjCqvh7XAwDxrdYC6BUbqYlwqI8NAxRkWWWq7muxZu +cloudant.dbname=testdb +---- + +Instead of using `BasicAuthentication` with a username and password, Cloudant also supports `IAM (Identity and Access Management)` authentication, which allows users and applications to authenticate using secure API keys or IAM tokens. By using IAM authentication, we can avoid the risks associated with managing passwords and ensure that only authorized entities can interact with Cloudant databases. +Follow the https://cloud.ibm.com/docs/Cloudant?topic=Cloudant-getting-started-with-cloudant[IBM Cloudant Setup] guide to create a Cloudant instance and API key for accessing it. + +The following code snippet shows how can we create a CDI Producer to inject a Cloudant client with IAM authentication. +[source, java] +---- +@ApplicationScoped +public class CloudantProducer { + + @Inject + @ConfigProperty(name = "cloudant.host") + String host; + + @Inject + @ConfigProperty(name = "cloudant.apikey") + String apikey; + + @Produces + public Cloudant createCloudant() { + IamAuthenticator authenticator = new IamAuthenticator.Builder() + .apikey("apikey") + .build(); + + Cloudant service = new Cloudant("cloudant", authenticator); + service.setServiceUrl("https://" + host); + + return service; + } +} +---- + +== Injecting the Cloudant client +Here is an example of using the CDI producer to inject a Cloudant client in a JAX-RS application. +[source, java] +---- +@Inject +Cloudant client; + +@Inject +@ConfigProperty(name = "cloudant.dbname") +String dbname; + +@POST +@Path("/add") +@Consumes(MediaType.APPLICATION_JSON) +public void add(CrewMember crewMember) { + Document newCrewMember = new Document(); + newCrewMember.put("Name",crewMember.getName()); + newCrewMember.put("Rank",crewMember.getRank()); + newCrewMember.put("CrewID",crewMember.getCrewID()); + + PostDocumentOptions createDocumentOptions = + new PostDocumentOptions.Builder() + .db(dbname) + .document(newCrewMember) + .build(); + DocumentResult createDocumentResponse = client + .postDocument(createDocumentOptions) + .execute() + .getResult(); +} +---- + +In this example: + +* `@Inject` is used to inject the Cloudant client instance provided by the CDI producer. +* The `PostDocumentOptions` is a builder class that allows you to specify various options when posting the document. You must provide the db name and the document content. +* The `postDocument` is the main method that posts the document to the specified database. It returns a DocumentResult object which contains metadata about the inserted document (like its _id and _rev). + +Similarly, we can delete a document from Cloudant by using the document `id`. +[source, java] +---- +@DELETE +@Path("/{id}") +public String remove(@PathParam("id") String id) { + GetDocumentOptions documentInfoOptions = + new GetDocumentOptions.Builder() + .db(dbname) + .docId(id) + .build(); + + Document document = client + .getDocument(documentInfoOptions) + .execute() + .getResult(); + + DeleteDocumentOptions deleteDocumentOptions = + new DeleteDocumentOptions.Builder() + .db(dbname) + .docId(id) + .rev(document.getRev()) + .build(); + + DocumentResult deleteDocumentResponse = client + .deleteDocument(deleteDocumentOptions) + .execute() + .getResult(); +} +---- +In the previous example: + +* The `GetDocumentOptions` class is used to configure parameters for retrieving a document from a Cloudant database. It allows you to specify the database name, document ID, and optional parameters like the document revision, whether to include attachments, conflicts, or deleted information in the response. The class uses the builder pattern to set these options before making the request to Cloudant. +* The `DeleteDocumentOptions` class is used to configure parameters for deleting a document from a Cloudant database. It allows you to specify the database name, the document ID, and the revision (`_rev`) of the document to ensure that the correct version is deleted and prevent race conditions. This class uses the builder pattern to set options before sending the delete request to Cloudant. + +== Summary +In this blog post, we explored how easy it is to create a CDI producer for Cloudant, and configure it with MicroProfile Config to help integrate Cloudant into an Open Liberty-based Java application, leveraging the power of Cloudant's NoSQL database with the flexibility of Open Liberty’s lightweight, cloud-native architecture. +The full sample is available link:https://github.com/OpenLiberty/sample-cloudant[on GitHub]. + +By combining the strengths of Cloudant and Open Liberty, developers can create powerful, cloud-native applications that are both flexible and scalable, with minimal infrastructure management. This integration ensures real-time data access, robust data storage, and seamless scaling—all essential for modern, data-driven applications in the cloud. diff --git a/posts/ja/2024-12-03-24.0.0.12.adoc b/posts/ja/2024-12-03-24.0.0.12.adoc new file mode 100644 index 000000000..55a083f40 --- /dev/null +++ b/posts/ja/2024-12-03-24.0.0.12.adoc @@ -0,0 +1,139 @@ +--- +layout: post +title: "24.0.0.12でのMicroProfile 7.0とSameSite Cookie処理の改善" +# Do NOT change the categories section +categories: blog +author_picture: https://avatars3.githubusercontent.com/dmuelle +author_github: https://github.com/dmuelle +seo-title: 24.0.0.12でのMicroProfile 7.0とSameSite Cookie処理の改善 - OpenLiberty.io +seo-description: 24.0.0.12リリースでは、MicroProfileのメジャー・リリースであるMicroProfile 7.0のサポートが追加されました。また、SameSite Cookieを使用する際に互換性のないクライアント・バージョンを処理する方法も提供されます。 +blog_description: 24.0.0.12リリースでは、MicroProfileのメジャー・リリースであるMicroProfile 7.0のサポートが追加されました。また、SameSite Cookieを使用する際に互換性のないクライアント・バージョンを処理する方法も提供されます。 +open-graph-image: https://openliberty.io/img/twitter_card.jpg +open-graph-image-alt: Open Liberty Logo +additional_authors: +- name: 西尾 実優香 (翻訳) + github: https://github.com/MiyukaNishio + image: https://avatars.githubusercontent.com/MiyukaNishio +blog-available-in-languages: +- lang: en + path: /blog/2024/12/03/24.0.0.12.html +--- += 24.0.0.12でのMicroProfile 7.0とSameSite Cookie処理の改善 +David Mueller +:imagesdir: / +:url-prefix: +:url-about: / +//Blank line here is necessary before starting the body of the post. + +24.0.0.12リリースでは、MicroProfileのメジャー・リリースであるMicroProfile 7.0のサポートが追加されました。また、SameSite Cookieを使用する際に互換性のないクライアント・バージョンを処理する方法も提供されます。 + +link:{url-about}[Open Liberty] 24.0.0.12では以下のアップデートが行われました。 + +* <> +* <> +* <> + +link:https://github.com/OpenLiberty/open-liberty/issues?q=label%3Arelease%3A240012+label%3A%22release+bug%22[24.0.0.12]で修正されたバグの一覧をご確認ください。 + +link:{url-prefix}/blog/?search=release&search!=beta[以前のOpen Liberty GAリリースのブログ投稿]をご覧ください。 + + +[#run] +== 24.0.0.12を使用してアプリを開発および実行する + +link:{url-prefix}/guides/maven-intro.html[Maven] を使用している場合は、`pom.xml` ファイルに以下の内容を含めます。 + +[source,xml] +---- + + io.openliberty.tools + liberty-maven-plugin + 3.11.1 + +---- + +link:{url-prefix}/guides/gradle-intro.html[Gradle] を使用している場合は、`build.gradle` ファイルに以下の内容を含めます。 + +[source,gradle] +---- +buildscript { + repositories { + mavenCentral() + } + dependencies { + classpath 'io.openliberty.tools:liberty-gradle-plugin:3.9.1' + } +} +apply plugin: 'liberty' +---- + +link:{url-prefix}/docs/latest/container-images.html[コンテナ イメージ] を使用している場合: + +[source] +---- +FROM icr.io/appcafe/open-liberty +---- + +または、link:{url-prefix}/start/[ダウンロード・ページ]をご覧ください。 + +link:https://plugins.jetbrains.com/plugin/14856-liberty-tools[IntelliJ IDEA]、link:https://marketplace.visualstudio.com/items?itemName=Open-Liberty.liberty-dev-vscode-ext[Visual Studio Code]、または link:https://marketplace.eclipse.org/content/liberty-tools[Eclipse IDE]を使用している場合は、オープンソースの link:https://openliberty.io/docs/latest/develop-liberty-tools.html[Liberty 開発者ツール] を活用して、IDE 内から効果的な開発、テスト、デバッグ、アプリケーション管理を行うこともできます。 + +[link=https://stackoverflow.com/tags/open-liberty] +image::img/blog/blog_btn_stack_ja.svg[Stack Overflowで質問する, align="center"] + + +[#mp7] +== MicroProfile 7.0でマイクロサービス・アプリケーションを開発 + +MicroProfileは、マイクロサービスを軽量かつ効率的に開発、デプロイ、および管理するためのAPIとツールのセットを提供します。バージョン24.0.0.12リリースでは、MicroProfileのメジャー・リリースであるMicroProfile 7.0のサポートが追加されました。これにより、MicroProfile MetricsがMicroProfile Telemetryに置き換えられました。 したがって、MicroProfile Metricsは包括的なリリースから外れ、独立した仕様となります。このリリースでは、MicroProfile OpenAPI、Rest Client、Fault Tolerance、およびTelemetry機能の新バージョンも導入されました。 + +詳しくは、link:{url-prefix}/blog/2024/12/03/microprofile-7.html[Open Libertyを使用したMicroProfile 7.0の詳細]をご参照ください。 + +// DO NOT MODIFY THIS LINE. + +// // // // DO NOT MODIFY THIS COMMENT BLOCK // // // // +// Blog issue: https://github.com/OpenLiberty/open-liberty/issues/30255 +// Contact/Reviewer: volosied,pnicolucci +// // // // // // // // +[#samesite] +== SameSite=Noneの非互換クライアントを確認 + +バージョン24.0.0.12では、特定のクライアントバージョンに対して問題が発生することを心配することなく、 `SameSite=None` のCookieを使用できるようになりました。以前は、 `SameSite=None` 属性を持つCookieがlink:https://www.chromium.org/updates/same-site/incompatible-clients/[非互換クライアント]に送信されると、拒否されたり誤って処理 ( `SameSite=Strict` として処理) されたりしていました。 今後はウェブブラウザに送信される前に、 `SameSite=None` 属性を持つCookieをOpen Libertyが傍受し、 `User-Agent` が非互換のクライアントバージョンを指定しているかどうかを確認します。非互換のクライアントが検出されると、 `SameSite=None` および `Partitioned` ヘッダー (存在する場合) はCookieから削除されます。 + +詳しくは、link:{url-prefix}/blog/2020/03/25/set-samesite-attribute-cookies-liberty.html[Open LibertyでのCookieのSameSite属性の設定]をご参照ください。 +// DO NOT MODIFY THIS LINE. + + + +[#CVEs] +== セキュリティ脆弱性 (CVE) の修正 +[cols="5*"] + +以下のCVEが24.0.0.12のリリースで修正されました。 + +|=== +|CVE |CVSS Score |Vulnerability Assessment |Versions Affected |Notes + +|link:https://www.cve.org/CVERecord?id=CVE-2024-7254[CVE-2024-7254] +|7.5 +|Denial of service +|20.0.0.12 - 24.0.0.10 +| `grpc-1.0` と `grpcClient-1.0` の機能に影響 +|=== + +// // // // // // // // +// In the preceding section: +// If there were any CVEs addressed in this release, fill out the table. For the information, reference https://github.com/OpenLiberty/docs/blob/draft/modules/ROOT/pages/security-vulnerabilities.adoc. If it has not been updated for this release, reach out to Kristen Clarke or Michal Broz. +// Note: When linking to features, use the +// `link:{url-prefix}/docs/latest/reference/feature/someFeature-1.0.html[Some Feature 1.0]` format and +// NOT what security-vulnerabilities.adoc does (feature:someFeature-1.0[]) +// +// If there are no CVEs fixed in this release, replace the table with: +// "There are no security vulnerability fixes in Open Liberty [24.0.0.12]." +// // // // // // // // +過去のセキュリティ脆弱性修正の一覧については、link:{url-prefix}/docs/latest/security-vulnerabilities.html[セキュリティ脆弱性 (CVE) リスト] を参照してください。 + + +== Open Liberty 24.0.0.12を今すぐ入手 + +<>のリンクから入手できます。