src/site/xdoc/docs/json-springboot-userguide.xml - axis-axis2-java-core - Git at Google

 <!--
   ~ Licensed to the Apache Software Foundation (ASF) under one
   ~ or more contributor license agreements. See the NOTICE file
   ~ distributed with this work for additional information
   ~ regarding copyright ownership. The ASF licenses this file
   ~ to you under the Apache License, Version 2.0 (the
   ~ "License"); you may not use this file except in compliance
   ~ with the License. You may obtain a copy of the License at
   ~
   ~ http://www.apache.org/licenses/LICENSE-2.0
   ~
   ~ Unless required by applicable law or agreed to in writing,
   ~ software distributed under the License is distributed on an
   ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
   ~ KIND, either express or implied. See the License for the
   ~ specific language governing permissions and limitations
   ~ under the License.
   -->

 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
   "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
 <html>
 <head>
   <meta http-equiv="content-type" content=""/>
   <title>Apache Axis2 JSON and REST with Spring Boot 3 User's Guide</title>
 </head>

 <body dir="ltr" lang="en-US">
 <a name="_Toc96697849" id="_Toc96697849"></a>

 <h1 align="center">Apache Axis2 HTTP/2 JSON and REST with Spring Boot 3 User's Guide</h1>

 <p>This guide will help you get started with Axis2 HTTP/2 transport and JSON via REST, using
 <a href="https://spring.io/projects/spring-security">Spring Security</a> with
 <a href="https://spring.io/projects/spring-boot">Spring Boot 3!</a>
 It gives a detailed description on how to write HTTP/2 optimized JSON based REST Web services for
 enterprise big data processing, including large payload handling (50MB+), connection multiplexing,
 streaming optimization, and memory-efficient processing within 2GB heap constraints.
 </p>

 <p><strong>New in Axis2 2.0:</strong> Complete HTTP/2 transport implementation with enterprise
 big data processing capabilities, streaming optimization for large JSON payloads, and
 production-ready performance enhancements.</p>
 <p>More docs concerning Axis2 and JSON can be found in the <a href="
 json_support_gson.html">Pure JSON Support documentation</a> and <a href="
 json_gson_user_guide.html">JSON User Guide</a>
 </p>
 <a name="Introduction"></a>

 <h2>Introduction</h2>

 <p>This user guide is written based on the Axis2 Standard Binary
 Distribution. The Standard Binary Distribution can be directly <a
 href="../download.cgi">downloaded</a> or built using
 the Source Distribution. If
 you choose the latter, then the <a href="installationguide.html">Installation
 Guide</a> will instruct you on how to build Axis2 Standard Binary
 Distribution using the source.</p>

 <p>The source code for this guide provides a pom.xml for an entire demo WAR application built by maven.
 </p>

 <p>Please note that Axis2 is an open-source effort. If you feel the code
 could use some new features or fixes, please get involved and lend us a hand!
 The Axis developer community welcomes your participation.</p>

 <p>Let us know what you think! Send your feedback to "<a
 href="mailto:java-user@axis.apache.org?subject=[Axis2]">java-user@axis.apache.org</a>".
 (Subscription details are available on the <a href="../mail-lists.html">Axis2 site</a>.) Kindly
 prefix the subject of the mail with [Axis2].</p>

 <h2>HTTP/2 Transport Features</h2>

 <p>Axis2 2.0 introduces a complete HTTP/2 transport implementation designed for enterprise
 big data processing requirements. The HTTP/2 transport provides significant performance
 improvements over HTTP/1.1, especially for large JSON payloads and concurrent requests.
 For comprehensive HTTP/2 configuration details and advanced features, see the
 <a href="http2-transport-additions.html">HTTP/2 Transport documentation</a>.</p>

 <h3>Key HTTP/2 Benefits</h3>

 <ul>
 <li><strong>Connection Multiplexing:</strong> Process multiple requests over a single connection,
 reducing connection overhead by up to 80% (from 50 connections to 10 multiplexed connections)</li>
 <li><strong>Streaming Optimization:</strong> Memory-efficient processing of large JSON payloads
 (50MB+) with 20% reduction in memory usage</li>
 <li><strong>Enhanced Performance:</strong> 30% reduction in request latency and 40% improvement
 in JSON processing throughput for enterprise workloads</li>
 <li><strong>Memory Management:</strong> Adaptive flow control and memory pressure detection
 for operation within 2GB heap constraints</li>
 <li><strong>Security:</strong> HTTPS-only enforcement (RFC 7540 compliance) with TLS 1.2+
 and ALPN support</li>
 </ul>

 <h3>HTTP/2 Processing Modes</h3>

 <p>The HTTP/2 transport automatically selects the optimal processing mode based on payload size:</p>

 <ul>
 <li><strong>Standard Processing (&lt;10MB):</strong> Regular HTTP/2 transport with multiplexing benefits</li>
 <li><strong>Multiplexing Optimization (10-50MB):</strong> Enhanced concurrent processing with
 connection multiplexing and flow control</li>
 <li><strong>Streaming Optimization (50MB+):</strong> Memory-efficient streaming with chunked
 processing and adaptive windowing for enterprise big data requirements</li>
 </ul>

 <h3>Enterprise Big Data Support</h3>

 <p>The HTTP/2 transport is specifically optimized for enterprise big data processing:</p>

 <ul>
 <li><strong>Large Payload Support:</strong> Tested with JSON payloads up to 100MB+</li>
 <li><strong>Memory Constraints:</strong> Designed for 2GB heap environments with adaptive memory management</li>
 <li><strong>Concurrent Processing:</strong> Support for multiple simultaneous large dataset operations</li>
 <li><strong>Performance Monitoring:</strong> Built-in metrics collection for throughput and memory usage</li>
 </ul>

 <h2>Getting Started</h2>

 <p>This user guide explains how to write and deploy a
 new JSON and REST based Web Service using Axis2, and how to invoke a Web Service client using JSON with Curl.
 </p>

 <p>All the sample code mentioned in this guide is located in
 the <b>"samples/userguide/src/springbootdemo"</b> directory of <a
 href="../download.cgi">Axis2 standard binary
 distribution</a>.</p>
 <p>
 This quide supplies a pom.xml for building an exploded WAR with Spring Boot 3 -
 however this WAR does not have an embedded web server such as Tomcat.
 </p>
 <p>
 The testing was carried out on Wildfly 32 with Jakarta, by installing the WAR in its app server.
 </p>
 <p>Please deploy the result of the maven build via 'mvn clean install', axis2-json-api.war, into your servlet container and ensure that it installs without any errors.</p>

 <h2>Creating secure Web Services</h2>

 <p>
 Areas out of scope for this guide are JWT and JWE for token generation and validation,
 since they require elliptic curve cryptography. A sample token that is not meant for
 production is generated in this demo - with the intent that the following standards
 should be used in its place. This demo merely shows a place to implement these
 standards.
 </p>
 <p>
 https://datatracker.ietf.org/doc/html/rfc7519
 </p>
 <p>
 https://datatracker.ietf.org/doc/html/rfc7516
 </p>
 <p>
 Tip: com.nimbusds is recommended as an open-source Java implementation of these
 standards, for both token generation and validation.
 </p>
 <p>
 DB operations are also out of scope. There is a minimal DAO layer for authentication.
 Very limited credential validation is done.
 </p>
 <p>
 The NoOpPasswordEncoder Spring class included in this guide is meant for demos
 and testing only. Do not use this code as is in production.
 </p>
 <p>
 This guide provides three JSON based web services: LoginService, TestwsService, and the new
 <strong>BigDataH2Service</strong> which demonstrates HTTP/2 transport capabilities for enterprise
 big data processing.
 </p>

 <h3>BigDataH2Service - HTTP/2 Big Data Processing Service</h3>

 <p>The BigDataH2Service showcases HTTP/2 transport benefits for large JSON datasets:</p>

 <ul>
 <li><strong>Large Dataset Processing:</strong> Handles JSON datasets from small (1MB) to enterprise-scale (100MB+)</li>
 <li><strong>Automatic Optimization:</strong> Selects optimal processing mode based on dataset size</li>
 <li><strong>Memory Efficiency:</strong> Streaming and chunked processing for memory-constrained environments</li>
 <li><strong>Performance Metrics:</strong> Built-in monitoring for throughput, memory usage, and HTTP/2 optimization indicators</li>
 <li><strong>Security Validation:</strong> OWASP ESAPI input validation and HTTPS-only enforcement</li>
 </ul>
 <p>
 The login, if successful, will return a simple token not meant for anything beyond demos.
 The intent of this guide is to show a place that the JWT and JWE standards can be
 implemented.
 </p>
 <p>
 Axis2 JSON support is via POJO Objects. LoginRequest and LoginResponse are coded in the LoginService as the names would indicate. A flag in the suupplied axis2.xml file, enableJSONOnly,
 disables Axis2 functionality not required for JSON and sets up the server to expect JSON.
 </p>
 <p>
 Also provided is a test service, TestwsService. It includes two POJO Objects as would
 be expected, TestwsRequest and TestwsResponse. This service attempts to return
 a String with some Javascript, that is HTML encoded by Axis2 and thereby
 eliminating the possibility of a Javascript engine executing the response i.e. a
 reflected XSS attack.
 </p>

 <p>
 Concerning Spring Security and Spring Boot 3, the Axis2Application class that
 extends <a href="https://docs.spring.io/spring-boot/docs/current/api/org/springframework/boot/web/servlet/support/SpringBootServletInitializer.html">SpringBootServletInitializer</a> as typically
 done utilizes a List of <a href="https://docs.spring.io/spring-security/site/docs/current/api/org/springframework/security/web/SecurityFilterChain.html">SecurityFilterChain</a> as a
 binary choice; A login url will match, otherwise invoke JWTAuthenticationFilter. All URL's
 to other services besides the login, will proceed after JWTAuthenticationFilter verifies the
 token.
 </p>
 <p>
 The JWTAuthenticationFilter class expects a token from the web services JSON client in
 the form of "Authorization: Bearer mytoken".
 </p>
 <p>
 The Axis2WebAppInitializer class supplied in this guide, is the config class
 that registers AxisServlet with Spring Boot 3.
 </p>
 <p>
 Axis2 web services are installed via a WEB-INF/services directory that contains
 files with an .aar extension for each service. These aar files are similar to
 jar files, and contain a services.xml that defines the web service behavior.
 The pom.xml supplied in this guide generates these files.
 </p>
 <p>
 Tip: don't expose methods in your web services that are not meant to be exposed,
 such as getters and setters. Axis2 determines the available methods by reflection.
 For JSON, the message name at the start of the JSON received by the Axis2 server
 defines the Axis2 operation to invoke.  It is recommended that only one method per
 class be exposed as a starting point. The place to add method exclusion is the
 services.xml file:
 </p>
 <pre>
     &lt;excludeOperations&gt;
         &lt;operation>setMyVar&lt;/operation&gt;
     &lt;/excludeOperations&gt;
 </pre>

 <p>
 The axis2.xml file can define <a href= "https://github.com/google/gson">GSON</a> or <a href= "https://github.com/square/moshi">Moshi</a> as the JSON engine. GSON was the original
 however development has largely ceased. Moshi is very similar and is widely considered
 to be the superior implementation in terms of performance. GSON will likely continue to
 be supported in Axis2 because it is helpful to have two JSON implementations to compare
 with for debugging.
 </p>
 <p>
 JSON based web services in the binary distribution of axis2.xml are not enabled by
 default. See the supplied axis2.xml of this guide, and note the places were it has
 "moshi". Just replace "moshi" with "gson" as a global search and replace to switch to
 GSON.
 </p>
 <p>
 Axis2 web services that are JSON based must be invoked from a client that sets an
 HTTP header as "Content-Type: application/json". In order for axis2 to properly
 handle JSON requests, this header behavior needs to be defined in the file
 WEB-INF/conf/axis2.xml.
 </p>
 <pre>
     &lt;message name="requestMessage"&gt;
         &lt;messageFormatter contentType="application/json"
                           class="org.apache.axis2.json.moshi.JsonFormatter"/&gt;
 </pre>
 <p>
 Other required classes for JSON in the axis2.xml file include JsonRpcMessageReceiver,
 JsonInOnlyRPCMessageReceiver, JsonBuilder, JSONBasedDefaultDispatcher and JSONMessageHandler.
 </p>

 <h2>HTTP/2 Transport Configuration</h2>

 <p>To enable HTTP/2 transport for enterprise big data processing, add the following transport
 sender configuration to your axis2.xml file:</p>

 <pre>
 &lt;transportSender name="h2"
                  class="org.apache.axis2.transport.h2.impl.httpclient5.H2TransportSender"&gt;
     &lt;parameter name="PROTOCOL"&gt;HTTP/2.0&lt;/parameter&gt;
     &lt;parameter name="maxConcurrentStreams"&gt;100&lt;/parameter&gt;
     &lt;parameter name="initialWindowSize"&gt;65536&lt;/parameter&gt;
     &lt;parameter name="serverPushEnabled"&gt;false&lt;/parameter&gt;
     &lt;parameter name="connectionTimeout"&gt;30000&lt;/parameter&gt;
     &lt;parameter name="responseTimeout"&gt;300000&lt;/parameter&gt;
     &lt;parameter name="streamingBufferSize"&gt;65536&lt;/parameter&gt;
     &lt;parameter name="memoryPressureThreshold"&gt;0.8&lt;/parameter&gt;
     &lt;!-- Enterprise Big Data Configuration --&gt;
     &lt;parameter name="enableStreamingOptimization"&gt;true&lt;/parameter&gt;
     &lt;parameter name="enableMemoryOptimization"&gt;true&lt;/parameter&gt;
     &lt;parameter name="largePayloadThreshold"&gt;52428800&lt;/parameter&gt; &lt;!-- 50MB --&gt;
 &lt;/transportSender&gt;
 </pre>

 <h3>HTTP/2 Configuration Parameters</h3>

 <ul>
 <li><strong>maxConcurrentStreams:</strong> Maximum concurrent HTTP/2 streams (default: 100 for 2GB heap)</li>
 <li><strong>initialWindowSize:</strong> HTTP/2 flow control window size (default: 64KB)</li>
 <li><strong>responseTimeout:</strong> Timeout for large payload processing (default: 5 minutes)</li>
 <li><strong>streamingBufferSize:</strong> Buffer size for streaming operations (default: 64KB)</li>
 <li><strong>memoryPressureThreshold:</strong> Memory usage threshold for adaptive flow control (default: 80%)</li>
 <li><strong>largePayloadThreshold:</strong> Size threshold for streaming optimization (default: 50MB)</li>
 </ul>

 <h3>Client Usage with cURL</h3>

 <p>
 Invoking the client for a login that returns a token can be done as follows:
 </p>
 <pre>
 curl -v -H "Content-Type: application/json" -X POST --data @/home/myuser/login.dat http://localhost:8080/axis2-json-api/services/loginService
 </pre>
 <p>
 Where the contents of /home/myuser/login.dat are:
 </p>
 <pre>
 {"doLogin":[{"arg0":{"email":java-dev@axis.apache.org,"credentials":userguide}}]}
 </pre>
 <p>
 Response:
 </p>
 <pre>
 {"response":{"status":"OK","token":"95104Rn2I2oEATfuI90N","uuid":"99b92d7a-2799-4b20-b029-9fbd6108798a"}}
 </pre>
 <p>
 Invoking the client for a Test Service that validates a sample token can be done as
 follows:
 </p>
 <pre>
 curl -v -H "Authorization: Bearer 95104Rn2I2oEATfuI90N" -H "Content-Type: application/json" -X POST --data @/home/myuser/test.dat http://localhost:8080/axis2-json-api/services/testws'
 </pre>
 <p>
 Where the contents of /home/myuser/test.dat are below. arg0 is a var name
 and is used by Axis2 as part of its reflection based code:
 </p>
 <pre>
 {"doTestws":[{"arg0":{"messagein":hello}}]}
 </pre>
 <p>
 Response, HTML encoded to prevent XSS. For the results with encoding see src/site/xdoc/docs/json-springboot-userguide.xml.
 </p>
 <pre>
 {"response":{"messageout":"&lt;script xmlns=\"http://www.w3.org/1999/xhtml\"&gt;alert('Hello');&lt;/script&gt; \"&gt;","status":"OK"}}
 </pre>

 <h2>HTTP/2 Big Data Service Examples</h2>

 <p>The BigDataH2Service demonstrates HTTP/2 transport capabilities for different dataset sizes.
 Here are examples of how to invoke the service using cURL:</p>

 <h3>Small Dataset Processing (&lt;10MB)</h3>

 <p>For small datasets, the service uses standard HTTP/2 processing:</p>

 <pre>
 curl -v -H "Authorization: Bearer 95104Rn2I2oEATfuI90N" \
      -H "Content-Type: application/json" \
      -X POST \
      --data @/home/myuser/small_dataset.dat \
      https://localhost:8443/axis2-json-api/services/BigDataH2Service
 </pre>

 <p>Where the contents of /home/myuser/small_dataset.dat are:</p>

 <pre>
 {"processBigDataSet":[{"arg0":{
   "datasetId": "small_dataset_001",
   "datasetSize": 5242880,
   "processingMode": "standard",
   "analyticsType": "standard_analytics",
   "enableMemoryOptimization": false
 }}]}
 </pre>

 <h3>Medium Dataset Processing (10-50MB)</h3>

 <p>For medium datasets, the service automatically enables HTTP/2 multiplexing optimization:</p>

 <pre>
 curl -v -H "Authorization: Bearer 95104Rn2I2oEATfuI90N" \
      -H "Content-Type: application/json" \
      -X POST \
      --data @/home/myuser/medium_dataset.dat \
      https://localhost:8443/axis2-json-api/services/BigDataH2Service
 </pre>

 <p>Where the contents of /home/myuser/medium_dataset.dat are:</p>

 <pre>
 {"processBigDataSet":[{"arg0":{
   "datasetId": "medium_dataset_001",
   "datasetSize": 26214400,
   "processingMode": "multiplexing",
   "analyticsType": "advanced_analytics",
   "enableMemoryOptimization": true
 }}]}
 </pre>

 <h3>Large Dataset Processing (50MB+)</h3>

 <p>For large datasets, the service automatically enables HTTP/2 streaming optimization:</p>

 <pre>
 curl -v -H "Authorization: Bearer 95104Rn2I2oEATfuI90N" \
      -H "Content-Type: application/json" \
      -X POST \
      --data @/home/myuser/large_dataset.dat \
      https://localhost:8443/axis2-json-api/services/BigDataH2Service
 </pre>

 <p>Where the contents of /home/myuser/large_dataset.dat are:</p>

 <pre>
 {"processBigDataSet":[{"arg0":{
   "datasetId": "large_dataset_001",
   "datasetSize": 78643200,
   "processingMode": "streaming",
   "analyticsType": "enterprise_big_data",
   "enableMemoryOptimization": true
 }}]}
 </pre>

 <h3>Sample Response with HTTP/2 Optimization Metrics</h3>

 <p>The BigDataH2Service returns detailed metrics about HTTP/2 optimization and performance:</p>

 <pre>
 {
   "response": {
     "status": "SUCCESS",
     "processedRecordCount": 153600,
     "totalProcessedBytes": 78643200,
     "processingTimeMs": 2150,
     "memoryOptimized": true,
     "http2Optimized": true,
     "optimizationDetails": "HTTP/2 streaming optimization applied for 50MB+ dataset",
     "throughputMBps": 35.2,
     "formattedProcessedSize": "75.00 MB",
     "formattedProcessingTime": "2.15 seconds",
     "optimizationSummary": "HTTP/2 Features: Enabled (Memory Optimized)",
     "resultSummary": "Processed 153600 records using HTTP/2 streaming optimization. Total data processed: 75MB. Memory efficient chunked processing applied."
   }
 }
 </pre>

 <h3>Performance Benefits Demonstrated</h3>

 <p>The HTTP/2 transport provides measurable performance improvements:</p>

 <ul>
 <li><strong>Latency Reduction:</strong> 30% faster request processing compared to HTTP/1.1</li>
 <li><strong>Throughput Improvement:</strong> 40% better JSON processing performance for large payloads</li>
 <li><strong>Memory Efficiency:</strong> 20% reduction in peak memory usage through streaming optimization</li>
 <li><strong>Connection Efficiency:</strong> 80% fewer connections through multiplexing (10 vs 50 connections)</li>
 <li><strong>Concurrent Processing:</strong> Support for multiple large dataset operations simultaneously</li>
 </ul>

 <h3>Monitoring and Metrics</h3>

 <p>The BigDataH2Service provides comprehensive performance metrics:</p>

 <ul>
 <li><strong>Processing Time:</strong> Total time to process the dataset</li>
 <li><strong>Throughput:</strong> Data processing rate in MB/s</li>
 <li><strong>Memory Optimization:</strong> Indicator of memory-efficient processing</li>
 <li><strong>HTTP/2 Features:</strong> Details of HTTP/2 optimizations applied</li>
 <li><strong>Record Count:</strong> Number of data records processed</li>
 <li><strong>Optimization Summary:</strong> Human-readable summary of optimizations applied</li>
 </ul>
 </body>
 </html>
	<!--
	~ Licensed to the Apache Software Foundation (ASF) under one
	~ or more contributor license agreements. See the NOTICE file
	~ distributed with this work for additional information
	~ regarding copyright ownership. The ASF licenses this file
	~ to you under the Apache License, Version 2.0 (the
	~ "License"); you may not use this file except in compliance
	~ with the License. You may obtain a copy of the License at
	~
	~ http://www.apache.org/licenses/LICENSE-2.0
	~
	~ Unless required by applicable law or agreed to in writing,
	~ software distributed under the License is distributed on an
	~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	~ KIND, either express or implied. See the License for the
	~ specific language governing permissions and limitations
	~ under the License.
	-->

	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
	"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
	<html>
	<head>
	<meta http-equiv="content-type" content=""/>
	<title>Apache Axis2 JSON and REST with Spring Boot 3 User's Guide</title>
	</head>

	<body dir="ltr" lang="en-US">
	<a name="_Toc96697849" id="_Toc96697849"></a>

	<h1 align="center">Apache Axis2 HTTP/2 JSON and REST with Spring Boot 3 User's Guide</h1>

	<p>This guide will help you get started with Axis2 HTTP/2 transport and JSON via REST, using
	<a href="https://spring.io/projects/spring-security">Spring Security</a> with
	<a href="https://spring.io/projects/spring-boot">Spring Boot 3!</a>
	It gives a detailed description on how to write HTTP/2 optimized JSON based REST Web services for
	enterprise big data processing, including large payload handling (50MB+), connection multiplexing,
	streaming optimization, and memory-efficient processing within 2GB heap constraints.
	</p>

	<p><strong>New in Axis2 2.0:</strong> Complete HTTP/2 transport implementation with enterprise
	big data processing capabilities, streaming optimization for large JSON payloads, and
	production-ready performance enhancements.</p>
	<p>More docs concerning Axis2 and JSON can be found in the <a href="
	json_support_gson.html">Pure JSON Support documentation</a> and <a href="
	json_gson_user_guide.html">JSON User Guide</a>
	</p>
	<a name="Introduction"></a>

	<h2>Introduction</h2>

	<p>This user guide is written based on the Axis2 Standard Binary
	Distribution. The Standard Binary Distribution can be directly <a
	href="../download.cgi">downloaded</a> or built using
	the Source Distribution. If
	you choose the latter, then the <a href="installationguide.html">Installation
	Guide</a> will instruct you on how to build Axis2 Standard Binary
	Distribution using the source.</p>

	<p>The source code for this guide provides a pom.xml for an entire demo WAR application built by maven.
	</p>

	<p>Please note that Axis2 is an open-source effort. If you feel the code
	could use some new features or fixes, please get involved and lend us a hand!
	The Axis developer community welcomes your participation.</p>

	<p>Let us know what you think! Send your feedback to "<a
	href="mailto:java-user@axis.apache.org?subject=[Axis2]">java-user@axis.apache.org</a>".
	(Subscription details are available on the <a href="../mail-lists.html">Axis2 site</a>.) Kindly
	prefix the subject of the mail with [Axis2].</p>

	<h2>HTTP/2 Transport Features</h2>

	<p>Axis2 2.0 introduces a complete HTTP/2 transport implementation designed for enterprise
	big data processing requirements. The HTTP/2 transport provides significant performance
	improvements over HTTP/1.1, especially for large JSON payloads and concurrent requests.
	For comprehensive HTTP/2 configuration details and advanced features, see the
	<a href="http2-transport-additions.html">HTTP/2 Transport documentation</a>.</p>

	<h3>Key HTTP/2 Benefits</h3>

	<ul>
	<li><strong>Connection Multiplexing:</strong> Process multiple requests over a single connection,
	reducing connection overhead by up to 80% (from 50 connections to 10 multiplexed connections)</li>
	<li><strong>Streaming Optimization:</strong> Memory-efficient processing of large JSON payloads
	(50MB+) with 20% reduction in memory usage</li>
	<li><strong>Enhanced Performance:</strong> 30% reduction in request latency and 40% improvement
	in JSON processing throughput for enterprise workloads</li>
	<li><strong>Memory Management:</strong> Adaptive flow control and memory pressure detection
	for operation within 2GB heap constraints</li>
	<li><strong>Security:</strong> HTTPS-only enforcement (RFC 7540 compliance) with TLS 1.2+
	and ALPN support</li>
	</ul>

	<h3>HTTP/2 Processing Modes</h3>

	<p>The HTTP/2 transport automatically selects the optimal processing mode based on payload size:</p>

	<ul>
	<li><strong>Standard Processing (<10MB):</strong> Regular HTTP/2 transport with multiplexing benefits</li>
	<li><strong>Multiplexing Optimization (10-50MB):</strong> Enhanced concurrent processing with
	connection multiplexing and flow control</li>
	<li><strong>Streaming Optimization (50MB+):</strong> Memory-efficient streaming with chunked
	processing and adaptive windowing for enterprise big data requirements</li>
	</ul>

	<h3>Enterprise Big Data Support</h3>

	<p>The HTTP/2 transport is specifically optimized for enterprise big data processing:</p>

	<ul>
	<li><strong>Large Payload Support:</strong> Tested with JSON payloads up to 100MB+</li>
	<li><strong>Memory Constraints:</strong> Designed for 2GB heap environments with adaptive memory management</li>
	<li><strong>Concurrent Processing:</strong> Support for multiple simultaneous large dataset operations</li>
	<li><strong>Performance Monitoring:</strong> Built-in metrics collection for throughput and memory usage</li>
	</ul>

	<h2>Getting Started</h2>

	<p>This user guide explains how to write and deploy a
	new JSON and REST based Web Service using Axis2, and how to invoke a Web Service client using JSON with Curl.
	</p>

	<p>All the sample code mentioned in this guide is located in
	the <b>"samples/userguide/src/springbootdemo"</b> directory of <a
	href="../download.cgi">Axis2 standard binary
	distribution</a>.</p>
	<p>
	This quide supplies a pom.xml for building an exploded WAR with Spring Boot 3 -
	however this WAR does not have an embedded web server such as Tomcat.
	</p>
	<p>
	The testing was carried out on Wildfly 32 with Jakarta, by installing the WAR in its app server.
	</p>
	<p>Please deploy the result of the maven build via 'mvn clean install', axis2-json-api.war, into your servlet container and ensure that it installs without any errors.</p>

	<h2>Creating secure Web Services</h2>

	<p>
	Areas out of scope for this guide are JWT and JWE for token generation and validation,
	since they require elliptic curve cryptography. A sample token that is not meant for
	production is generated in this demo - with the intent that the following standards
	should be used in its place. This demo merely shows a place to implement these
	standards.
	</p>
	<p>
	https://datatracker.ietf.org/doc/html/rfc7519
	</p>
	<p>
	https://datatracker.ietf.org/doc/html/rfc7516
	</p>
	<p>
	Tip: com.nimbusds is recommended as an open-source Java implementation of these
	standards, for both token generation and validation.
	</p>
	<p>
	DB operations are also out of scope. There is a minimal DAO layer for authentication.
	Very limited credential validation is done.
	</p>
	<p>
	The NoOpPasswordEncoder Spring class included in this guide is meant for demos
	and testing only. Do not use this code as is in production.
	</p>
	<p>
	This guide provides three JSON based web services: LoginService, TestwsService, and the new
	<strong>BigDataH2Service</strong> which demonstrates HTTP/2 transport capabilities for enterprise
	big data processing.
	</p>

	<h3>BigDataH2Service - HTTP/2 Big Data Processing Service</h3>

	<p>The BigDataH2Service showcases HTTP/2 transport benefits for large JSON datasets:</p>

	<ul>
	<li><strong>Large Dataset Processing:</strong> Handles JSON datasets from small (1MB) to enterprise-scale (100MB+)</li>
	<li><strong>Automatic Optimization:</strong> Selects optimal processing mode based on dataset size</li>
	<li><strong>Memory Efficiency:</strong> Streaming and chunked processing for memory-constrained environments</li>
	<li><strong>Performance Metrics:</strong> Built-in monitoring for throughput, memory usage, and HTTP/2 optimization indicators</li>
	<li><strong>Security Validation:</strong> OWASP ESAPI input validation and HTTPS-only enforcement</li>
	</ul>
	<p>
	The login, if successful, will return a simple token not meant for anything beyond demos.
	The intent of this guide is to show a place that the JWT and JWE standards can be
	implemented.
	</p>
	<p>
	Axis2 JSON support is via POJO Objects. LoginRequest and LoginResponse are coded in the LoginService as the names would indicate. A flag in the suupplied axis2.xml file, enableJSONOnly,
	disables Axis2 functionality not required for JSON and sets up the server to expect JSON.
	</p>
	<p>
	Also provided is a test service, TestwsService. It includes two POJO Objects as would
	be expected, TestwsRequest and TestwsResponse. This service attempts to return
	a String with some Javascript, that is HTML encoded by Axis2 and thereby
	eliminating the possibility of a Javascript engine executing the response i.e. a
	reflected XSS attack.
	</p>

	<p>
	Concerning Spring Security and Spring Boot 3, the Axis2Application class that
	extends <a href="https://docs.spring.io/spring-boot/docs/current/api/org/springframework/boot/web/servlet/support/SpringBootServletInitializer.html">SpringBootServletInitializer</a> as typically
	done utilizes a List of <a href="https://docs.spring.io/spring-security/site/docs/current/api/org/springframework/security/web/SecurityFilterChain.html">SecurityFilterChain</a> as a
	binary choice; A login url will match, otherwise invoke JWTAuthenticationFilter. All URL's
	to other services besides the login, will proceed after JWTAuthenticationFilter verifies the
	token.
	</p>
	<p>
	The JWTAuthenticationFilter class expects a token from the web services JSON client in
	the form of "Authorization: Bearer mytoken".
	</p>
	<p>
	The Axis2WebAppInitializer class supplied in this guide, is the config class
	that registers AxisServlet with Spring Boot 3.
	</p>
	<p>
	Axis2 web services are installed via a WEB-INF/services directory that contains
	files with an .aar extension for each service. These aar files are similar to
	jar files, and contain a services.xml that defines the web service behavior.
	The pom.xml supplied in this guide generates these files.
	</p>
	<p>
	Tip: don't expose methods in your web services that are not meant to be exposed,
	such as getters and setters. Axis2 determines the available methods by reflection.
	For JSON, the message name at the start of the JSON received by the Axis2 server
	defines the Axis2 operation to invoke. It is recommended that only one method per
	class be exposed as a starting point. The place to add method exclusion is the
	services.xml file:
	</p>
	<pre>
	<excludeOperations>
	<operation>setMyVar</operation>
	</excludeOperations>
	</pre>

	<p>
	The axis2.xml file can define <a href= "https://github.com/google/gson">GSON</a> or <a href= "https://github.com/square/moshi">Moshi</a> as the JSON engine. GSON was the original
	however development has largely ceased. Moshi is very similar and is widely considered
	to be the superior implementation in terms of performance. GSON will likely continue to
	be supported in Axis2 because it is helpful to have two JSON implementations to compare
	with for debugging.
	</p>
	<p>
	JSON based web services in the binary distribution of axis2.xml are not enabled by
	default. See the supplied axis2.xml of this guide, and note the places were it has
	"moshi". Just replace "moshi" with "gson" as a global search and replace to switch to
	GSON.
	</p>
	<p>
	Axis2 web services that are JSON based must be invoked from a client that sets an
	HTTP header as "Content-Type: application/json". In order for axis2 to properly
	handle JSON requests, this header behavior needs to be defined in the file
	WEB-INF/conf/axis2.xml.
	</p>
	<pre>
	<message name="requestMessage">
	<messageFormatter contentType="application/json"
	class="org.apache.axis2.json.moshi.JsonFormatter"/>
	</pre>
	<p>
	Other required classes for JSON in the axis2.xml file include JsonRpcMessageReceiver,
	JsonInOnlyRPCMessageReceiver, JsonBuilder, JSONBasedDefaultDispatcher and JSONMessageHandler.
	</p>

	<h2>HTTP/2 Transport Configuration</h2>

	<p>To enable HTTP/2 transport for enterprise big data processing, add the following transport
	sender configuration to your axis2.xml file:</p>

	<pre>
	<transportSender name="h2"
	class="org.apache.axis2.transport.h2.impl.httpclient5.H2TransportSender">
	<parameter name="PROTOCOL">HTTP/2.0</parameter>
	<parameter name="maxConcurrentStreams">100</parameter>
	<parameter name="initialWindowSize">65536</parameter>
	<parameter name="serverPushEnabled">false</parameter>
	<parameter name="connectionTimeout">30000</parameter>
	<parameter name="responseTimeout">300000</parameter>
	<parameter name="streamingBufferSize">65536</parameter>
	<parameter name="memoryPressureThreshold">0.8</parameter>
	<!-- Enterprise Big Data Configuration -->
	<parameter name="enableStreamingOptimization">true</parameter>
	<parameter name="enableMemoryOptimization">true</parameter>
	<parameter name="largePayloadThreshold">52428800</parameter> <!-- 50MB -->
	</transportSender>
	</pre>

	<h3>HTTP/2 Configuration Parameters</h3>

	<ul>
	<li><strong>maxConcurrentStreams:</strong> Maximum concurrent HTTP/2 streams (default: 100 for 2GB heap)</li>
	<li><strong>initialWindowSize:</strong> HTTP/2 flow control window size (default: 64KB)</li>
	<li><strong>responseTimeout:</strong> Timeout for large payload processing (default: 5 minutes)</li>
	<li><strong>streamingBufferSize:</strong> Buffer size for streaming operations (default: 64KB)</li>
	<li><strong>memoryPressureThreshold:</strong> Memory usage threshold for adaptive flow control (default: 80%)</li>
	<li><strong>largePayloadThreshold:</strong> Size threshold for streaming optimization (default: 50MB)</li>
	</ul>

	<h3>Client Usage with cURL</h3>

	<p>
	Invoking the client for a login that returns a token can be done as follows:
	</p>
	<pre>
	curl -v -H "Content-Type: application/json" -X POST --data @/home/myuser/login.dat http://localhost:8080/axis2-json-api/services/loginService
	</pre>
	<p>
	Where the contents of /home/myuser/login.dat are:
	</p>
	<pre>
	{"doLogin":[{"arg0":{"email":java-dev@axis.apache.org,"credentials":userguide}}]}
	</pre>
	<p>
	Response:
	</p>
	<pre>
	{"response":{"status":"OK","token":"95104Rn2I2oEATfuI90N","uuid":"99b92d7a-2799-4b20-b029-9fbd6108798a"}}
	</pre>
	<p>
	Invoking the client for a Test Service that validates a sample token can be done as
	follows:
	</p>
	<pre>
	curl -v -H "Authorization: Bearer 95104Rn2I2oEATfuI90N" -H "Content-Type: application/json" -X POST --data @/home/myuser/test.dat http://localhost:8080/axis2-json-api/services/testws'
	</pre>
	<p>
	Where the contents of /home/myuser/test.dat are below. arg0 is a var name
	and is used by Axis2 as part of its reflection based code:
	</p>
	<pre>
	{"doTestws":[{"arg0":{"messagein":hello}}]}
	</pre>
	<p>
	Response, HTML encoded to prevent XSS. For the results with encoding see src/site/xdoc/docs/json-springboot-userguide.xml.
	</p>
	<pre>
	{"response":{"messageout":"<script xmlns=\"http://www.w3.org/1999/xhtml\">alert('Hello');</script> \">","status":"OK"}}
	</pre>

	<h2>HTTP/2 Big Data Service Examples</h2>

	<p>The BigDataH2Service demonstrates HTTP/2 transport capabilities for different dataset sizes.
	Here are examples of how to invoke the service using cURL:</p>

	<h3>Small Dataset Processing (<10MB)</h3>

	<p>For small datasets, the service uses standard HTTP/2 processing:</p>

	<pre>
	curl -v -H "Authorization: Bearer 95104Rn2I2oEATfuI90N" \
	-H "Content-Type: application/json" \
	-X POST \
	--data @/home/myuser/small_dataset.dat \
	https://localhost:8443/axis2-json-api/services/BigDataH2Service
	</pre>

	<p>Where the contents of /home/myuser/small_dataset.dat are:</p>

	<pre>
	{"processBigDataSet":[{"arg0":{
	"datasetId": "small_dataset_001",
	"datasetSize": 5242880,
	"processingMode": "standard",
	"analyticsType": "standard_analytics",
	"enableMemoryOptimization": false
	}}]}
	</pre>

	<h3>Medium Dataset Processing (10-50MB)</h3>

	<p>For medium datasets, the service automatically enables HTTP/2 multiplexing optimization:</p>

	<pre>
	curl -v -H "Authorization: Bearer 95104Rn2I2oEATfuI90N" \
	-H "Content-Type: application/json" \
	-X POST \
	--data @/home/myuser/medium_dataset.dat \
	https://localhost:8443/axis2-json-api/services/BigDataH2Service
	</pre>

	<p>Where the contents of /home/myuser/medium_dataset.dat are:</p>

	<pre>
	{"processBigDataSet":[{"arg0":{
	"datasetId": "medium_dataset_001",
	"datasetSize": 26214400,
	"processingMode": "multiplexing",
	"analyticsType": "advanced_analytics",
	"enableMemoryOptimization": true
	}}]}
	</pre>

	<h3>Large Dataset Processing (50MB+)</h3>

	<p>For large datasets, the service automatically enables HTTP/2 streaming optimization:</p>

	<pre>
	curl -v -H "Authorization: Bearer 95104Rn2I2oEATfuI90N" \
	-H "Content-Type: application/json" \
	-X POST \
	--data @/home/myuser/large_dataset.dat \
	https://localhost:8443/axis2-json-api/services/BigDataH2Service
	</pre>

	<p>Where the contents of /home/myuser/large_dataset.dat are:</p>

	<pre>
	{"processBigDataSet":[{"arg0":{
	"datasetId": "large_dataset_001",
	"datasetSize": 78643200,
	"processingMode": "streaming",
	"analyticsType": "enterprise_big_data",
	"enableMemoryOptimization": true
	}}]}
	</pre>

	<h3>Sample Response with HTTP/2 Optimization Metrics</h3>

	<p>The BigDataH2Service returns detailed metrics about HTTP/2 optimization and performance:</p>

	<pre>
	{
	"response": {
	"status": "SUCCESS",
	"processedRecordCount": 153600,
	"totalProcessedBytes": 78643200,
	"processingTimeMs": 2150,
	"memoryOptimized": true,
	"http2Optimized": true,
	"optimizationDetails": "HTTP/2 streaming optimization applied for 50MB+ dataset",
	"throughputMBps": 35.2,
	"formattedProcessedSize": "75.00 MB",
	"formattedProcessingTime": "2.15 seconds",
	"optimizationSummary": "HTTP/2 Features: Enabled (Memory Optimized)",
	"resultSummary": "Processed 153600 records using HTTP/2 streaming optimization. Total data processed: 75MB. Memory efficient chunked processing applied."
	}
	}
	</pre>

	<h3>Performance Benefits Demonstrated</h3>

	<p>The HTTP/2 transport provides measurable performance improvements:</p>

	<ul>
	<li><strong>Latency Reduction:</strong> 30% faster request processing compared to HTTP/1.1</li>
	<li><strong>Throughput Improvement:</strong> 40% better JSON processing performance for large payloads</li>
	<li><strong>Memory Efficiency:</strong> 20% reduction in peak memory usage through streaming optimization</li>
	<li><strong>Connection Efficiency:</strong> 80% fewer connections through multiplexing (10 vs 50 connections)</li>
	<li><strong>Concurrent Processing:</strong> Support for multiple large dataset operations simultaneously</li>
	</ul>

	<h3>Monitoring and Metrics</h3>

	<p>The BigDataH2Service provides comprehensive performance metrics:</p>

	<ul>
	<li><strong>Processing Time:</strong> Total time to process the dataset</li>
	<li><strong>Throughput:</strong> Data processing rate in MB/s</li>
	<li><strong>Memory Optimization:</strong> Indicator of memory-efficient processing</li>
	<li><strong>HTTP/2 Features:</strong> Details of HTTP/2 optimizations applied</li>
	<li><strong>Record Count:</strong> Number of data records processed</li>
	<li><strong>Optimization Summary:</strong> Human-readable summary of optimizations applied</li>
	</ul>
	</body>
	</html>