Introducing Java Extensions

ZXTM 5.0 introduces Java™ Extensions, a powerful new way to build and deploy traffic management logic. Java™ Extensions let an application administrator create very sophisticated rules and deploy them in a single location, at the entry point to the application infrastructure.

How do Java™ Extensions work?

Java Extensions use a modified version of the standard Java Servlet API. The Java Servlet API is a standard method to write web applications and is a good basis for Zeus’ Java Extensions. Java Extensions run in a dedicated Java Virtual Machine (JVM), on the same server system as the core ZXTM traffic management software. The JVM isolates the Java Extensions from the ZXTM kernel, so that extensions can safely perform operations such as database access without blocking or unduly interfering with the ZXTM kernel:

The Java Extensions engine can run multiple extensions concurrently (subject to a global limit), and extensions can build up and store persistent data, spawn threads for background processing tasks and perform all manner of blocking operations, subject to configured connection timeouts. The engine supports remote debugging and hot code patching so that running extensions can be debugged and updated on-the-fly.

Here's an example of a simple 'HelloWorld' Java Extension; the APIs are so similar that the code is identical to the equivalent Java Servlet:

import java.io.IOException;
import java.io.PrintWriter;
 
import javax.servlet.ServletException;
import javax.servlet.http.*;
 
 
public class HelloWorld extends HttpServlet {
	private static final long serialVersionUID = 1L;
 
	public void doGet( HttpServletRequest req, HttpServletResponse res )
		throws ServletException, IOException
	{
		res.setContentType( "text/html" );
 
		PrintWriter out = res.getWriter();
		out.println( "<h1>Hello, world!</h1>");
	}
 
	public void doPost( HttpServletRequest req, HttpServletResponse res )
		throws ServletException, IOException
	{
		doGet( req, res );
	}
}

Java Extensions differ from Java Servlets because the HttpServletRequest and HttpServletResponse objects can be cast to ZXTMHttpServletRequest and ZXTMHttpServletResponse objects respectively. These objects provide a number of additional methods to access the additional ZXTM functionality.

Java Extensions can be used for non-HTTP traffic as well; in this case, the ZXTMServletRequest and ZXTMServletResponse objects are used.

For more documentation, refer to the Java Development Guide and the online help in the ZXTM Admin Interface.

How are they invoked?

Java Extensions are invoked from within a TrafficScript rule, using the java.run() function. The TrafficScript rule will pause until the Extension finishes running; if the extension sends a response directly to the client or performs another terminal action, the TrafficScript rule will be terminated:

java.run( "HelloWorld" );

The Extension can observe and modify all aspects of the current request, including any changes made by a TrafficScript rule before the extension was called. The TrafficScript rule can also pass additional parameters into the Extension:

# TrafficScript rule to invoke 'WaterMark' extension when processing an image
 
$ip = request.getRemoteIP();
$time = sys.timeToString( sys.time() );
 
$message = "IP: ".$ip.", ".$time;
 
$contenttype = http.getResponseHeader( "Content-Type" );
 
if( string.startsWith( $contenttype, "image/" ) ) {
   java.run( "WaterMark", $message );
}

What can you do with Java Extensions?

Java Extensions let you draw on the full power of Java, the functionality of the JRE and the huge variety of supporting Java class libraries. You can perform detailed content inspection and modification, communicate with external databases, applications and services, and implement very sophisticated application delivery logic.

Possible applications include:

• Content Watermarking - protect intellectual property by applying unique visible or hidden watermarks to outgoing documents or images;
• Authentication, Authorization and Access Control - checking user credentials against an LDAP, Radius, TACACS+, Active Directory or other database and applying access control;
• Proxying multiple applications behind a single-sign-on gateway, using Java Extensions to create the necessary the logic to broker, authenticate and translate requests between remote clients and the different back-end applications and services;
• Application Mash-ups, built from multiple different sources. Java Extensions can even communicate with raw sockets to interface with proprietary applications;
• XML Signature Verification and Generation - verify and strip signatures from incoming XML data, or replace signatures with locally generated ones to indicate that a document has passed initial checking at the gateway;
• Transaction logging and alerting, logging key events to a remote database or raising an alert, reconfiguring ZXTM via the Control API or performing other custom actions as appropriate;
• Complex Request Routing based on location data, URL hash values or real-time information retrieved from an external database or service.

Java™ Extensions - Read more...

Owen Garrett [Zeus Dev Team] 21 May 2008 2 comments