Hi Cyrille Thanks, this is very helpful and insightful...
See some comments inline with S.B Dear all, It's a very appealing feature, I would like to have it not only as html but also as rss and in a shell client scripts friendly format. > S.B sounds good, perhaps we can do Atom, similarly to the way the Atom Logging feature converts log events into feeds/entries ? Here are my humble insights about web services monitoring and management : * Exposing management and monitoring features on web pages can be a security breach (try to Google the management URI of your favorite open source Java EE server, it's frightening :-) ). * Nobody is perfect, I may expose a bunch of management jsp pages but I protect them Spring Security URI based authentication and authorization. S.B : agreed about the need to protect, perhaps, if we have some read-only statistics only then in the first version we can avoid it ? +1 to introducing some proper security checks though. It is something we'd need to address as well once we start letting users to register callback URIs for Atom push log events or subscribe to pull feeds. I'd also prefer not to introduce JSP but rely on something that is already shipped with JDK, namely XSLT stylesheets for generating more advanced pages, I'll be happy to contribute...Though if you reckon it would be easier/more realistic to use JSP then we can discuss it further... * Monitoring counters are often difficult to render on a simple web page because they most of the time are trends-up measures (1) and rendering them requires correlation to create "Per Minute" indicators (invocations per minute, etc). S.B - good to know * Web based monitoring would a nice and appealing feature but I feel most production scenarios will prefer JMX oriented monitoring tools for security, graphing and recording. I am personally very happy with the Hyperic HQ Open Source edition to monitor CXF and JBoss Jopr (also Open Source) seems to be as efficient. S.B - indeed, but it'd still be nice to have web-based only monitoring tool :-) In fact, as far as I know, there's even a Java-neutral JMX spec for exposing the management details over WS, I was even involved briefly in it without doing much work :-) - I'm not proposing to implement it though * a REST based API would even be more powerful than raw html ! It would be great for non JMX enabled monitoring tools (Nagios, etc) to have shell script friendly format (). We would expose basic html for web browsers, RSS for widgets and dashboards, raw text for non JMX enabled monitoring tools (Nagios, etc). S.B +1. In fact, I'm only proposing a plain HTML for a start, to have a project going :-), and then we can have some advanced pages with embedded scripts invoking on some CXF JAXRS endpoint which exposed the details of managed beans. This endpoint also can easily take care of producing various formats too. Having shell scripts seems like a good idea too :-) * Such a web based monitoring solution could be very generic and not only apply to CXF metrics ; the forthcoming Spring 3 @ManagedMetric annotation could help. * For security reasons, I would feel more comfortable with a dedicated base URI to ease URL based protection (with Spring Security, web.xml, etc). Using the @RolesAllowed standard annotation would be key to ease method level authorization. * By the way, would it make sense to look at the @RolesAllowed standard annotation to protect the existing web services list (ie call to "/services/") ? > S.B. I agree about the need to have a good security support, we can figure out later on the best approach :-) I hope I was not too long :-) > S.B - it was perfect :-) Lets continue the discussion. At some later stage we can create a master JIRA and start think how to tackle it Thanks, Sergey Cyrille -- Cyrille Le Clerc [email protected] (1) Hyperic HQ doc : "trendsup: Values will always increase. Because of that, the rate of change becomes more important, so HQ automatically creates a secondary metric: a per-minute rate measurement...". See http://support.hyperic.com/display/DOC/Metric+Parameters On Fri, Dec 11, 2009 at 2:33 PM, Sergey Beryozkin <[email protected]> wrote: > > Hi > > Now that both JAXWS and JAXRS operations can be monitored over JMX (hope Cyrille will confirm it later on), I reckon it would be cool to let users issue _manage queries against individual endpoints and get an HTML view, rather than having to launch a JConsole, ex : > > GET http://myjaxwsservice?_manage > GET http://myjaxrsservice?_manage > > A custom QueryHandler implementation, registered as part of the management feature, will convert the information from the JMX mbeans into an HTML page. For a start, it can just do some plain HTML in code. At the next stage, we can think about produceing nicer pages and adding some polling JavaScript code, etc. > > Any comments ? I think it would be a very nice feature which would make the CXF management feature very visible to users. If someone could take upon this task then it would be appreciated a lot. Perhaps I might also look into it later on. > > cheers, Sergey >
