On the security question, if we are interested in pursuing this we will get an analysis document started to look at the options we have for integration with our security implementation.

Darran Lofthouse.

On Mon, 11 Dec 2017 at 05:17 Stuart Douglas <stuart.w.douglas@gmail.com> wrote:
Hi everyone,

I have done up a proof of concept of GRPC support in Wildfly, which can be found at [1]. GRPC is an RPC protocol designed by Google, that allows for easy cross platform invocations.

My proof of concept uses an Undertow based port of GRPC [2] and basically works as follows:

- At deployment time Jandex is used to find all non-abstract classes that implement io.grpc.BindableService
- I scan the class hierarchy of these classes to find the protobuf generated base class, and create a subclass of this class using ProxyFactory, overriding every method except bindService().
- An instance/proxy is created using the ComponentRegistry to do the creation, and the generated proxy delegates all incoming calls to this instance
- At runtime any incoming HTTP/2 requests with a type of application/grpc are intercepted, and passed through this newly created proxy.

Basically this means that all you need to do as an application developer is define your GRPC endpoints using protobuf, implement the classes generated by the protobuf compiler and then include them in your application, and Wildfly will do the rest. CDI and EJB annotations on your GRPC services should work as normal, for example if you put @Stateless on an endpoint it should work as expected with a SFSB handling all invocations.

Note that this is a very early stage POC, and lots of stuff is missing (most notably security). 

Before I go to much further though I though that I should get some feedback, e.g.

- Do we actually want this? I am not sure how much interest there is, but it seems like GRPC could be very useful in a polyglot microservice environment.
- Is the current implementation the best way of actually registering GRPC services, or should we require some kind of defining annotation
- What security mechanisms should we support? Out of the box standard GRPC is fairly limited
- What do we do about transactions? I am leaning towards not supporting them over GRPC, as we already have solutions for Java invocation in the form of our EJB protocol, and I think non-Java clients are unlikely to want to use this. 


wildfly-dev mailing list