added parameter to configure incoming connections backlog size

small optimization to make authenticator a singleton
uniformed xml configuration attributes, added max-request-size parameter
2025-01-20 10:22:03 +08:00 · 2025-01-20 09:05:53 +08:00 · 2025-01-20 08:24:44 +08:00 · 2025-01-17 22:42:11 +08:00 · 2025-01-17 14:17:57 +08:00 · 2025-01-16 21:11:35 +08:00
91 changed files with 1773 additions and 1012 deletions
--- a/.gitea/workflows/build.yaml
+++ b/.gitea/workflows/build.yaml
@@ -9,11 +9,6 @@ jobs:
    steps:
      - name: Checkout sources
        uses: actions/checkout@v4
-      - name: Setup Java
-        uses: actions/setup-java@v4
-        with:
-          distribution: graalvm
-          java-version: 21
      - name: Setup Gradle
        uses: gradle/actions/setup-gradle@v3
      - name: Execute Gradle build
--- a/2
+++ b/2
@@ -1,2 +0,0 @@
-FROM gitea.woggioni.net/woggioni/gbcs:memcached
-COPY --chown=luser:luser conf/gbcs-memcached.xml /home/luser/.config/gbcs/gbcs.xml
--- a/benchmark/build.gradle
+++ b/benchmark/build.gradle
@@ -1,26 +0,0 @@
-plugins {
-    alias catalog.plugins.gradle.jmh
-    alias catalog.plugins.lombok
-}
-
-import me.champeau.jmh.JMHTask
-
-dependencies {
-    implementation rootProject
-
-    implementation catalog.jwo
-    implementation catalog.xz
-    implementation catalog.jackson.databind
-
-    jmhAnnotationProcessor catalog.lombok
-}
-
-jmh {
-    threads = 4
-    iterations = 2
-    fork = 1
-    warmupIterations = 1
-    warmupForks = 0
-    resultFormat = 'JSON'
-}
-
--- a/benchmark/src/jmh/java/net/woggioni/gbcs/benchmark/Main.java
+++ b/benchmark/src/jmh/java/net/woggioni/gbcs/benchmark/Main.java
@@ -1,170 +0,0 @@
-package net.woggioni.gbcs.benchmark;
-
-import lombok.Getter;
-import lombok.SneakyThrows;
-import org.openjdk.jmh.annotations.Benchmark;
-import org.openjdk.jmh.annotations.BenchmarkMode;
-import org.openjdk.jmh.annotations.Level;
-import org.openjdk.jmh.annotations.Mode;
-import org.openjdk.jmh.annotations.OutputTimeUnit;
-import org.openjdk.jmh.annotations.Scope;
-import org.openjdk.jmh.annotations.Setup;
-import org.openjdk.jmh.annotations.State;
-
-import java.net.URI;
-import java.net.http.HttpClient;
-import java.net.http.HttpRequest;
-import java.net.http.HttpResponse;
-import java.nio.charset.StandardCharsets;
-import java.util.Arrays;
-import java.util.Base64;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.Map;
-import java.util.Optional;
-import java.util.Properties;
-import java.util.Random;
-import java.util.concurrent.TimeUnit;
-import java.util.function.Predicate;
-
-public class Main {
-
-    @SneakyThrows
-    private static Properties loadProperties() {
-        Properties properties = new Properties();
-        try (final var is = Main.class.getResourceAsStream("/benchmark.properties")) {
-            properties.load(is);
-        }
-        return properties;
-    }
-
-    private static final Properties properties = loadProperties();
-
-    @State(Scope.Thread)
-    public static class ExecutionPlan {
-        private final Random random = new Random(101325);
-
-        @Getter
-        private final HttpClient client = HttpClient.newHttpClient();
-
-        private final Map<String, byte[]> entries = new HashMap<>();
-
-        public final Map<String, byte[]> getEntries() {
-            return Collections.unmodifiableMap(entries);
-        }
-
-        public Map.Entry<String, byte[]> newEntry() {
-            final var keyBuffer = new byte[0x20];
-            random.nextBytes(keyBuffer);
-            final var key = Base64.getUrlEncoder().encodeToString(keyBuffer);
-            final var value = new byte[0x1000];
-            random.nextBytes(value);
-            return Map.entry(key, value);
-        }
-
-        @SneakyThrows
-        public HttpRequest.Builder newRequestBuilder(String key) {
-            final var requestBuilder = HttpRequest.newBuilder()
-                    .uri(getServerURI().resolve(key));
-            String user = getUser();
-            if (user != null) {
-                requestBuilder.header("Authorization", buildAuthorizationHeader(user, getPassword()));
-            }
-            return requestBuilder;
-        }
-
-        @SneakyThrows
-        public URI getServerURI() {
-            return new URI(properties.getProperty("gbcs.server.url"));
-        }
-
-        @SneakyThrows
-        public String getUser() {
-            return Optional.ofNullable(properties.getProperty("gbcs.server.username"))
-                    .filter(Predicate.not(String::isEmpty))
-                    .orElse(null);
-
-        }
-
-        @SneakyThrows
-        public String getPassword() {
-            return Optional.ofNullable(properties.getProperty("gbcs.server.password"))
-                    .filter(Predicate.not(String::isEmpty))
-                    .orElse(null);
-        }
-
-        private String buildAuthorizationHeader(String user, String password) {
-            final var b64 = Base64.getEncoder().encode(String.format("%s:%s", user, password).getBytes(StandardCharsets.UTF_8));
-            return "Basic " + new String(b64);
-        }
-
-
-        @SneakyThrows
-        @Setup(Level.Trial)
-        public void setUp() {
-            try (final var client = HttpClient.newHttpClient()) {
-                for (int i = 0; i < 10000; i++) {
-                    final var pair = newEntry();
-                    final var requestBuilder = newRequestBuilder(pair.getKey())
-                            .header("Content-Type", "application/octet-stream")
-                            .PUT(HttpRequest.BodyPublishers.ofByteArray(pair.getValue()));
-                    final var response = client.send(requestBuilder.build(), HttpResponse.BodyHandlers.ofString());
-                    if (201 != response.statusCode()) {
-                        throw new IllegalStateException(Integer.toString(response.statusCode()));
-                    } else {
-                        entries.put(pair.getKey(), pair.getValue());
-                    }
-                }
-            }
-        }
-
-        private Iterator<Map.Entry<String, byte[]>> it = null;
-
-        private Map.Entry<String, byte[]> nextEntry() {
-            if (it == null || !it.hasNext()) {
-                it = getEntries().entrySet().iterator();
-            }
-            return it.next();
-        }
-    }
-
-    @SneakyThrows
-    @Benchmark
-    @BenchmarkMode(Mode.Throughput)
-    @OutputTimeUnit(TimeUnit.SECONDS)
-    public void get(ExecutionPlan plan) {
-        final var client = plan.getClient();
-        final var entry = plan.nextEntry();
-        final var requestBuilder = plan.newRequestBuilder(entry.getKey())
-                .header("Accept", "application/octet-stream")
-                .GET();
-        final var response = client.send(requestBuilder.build(), HttpResponse.BodyHandlers.ofByteArray());
-        if (200 != response.statusCode()) {
-            throw new IllegalStateException(Integer.toString(response.statusCode()));
-        } else {
-            if (!Arrays.equals(entry.getValue(), response.body())) {
-                throw new IllegalStateException("Retrieved unexpected value");
-            }
-        }
-    }
-
-
-    @SneakyThrows
-    @Benchmark
-    @BenchmarkMode(Mode.Throughput)
-    @OutputTimeUnit(TimeUnit.SECONDS)
-    public void put(Main.ExecutionPlan plan) {
-        final var client = plan.getClient();
-        final var entry = plan.nextEntry();
-
-        final var requestBuilder = plan.newRequestBuilder(entry.getKey())
-                .header("Content-Type", "application/octet-stream")
-                .PUT(HttpRequest.BodyPublishers.ofByteArray(entry.getValue()));
-
-        final var response = client.send(requestBuilder.build(), HttpResponse.BodyHandlers.ofByteArray());
-        if (201 != response.statusCode()) {
-            throw new IllegalStateException(Integer.toString(response.statusCode()));
-        }
-    }
-}
--- a/benchmark/src/jmh/resources/benchmark.properties
+++ b/benchmark/src/jmh/resources/benchmark.properties
@@ -1 +0,0 @@
-gbcs.server.url= http://localhost:8080
--- a/build.gradle
+++ b/build.gradle
@@ -1,14 +1,12 @@
 plugins {
-    id 'java-library'
-    alias catalog.plugins.kotlin.jvm
+    alias catalog.plugins.kotlin.jvm apply false
    alias catalog.plugins.sambal
-    alias catalog.plugins.lombok
-    id 'maven-publish'
+    alias catalog.plugins.lombok apply false
 }

-import org.jetbrains.kotlin.gradle.tasks.KotlinCompile
-import org.jetbrains.kotlin.gradle.dsl.JvmTarget

+import org.jetbrains.kotlin.gradle.dsl.JvmTarget
+import org.jetbrains.kotlin.gradle.tasks.KotlinCompile

 allprojects { subproject ->
    group = 'net.woggioni'
@@ -102,34 +100,6 @@ allprojects { subproject ->
    }
 }

-dependencies {
-    implementation catalog.jwo
-    implementation catalog.slf4j.api
-    implementation catalog.netty.codec.http
-
-    api project('gbcs-base')
-    api project('gbcs-api')
-
-//    runtimeOnly catalog.slf4j.jdk14
-    testRuntimeOnly catalog.logback.classic
-
-    testImplementation catalog.bcprov.jdk18on
-    testImplementation catalog.bcpkix.jdk18on
-    testImplementation catalog.junit.jupiter.api
-    testImplementation catalog.junit.jupiter.params
-    testRuntimeOnly catalog.junit.jupiter.engine
-
-    testRuntimeOnly project("gbcs-memcached")
-}
-
-publishing {
-    publications {
-        maven(MavenPublication) {
-            from(components["java"])
-        }
-    }
-}
-
 tasks.register('version') {
    doLast {
        println("VERSION=$version")
--- a/conf/gbcs-memcached.xml
+++ b/conf/gbcs-memcached.xml
@@ -1,13 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<gbcs:server useVirtualThreads="true" xmlns:xs="http://www.w3.org/2001/XMLSchema-instance"
-             xmlns:gbcs="urn:net.woggioni.gbcs"
-             xmlns:gbcs-memcached="urn:net.woggioni.gbcs-memcached"
-             xs:schemaLocation="urn:net.woggioni.gbcs-memcached jpms://net.woggioni.gbcs.memcached/net/woggioni/gbcs/memcached/schema/gbcs-memcached.xsd urn:net.woggioni.gbcs jpms://net.woggioni.gbcs/net/woggioni/gbcs/schema/gbcs.xsd">
-    <bind host="0.0.0.0" port="13080" />
-    <cache xs:type="gbcs-memcached:memcachedCacheType" max-age="P7D" max-size="16777216" compression-mode="zip">
-        <server host="memcached" port="11211"/>
-    </cache>
-    <authentication>
-        <none/>
-    </authentication>
-</gbcs:server>
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,36 +0,0 @@
-networks:
-  default:
-    external: false
-    ipam:
-      driver: default
-      config:
-        - subnet: 172.118.0.0/16
-          ip_range: 172.118.0.0/16
-          gateway: 172.118.0.254
-services:
-  gbcs:
-    build:
-      context: .
-    container_name: gbcs
-    restart: unless-stopped
-    ports:
-      - "127.0.0.1:8080:13080"
-      - "[::1]:8080:13080"
-    depends_on:
-      memcached:
-        condition: service_started
-    deploy:
-      resources:
-        limits:
-          cpus: "2.00"
-          memory: 256M
-  memcached:
-    image: memcached
-    container_name: memcached
-    restart: unless-stopped
-    command: -I 64m -m 900m
-    deploy:
-      resources:
-        limits:
-          cpus: "1.00"
-          memory: 1G
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -1,21 +1,19 @@
-FROM alpine:latest AS base-release
-RUN --mount=type=cache,target=/var/cache/apk apk update
-RUN --mount=type=cache,target=/var/cache/apk apk add openjdk21-jre
+FROM eclipse-temurin:21-jre-alpine AS base-release
 RUN adduser -D luser
 USER luser
 WORKDIR /home/luser

 FROM base-release AS release
 ADD gbcs-cli-envelope-*.jar gbcs.jar
-ENTRYPOINT ["java", "-jar", "/home/luser/gbcs.jar"]
+ENTRYPOINT ["java", "-jar", "/home/luser/gbcs.jar", "server"]

 FROM base-release AS release-memcached
 ADD --chown=luser:luser gbcs-cli-envelope-*.jar gbcs.jar
 RUN mkdir plugins
 WORKDIR /home/luser/plugins
-RUN --mount=type=bind,source=.,target=/build/distributions tar -xf /build/distributions/gbcs-memcached*.tar
+RUN --mount=type=bind,source=.,target=/build/distributions tar -xf /build/distributions/gbcs-server-memcached*.tar
 WORKDIR /home/luser
-ENTRYPOINT ["java", "-jar", "/home/luser/gbcs.jar"]
+ENTRYPOINT ["java", "-jar", "/home/luser/gbcs.jar", "server"]

 FROM release-memcached as compose
 COPY --chown=luser:luser conf/gbcs-memcached.xml /home/luser/.config/gbcs/gbcs.xml
--- a/docker/build.gradle
+++ b/docker/build.gradle
@@ -19,7 +19,7 @@ configurations {

 dependencies {
    docker project(path: ':gbcs-cli', configuration: 'release')
-    docker project(path: ':gbcs-memcached', configuration: 'release')
+    docker project(path: ':gbcs-server-memcached', configuration: 'release')
 }

 Provider<Task> cleanTaskProvider = tasks.named(BasePlugin.CLEAN_TASK_NAME) {}
--- a/gbcs-api/src/main/java/net/woggioni/gbcs/api/Configuration.java
+++ b/gbcs-api/src/main/java/net/woggioni/gbcs/api/Configuration.java
@@ -21,6 +21,8 @@ public class Configuration {
    Authentication authentication;
    Tls tls;
    boolean useVirtualThread;
+    int maxRequestSize;
+    int incomingConnectionsBacklogSize;

    @Value
    public static class Group {
@@ -107,7 +109,9 @@ public class Configuration {
            Cache cache,
            Authentication authentication,
            Tls tls,
-            boolean useVirtualThread
+            boolean useVirtualThread,
+            int maxRequestSize,
+            int incomingConnectionsBacklogSize
    ) {
        return new Configuration(
                host,
@@ -118,7 +122,9 @@ public class Configuration {
                cache,
                authentication,
                tls,
-                useVirtualThread
+                useVirtualThread,
+                maxRequestSize,
+                incomingConnectionsBacklogSize
        );
    }
 }
--- a/gbcs-api/src/main/java/net/woggioni/gbcs/api/exception/ConfigurationException.java
+++ b/gbcs-api/src/main/java/net/woggioni/gbcs/api/exception/ConfigurationException.java
@@ -0,0 +1,11 @@
+package net.woggioni.gbcs.api.exception;
+
+public class ConfigurationException extends GbcsException {
+    public ConfigurationException(String message, Throwable cause) {
+        super(message, cause);
+    }
+
+    public ConfigurationException(String message) {
+        this(message, null);
+    }
+}
--- a/gbcs-cli/build.gradle
+++ b/gbcs-cli/build.gradle
@@ -4,15 +4,17 @@ plugins {
    alias catalog.plugins.envelope
    alias catalog.plugins.sambal
    alias catalog.plugins.graalvm.native.image
+    alias catalog.plugins.graalvm.jlink
+    alias catalog.plugins.jpms.check
    id 'maven-publish'
 }

 import net.woggioni.gradle.envelope.EnvelopeJarTask
+import net.woggioni.gradle.graalvm.NativeImageConfigurationTask
 import net.woggioni.gradle.graalvm.NativeImagePlugin
 import net.woggioni.gradle.graalvm.NativeImageTask
-import net.woggioni.gradle.graalvm.NativeImageConfigurationTask
-import org.jetbrains.kotlin.gradle.tasks.KotlinCompile
-import org.jetbrains.kotlin.gradle.dsl.JvmTarget
+import net.woggioni.gradle.graalvm.JlinkPlugin
+import net.woggioni.gradle.graalvm.JlinkTask

 Property<String> mainClassName = objects.property(String.class)
 mainClassName.set('net.woggioni.gbcs.cli.GradleBuildCacheServerCli')
@@ -43,7 +45,8 @@ dependencies {
    implementation catalog.netty.codec.http
    implementation catalog.picocli

-    implementation rootProject
+    implementation project(':gbcs-client')
+    implementation project(':gbcs-server')

 //    runtimeOnly catalog.slf4j.jdk14
    runtimeOnly catalog.logback.classic
@@ -56,15 +59,20 @@ Provider<EnvelopeJarTask> envelopeJarTaskProvider = tasks.named('envelopeJar', E
 }

 tasks.named(NativeImagePlugin.CONFIGURE_NATIVE_IMAGE_TASK_NAME, NativeImageConfigurationTask) {
-    mainClass = 'net.woggioni.gbcs.GraalNativeImageConfiguration'
+    mainClass = mainClassName
 }

 tasks.named(NativeImagePlugin.NATIVE_IMAGE_TASK_NAME, NativeImageTask) {
-    mainClass = 'net.woggioni.gbcs.GradleBuildCacheServer'
+    mainClass = mainClassName
    useMusl = true
    buildStaticImage = true
 }

+tasks.named(JlinkPlugin.JLINK_TASK_NAME, JlinkTask) {
+    mainClass = mainClassName
+    mainModule = 'net.woggioni.gbcs.cli'
+}
+
 artifacts {
    release(envelopeJarTaskProvider)
 }
--- a/gbcs-cli/src/main/java/module-info.java
+++ b/gbcs-cli/src/main/java/module-info.java
@@ -1,15 +1,17 @@
 module net.woggioni.gbcs.cli {
    requires org.slf4j;
-    requires net.woggioni.gbcs;
+    requires net.woggioni.gbcs.server;
    requires info.picocli;
-    requires net.woggioni.gbcs.base;
+    requires net.woggioni.gbcs.common;
+    requires net.woggioni.gbcs.client;
    requires kotlin.stdlib;
    requires net.woggioni.jwo;
+    requires net.woggioni.gbcs.api;

    exports net.woggioni.gbcs.cli.impl.converters to info.picocli;
    opens net.woggioni.gbcs.cli.impl.commands to info.picocli;
    opens net.woggioni.gbcs.cli.impl to info.picocli;
-    opens net.woggioni.gbcs.cli to info.picocli, net.woggioni.gbcs.base;
+    opens net.woggioni.gbcs.cli to info.picocli, net.woggioni.gbcs.common;

    exports net.woggioni.gbcs.cli;
 }
--- a/gbcs-cli/src/main/kotlin/net/woggioni/gbcs/cli/GradleBuildCacheServerCli.kt
+++ b/gbcs-cli/src/main/kotlin/net/woggioni/gbcs/cli/GradleBuildCacheServerCli.kt
@@ -1,28 +1,24 @@
 package net.woggioni.gbcs.cli

-import net.woggioni.gbcs.GradleBuildCacheServer
-import net.woggioni.gbcs.GradleBuildCacheServer.Companion.DEFAULT_CONFIGURATION_URL
-import net.woggioni.gbcs.base.GbcsUrlStreamHandlerFactory
-import net.woggioni.gbcs.base.contextLogger
-import net.woggioni.gbcs.base.debug
-import net.woggioni.gbcs.base.info
+import net.woggioni.gbcs.common.GbcsUrlStreamHandlerFactory
+import net.woggioni.gbcs.common.contextLogger
 import net.woggioni.gbcs.cli.impl.AbstractVersionProvider
 import net.woggioni.gbcs.cli.impl.GbcsCommand
+import net.woggioni.gbcs.cli.impl.commands.BenchmarkCommand
+import net.woggioni.gbcs.cli.impl.commands.ClientCommand
+import net.woggioni.gbcs.cli.impl.commands.GetCommand
 import net.woggioni.gbcs.cli.impl.commands.PasswordHashCommand
+import net.woggioni.gbcs.cli.impl.commands.PutCommand
+import net.woggioni.gbcs.cli.impl.commands.ServerCommand
 import net.woggioni.jwo.Application
-import net.woggioni.jwo.JWO
-import org.slf4j.Logger
 import picocli.CommandLine
 import picocli.CommandLine.Model.CommandSpec
-import java.io.ByteArrayOutputStream
-import java.nio.file.Files
-import java.nio.file.Path


@CommandLine.Command(
    name = "gbcs", versionProvider = GradleBuildCacheServerCli.VersionProvider::class
 )
-class GradleBuildCacheServerCli(application : Application, private val log : Logger) : GbcsCommand() {
+class GradleBuildCacheServerCli : GbcsCommand() {

    class VersionProvider : AbstractVersionProvider()
    companion object {
@@ -35,24 +31,24 @@ class GradleBuildCacheServerCli(application : Application, private val log : Log
                .configurationDirectoryEnvVar("GBCS_CONFIGURATION_DIR")
                .configurationDirectoryPropertyKey("net.woggioni.gbcs.conf.dir")
                .build()
-            val gbcsCli = GradleBuildCacheServerCli(app, log)
+            val gbcsCli = GradleBuildCacheServerCli()
            val commandLine = CommandLine(gbcsCli)
            commandLine.setExecutionExceptionHandler { ex, cl, parseResult ->
                log.error(ex.message, ex)
                CommandLine.ExitCode.SOFTWARE
            }
+            commandLine.addSubcommand(ServerCommand(app))
            commandLine.addSubcommand(PasswordHashCommand())
+            commandLine.addSubcommand(
+                CommandLine(ClientCommand(app)).apply {
+                    addSubcommand(BenchmarkCommand())
+                    addSubcommand(PutCommand())
+                    addSubcommand(GetCommand())
+                })
            System.exit(commandLine.execute(*args))
        }
    }

-    @CommandLine.Option(
-        names = ["-c", "--config-file"],
-        description = ["Read the application configuration from this file"],
-        paramLabel = "CONFIG_FILE"
-    )
-    private var configurationFile: Path = findConfigurationFile(application)
-
    @CommandLine.Option(names = ["-V", "--version"], versionHelp = true)
    var versionHelp = false
        private set
@@ -60,40 +56,8 @@ class GradleBuildCacheServerCli(application : Application, private val log : Log
    @CommandLine.Spec
    private lateinit var spec: CommandSpec

-    private fun findConfigurationFile(app : Application): Path {
-        val confDir = app.computeConfigurationDirectory()
-        val configurationFile = confDir.resolve("gbcs.xml")
-        return configurationFile
-    }
-
-    private fun createDefaultConfigurationFile(configurationFile : Path) {
-        log.info {
-            "Creating default configuration file at '$configurationFile'"
-        }
-        val defaultConfigurationFileResource = DEFAULT_CONFIGURATION_URL
-        Files.newOutputStream(configurationFile).use { outputStream ->
-            defaultConfigurationFileResource.openStream().use { inputStream ->
-                JWO.copy(inputStream, outputStream)
-            }
-        }
-    }

    override fun run() {
-        if (!Files.exists(configurationFile)) {
-            Files.createDirectories(configurationFile.parent)
-            createDefaultConfigurationFile(configurationFile)
-        }
-
-        val configuration = GradleBuildCacheServer.loadConfiguration(configurationFile)
-        log.debug {
-            ByteArrayOutputStream().also {
-                GradleBuildCacheServer.dumpConfiguration(configuration, it)
-            }.let {
-                "Server configuration:\n${String(it.toByteArray())}"
-            }
-        }
-        val server = GradleBuildCacheServer(configuration)
-        server.run().use {
-        }
+        spec.commandLine().usage(System.out);
    }
 }
--- a/gbcs-cli/src/main/kotlin/net/woggioni/gbcs/cli/impl/AbstractVersionProvider.kt
+++ b/gbcs-cli/src/main/kotlin/net/woggioni/gbcs/cli/impl/AbstractVersionProvider.kt
@@ -1,8 +1,6 @@
 package net.woggioni.gbcs.cli.impl

 import picocli.CommandLine
-import java.net.URL
-import java.util.Enumeration
 import java.util.jar.Attributes
 import java.util.jar.JarFile
 import java.util.jar.Manifest
--- a/gbcs-cli/src/main/kotlin/net/woggioni/gbcs/cli/impl/GbcsCommand.kt
+++ b/gbcs-cli/src/main/kotlin/net/woggioni/gbcs/cli/impl/GbcsCommand.kt
@@ -1,6 +1,8 @@
 package net.woggioni.gbcs.cli.impl

+import net.woggioni.jwo.Application
 import picocli.CommandLine
+import java.nio.file.Path


 abstract class GbcsCommand : Runnable {
@@ -8,4 +10,10 @@ abstract class GbcsCommand : Runnable {
    @CommandLine.Option(names = ["-h", "--help"], usageHelp = true)
    var usageHelp = false
        private set
+
+    protected fun findConfigurationFile(app: Application, fileName : String): Path {
+        val confDir = app.computeConfigurationDirectory()
+        val configurationFile = confDir.resolve(fileName)
+        return configurationFile
+    }
 }
--- a/gbcs-cli/src/main/kotlin/net/woggioni/gbcs/cli/impl/commands/BenchmarkCommand.kt
+++ b/gbcs-cli/src/main/kotlin/net/woggioni/gbcs/cli/impl/commands/BenchmarkCommand.kt
@@ -0,0 +1,132 @@
+package net.woggioni.gbcs.cli.impl.commands
+
+import net.woggioni.gbcs.common.contextLogger
+import net.woggioni.gbcs.common.error
+import net.woggioni.gbcs.common.info
+import net.woggioni.gbcs.cli.impl.GbcsCommand
+import net.woggioni.gbcs.client.GbcsClient
+import picocli.CommandLine
+import java.security.SecureRandom
+import java.time.Duration
+import java.time.Instant
+import java.util.Base64
+import java.util.concurrent.ExecutionException
+import java.util.concurrent.Future
+import java.util.concurrent.LinkedBlockingQueue
+import java.util.concurrent.atomic.AtomicLong
+import kotlin.random.Random
+
+@CommandLine.Command(
+    name = "benchmark",
+    description = ["Run a load test against the server"],
+    showDefaultValues = true
+)
+class BenchmarkCommand : GbcsCommand() {
+    private val log = contextLogger()
+
+    @CommandLine.Spec
+    private lateinit var spec: CommandLine.Model.CommandSpec
+
+    @CommandLine.Option(
+        names = ["-e", "--entries"],
+        description = ["Total number of elements to be added to the cache"],
+        paramLabel = "NUMBER_OF_ENTRIES"
+    )
+    private var numberOfEntries = 1000
+
+    override fun run() {
+        val clientCommand = spec.parent().userObject() as ClientCommand
+        val profile = clientCommand.profileName.let { profileName ->
+            clientCommand.configuration.profiles[profileName]
+                ?: throw IllegalArgumentException("Profile $profileName does not exist in configuration")
+        }
+        val client = GbcsClient(profile)
+
+        val entryGenerator = sequence {
+            val random = Random(SecureRandom.getInstance("NativePRNGNonBlocking").nextLong())
+            while (true) {
+                val key = Base64.getUrlEncoder().encode(random.nextBytes(16)).toString(Charsets.UTF_8)
+                val value = random.nextBytes(0x1000)
+                yield(key to value)
+            }
+        }
+
+        val entries = let {
+            val completionQueue = LinkedBlockingQueue<Future<Pair<String, ByteArray>>>(numberOfEntries)
+            val start = Instant.now()
+            val totalElapsedTime = AtomicLong(0)
+            entryGenerator.take(numberOfEntries).forEach { entry ->
+                val requestStart = System.nanoTime()
+                val future = client.put(entry.first, entry.second).thenApply { entry }
+                future.whenComplete { _, _ ->
+                    totalElapsedTime.addAndGet((System.nanoTime() - requestStart))
+                    completionQueue.put(future)
+                }
+            }
+
+            val inserted = sequence<Pair<String, ByteArray>> {
+                var completionCounter = 0
+                while (completionCounter < numberOfEntries) {
+                    val future = completionQueue.take()
+                    try {
+                        yield(future.get())
+                    } catch (ee: ExecutionException) {
+                        val cause = ee.cause ?: ee
+                        log.error(cause.message, cause)
+                    }
+                    completionCounter += 1
+                }
+            }.toList()
+            val end = Instant.now()
+            log.info {
+                val elapsed = Duration.between(start, end).toMillis()
+                "Insertion rate: ${numberOfEntries.toDouble() / elapsed * 1000} ops/s"
+            }
+            log.info {
+                "Average time per insertion: ${totalElapsedTime.get() / numberOfEntries.toDouble() * 1000} ms"
+            }
+            inserted
+        }
+        log.info {
+            "Inserted ${entries.size} entries"
+        }
+        if (entries.isNotEmpty()) {
+            val completionQueue = LinkedBlockingQueue<Future<Unit>>(entries.size)
+            val start = Instant.now()
+            val totalElapsedTime = AtomicLong(0)
+            entries.forEach { entry ->
+                val requestStart = System.nanoTime()
+                val future = client.get(entry.first).thenApply {
+                    totalElapsedTime.addAndGet((System.nanoTime() - requestStart))
+                    if (it == null) {
+                        log.error {
+                            "Missing entry for key '${entry.first}'"
+                        }
+                    } else if (!entry.second.contentEquals(it)) {
+                        log.error {
+                            "Retrieved a value different from what was inserted for key '${entry.first}'"
+                        }
+                    }
+                }
+                future.whenComplete { _, _ ->
+                    completionQueue.put(future)
+                }
+            }
+            var completionCounter = 0
+            while (completionCounter < entries.size) {
+                completionQueue.take()
+                completionCounter += 1
+            }
+            val end = Instant.now()
+            log.info {
+                val elapsed = Duration.between(start, end).toMillis()
+                "Retrieval rate: ${entries.size.toDouble() / elapsed * 1000} ops/s"
+            }
+            log.info {
+                "Average time per retrieval: ${totalElapsedTime.get() / numberOfEntries.toDouble() * 1e6} ms"
+            }
+        } else {
+            log.error("Skipping retrieval benchmark as it was not possible to insert any entry in the cache")
+        }
+    }
+}
--- a/gbcs-cli/src/main/kotlin/net/woggioni/gbcs/cli/impl/commands/ClientCommand.kt
+++ b/gbcs-cli/src/main/kotlin/net/woggioni/gbcs/cli/impl/commands/ClientCommand.kt
@@ -0,0 +1,41 @@
+package net.woggioni.gbcs.cli.impl.commands
+
+import net.woggioni.gbcs.cli.impl.GbcsCommand
+import net.woggioni.gbcs.client.GbcsClient
+import net.woggioni.jwo.Application
+import picocli.CommandLine
+import java.nio.file.Path
+
+@CommandLine.Command(
+    name = "client",
+    description = ["GBCS client"],
+    showDefaultValues = true
+)
+class ClientCommand(app : Application) : GbcsCommand() {
+
+    @CommandLine.Option(
+        names = ["-c", "--configuration"],
+        description = ["Path to the client configuration file"],
+        paramLabel = "CONFIGURATION_FILE"
+    )
+    private var configurationFile : Path = findConfigurationFile(app, "gbcs-client.xml")
+
+    @CommandLine.Option(
+        names = ["-p", "--profile"],
+        description = ["Name of the client profile to be used"],
+        paramLabel = "PROFILE",
+        required = true
+    )
+    var profileName : String? = null
+
+    val configuration : GbcsClient.Configuration by lazy {
+        GbcsClient.Configuration.parse(configurationFile)
+    }
+
+    override fun run() {
+        println("Available profiles:")
+        configuration.profiles.forEach { (profileName, _) ->
+            println(profileName)
+        }
+    }
+}
--- a/gbcs-cli/src/main/kotlin/net/woggioni/gbcs/cli/impl/commands/GetCommand.kt
+++ b/gbcs-cli/src/main/kotlin/net/woggioni/gbcs/cli/impl/commands/GetCommand.kt
@@ -0,0 +1,51 @@
+package net.woggioni.gbcs.cli.impl.commands
+
+import net.woggioni.gbcs.common.contextLogger
+import net.woggioni.gbcs.cli.impl.GbcsCommand
+import net.woggioni.gbcs.client.GbcsClient
+import picocli.CommandLine
+import java.nio.file.Files
+import java.nio.file.Path
+
+@CommandLine.Command(
+    name = "get",
+    description = ["Fetch a value from the cache with the specified key"],
+    showDefaultValues = true
+)
+class GetCommand : GbcsCommand() {
+    private val log = contextLogger()
+
+    @CommandLine.Spec
+    private lateinit var spec: CommandLine.Model.CommandSpec
+
+    @CommandLine.Option(
+        names = ["-k", "--key"],
+        description = ["The key for the new value"],
+        paramLabel = "KEY"
+    )
+    private var key : String = ""
+
+    @CommandLine.Option(
+        names = ["-v", "--value"],
+        description = ["Path to a file where the retrieved value will be written (defaults to stdout)"],
+        paramLabel = "VALUE_FILE",
+    )
+    private var output : Path? = null
+
+    override fun run() {
+        val clientCommand = spec.parent().userObject() as ClientCommand
+        val profile = clientCommand.profileName.let { profileName ->
+            clientCommand.configuration.profiles[profileName]
+                ?: throw IllegalArgumentException("Profile $profileName does not exist in configuration")
+        }
+        GbcsClient(profile).use { client ->
+            client.get(key).thenApply { value ->
+                value?.let {
+                    (output?.let(Files::newOutputStream) ?: System.out).use {
+                        it.write(value)
+                    }
+                } ?: throw NoSuchElementException("No value found for key $key")
+            }.get()
+        }
+    }
+}
--- a/gbcs-cli/src/main/kotlin/net/woggioni/gbcs/cli/impl/commands/PasswordHashCommand.kt
+++ b/gbcs-cli/src/main/kotlin/net/woggioni/gbcs/cli/impl/commands/PasswordHashCommand.kt
@@ -1,13 +1,13 @@
 package net.woggioni.gbcs.cli.impl.commands

-import net.woggioni.gbcs.base.PasswordSecurity.hashPassword
+import net.woggioni.gbcs.common.PasswordSecurity.hashPassword
 import net.woggioni.gbcs.cli.impl.GbcsCommand
 import net.woggioni.gbcs.cli.impl.converters.OutputStreamConverter
 import net.woggioni.jwo.UncloseableOutputStream
 import picocli.CommandLine
-import java.io.BufferedWriter
 import java.io.OutputStream
 import java.io.OutputStreamWriter
+import java.io.PrintWriter


@CommandLine.Command(
@@ -20,7 +20,7 @@ class PasswordHashCommand : GbcsCommand() {
        names = ["-o", "--output-file"],
        description = ["Write the output to a file instead of stdout"],
        converter = [OutputStreamConverter::class],
-        defaultValue = "stdout",
+        showDefaultValue = CommandLine.Help.Visibility.NEVER,
        paramLabel = "OUTPUT_FILE"
    )
    private var outputStream: OutputStream = UncloseableOutputStream(System.out)
@@ -30,9 +30,8 @@ class PasswordHashCommand : GbcsCommand() {
        val password2 = String(System.console().readPassword("Type your password again for confirmation:"))
        if(password1 != password2) throw IllegalArgumentException("Passwords do not match")

-        BufferedWriter(OutputStreamWriter(outputStream, Charsets.UTF_8)).use {
-            it.write(hashPassword(password1))
-            it.newLine()
+        PrintWriter(OutputStreamWriter(outputStream, Charsets.UTF_8)).use {
+            it.println(hashPassword(password1))
        }
    }
 }
--- a/gbcs-cli/src/main/kotlin/net/woggioni/gbcs/cli/impl/commands/PutCommand.kt
+++ b/gbcs-cli/src/main/kotlin/net/woggioni/gbcs/cli/impl/commands/PutCommand.kt
@@ -0,0 +1,48 @@
+package net.woggioni.gbcs.cli.impl.commands
+
+import net.woggioni.gbcs.common.contextLogger
+import net.woggioni.gbcs.cli.impl.GbcsCommand
+import net.woggioni.gbcs.cli.impl.converters.InputStreamConverter
+import net.woggioni.gbcs.client.GbcsClient
+import picocli.CommandLine
+import java.io.InputStream
+
+@CommandLine.Command(
+    name = "put",
+    description = ["Add or replace a value to the cache with the specified key"],
+    showDefaultValues = true
+)
+class PutCommand : GbcsCommand() {
+    private val log = contextLogger()
+
+    @CommandLine.Spec
+    private lateinit var spec: CommandLine.Model.CommandSpec
+
+    @CommandLine.Option(
+        names = ["-k", "--key"],
+        description = ["The key for the new value"],
+        paramLabel = "KEY"
+    )
+    private var key : String = ""
+
+    @CommandLine.Option(
+        names = ["-v", "--value"],
+        description = ["Path to a file containing the value to be added (defaults to stdin)"],
+        paramLabel = "VALUE_FILE",
+        converter = [InputStreamConverter::class]
+    )
+    private var value : InputStream = System.`in`
+
+    override fun run() {
+        val clientCommand = spec.parent().userObject() as ClientCommand
+        val profile = clientCommand.profileName.let { profileName ->
+            clientCommand.configuration.profiles[profileName]
+                ?: throw IllegalArgumentException("Profile $profileName does not exist in configuration")
+        }
+        GbcsClient(profile).use { client ->
+            value.use {
+                client.put(key, it.readAllBytes())
+            }.get()
+        }
+    }
+}
--- a/gbcs-cli/src/main/kotlin/net/woggioni/gbcs/cli/impl/commands/ServerCommand.kt
+++ b/gbcs-cli/src/main/kotlin/net/woggioni/gbcs/cli/impl/commands/ServerCommand.kt
@@ -0,0 +1,67 @@
+package net.woggioni.gbcs.cli.impl.commands
+
+import net.woggioni.gbcs.server.GradleBuildCacheServer
+import net.woggioni.gbcs.server.GradleBuildCacheServer.Companion.DEFAULT_CONFIGURATION_URL
+import net.woggioni.gbcs.api.Configuration
+import net.woggioni.gbcs.common.contextLogger
+import net.woggioni.gbcs.common.debug
+import net.woggioni.gbcs.common.info
+import net.woggioni.gbcs.cli.impl.GbcsCommand
+import net.woggioni.jwo.Application
+import net.woggioni.jwo.JWO
+import picocli.CommandLine
+import java.io.ByteArrayOutputStream
+import java.nio.file.Files
+import java.nio.file.Path
+
+@CommandLine.Command(
+    name = "server",
+    description = ["GBCS server"],
+    showDefaultValues = true
+)
+class ServerCommand(app : Application) : GbcsCommand() {
+
+    private val log = contextLogger()
+
+    private fun createDefaultConfigurationFile(configurationFile: Path) {
+        log.info {
+            "Creating default configuration file at '$configurationFile'"
+        }
+        val defaultConfigurationFileResource = DEFAULT_CONFIGURATION_URL
+        Files.newOutputStream(configurationFile).use { outputStream ->
+            defaultConfigurationFileResource.openStream().use { inputStream ->
+                JWO.copy(inputStream, outputStream)
+            }
+        }
+    }
+
+    @CommandLine.Option(
+        names = ["-c", "--config-file"],
+        description = ["Read the application configuration from this file"],
+        paramLabel = "CONFIG_FILE"
+    )
+    private var configurationFile: Path = findConfigurationFile(app, "gbcs-server.xml")
+
+    val configuration : Configuration by lazy {
+        GradleBuildCacheServer.loadConfiguration(configurationFile)
+    }
+
+    override fun run() {
+        if (!Files.exists(configurationFile)) {
+            Files.createDirectories(configurationFile.parent)
+            createDefaultConfigurationFile(configurationFile)
+        }
+
+        val configuration = GradleBuildCacheServer.loadConfiguration(configurationFile)
+        log.debug {
+            ByteArrayOutputStream().also {
+                GradleBuildCacheServer.dumpConfiguration(configuration, it)
+            }.let {
+                "Server configuration:\n${String(it.toByteArray())}"
+            }
+        }
+        val server = GradleBuildCacheServer(configuration)
+        server.run().use {
+        }
+    }
+}
--- a/gbcs-cli/src/main/kotlin/net/woggioni/gbcs/cli/impl/converters/InputStreamConverter.kt
+++ b/gbcs-cli/src/main/kotlin/net/woggioni/gbcs/cli/impl/converters/InputStreamConverter.kt
@@ -0,0 +1,13 @@
+package net.woggioni.gbcs.cli.impl.converters
+
+import picocli.CommandLine
+import java.io.InputStream
+import java.nio.file.Files
+import java.nio.file.Paths
+
+
+class InputStreamConverter : CommandLine.ITypeConverter<InputStream> {
+    override fun convert(value: String): InputStream {
+        return Files.newInputStream(Paths.get(value))
+    }
+}
--- a/gbcs-cli/src/main/resources/net/woggioni/gbcs/cli/logback.xml
+++ b/gbcs-cli/src/main/resources/net/woggioni/gbcs/cli/logback.xml
@@ -12,10 +12,9 @@
        </encoder>
    </appender>

-    <root level="debug">
+    <root level="info">
        <appender-ref ref="console"/>
    </root>
-    <logger name="io.netty" level="debug"/>
    <logger name="com.google.code.yanf4j" level="warn"/>
    <logger name="net.rubyeye.xmemcached" level="warn"/>
 </configuration>
--- a/gbcs-client/build.gradle
+++ b/gbcs-client/build.gradle
@@ -0,0 +1,15 @@
+plugins {
+    id 'java-library'
+    alias catalog.plugins.kotlin.jvm
+}
+
+dependencies {
+    implementation project(':gbcs-api')
+    implementation project(':gbcs-common')
+    implementation catalog.picocli
+    implementation catalog.slf4j.api
+    implementation catalog.netty.buffer
+    implementation catalog.netty.codec.http
+}
+
+
--- a/gbcs-client/src/main/java/module-info.java
+++ b/gbcs-client/src/main/java/module-info.java
@@ -0,0 +1,17 @@
+module net.woggioni.gbcs.client {
+    requires io.netty.handler;
+    requires io.netty.codec.http;
+    requires io.netty.transport;
+    requires kotlin.stdlib;
+    requires io.netty.common;
+    requires io.netty.buffer;
+    requires java.xml;
+    requires net.woggioni.gbcs.common;
+    requires net.woggioni.gbcs.api;
+    requires io.netty.codec;
+    requires org.slf4j;
+
+    exports net.woggioni.gbcs.client;
+
+    opens net.woggioni.gbcs.client.schema;
+}
--- a/gbcs-client/src/main/kotlin/net/woggioni/gbcs/client/Client.kt
+++ b/gbcs-client/src/main/kotlin/net/woggioni/gbcs/client/Client.kt
@@ -0,0 +1,253 @@
+package net.woggioni.gbcs.client
+
+import io.netty.bootstrap.Bootstrap
+import io.netty.buffer.ByteBuf
+import io.netty.buffer.Unpooled
+import io.netty.channel.Channel
+import io.netty.channel.ChannelHandlerContext
+import io.netty.channel.ChannelOption
+import io.netty.channel.ChannelPipeline
+import io.netty.channel.SimpleChannelInboundHandler
+import io.netty.channel.nio.NioEventLoopGroup
+import io.netty.channel.pool.AbstractChannelPoolHandler
+import io.netty.channel.pool.ChannelPool
+import io.netty.channel.pool.FixedChannelPool
+import io.netty.channel.socket.nio.NioSocketChannel
+import io.netty.handler.codec.DecoderException
+import io.netty.handler.codec.http.DefaultFullHttpRequest
+import io.netty.handler.codec.http.FullHttpRequest
+import io.netty.handler.codec.http.FullHttpResponse
+import io.netty.handler.codec.http.HttpClientCodec
+import io.netty.handler.codec.http.HttpContentDecompressor
+import io.netty.handler.codec.http.HttpHeaderNames
+import io.netty.handler.codec.http.HttpHeaderValues
+import io.netty.handler.codec.http.HttpMethod
+import io.netty.handler.codec.http.HttpObjectAggregator
+import io.netty.handler.codec.http.HttpResponseStatus
+import io.netty.handler.codec.http.HttpVersion
+import io.netty.handler.ssl.SslContext
+import io.netty.handler.ssl.SslContextBuilder
+import io.netty.handler.stream.ChunkedWriteHandler
+import io.netty.util.concurrent.Future
+import io.netty.util.concurrent.GenericFutureListener
+import net.woggioni.gbcs.common.Xml
+import net.woggioni.gbcs.common.contextLogger
+import net.woggioni.gbcs.common.debug
+import net.woggioni.gbcs.client.impl.Parser
+import java.net.InetSocketAddress
+import java.net.URI
+import java.nio.file.Files
+import java.nio.file.Path
+import java.security.PrivateKey
+import java.security.cert.X509Certificate
+import java.util.Base64
+import java.util.concurrent.CompletableFuture
+import java.util.concurrent.atomic.AtomicInteger
+import io.netty.util.concurrent.Future as NettyFuture
+
+
+class GbcsClient(private val profile: Configuration.Profile) : AutoCloseable {
+    private val group: NioEventLoopGroup
+    private var sslContext: SslContext
+    private val log = contextLogger()
+    private val pool: ChannelPool
+
+    data class Configuration(
+        val profiles: Map<String, Profile>
+    ) {
+        sealed class Authentication {
+            data class TlsClientAuthenticationCredentials(
+                val key: PrivateKey,
+                val certificateChain: Array<X509Certificate>
+            ) : Authentication()
+
+            data class BasicAuthenticationCredentials(val username: String, val password: String) : Authentication()
+        }
+
+        data class Profile(
+            val serverURI: URI,
+            val authentication: Authentication?,
+            val maxConnections : Int
+        )
+
+        companion object {
+            fun parse(path: Path): Configuration {
+                return Files.newInputStream(path).use {
+                    Xml.parseXml(path.toUri().toURL(), it)
+                }.let(Parser::parse)
+            }
+        }
+    }
+
+    init {
+        group = NioEventLoopGroup()
+        sslContext = SslContextBuilder.forClient().also { builder ->
+            (profile.authentication as? Configuration.Authentication.TlsClientAuthenticationCredentials)?.let { tlsClientAuthenticationCredentials ->
+                builder.keyManager(
+                    tlsClientAuthenticationCredentials.key,
+                    *tlsClientAuthenticationCredentials.certificateChain
+                )
+            }
+        }.build()
+
+        val (scheme, host, port) = profile.serverURI.run {
+            Triple(
+                if (scheme == null) "http" else profile.serverURI.scheme,
+                host,
+                port.takeIf { it > 0 } ?: if ("https" == scheme.lowercase()) 443 else 80
+            )
+        }
+
+        val bootstrap = Bootstrap().apply {
+            group(group)
+            channel(NioSocketChannel::class.java)
+            option(ChannelOption.TCP_NODELAY, true)
+            option(ChannelOption.SO_KEEPALIVE, true)
+            remoteAddress(InetSocketAddress(host, port))
+        }
+        val channelPoolHandler = object : AbstractChannelPoolHandler() {
+
+            @Volatile
+            private var connectionCount = AtomicInteger()
+
+            @Volatile
+            private var leaseCount = AtomicInteger()
+
+            override fun channelReleased(ch: Channel) {
+                log.debug {
+                    "Released lease ${leaseCount.decrementAndGet()}"
+                }
+            }
+
+            override fun channelAcquired(ch: Channel?) {
+                log.debug {
+                    "Acquired lease ${leaseCount.getAndIncrement()}"
+                }
+            }
+
+            override fun channelCreated(ch: Channel) {
+                log.debug {
+                    "Created connection ${connectionCount.getAndIncrement()}"
+                }
+                val pipeline: ChannelPipeline = ch.pipeline()
+
+                // Add SSL handler if needed
+                if ("https".equals(scheme, ignoreCase = true)) {
+                    pipeline.addLast("ssl", sslContext.newHandler(ch.alloc(), host, port))
+                }
+
+                // HTTP handlers
+                pipeline.addLast("codec", HttpClientCodec())
+                pipeline.addLast("decompressor", HttpContentDecompressor())
+                pipeline.addLast("aggregator", HttpObjectAggregator(1048576))
+                pipeline.addLast("chunked", ChunkedWriteHandler())
+            }
+        }
+        pool = FixedChannelPool(bootstrap, channelPoolHandler, profile.maxConnections)
+    }
+
+    fun get(key: String): CompletableFuture<ByteArray?> {
+        return sendRequest(profile.serverURI.resolve(key), HttpMethod.GET, null)
+            .thenApply {
+                val status = it.status()
+                if (it.status() == HttpResponseStatus.NOT_FOUND) {
+                    null
+                } else if (it.status() != HttpResponseStatus.OK) {
+                    throw HttpException(status)
+                } else {
+                    it.content()
+                }
+            }.thenApply { maybeByteBuf ->
+                maybeByteBuf?.let {
+                    val result = ByteArray(it.readableBytes())
+                    it.getBytes(0, result)
+                    result
+                }
+            }
+    }
+
+    fun put(key: String, content: ByteArray): CompletableFuture<Unit> {
+        return sendRequest(profile.serverURI.resolve(key), HttpMethod.PUT, content).thenApply {
+            val status = it.status()
+            if (it.status() != HttpResponseStatus.CREATED) {
+                throw HttpException(status)
+            }
+        }
+    }
+
+    private fun sendRequest(uri: URI, method: HttpMethod, body: ByteArray?): CompletableFuture<FullHttpResponse> {
+        val responseFuture = CompletableFuture<FullHttpResponse>()
+        // Custom handler for processing responses
+        pool.acquire().addListener(object : GenericFutureListener<NettyFuture<Channel>> {
+            override fun operationComplete(channelFuture: Future<Channel>) {
+                if (channelFuture.isSuccess) {
+                    val channel = channelFuture.now
+                    val pipeline = channel.pipeline()
+                    channel.pipeline().addLast("handler", object : SimpleChannelInboundHandler<FullHttpResponse>() {
+                        override fun channelRead0(
+                            ctx: ChannelHandlerContext,
+                            response: FullHttpResponse
+                        ) {
+                            responseFuture.complete(response)
+                            pipeline.removeLast()
+                            pool.release(channel)
+                        }
+
+                        override fun exceptionCaught(ctx: ChannelHandlerContext, cause: Throwable) {
+                            val ex = when (cause) {
+                                is DecoderException -> cause.cause
+                                else -> cause
+                            }
+                            responseFuture.completeExceptionally(ex)
+                            ctx.close()
+                            pipeline.removeLast()
+                            pool.release(channel)
+                        }
+                    })
+                    // Prepare the HTTP request
+                    val request: FullHttpRequest = let {
+                        val content: ByteBuf? = body?.takeIf(ByteArray::isNotEmpty)?.let(Unpooled::wrappedBuffer)
+                        DefaultFullHttpRequest(
+                            HttpVersion.HTTP_1_1,
+                            method,
+                            uri.rawPath,
+                            content ?: Unpooled.buffer(0)
+                        ).apply {
+                            headers().apply {
+                                if (content != null) {
+                                    set(HttpHeaderNames.CONTENT_TYPE, HttpHeaderValues.APPLICATION_OCTET_STREAM)
+                                    set(HttpHeaderNames.CONTENT_LENGTH, content.readableBytes())
+                                }
+                                set(HttpHeaderNames.HOST, profile.serverURI.host)
+                                set(HttpHeaderNames.CONNECTION, HttpHeaderValues.CLOSE)
+                                set(
+                                    HttpHeaderNames.ACCEPT_ENCODING,
+                                    HttpHeaderValues.GZIP.toString() + "," + HttpHeaderValues.DEFLATE.toString()
+                                )
+                                // Add basic auth if configured
+                                (profile.authentication as? Configuration.Authentication.BasicAuthenticationCredentials)?.let { credentials ->
+                                    val auth = "${credentials.username}:${credentials.password}"
+                                    val encodedAuth = Base64.getEncoder().encodeToString(auth.toByteArray())
+                                    set(HttpHeaderNames.AUTHORIZATION, "Basic $encodedAuth")
+                                }
+                            }
+                        }
+                    }
+
+                    // Set headers
+                    // Send the request
+                    channel.writeAndFlush(request)
+                }
+            }
+        })
+        return responseFuture
+    }
+
+    fun shutDown(): NettyFuture<*> {
+        return group.shutdownGracefully()
+    }
+
+    override fun close() {
+        shutDown().sync()
+    }
+}
--- a/gbcs-client/src/main/kotlin/net/woggioni/gbcs/client/Exception.kt
+++ b/gbcs-client/src/main/kotlin/net/woggioni/gbcs/client/Exception.kt
@@ -0,0 +1,9 @@
+package net.woggioni.gbcs.client
+
+import io.netty.handler.codec.http.HttpResponseStatus
+
+class HttpException(private val status : HttpResponseStatus) : RuntimeException(status.reasonPhrase()) {
+
+    override val message: String
+        get() = "Http status ${status.code()}: ${status.reasonPhrase()}"
+}
--- a/gbcs-client/src/main/kotlin/net/woggioni/gbcs/client/impl/Parser.kt
+++ b/gbcs-client/src/main/kotlin/net/woggioni/gbcs/client/impl/Parser.kt
@@ -0,0 +1,69 @@
+package net.woggioni.gbcs.client.impl
+
+import net.woggioni.gbcs.api.exception.ConfigurationException
+import net.woggioni.gbcs.common.Xml.Companion.asIterable
+import net.woggioni.gbcs.common.Xml.Companion.renderAttribute
+import net.woggioni.gbcs.client.GbcsClient
+import org.w3c.dom.Document
+import java.net.URI
+import java.nio.file.Files
+import java.nio.file.Path
+import java.security.KeyStore
+import java.security.PrivateKey
+import java.security.cert.X509Certificate
+
+object Parser {
+
+    fun parse(document: Document): GbcsClient.Configuration {
+        val root = document.documentElement
+
+        val profiles = mutableMapOf<String, GbcsClient.Configuration.Profile>()
+
+        for (child in root.asIterable()) {
+            val tagName = child.localName
+            when (tagName) {
+                "profile" -> {
+                    val name = child.renderAttribute("name") ?: throw ConfigurationException("name attribute is required")
+                    val uri = child.renderAttribute("base-url")?.let(::URI) ?: throw ConfigurationException("base-url attribute is required")
+                    var authentication: GbcsClient.Configuration.Authentication? = null
+                    for (gchild in child.asIterable()) {
+                        when (gchild.localName) {
+                            "tls-client-auth" -> {
+                                val keyStoreFile = gchild.renderAttribute("key-store-file")
+                                val keyStorePassword =
+                                    gchild.renderAttribute("key-store-password")
+                                val keyAlias = gchild.renderAttribute("key-alias")
+                                val keyPassword = gchild.renderAttribute("key-password")
+
+                                val keystore = KeyStore.getInstance("PKCS12").apply {
+                                    Files.newInputStream(Path.of(keyStoreFile)).use {
+                                        load(it, keyStorePassword?.toCharArray())
+                                    }
+                                }
+                                val key = keystore.getKey(keyAlias, keyPassword?.toCharArray()) as PrivateKey
+                                val certChain = keystore.getCertificateChain(keyAlias).asSequence()
+                                    .map { it as X509Certificate }
+                                    .toList()
+                                    .toTypedArray()
+                                authentication =
+                                    GbcsClient.Configuration.Authentication.TlsClientAuthenticationCredentials(key, certChain)
+                            }
+
+                            "basic-auth" -> {
+                                val username = gchild.renderAttribute("user") ?: throw ConfigurationException("username attribute is required")
+                                val password = gchild.renderAttribute("password") ?: throw ConfigurationException("password attribute is required")
+                                authentication =
+                                    GbcsClient.Configuration.Authentication.BasicAuthenticationCredentials(username, password)
+                            }
+                        }
+                    }
+                    val maxConnections = child.renderAttribute("max-connections")
+                        ?.let(String::toInt)
+                        ?: 50
+                    profiles[name] = GbcsClient.Configuration.Profile(uri, authentication, maxConnections)
+                }
+            }
+        }
+        return GbcsClient.Configuration(profiles)
+    }
+}
--- a/gbcs-client/src/main/resources/net/woggioni/gbcs/client/schema/gbcs-client.xsd
+++ b/gbcs-client/src/main/resources/net/woggioni/gbcs/client/schema/gbcs-client.xsd
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<xs:schema targetNamespace="urn:net.woggioni.gbcs.client"
+           xmlns:xs="http://www.w3.org/2001/XMLSchema"
+           xmlns:gbcs-client="urn:net.woggioni.gbcs.client"
+           elementFormDefault="unqualified"
+>
+    <xs:element name="profiles" type="gbcs-client:profilesType"/>
+
+    <xs:complexType name="profilesType">
+        <xs:sequence minOccurs="0">
+            <xs:element name="profile" type="gbcs-client:profileType" maxOccurs="unbounded"/>
+        </xs:sequence>
+    </xs:complexType>
+
+    <xs:complexType name="profileType">
+        <xs:choice>
+            <xs:element name="basic-auth" type="gbcs-client:basicAuthType"/>
+            <xs:element name="tls-client-auth" type="gbcs-client:tlsClientAuthType"/>
+        </xs:choice>
+        <xs:attribute name="name" type="xs:token" use="required"/>
+        <xs:attribute name="base-url" type="xs:anyURI" use="required"/>
+        <xs:attribute name="max-connections" type="xs:positiveInteger" default="50"/>
+    </xs:complexType>
+
+    <xs:complexType name="basicAuthType">
+        <xs:attribute name="user" type="xs:token" use="required"/>
+        <xs:attribute name="password" type="xs:string" use="required"/>
+    </xs:complexType>
+
+    <xs:complexType name="tlsClientAuthType">
+        <xs:attribute name="key-store-file" type="xs:anyURI" use="required"/>
+        <xs:attribute name="key-store-password" type="xs:string" use="required"/>
+        <xs:attribute name="key-alias" type="xs:token" use="required"/>
+        <xs:attribute name="key-password" type="xs:string" use="optional"/>
+    </xs:complexType>
+
+</xs:schema>
--- a/gbcs-client/src/test/resources/net/woggioni/gbcs/client/test/gbcs-client.xml
+++ b/gbcs-client/src/test/resources/net/woggioni/gbcs/client/test/gbcs-client.xml
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<gbcs-client:profiles xmlns:xs="http://www.w3.org/2001/XMLSchema-instance"
+                      xmlns:gbcs-client="urn:net.woggioni.gbcs.client"
+                      xs:schemaLocation="urn:net.woggioni.gbcs.client jms://net.woggioni.gbcs.client/net/woggioni/gbcs/client/schema/gbcs-client.xsd"
+                      >
+    <profile name="profile1" base-url="https://gbcs1.example.com/">
+        <tls-client-auth
+                key-store-file="keystore.pfx"
+                key-store-password="password"
+                key-alias="woggioni@c962475fa38"
+                key-password="key-password"/>
+    </profile>
+    <profile name="profile2" base-url="https://gbcs2.example.com/">
+        <basic-auth user="user" password="password"/>
+    </profile>
+</gbcs-client:profiles>
--- a/gbcs-common/build.gradle
+++ b/gbcs-common/build.gradle
@@ -6,8 +6,9 @@ plugins {
 }

 dependencies {
-    compileOnly project(':gbcs-api')
-    compileOnly catalog.slf4j.api
+    implementation project(':gbcs-api')
+    implementation catalog.slf4j.api
+    implementation catalog.jwo
 }

 publishing {
--- a/gbcs-common/src/main/java/module-info.java
+++ b/gbcs-common/src/main/java/module-info.java
@@ -1,8 +1,9 @@
-module net.woggioni.gbcs.base {
+module net.woggioni.gbcs.common {
    requires java.xml;
    requires java.logging;
    requires org.slf4j;
    requires kotlin.stdlib;
+    requires net.woggioni.jwo;

-    exports net.woggioni.gbcs.base;
+    exports net.woggioni.gbcs.common;
 }
--- a/gbcs-common/src/main/kotlin/net/woggioni/gbcs/common/GBCS.kt
+++ b/gbcs-common/src/main/kotlin/net/woggioni/gbcs/common/GBCS.kt
@@ -1,4 +1,4 @@
-package net.woggioni.gbcs.base
+package net.woggioni.gbcs.common

 import java.net.URI
 import java.net.URL
@@ -6,7 +6,7 @@ import java.net.URL
 object GBCS {
    fun String.toUrl() : URL = URL.of(URI(this), null)

-    const val GBCS_NAMESPACE_URI: String = "urn:net.woggioni.gbcs"
+    const val GBCS_NAMESPACE_URI: String = "urn:net.woggioni.gbcs.server"
    const val GBCS_PREFIX: String = "gbcs"
    const val XML_SCHEMA_NAMESPACE_URI = "http://www.w3.org/2001/XMLSchema-instance"
 }
--- a/gbcs-common/src/main/kotlin/net/woggioni/gbcs/common/GbcsUrlStreamHandlerFactory.kt
+++ b/gbcs-common/src/main/kotlin/net/woggioni/gbcs/common/GbcsUrlStreamHandlerFactory.kt
@@ -1,4 +1,4 @@
-package net.woggioni.gbcs.base
+package net.woggioni.gbcs.common

 import java.io.IOException
 import java.io.InputStream
--- a/gbcs-common/src/main/kotlin/net/woggioni/gbcs/common/HostAndPort.kt
+++ b/gbcs-common/src/main/kotlin/net/woggioni/gbcs/common/HostAndPort.kt
@@ -1,4 +1,4 @@
-package net.woggioni.gbcs.base
+package net.woggioni.gbcs.common


 data class HostAndPort(val host: String, val port: Int = 0) {
--- a/gbcs-common/src/main/kotlin/net/woggioni/gbcs/common/Logging.kt
+++ b/gbcs-common/src/main/kotlin/net/woggioni/gbcs/common/Logging.kt
@@ -1,7 +1,8 @@
-package net.woggioni.gbcs.base
+package net.woggioni.gbcs.common

 import org.slf4j.Logger
 import org.slf4j.LoggerFactory
+import org.slf4j.event.Level
 import java.nio.file.Files
 import java.nio.file.Path
 import java.util.logging.LogManager
@@ -52,6 +53,12 @@ inline fun log(log : Logger,
    }
 }

+inline fun Logger.log(level : Level, messageBuilder : () -> String) {
+    if(isEnabledForLevel(level)) {
+        makeLoggingEventBuilder(level).log(messageBuilder())
+    }
+}
+
 inline fun Logger.trace(messageBuilder : () -> String) {
    if(isTraceEnabled) {
        trace(messageBuilder())
--- a/gbcs-common/src/main/kotlin/net/woggioni/gbcs/common/PasswordSecurity.kt
+++ b/gbcs-common/src/main/kotlin/net/woggioni/gbcs/common/PasswordSecurity.kt
@@ -1,4 +1,4 @@
-package net.woggioni.gbcs.base
+package net.woggioni.gbcs.common

 import java.security.SecureRandom
 import java.security.spec.KeySpec
--- a/gbcs-common/src/main/kotlin/net/woggioni/gbcs/common/Xml.kt
+++ b/gbcs-common/src/main/kotlin/net/woggioni/gbcs/common/Xml.kt
@@ -1,6 +1,8 @@
-package net.woggioni.gbcs.base
+package net.woggioni.gbcs.common

+import net.woggioni.jwo.JWO
 import org.slf4j.LoggerFactory
+import org.slf4j.event.Level
 import org.w3c.dom.Document
 import org.w3c.dom.Element
 import org.w3c.dom.Node
@@ -80,31 +82,36 @@ class Xml(val doc: Document, val element: Element) {
            private val log = LoggerFactory.getLogger(ErrorHandler::class.java)
        }

-        override fun warning(ex: SAXParseException) {
-            log.warn(
-                "Problem at {}:{}:{} parsing deployment configuration: {}",
-                fileURL, ex.lineNumber, ex.columnNumber, ex.message
-            )
-        }
+         override fun warning(ex: SAXParseException)= err(ex, Level.WARN)

-        override fun error(ex: SAXParseException) {
-            log.error(
-                "Problem at {}:{}:{} parsing deployment configuration: {}",
-                fileURL, ex.lineNumber, ex.columnNumber, ex.message
-            )
+        private fun err(ex: SAXParseException, level: Level) {
+            log.log(level) {
+                "Problem at ${fileURL}:${ex.lineNumber}:${ex.columnNumber} parsing deployment configuration: ${ex.message}"
+            }
            throw ex
        }

-        override fun fatalError(ex: SAXParseException) {
-            log.error(
-                "Problem at {}:{}:{} parsing deployment configuration: {}",
-                fileURL, ex.lineNumber, ex.columnNumber, ex.message
-            )
-            throw ex
-        }
+        override fun error(ex: SAXParseException) = err(ex, Level.ERROR)
+        override fun fatalError(ex: SAXParseException) = err(ex, Level.ERROR)
    }

    companion object {
+        private val dictMap: Map<String, Map<String, Any>> = sequenceOf(
+            "env" to System.getenv().asSequence().map { (k, v) -> k to (v as Any) }.toMap(),
+            "sys" to System.getProperties().asSequence().map { (k, v) -> k as String to (v as Any) }.toMap()
+        ).toMap()
+
+        private fun renderConfigurationTemplate(template: String): String {
+            return JWO.renderTemplate(template, emptyMap(), dictMap).replace("$$", "$")
+        }
+
+        fun Element.renderAttribute(name : String, namespaceURI: String? = null) = if(namespaceURI == null) {
+            getAttribute(name)
+        } else {
+            getAttributeNS(name, namespaceURI)
+        }.takeIf(String::isNotEmpty)?.let(Companion::renderConfigurationTemplate)
+
+
        fun Element.asIterable() = Iterable { ElementIterator(this, null) }
        fun NodeList.asIterable() = Iterable { NodeListIterator(this) }

@@ -146,29 +153,29 @@ class Xml(val doc: Document, val element: Element) {
            dbf.isExpandEntityReferences = true
            dbf.isIgnoringComments = true
            dbf.isNamespaceAware = true
-            dbf.isValidating = false
-            dbf.setFeature("http://apache.org/xml/features/validation/schema", true);
+            dbf.isValidating = schemaResourceURL == null
+            dbf.setFeature("http://apache.org/xml/features/validation/schema", true)
            schemaResourceURL?.let {
                dbf.schema = getSchema(it)
            }
            return dbf
        }

-    fun newDocumentBuilder(resource: URL, schemaResourceURL: URL?): DocumentBuilder {
-        val db = newDocumentBuilderFactory(schemaResourceURL).newDocumentBuilder()
-        db.setErrorHandler(ErrorHandler(resource))
-        return db
-    }
+        fun newDocumentBuilder(resource: URL, schemaResourceURL: URL?): DocumentBuilder {
+            val db = newDocumentBuilderFactory(schemaResourceURL).newDocumentBuilder()
+            db.setErrorHandler(ErrorHandler(resource))
+            return db
+        }

-    fun parseXmlResource(resource: URL, schemaResourceURL: URL?): Document {
-        val db = newDocumentBuilder(resource, schemaResourceURL)
-        return resource.openStream().use(db::parse)
-    }
+        fun parseXmlResource(resource: URL, schemaResourceURL: URL?): Document {
+            val db = newDocumentBuilder(resource, schemaResourceURL)
+            return resource.openStream().use(db::parse)
+        }

-    fun parseXml(sourceURL : URL, sourceStream: InputStream? = null, schemaResourceURL: URL? = null): Document {
-        val db = newDocumentBuilder(sourceURL, schemaResourceURL)
-        return sourceStream?.let(db::parse) ?: sourceURL.openStream().use(db::parse)
-    }
+        fun parseXml(sourceURL: URL, sourceStream: InputStream? = null, schemaResourceURL: URL? = null): Document {
+            val db = newDocumentBuilder(sourceURL, schemaResourceURL)
+            return sourceStream?.let(db::parse) ?: sourceURL.openStream().use(db::parse)
+        }

        fun write(doc: Document, output: OutputStream) {
            val transformerFactory = TransformerFactory.newInstance()
@@ -183,7 +190,12 @@ class Xml(val doc: Document, val element: Element) {
            transformer.transform(source, result)
        }

-        fun of(namespaceURI: String, qualifiedName: String, schemaResourceURL: URL? = null, cb: Xml.(el: Element) -> Unit): Document {
+        fun of(
+            namespaceURI: String,
+            qualifiedName: String,
+            schemaResourceURL: URL? = null,
+            cb: Xml.(el: Element) -> Unit
+        ): Document {
            val dbf = newDocumentBuilderFactory(schemaResourceURL)
            val db = dbf.newDocumentBuilder()
            val doc = db.newDocument()
@@ -207,7 +219,7 @@ class Xml(val doc: Document, val element: Element) {

    fun node(
        name: String,
-        namespaceURI : String? = null,
+        namespaceURI: String? = null,
        attrs: Map<String, String> = emptyMap(),
        cb: Xml.(el: Element) -> Unit = {}
    ): Element {
@@ -222,7 +234,7 @@ class Xml(val doc: Document, val element: Element) {
            }
    }

-    fun attr(key: String, value: String, namespaceURI : String? = null) {
+    fun attr(key: String, value: String, namespaceURI: String? = null) {
        element.setAttributeNS(namespaceURI, key, value)
    }

--- a/gbcs-memcached/src/main/java/module-info.java
+++ b/gbcs-memcached/src/main/java/module-info.java
@@ -1,14 +0,0 @@
-import net.woggioni.gbcs.api.CacheProvider;
-
-module net.woggioni.gbcs.memcached {
-    requires net.woggioni.gbcs.base;
-    requires net.woggioni.gbcs.api;
-    requires com.googlecode.xmemcached;
-    requires net.woggioni.jwo;
-    requires java.xml;
-    requires kotlin.stdlib;
-
-    provides CacheProvider with net.woggioni.gbcs.memcached.MemcachedCacheProvider;
-
-    opens net.woggioni.gbcs.memcached.schema;
-}
--- a/gbcs-memcached/src/main/kotlin/net/woggioni/gbcs/memcached/MemcachedCacheProvider.kt
+++ b/gbcs-memcached/src/main/kotlin/net/woggioni/gbcs/memcached/MemcachedCacheProvider.kt
@@ -1,85 +0,0 @@
-package net.woggioni.gbcs.memcached
-
-import net.rubyeye.xmemcached.transcoders.CompressionMode
-import net.woggioni.gbcs.api.CacheProvider
-import net.woggioni.gbcs.base.GBCS
-import net.woggioni.gbcs.base.HostAndPort
-import net.woggioni.gbcs.base.Xml
-import net.woggioni.gbcs.base.Xml.Companion.asIterable
-import org.w3c.dom.Document
-import org.w3c.dom.Element
-import java.time.Duration
-import java.util.zip.Deflater
-
-class MemcachedCacheProvider : CacheProvider<MemcachedCacheConfiguration> {
-    override fun getXmlSchemaLocation() = "classpath:net/woggioni/gbcs/memcached/schema/gbcs-memcached.xsd"
-
-    override fun getXmlType() = "memcachedCacheType"
-
-    override fun getXmlNamespace()= "urn:net.woggioni.gbcs-memcached"
-
-    override fun deserialize(el: Element): MemcachedCacheConfiguration {
-        val servers = mutableListOf<HostAndPort>()
-        val maxAge = el.getAttribute("max-age")
-            .takeIf(String::isNotEmpty)
-            ?.let(Duration::parse)
-            ?: Duration.ofDays(1)
-        val maxSize = el.getAttribute("max-size")
-            .takeIf(String::isNotEmpty)
-            ?.let(String::toInt)
-            ?: 0x100000
-        val enableCompression = el.getAttribute("enable-compression")
-            .takeIf(String::isNotEmpty)
-            ?.let(String::toBoolean)
-            ?: false
-        val compressionMode = el.getAttribute("compression-mode")
-            .takeIf(String::isNotEmpty)
-            ?.let {
-                when(it) {
-                    "gzip" -> CompressionMode.GZIP
-                    "zip" -> CompressionMode.ZIP
-                    else -> CompressionMode.ZIP
-                }
-            }
-            ?: CompressionMode.ZIP
-        val digestAlgorithm = el.getAttribute("digest").takeIf(String::isNotEmpty)
-        for (child in el.asIterable()) {
-            when (child.nodeName) {
-                "server" -> {
-                    servers.add(HostAndPort(child.getAttribute("host"), child.getAttribute("port").toInt()))
-                }
-            }
-        }
-
-        return MemcachedCacheConfiguration(
-            servers,
-            maxAge,
-            maxSize,
-            digestAlgorithm,
-            compressionMode,
-        )
-    }
-
-    override fun serialize(doc: Document, cache : MemcachedCacheConfiguration) = cache.run {
-        val result = doc.createElementNS(xmlNamespace,"cache")
-        Xml.of(doc, result) {
-            attr("xs:type", xmlType, GBCS.XML_SCHEMA_NAMESPACE_URI)
-            for (server in servers) {
-                node("server", xmlNamespace) {
-                    attr("host", server.host)
-                    attr("port", server.port.toString())
-                }
-            }
-            attr("max-age", maxAge.toString())
-            attr("max-size", maxSize.toString())
-            digestAlgorithm?.let { digestAlgorithm ->
-                attr("digest", digestAlgorithm)
-            }
-            attr("compression-mode", when(compressionMode) {
-                CompressionMode.GZIP -> "gzip"
-                CompressionMode.ZIP -> "zip"
-            })
-        }
-        result
-    }
-}
--- a/gbcs-memcached/src/main/resources/META-INF/services/net.woggioni.gbcs.api.CacheProvider
+++ b/gbcs-memcached/src/main/resources/META-INF/services/net.woggioni.gbcs.api.CacheProvider
@@ -1 +0,0 @@
-net.woggioni.gbcs.memcached.MemcachedCacheProvider
--- a/gbcs-server-memcached/build.gradle
+++ b/gbcs-server-memcached/build.gradle
@@ -1,6 +1,3 @@
-import org.jetbrains.kotlin.gradle.dsl.JvmTarget
-import org.jetbrains.kotlin.gradle.tasks.KotlinCompile
-
 plugins {
    id 'java-library'
    id 'maven-publish'
@@ -32,7 +29,7 @@ configurations {
 }

 dependencies {
-    compileOnly project(':gbcs-base')
+    compileOnly project(':gbcs-common')
    compileOnly project(':gbcs-api')
    compileOnly catalog.jwo
    implementation catalog.xmemcached
--- a/gbcs-server-memcached/src/main/java/module-info.java
+++ b/gbcs-server-memcached/src/main/java/module-info.java
@@ -0,0 +1,14 @@
+import net.woggioni.gbcs.api.CacheProvider;
+
+module net.woggioni.gbcs.server.memcached {
+    requires net.woggioni.gbcs.common;
+    requires net.woggioni.gbcs.api;
+    requires com.googlecode.xmemcached;
+    requires net.woggioni.jwo;
+    requires java.xml;
+    requires kotlin.stdlib;
+
+    provides CacheProvider with net.woggioni.gbcs.server.memcached.MemcachedCacheProvider;
+
+    opens net.woggioni.gbcs.server.memcached.schema;
+}
--- a/gbcs-server-memcached/src/main/kotlin/net/woggioni/gbcs/server/memcached/MemcachedCache.kt
+++ b/gbcs-server-memcached/src/main/kotlin/net/woggioni/gbcs/server/memcached/MemcachedCache.kt
@@ -1,13 +1,12 @@
-package net.woggioni.gbcs.memcached
+package net.woggioni.gbcs.server.memcached

-import net.rubyeye.xmemcached.MemcachedClient
 import net.rubyeye.xmemcached.XMemcachedClientBuilder
 import net.rubyeye.xmemcached.command.BinaryCommandFactory
 import net.rubyeye.xmemcached.transcoders.CompressionMode
 import net.rubyeye.xmemcached.transcoders.SerializingTranscoder
 import net.woggioni.gbcs.api.Cache
 import net.woggioni.gbcs.api.exception.ContentTooLargeException
-import net.woggioni.gbcs.base.HostAndPort
+import net.woggioni.gbcs.common.HostAndPort
 import net.woggioni.jwo.JWO
 import java.io.ByteArrayInputStream
 import java.net.InetSocketAddress
--- a/gbcs-server-memcached/src/main/kotlin/net/woggioni/gbcs/server/memcached/MemcachedCacheConfiguration.kt
+++ b/gbcs-server-memcached/src/main/kotlin/net/woggioni/gbcs/server/memcached/MemcachedCacheConfiguration.kt
@@ -1,8 +1,8 @@
-package net.woggioni.gbcs.memcached
+package net.woggioni.gbcs.server.memcached

 import net.rubyeye.xmemcached.transcoders.CompressionMode
 import net.woggioni.gbcs.api.Configuration
-import net.woggioni.gbcs.base.HostAndPort
+import net.woggioni.gbcs.common.HostAndPort
 import java.time.Duration

 data class MemcachedCacheConfiguration(
@@ -20,7 +20,7 @@ data class MemcachedCacheConfiguration(
        compressionMode
    )

-    override fun getNamespaceURI() = "urn:net.woggioni.gbcs-memcached"
+    override fun getNamespaceURI() = "urn:net.woggioni.gbcs.server.memcached"

    override fun getTypeName() = "memcachedCacheType"
 }
--- a/gbcs-server-memcached/src/main/kotlin/net/woggioni/gbcs/server/memcached/MemcachedCacheProvider.kt
+++ b/gbcs-server-memcached/src/main/kotlin/net/woggioni/gbcs/server/memcached/MemcachedCacheProvider.kt
@@ -0,0 +1,88 @@
+package net.woggioni.gbcs.server.memcached
+
+import net.rubyeye.xmemcached.transcoders.CompressionMode
+import net.woggioni.gbcs.api.CacheProvider
+import net.woggioni.gbcs.api.exception.ConfigurationException
+import net.woggioni.gbcs.common.GBCS
+import net.woggioni.gbcs.common.HostAndPort
+import net.woggioni.gbcs.common.Xml
+import net.woggioni.gbcs.common.Xml.Companion.asIterable
+import net.woggioni.gbcs.common.Xml.Companion.renderAttribute
+import org.w3c.dom.Document
+import org.w3c.dom.Element
+import java.time.Duration
+
+class MemcachedCacheProvider : CacheProvider<MemcachedCacheConfiguration> {
+    override fun getXmlSchemaLocation() = "jpms://net.woggioni.gbcs.server.memcached/net/woggioni/gbcs/server/memcached/schema/gbcs-memcached.xsd"
+
+    override fun getXmlType() = "memcachedCacheType"
+
+    override fun getXmlNamespace() = "urn:net.woggioni.gbcs.server.memcached"
+
+    val xmlNamespacePrefix : String
+        get() = "gbcs-memcached"
+
+    override fun deserialize(el: Element): MemcachedCacheConfiguration {
+        val servers = mutableListOf<HostAndPort>()
+        val maxAge = el.renderAttribute("max-age")
+            ?.let(Duration::parse)
+            ?: Duration.ofDays(1)
+        val maxSize = el.renderAttribute("max-size")
+            ?.let(String::toInt)
+            ?: 0x100000
+        val compressionMode = el.renderAttribute("compression-mode")
+            ?.let {
+                when (it) {
+                    "gzip" -> CompressionMode.GZIP
+                    "zip" -> CompressionMode.ZIP
+                    else -> CompressionMode.ZIP
+                }
+            }
+            ?: CompressionMode.ZIP
+        val digestAlgorithm = el.renderAttribute("digest")
+        for (child in el.asIterable()) {
+            when (child.nodeName) {
+                "server" -> {
+                    val host = child.renderAttribute("host") ?: throw ConfigurationException("host attribute is required")
+                    val port = child.renderAttribute("port")?.toInt() ?: throw ConfigurationException("port attribute is required")
+                    servers.add(HostAndPort(host, port))
+                }
+            }
+        }
+
+        return MemcachedCacheConfiguration(
+            servers,
+            maxAge,
+            maxSize,
+            digestAlgorithm,
+            compressionMode,
+        )
+    }
+
+    override fun serialize(doc: Document, cache: MemcachedCacheConfiguration) = cache.run {
+        val result = doc.createElement("cache")
+        Xml.of(doc, result) {
+            attr("xmlns:${xmlNamespacePrefix}", xmlNamespace, namespaceURI = "http://www.w3.org/2000/xmlns/")
+
+            attr("xs:type", "${xmlNamespacePrefix}:$xmlType", GBCS.XML_SCHEMA_NAMESPACE_URI)
+            for (server in servers) {
+                node("server") {
+                    attr("host", server.host)
+                    attr("port", server.port.toString())
+                }
+            }
+            attr("max-age", maxAge.toString())
+            attr("max-size", maxSize.toString())
+            digestAlgorithm?.let { digestAlgorithm ->
+                attr("digest", digestAlgorithm)
+            }
+            attr(
+                "compression-mode", when (compressionMode) {
+                    CompressionMode.GZIP -> "gzip"
+                    CompressionMode.ZIP -> "zip"
+                }
+            )
+        }
+        result
+    }
+}
--- a/gbcs-server-memcached/src/main/resources/META-INF/services/net.woggioni.gbcs.api.CacheProvider
+++ b/gbcs-server-memcached/src/main/resources/META-INF/services/net.woggioni.gbcs.api.CacheProvider
@@ -0,0 +1 @@
+net.woggioni.gbcs.server.memcached.MemcachedCacheProvider
--- a/gbcs-server-memcached/src/main/resources/net/woggioni/gbcs/server/memcached/schema/gbcs-memcached.xsd
+++ b/gbcs-server-memcached/src/main/resources/net/woggioni/gbcs/server/memcached/schema/gbcs-memcached.xsd
@@ -1,13 +1,13 @@
 <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<xs:schema targetNamespace="urn:net.woggioni.gbcs-memcached"
-           xmlns:gbcs-memcached="urn:net.woggioni.gbcs-memcached"
-           xmlns:gbcs="urn:net.woggioni.gbcs"
+<xs:schema targetNamespace="urn:net.woggioni.gbcs.server.memcached"
+           xmlns:gbcs-memcached="urn:net.woggioni.gbcs.server.memcached"
+           xmlns:gbcs="urn:net.woggioni.gbcs.server"
           xmlns:xs="http://www.w3.org/2001/XMLSchema">

-    <xs:import schemaLocation="classpath:net/woggioni/gbcs/schema/gbcs.xsd" namespace="urn:net.woggioni.gbcs"/>
+    <xs:import schemaLocation="jpms://net.woggioni.gbcs.server/net/woggioni/gbcs/server/schema/gbcs.xsd" namespace="urn:net.woggioni.gbcs.server"/>

    <xs:complexType name="memcachedServerType">
-        <xs:attribute name="host" type="xs:string" use="required"/>
+        <xs:attribute name="host" type="xs:token" use="required"/>
        <xs:attribute name="port" type="xs:positiveInteger" use="required"/>
    </xs:complexType>

@@ -20,14 +20,14 @@
                <xs:attribute name="max-age" type="xs:duration" default="P1D"/>
                <xs:attribute name="max-size" type="xs:unsignedInt" default="1048576"/>
                <xs:attribute name="digest" type="xs:token" />
-                <xs:attribute name="compression-type" type="gbcs-memcached:compressionType" default="deflate"/>
+                <xs:attribute name="compression-mode" type="gbcs-memcached:compressionType" default="zip"/>
            </xs:extension>
        </xs:complexContent>
    </xs:complexType>

    <xs:simpleType name="compressionType">
        <xs:restriction base="xs:token">
-            <xs:enumeration value="deflate"/>
+            <xs:enumeration value="zip"/>
            <xs:enumeration value="gzip"/>
        </xs:restriction>
    </xs:simpleType>
--- a/gbcs-server/build.gradle
+++ b/gbcs-server/build.gradle
@@ -0,0 +1,35 @@
+plugins {
+    id 'java-library'
+    alias catalog.plugins.kotlin.jvm
+    id 'maven-publish'
+}
+
+dependencies {
+    implementation catalog.jwo
+    implementation catalog.slf4j.api
+    implementation catalog.netty.codec.http
+
+    api project(':gbcs-common')
+    api project(':gbcs-api')
+
+//    runtimeOnly catalog.slf4j.jdk14
+    testRuntimeOnly catalog.logback.classic
+
+    testImplementation catalog.bcprov.jdk18on
+    testImplementation catalog.bcpkix.jdk18on
+    testImplementation catalog.junit.jupiter.api
+    testImplementation catalog.junit.jupiter.params
+    testRuntimeOnly catalog.junit.jupiter.engine
+
+    testRuntimeOnly project(":gbcs-server-memcached")
+}
+
+publishing {
+    publications {
+        maven(MavenPublication) {
+            from(components["java"])
+        }
+    }
+}
+
+
--- a/gbcs-server/src/main/java/module-info.java
+++ b/gbcs-server/src/main/java/module-info.java
@@ -1,7 +1,7 @@
 import net.woggioni.gbcs.api.CacheProvider;
-import net.woggioni.gbcs.cache.FileSystemCacheProvider;
+import net.woggioni.gbcs.server.cache.FileSystemCacheProvider;

-module net.woggioni.gbcs {
+module net.woggioni.gbcs.server {
    requires java.sql;
    requires java.xml;
    requires java.logging;
@@ -15,13 +15,13 @@ module net.woggioni.gbcs {
    requires io.netty.codec;
    requires org.slf4j;
    requires net.woggioni.jwo;
-    requires net.woggioni.gbcs.base;
+    requires net.woggioni.gbcs.common;
    requires net.woggioni.gbcs.api;

-    exports net.woggioni.gbcs;
+    exports net.woggioni.gbcs.server;

-    opens net.woggioni.gbcs;
-    opens net.woggioni.gbcs.schema;
+    opens net.woggioni.gbcs.server;
+    opens net.woggioni.gbcs.server.schema;

    uses CacheProvider;
    provides CacheProvider with FileSystemCacheProvider;
--- a/gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/GradleBuildCacheServer.kt
+++ b/gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/GradleBuildCacheServer.kt
@@ -1,4 +1,4 @@
-package net.woggioni.gbcs
+package net.woggioni.gbcs.server

 import io.netty.bootstrap.ServerBootstrap
 import io.netty.buffer.ByteBuf
@@ -7,6 +7,7 @@ import io.netty.channel.Channel
 import io.netty.channel.ChannelDuplexHandler
 import io.netty.channel.ChannelFuture
 import io.netty.channel.ChannelFutureListener
+import io.netty.channel.ChannelHandler.Sharable
 import io.netty.channel.ChannelHandlerContext
 import io.netty.channel.ChannelInitializer
 import io.netty.channel.ChannelOption
@@ -36,6 +37,7 @@ import io.netty.handler.codec.http.LastHttpContent
 import io.netty.handler.ssl.ClientAuth
 import io.netty.handler.ssl.SslContext
 import io.netty.handler.ssl.SslContextBuilder
+import io.netty.handler.ssl.SslHandler
 import io.netty.handler.stream.ChunkedNioFile
 import io.netty.handler.stream.ChunkedNioStream
 import io.netty.handler.stream.ChunkedWriteHandler
@@ -44,19 +46,20 @@ import io.netty.util.concurrent.EventExecutorGroup
 import net.woggioni.gbcs.api.Cache
 import net.woggioni.gbcs.api.Configuration
 import net.woggioni.gbcs.api.Role
+import net.woggioni.gbcs.api.exception.ConfigurationException
 import net.woggioni.gbcs.api.exception.ContentTooLargeException
-import net.woggioni.gbcs.auth.AbstractNettyHttpAuthenticator
-import net.woggioni.gbcs.auth.Authorizer
-import net.woggioni.gbcs.auth.ClientCertificateValidator
-import net.woggioni.gbcs.auth.RoleAuthorizer
-import net.woggioni.gbcs.base.GBCS.toUrl
-import net.woggioni.gbcs.base.PasswordSecurity.decodePasswordHash
-import net.woggioni.gbcs.base.PasswordSecurity.hashPassword
-import net.woggioni.gbcs.base.Xml
-import net.woggioni.gbcs.base.contextLogger
-import net.woggioni.gbcs.base.info
-import net.woggioni.gbcs.configuration.Parser
-import net.woggioni.gbcs.configuration.Serializer
+import net.woggioni.gbcs.common.GBCS.toUrl
+import net.woggioni.gbcs.common.PasswordSecurity.decodePasswordHash
+import net.woggioni.gbcs.common.PasswordSecurity.hashPassword
+import net.woggioni.gbcs.common.Xml
+import net.woggioni.gbcs.common.contextLogger
+import net.woggioni.gbcs.common.info
+import net.woggioni.gbcs.server.auth.AbstractNettyHttpAuthenticator
+import net.woggioni.gbcs.server.auth.Authorizer
+import net.woggioni.gbcs.server.auth.ClientCertificateValidator
+import net.woggioni.gbcs.server.auth.RoleAuthorizer
+import net.woggioni.gbcs.server.configuration.Parser
+import net.woggioni.gbcs.server.configuration.Serializer
 import net.woggioni.jwo.JWO
 import net.woggioni.jwo.Tuple2
 import java.io.OutputStream
@@ -72,11 +75,28 @@ import java.util.Base64
 import java.util.regex.Matcher
 import java.util.regex.Pattern
 import javax.naming.ldap.LdapName
-import javax.net.ssl.SSLEngine
 import javax.net.ssl.SSLPeerUnverifiedException


 class GradleBuildCacheServer(private val cfg: Configuration) {
+    private val log = contextLogger()
+
+    companion object {
+
+        val DEFAULT_CONFIGURATION_URL by lazy { "classpath:net/woggioni/gbcs/gbcs-default.xml".toUrl() }
+        private const val SSL_HANDLER_NAME = "sslHandler"
+
+        fun loadConfiguration(configurationFile: Path): Configuration {
+            val doc = Files.newInputStream(configurationFile).use {
+                Xml.parseXml(configurationFile.toUri().toURL(), it)
+            }
+            return Parser.parse(doc)
+        }
+
+        fun dumpConfiguration(conf: Configuration, outputStream: OutputStream) {
+            Xml.write(Serializer.serialize(conf), outputStream)
+        }
+    }

    private class HttpChunkContentCompressor(
        threshold: Int,
@@ -99,61 +119,59 @@ class GradleBuildCacheServer(private val cfg: Configuration) {
        }
    }

+    @Sharable
    private class ClientCertificateAuthenticator(
        authorizer: Authorizer,
-        private val sslEngine: SSLEngine,
+        private val anonymousUserRoles: Set<Role>?,
        private val userExtractor: Configuration.UserExtractor?,
        private val groupExtractor: Configuration.GroupExtractor?,
    ) : AbstractNettyHttpAuthenticator(authorizer) {

-        companion object {
-            private val log = contextLogger()
-        }
-
        override fun authenticate(ctx: ChannelHandlerContext, req: HttpRequest): Set<Role>? {
            return try {
-                sslEngine.session.peerCertificates
+                val sslHandler = (ctx.pipeline().get(SSL_HANDLER_NAME) as? SslHandler)
+                    ?: throw ConfigurationException("Client certificate authentication cannot be used when TLS is disabled")
+                val sslEngine = sslHandler.engine()
+                sslEngine.session.peerCertificates.takeIf {
+                    it.isNotEmpty()
+                }?.let { peerCertificates ->
+                    val clientCertificate = peerCertificates.first() as X509Certificate
+                    val user = userExtractor?.extract(clientCertificate)
+                    val group = groupExtractor?.extract(clientCertificate)
+                    (group?.roles ?: emptySet()) + (user?.roles ?: emptySet())
+                } ?: anonymousUserRoles
            } catch (es: SSLPeerUnverifiedException) {
-                null
-            }?.takeIf {
-                it.isNotEmpty()
-            }?.let { peerCertificates ->
-                val clientCertificate = peerCertificates.first() as X509Certificate
-                val user = userExtractor?.extract(clientCertificate)
-                val group = groupExtractor?.extract(clientCertificate)
-                (group?.roles ?: emptySet()) + (user?.roles ?: emptySet())
+                anonymousUserRoles
            }
        }
    }

+    @Sharable
    private class NettyHttpBasicAuthenticator(
        private val users: Map<String, Configuration.User>, authorizer: Authorizer
    ) : AbstractNettyHttpAuthenticator(authorizer) {
-
-        companion object {
-            private val log = contextLogger()
-        }
+        private val log = contextLogger()

        override fun authenticate(ctx: ChannelHandlerContext, req: HttpRequest): Set<Role>? {
            val authorizationHeader = req.headers()[HttpHeaderNames.AUTHORIZATION] ?: let {
                log.debug(ctx) {
                    "Missing Authorization header"
                }
-                return null
+                return users[""]?.roles
            }
            val cursor = authorizationHeader.indexOf(' ')
            if (cursor < 0) {
                log.debug(ctx) {
                    "Invalid Authorization header: '$authorizationHeader'"
                }
-                return null
+                return users[""]?.roles
            }
            val authenticationType = authorizationHeader.substring(0, cursor)
            if ("Basic" != authenticationType) {
                log.debug(ctx) {
                    "Invalid authentication type header: '$authenticationType'"
                }
-                return null
+                return users[""]?.roles
            }
            val (username, password) = Base64.getDecoder().decode(authorizationHeader.substring(cursor + 1))
                .let(::String)
@@ -182,6 +200,28 @@ class GradleBuildCacheServer(private val cfg: Configuration) {
        private val eventExecutorGroup: EventExecutorGroup
    ) : ChannelInitializer<Channel>() {

+        private val serverHandler = let {
+            val cacheImplementation = cfg.cache.materialize()
+            val prefix = Path.of("/").resolve(Path.of(cfg.serverPath ?: "/"))
+            ServerHandler(cacheImplementation, prefix)
+        }
+
+        private val exceptionHandler = ExceptionHandler()
+
+        private val authenticator = when (val auth = cfg.authentication) {
+            is Configuration.BasicAuthentication -> NettyHttpBasicAuthenticator(cfg.users, RoleAuthorizer())
+            is Configuration.ClientCertificateAuthentication -> {
+                ClientCertificateAuthenticator(
+                    RoleAuthorizer(),
+                    cfg.users[""]?.roles,
+                    userExtractor(auth),
+                    groupExtractor(auth)
+                )
+            }
+
+            else -> null
+        }
+
        companion object {
            private fun createSslCtx(tls: Configuration.Tls): SslContext {
                val keyStore = tls.keyStore
@@ -199,8 +239,7 @@ class GradleBuildCacheServer(private val cfg: Configuration) {
                    SslContextBuilder.forServer(serverKey, *serverCert).apply {
                        if (tls.isVerifyClients) {
                            clientAuth(ClientAuth.OPTIONAL)
-                            val trustStore = tls.trustStore
-                            if (trustStore != null) {
+                            tls.trustStore?.let { trustStore ->
                                val ts = loadKeystore(trustStore.file, trustStore.password)
                                trustManager(
                                    ClientCertificateValidator.getTrustManager(ts, trustStore.isCheckCertificateStatus)
@@ -265,40 +304,22 @@ class GradleBuildCacheServer(private val cfg: Configuration) {

        override fun initChannel(ch: Channel) {
            val pipeline = ch.pipeline()
-            val auth = cfg.authentication
-            var authenticator: AbstractNettyHttpAuthenticator? = null
-            if (auth is Configuration.BasicAuthentication) {
-                val roleAuthorizer = RoleAuthorizer()
-                authenticator = (NettyHttpBasicAuthenticator(cfg.users, roleAuthorizer))
-            }
-            if (sslContext != null) {
-                val sslHandler = sslContext.newHandler(ch.alloc())
-                pipeline.addLast(sslHandler)
-
-                if (auth is Configuration.ClientCertificateAuthentication) {
-                    val roleAuthorizer = RoleAuthorizer()
-                    authenticator = ClientCertificateAuthenticator(
-                        roleAuthorizer,
-                        sslHandler.engine(),
-                        userExtractor(auth),
-                        groupExtractor(auth)
-                    )
-                }
+            sslContext?.newHandler(ch.alloc())?.also {
+                pipeline.addLast(SSL_HANDLER_NAME, it)
            }
            pipeline.addLast(HttpServerCodec())
            pipeline.addLast(HttpChunkContentCompressor(1024))
            pipeline.addLast(ChunkedWriteHandler())
-            pipeline.addLast(HttpObjectAggregator(Int.MAX_VALUE))
+            pipeline.addLast(HttpObjectAggregator(cfg.maxRequestSize))
            authenticator?.let {
                pipeline.addLast(it)
            }
-            val cacheImplementation = cfg.cache.materialize()
-            val prefix = Path.of("/").resolve(Path.of(cfg.serverPath ?: "/"))
-            pipeline.addLast(eventExecutorGroup, ServerHandler(cacheImplementation, prefix))
-            pipeline.addLast(ExceptionHandler())
+            pipeline.addLast(eventExecutorGroup, serverHandler)
+            pipeline.addLast(exceptionHandler)
        }
    }

+    @Sharable
    private class ExceptionHandler : ChannelDuplexHandler() {
        private val log = contextLogger()

@@ -339,12 +360,11 @@ class GradleBuildCacheServer(private val cfg: Configuration) {
        }
    }

+    @Sharable
    private class ServerHandler(private val cache: Cache, private val serverPrefix: Path) :
        SimpleChannelInboundHandler<FullHttpRequest>() {

-        companion object {
-            private val log = contextLogger()
-        }
+        private val log = contextLogger()

        override fun channelRead0(ctx: ChannelHandlerContext, msg: FullHttpRequest) {
            val keepAlive: Boolean = HttpUtil.isKeepAlive(msg)
@@ -446,11 +466,11 @@ class GradleBuildCacheServer(private val cfg: Configuration) {

    class ServerHandle(
        httpChannelFuture: ChannelFuture,
-        private val executorGroups : Iterable<EventExecutorGroup>
+        private val executorGroups: Iterable<EventExecutorGroup>
    ) : AutoCloseable {
        private val httpChannel: Channel = httpChannelFuture.channel()
-
        private val closeFuture: ChannelFuture = httpChannel.closeFuture()
+        private val log = contextLogger()

        fun shutdown(): ChannelFuture {
            return httpChannel.close()
@@ -476,7 +496,7 @@ class GradleBuildCacheServer(private val cfg: Configuration) {
        val serverSocketChannel = NioServerSocketChannel::class.java
        val workerGroup = bossGroup
        val eventExecutorGroup = run {
-            val threadFactory = if(cfg.isUseVirtualThread) {
+            val threadFactory = if (cfg.isUseVirtualThread) {
                Thread.ofVirtual().factory()
            } else {
                null
@@ -489,7 +509,7 @@ class GradleBuildCacheServer(private val cfg: Configuration) {
            group(bossGroup, workerGroup)
            channel(serverSocketChannel)
            childHandler(ServerInitializer(cfg, eventExecutorGroup))
-            option(ChannelOption.SO_BACKLOG, 128)
+            option(ChannelOption.SO_BACKLOG, cfg.incomingConnectionsBacklogSize)
            childOption(ChannelOption.SO_KEEPALIVE, true)
        }

@@ -502,22 +522,4 @@ class GradleBuildCacheServer(private val cfg: Configuration) {
        }
        return ServerHandle(httpChannel, setOf(bossGroup, workerGroup, eventExecutorGroup))
    }
-
-    companion object {
-
-        val DEFAULT_CONFIGURATION_URL by lazy { "classpath:net/woggioni/gbcs/gbcs-default.xml".toUrl() }
-
-        fun loadConfiguration(configurationFile: Path): Configuration {
-            val dbf = Xml.newDocumentBuilderFactory(null)
-            val db = dbf.newDocumentBuilder()
-            val doc = Files.newInputStream(configurationFile).use(db::parse)
-            return Parser.parse(doc)
-        }
-
-        fun dumpConfiguration(conf: Configuration, outputStream: OutputStream) {
-            Xml.write(Serializer.serialize(conf), outputStream)
-        }
-
-        private val log = contextLogger()
-    }
 }
--- a/gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/Logging.kt
+++ b/gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/Logging.kt
@@ -1,4 +1,4 @@
-package net.woggioni.gbcs
+package net.woggioni.gbcs.server

 import io.netty.channel.ChannelHandlerContext
 import org.slf4j.Logger
--- a/gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/auth/Authenticator.kt
+++ b/gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/auth/Authenticator.kt
@@ -1,4 +1,4 @@
-package net.woggioni.gbcs.auth
+package net.woggioni.gbcs.server.auth

 import io.netty.buffer.Unpooled
 import io.netty.channel.ChannelFutureListener
--- a/gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/auth/Authorizer.kt
+++ b/gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/auth/Authorizer.kt
@@ -1,4 +1,4 @@
-package net.woggioni.gbcs.auth
+package net.woggioni.gbcs.server.auth

 import io.netty.handler.codec.http.HttpRequest
 import net.woggioni.gbcs.api.Role
--- a/gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/auth/ClientCertificateValidator.kt
+++ b/gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/auth/ClientCertificateValidator.kt
@@ -1,16 +1,18 @@
-package net.woggioni.gbcs.auth
+package net.woggioni.gbcs.server.auth

+import io.netty.channel.ChannelHandlerContext
+import io.netty.channel.ChannelInboundHandlerAdapter
+import io.netty.handler.ssl.SslHandler
+import io.netty.handler.ssl.SslHandshakeCompletionEvent
 import java.security.KeyStore
 import java.security.cert.CertPathValidator
+import java.security.cert.CertPathValidatorException
+import java.security.cert.CertificateException
 import java.security.cert.CertificateFactory
 import java.security.cert.PKIXParameters
 import java.security.cert.PKIXRevocationChecker
 import java.security.cert.X509Certificate
 import java.util.EnumSet
-import io.netty.channel.ChannelHandlerContext
-import io.netty.channel.ChannelInboundHandlerAdapter
-import io.netty.handler.ssl.SslHandler
-import io.netty.handler.ssl.SslHandshakeCompletionEvent
 import javax.net.ssl.SSLSession
 import javax.net.ssl.TrustManagerFactory
 import javax.net.ssl.X509TrustManager
@@ -48,7 +50,11 @@ class ClientCertificateValidator private constructor(
                object : X509TrustManager {
                    override fun checkClientTrusted(chain: Array<out X509Certificate>, authType: String) {
                        val clientCertificateChain = certificateFactory.generateCertPath(chain.toList())
-                        validator.validate(clientCertificateChain, params)
+                        try {
+                            validator.validate(clientCertificateChain, params)
+                        } catch (ex : CertPathValidatorException) {
+                            throw CertificateException(ex)
+                        }
                    }

                    override fun checkServerTrusted(chain: Array<out X509Certificate>, authType: String) {
--- a/gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/auth/UserAuthorizer.kt
+++ b/gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/auth/UserAuthorizer.kt
@@ -1,4 +1,4 @@
-package net.woggioni.gbcs.auth
+package net.woggioni.gbcs.server.auth

 import io.netty.handler.codec.http.HttpMethod
 import io.netty.handler.codec.http.HttpRequest
--- a/gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/cache/FileSystemCache.kt
+++ b/gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/cache/FileSystemCache.kt
@@ -1,4 +1,4 @@
-package net.woggioni.gbcs.cache
+package net.woggioni.gbcs.server.cache

 import net.woggioni.gbcs.api.Cache
 import net.woggioni.jwo.JWO
--- a/gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/cache/FileSystemCacheConfiguration.kt
+++ b/gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/cache/FileSystemCacheConfiguration.kt
@@ -1,7 +1,7 @@
-package net.woggioni.gbcs.cache
+package net.woggioni.gbcs.server.cache

 import net.woggioni.gbcs.api.Configuration
-import net.woggioni.gbcs.base.GBCS
+import net.woggioni.gbcs.common.GBCS
 import net.woggioni.jwo.Application
 import java.nio.file.Path
 import java.time.Duration
--- a/gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/cache/FileSystemCacheProvider.kt
+++ b/gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/cache/FileSystemCacheProvider.kt
@@ -1,8 +1,9 @@
-package net.woggioni.gbcs.cache
+package net.woggioni.gbcs.server.cache

 import net.woggioni.gbcs.api.CacheProvider
-import net.woggioni.gbcs.base.GBCS
-import net.woggioni.gbcs.base.Xml
+import net.woggioni.gbcs.common.GBCS
+import net.woggioni.gbcs.common.Xml
+import net.woggioni.gbcs.common.Xml.Companion.renderAttribute
 import org.w3c.dom.Document
 import org.w3c.dom.Element
 import java.nio.file.Path
@@ -11,29 +12,25 @@ import java.util.zip.Deflater

 class FileSystemCacheProvider : CacheProvider<FileSystemCacheConfiguration> {

-    override fun getXmlSchemaLocation() = "classpath:net/woggioni/gbcs/schema/gbcs.xsd"
+    override fun getXmlSchemaLocation() = "classpath:net/woggioni/gbcs/server/schema/gbcs.xsd"

    override fun getXmlType() = "fileSystemCacheType"

-    override fun getXmlNamespace() = "urn:net.woggioni.gbcs"
+    override fun getXmlNamespace() = "urn:net.woggioni.gbcs.server"

    override fun deserialize(el: Element): FileSystemCacheConfiguration {
-        val path = el.getAttribute("path")
-            .takeIf(String::isNotEmpty)
+        val path = el.renderAttribute("path")
            ?.let(Path::of)
-        val maxAge = el.getAttribute("max-age")
-            .takeIf(String::isNotEmpty)
+        val maxAge = el.renderAttribute("max-age")
            ?.let(Duration::parse)
            ?: Duration.ofDays(1)
-        val enableCompression = el.getAttribute("enable-compression")
-            .takeIf(String::isNotEmpty)
+        val enableCompression = el.renderAttribute("enable-compression")
            ?.let(String::toBoolean)
            ?: true
-        val compressionLevel = el.getAttribute("compression-level")
-            .takeIf(String::isNotEmpty)
+        val compressionLevel = el.renderAttribute("compression-level")
            ?.let(String::toInt)
            ?: Deflater.DEFAULT_COMPRESSION
-        val digestAlgorithm = el.getAttribute("digest").takeIf(String::isNotEmpty) ?: "MD5"
+        val digestAlgorithm = el.renderAttribute("digest") ?: "MD5"

        return FileSystemCacheConfiguration(
            path,
--- a/gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/configuration/CacheSerializers.kt
+++ b/gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/configuration/CacheSerializers.kt
@@ -1,4 +1,4 @@
-package net.woggioni.gbcs.configuration
+package net.woggioni.gbcs.server.configuration

 import net.woggioni.gbcs.api.CacheProvider
 import net.woggioni.gbcs.api.Configuration
--- a/gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/configuration/Parser.kt
+++ b/gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/configuration/Parser.kt
@@ -1,4 +1,4 @@
-package net.woggioni.gbcs.configuration
+package net.woggioni.gbcs.server.configuration

 import net.woggioni.gbcs.api.Configuration
 import net.woggioni.gbcs.api.Configuration.Authentication
@@ -12,39 +12,44 @@ import net.woggioni.gbcs.api.Configuration.TlsCertificateExtractor
 import net.woggioni.gbcs.api.Configuration.TrustStore
 import net.woggioni.gbcs.api.Configuration.User
 import net.woggioni.gbcs.api.Role
-import net.woggioni.gbcs.base.Xml.Companion.asIterable
+import net.woggioni.gbcs.api.exception.ConfigurationException
+import net.woggioni.gbcs.common.Xml.Companion.asIterable
+import net.woggioni.gbcs.common.Xml.Companion.renderAttribute
 import org.w3c.dom.Document
 import org.w3c.dom.Element
 import org.w3c.dom.TypeInfo
-import java.lang.IllegalArgumentException
 import java.nio.file.Paths

 object Parser {
-
    fun parse(document: Document): Configuration {
        val root = document.documentElement
+        val anonymousUser = User("", null, emptySet())
        var cache: Cache? = null
        var host = "127.0.0.1"
        var port = 11080
-        var users = emptyMap<String, User>()
+        var users : Map<String, User> = mapOf(anonymousUser.name to anonymousUser)
        var groups = emptyMap<String, Group>()
        var tls: Tls? = null
-        val serverPath = root.getAttribute("path")
-        val useVirtualThread = root.getAttribute("useVirtualThreads")
-            .takeIf(String::isNotEmpty)
+        val serverPath = root.renderAttribute("path")
+        val useVirtualThread = root.renderAttribute("use-virtual-threads")
            ?.let(String::toBoolean) ?: true
+        val maxRequestSize = root.renderAttribute("max-request-size")
+            ?.let(String::toInt) ?: 67108864
+        val incomingConnectionsBacklogSize = root.renderAttribute("incoming-connections-backlog-size")
+            ?.let(String::toInt) ?: 1024
        var authentication: Authentication? = null
        for (child in root.asIterable()) {
-            when (child.localName) {
+            val tagName = child.localName
+            when (tagName) {
                "authorization" -> {
+                    var knownUsers = sequenceOf(anonymousUser)
                    for (gchild in child.asIterable()) {
-                        when (child.localName) {
+                        when (gchild.localName) {
                            "users" -> {
-                                users = parseUsers(child)
+                                knownUsers += parseUsers(gchild)
                            }
-
                            "groups" -> {
-                                val pair = parseGroups(child, users)
+                                val pair = parseGroups(gchild, knownUsers)
                                users = pair.first
                                groups = pair.second
                            }
@@ -53,8 +58,8 @@ object Parser {
                }

                "bind" -> {
-                    host = child.getAttribute("host")
-                    port = Integer.parseInt(child.getAttribute("port"))
+                    host = child.renderAttribute("host") ?: throw ConfigurationException("host attribute is required")
+                    port = Integer.parseInt(child.renderAttribute("port"))
                }

                "cache" -> {
@@ -76,17 +81,17 @@ object Parser {
                            "client-certificate" -> {
                                var tlsExtractorUser: TlsCertificateExtractor? = null
                                var tlsExtractorGroup: TlsCertificateExtractor? = null
-                                for (gchild in child.asIterable()) {
-                                    when (gchild.localName) {
+                                for (ggchild in gchild.asIterable()) {
+                                    when (ggchild.localName) {
                                        "group-extractor" -> {
-                                            val attrName = gchild.getAttribute("attribute-name")
-                                            val pattern = gchild.getAttribute("pattern")
+                                            val attrName = ggchild.renderAttribute("attribute-name")
+                                            val pattern = ggchild.renderAttribute("pattern")
                                            tlsExtractorGroup = TlsCertificateExtractor(attrName, pattern)
                                        }

                                        "user-extractor" -> {
-                                            val attrName = gchild.getAttribute("attribute-name")
-                                            val pattern = gchild.getAttribute("pattern")
+                                            val attrName = ggchild.renderAttribute("attribute-name")
+                                            val pattern = ggchild.renderAttribute("pattern")
                                            tlsExtractorUser = TlsCertificateExtractor(attrName, pattern)
                                        }
                                    }
@@ -98,20 +103,17 @@ object Parser {
                }

                "tls" -> {
-                    val verifyClients = child.getAttribute("verify-clients")
-                        .takeIf(String::isNotEmpty)
+                    val verifyClients = child.renderAttribute("verify-clients")
                        ?.let(String::toBoolean) ?: false
                    var keyStore: KeyStore? = null
                    var trustStore: TrustStore? = null
                    for (granChild in child.asIterable()) {
                        when (granChild.localName) {
                            "keystore" -> {
-                                val keyStoreFile = Paths.get(granChild.getAttribute("file"))
-                                val keyStorePassword = granChild.getAttribute("password")
-                                    .takeIf(String::isNotEmpty)
-                                val keyAlias = granChild.getAttribute("key-alias")
-                                val keyPassword = granChild.getAttribute("key-password")
-                                    .takeIf(String::isNotEmpty)
+                                val keyStoreFile = Paths.get(granChild.renderAttribute("file"))
+                                val keyStorePassword = granChild.renderAttribute("password")
+                                val keyAlias = granChild.renderAttribute("key-alias")
+                                val keyPassword = granChild.renderAttribute("key-password")
                                keyStore = KeyStore(
                                    keyStoreFile,
                                    keyStorePassword,
@@ -121,11 +123,9 @@ object Parser {
                            }

                            "truststore" -> {
-                                val trustStoreFile = Paths.get(granChild.getAttribute("file"))
-                                val trustStorePassword = granChild.getAttribute("password")
-                                    .takeIf(String::isNotEmpty)
-                                val checkCertificateStatus = granChild.getAttribute("check-certificate-status")
-                                    .takeIf(String::isNotEmpty)
+                                val trustStoreFile = Paths.get(granChild.renderAttribute("file"))
+                                val trustStorePassword = granChild.renderAttribute("password")
+                                val checkCertificateStatus = granChild.renderAttribute("check-certificate-status")
                                    ?.let(String::toBoolean)
                                    ?: false
                                trustStore = TrustStore(
@@ -140,7 +140,19 @@ object Parser {
                }
            }
        }
-        return Configuration(host, port, serverPath, users, groups, cache!!, authentication, tls, useVirtualThread)
+        return Configuration(
+            host,
+            port,
+            serverPath,
+            users,
+            groups,
+            cache!!,
+            authentication,
+            tls,
+            useVirtualThread,
+            maxRequestSize,
+            incomingConnectionsBacklogSize
+        )
    }

    private fun parseRoles(root: Element) = root.asIterable().asSequence().map {
@@ -151,33 +163,32 @@ object Parser {
        }
    }.toSet()

-    private fun parseUserRefs(root: Element) = root.asIterable().asSequence().filter {
-        it.localName == "user"
-    }.map {
-        it.getAttribute("ref")
+    private fun parseUserRefs(root: Element) = root.asIterable().asSequence().map {
+        it.renderAttribute("ref")
    }.toSet()

-    private fun parseUsers(root: Element): Map<String, User> {
+    private fun parseUsers(root: Element): Sequence<User> {
        return root.asIterable().asSequence().filter {
            it.localName == "user"
        }.map { el ->
-            val username = el.getAttribute("name")
-            val password = el.getAttribute("password").takeIf(String::isNotEmpty)
-            username to User(username, password, emptySet())
-        }.toMap()
+            val username = el.renderAttribute("name")
+            val password = el.renderAttribute("password")
+            User(username, password, emptySet())
+        }
    }

-    private fun parseGroups(root: Element, knownUsers: Map<String, User>): Pair<Map<String, User>, Map<String, Group>> {
+    private fun parseGroups(root: Element, knownUsers: Sequence<User>): Pair<Map<String, User>, Map<String, Group>> {
+        val knownUsersMap = knownUsers.associateBy(User::getName)
        val userGroups = mutableMapOf<String, MutableSet<String>>()
        val groups = root.asIterable().asSequence().filter {
            it.localName == "group"
        }.map { el ->
-            val groupName = el.getAttribute("name")
+            val groupName = el.renderAttribute("name") ?: throw ConfigurationException("Group name is required")
            var roles = emptySet<Role>()
            for (child in el.asIterable()) {
                when (child.localName) {
                    "users" -> {
-                        parseUserRefs(child).mapNotNull(knownUsers::get).forEach { user ->
+                        parseUserRefs(child).mapNotNull(knownUsersMap::get).forEach { user ->
                            userGroups.computeIfAbsent(user.name) {
                                mutableSetOf()
                            }.add(groupName)
@@ -191,7 +202,7 @@ object Parser {
            }
            groupName to Group(groupName, roles)
        }.toMap()
-        val users = knownUsers.map { (name, user) ->
+        val users = knownUsersMap.map { (name, user) ->
            name to User(name, user.password, userGroups[name]?.mapNotNull { groups[it] }?.toSet() ?: emptySet())
        }.toMap()
        return users to groups
--- a/gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/configuration/Serializer.kt
+++ b/gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/configuration/Serializer.kt
@@ -1,9 +1,9 @@
-package net.woggioni.gbcs.configuration
+package net.woggioni.gbcs.server.configuration

 import net.woggioni.gbcs.api.CacheProvider
 import net.woggioni.gbcs.api.Configuration
-import net.woggioni.gbcs.base.GBCS
-import net.woggioni.gbcs.base.Xml
+import net.woggioni.gbcs.common.GBCS
+import net.woggioni.gbcs.common.Xml
 import org.w3c.dom.Document

 object Serializer {
@@ -14,10 +14,13 @@ object Serializer {
            it.xmlNamespace to it.xmlSchemaLocation
        }.toMap()
        return Xml.of(GBCS.GBCS_NAMESPACE_URI, GBCS.GBCS_PREFIX + ":server") {
-            attr("useVirtualThreads", conf.isUseVirtualThread.toString())
+            attr("use-virtual-threads", conf.isUseVirtualThread.toString())
+            attr("max-request-size", conf.maxRequestSize.toString())
+            attr("incoming-connections-backlog-size", conf.incomingConnectionsBacklogSize.toString())
+
 //            attr("xmlns:xs", GradleBuildCacheServer.XML_SCHEMA_NAMESPACE_URI)
            val value = schemaLocations.asSequence().map { (k, v) -> "$k $v" }.joinToString(" ")
-            attr("xs:schemaLocation",value , namespaceURI = GBCS.XML_SCHEMA_NAMESPACE_URI)
+            attr("xs:schemaLocation", value , namespaceURI = GBCS.XML_SCHEMA_NAMESPACE_URI)

            conf.serverPath
                ?.takeIf(String::isNotEmpty)
@@ -35,10 +38,12 @@ object Serializer {
            node("authorization") {
                node("users") {
                    for(user in conf.users.values) {
-                        node("user") {
-                            attr("name", user.name)
-                            user.password?.let { password ->
-                                attr("password", password)
+                        if(user.name.isNotEmpty()) {
+                            node("user") {
+                                attr("name", user.name)
+                                user.password?.let { password ->
+                                    attr("password", password)
+                                }
                            }
                        }
                    }
@@ -55,11 +60,19 @@ object Serializer {
                            attr("name", group.name)
                            if(users.isNotEmpty()) {
                                node("users") {
+                                    var anonymousUser : Configuration.User? = null
                                    for(user in users) {
-                                        node("user") {
-                                            attr("ref", user.name)
+                                        if(user.name.isNotEmpty()) {
+                                            node("user") {
+                                                attr("ref", user.name)
+                                            }
+                                        } else {
+                                            anonymousUser = user
                                        }
                                    }
+                                    if(anonymousUser != null) {
+                                        node("anonymous")
+                                    }
                                }
                            }
                            if(group.roles.isNotEmpty()) {
@@ -82,6 +95,12 @@ object Serializer {
                        }
                        is Configuration.ClientCertificateAuthentication -> {
                            node("client-certificate") {
+                                authentication.groupExtractor?.let { extractor ->
+                                    node("group-extractor") {
+                                        attr("attribute-name", extractor.rdnType)
+                                        attr("pattern", extractor.pattern)
+                                    }
+                                }
                                authentication.userExtractor?.let { extractor ->
                                    node("user-extractor") {
                                        attr("attribute-name", extractor.rdnType)
--- a/gbcs-server/src/main/resources/META-INF/services/net.woggioni.gbcs.api.CacheProvider
+++ b/gbcs-server/src/main/resources/META-INF/services/net.woggioni.gbcs.api.CacheProvider
@@ -0,0 +1 @@
+net.woggioni.gbcs.server.cache.FileSystemCacheProvider
--- a/gbcs-server/src/main/resources/logging.properties
+++ b/gbcs-server/src/main/resources/logging.properties
--- a/gbcs-server/src/main/resources/net/woggioni/gbcs/server/gbcs-default.xml
+++ b/gbcs-server/src/main/resources/net/woggioni/gbcs/server/gbcs-default.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<gbcs:server use-virtual-threads="false"
+             max-request-size="67108864"
+             incoming-connections-backlog-size="1024"
+             xmlns:xs="http://www.w3.org/2001/XMLSchema-instance"
+             xmlns:gbcs="urn:net.woggioni.gbcs.server"
+             xs:schemaLocation="urn:net.woggioni.gbcs.server jpms://net.woggioni.gbcs.server/net/woggioni/gbcs/server/schema/gbcs.xsd">
+    <bind host="127.0.0.1" port="8080"/>
+    <cache xs:type="gbcs:fileSystemCacheType" path="/tmp/gbcs" max-age="P7D"/>
+    <authentication>
+        <none/>
+    </authentication>
+</gbcs:server>
--- a/gbcs-server/src/main/resources/net/woggioni/gbcs/server/schema/gbcs.xsd
+++ b/gbcs-server/src/main/resources/net/woggioni/gbcs/server/schema/gbcs.xsd
@@ -1,9 +1,8 @@
 <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<xs:schema targetNamespace="urn:net.woggioni.gbcs"
+<xs:schema targetNamespace="urn:net.woggioni.gbcs.server"
           xmlns:xs="http://www.w3.org/2001/XMLSchema"
-           xmlns:gbcs="urn:net.woggioni.gbcs"
-           elementFormDefault="unqualified"
->
+           xmlns:gbcs="urn:net.woggioni.gbcs.server"
+           elementFormDefault="unqualified">
    <xs:element name="server" type="gbcs:serverType"/>

    <xs:complexType name="serverType">
@@ -21,15 +20,16 @@
                </xs:keyref>
            </xs:element>
            <xs:element name="authentication" type="gbcs:authenticationType" minOccurs="0" maxOccurs="1"/>
-            <xs:element name="tls-certificate-authorization" type="gbcs:tlsCertificateAuthorizationType" minOccurs="0" maxOccurs="1"/>
            <xs:element name="tls" type="gbcs:tlsType" minOccurs="0" maxOccurs="1"/>
        </xs:sequence>
        <xs:attribute name="path" type="xs:string" use="optional"/>
-        <xs:attribute name="useVirtualThreads" type="xs:boolean" use="optional" default="true"/>
+        <xs:attribute name="use-virtual-threads" type="xs:boolean" use="optional" default="true"/>
+        <xs:attribute name="max-request-size" type="xs:unsignedInt" use="optional" default="67108864"/>
+        <xs:attribute name="incoming-connections-backlog-size" type="xs:unsignedInt" use="optional" default="1024"/>
    </xs:complexType>

    <xs:complexType name="bindType">
-        <xs:attribute name="host" type="xs:string" use="required"/>
+        <xs:attribute name="host" type="xs:token" use="required"/>
        <xs:attribute name="port" type="xs:unsignedShort" use="required"/>
    </xs:complexType>

@@ -49,14 +49,14 @@

    <xs:complexType name="tlsCertificateAuthorizationType">
        <xs:sequence>
-            <xs:element name="group-extractor" type="gbcs:X500NameExtractorType"/>
-            <xs:element name="user-extractor" type="gbcs:X500NameExtractorType"/>
+            <xs:element name="group-extractor" type="gbcs:X500NameExtractorType" minOccurs="0"/>
+            <xs:element name="user-extractor" type="gbcs:X500NameExtractorType" minOccurs="0"/>
        </xs:sequence>
    </xs:complexType>

    <xs:complexType name="X500NameExtractorType">
-        <xs:attribute name="attribute-name" type="xs:string"/>
-        <xs:attribute name="pattern" type="xs:string"/>
+        <xs:attribute name="attribute-name" type="xs:token"/>
+        <xs:attribute name="pattern" type="xs:token"/>
    </xs:complexType>

    <xs:complexType name="authorizationType">
@@ -86,7 +86,7 @@
    </xs:complexType>

    <xs:complexType name="userType">
-        <xs:attribute name="name" type="xs:string" use="required"/>
+        <xs:attribute name="name" type="xs:token" use="required"/>
        <xs:attribute name="password" type="xs:string" use="optional"/>
    </xs:complexType>

@@ -106,11 +106,11 @@
            </xs:element>
            <xs:element name="roles" type="gbcs:rolesType" maxOccurs="1" minOccurs="0"/>
        </xs:sequence>
-        <xs:attribute name="name" type="xs:string"/>
+        <xs:attribute name="name" type="xs:token"/>
    </xs:complexType>

    <xs:simpleType name="role" final="restriction" >
-        <xs:restriction base="xs:string">
+        <xs:restriction base="xs:token">
            <xs:enumeration value="READER" />
            <xs:enumeration value="WRITER" />
        </xs:restriction>
@@ -127,7 +127,8 @@

    <xs:complexType name="userRefsType">
        <xs:sequence>
-            <xs:element name="user" type="gbcs:userRefType" maxOccurs="unbounded" minOccurs="0"/>
+                <xs:element name="user" type="gbcs:userRefType" maxOccurs="unbounded" minOccurs="0"/>
+                <xs:element name="anonymous" minOccurs="0" maxOccurs="1"/>
        </xs:sequence>
    </xs:complexType>

--- a/gbcs-server/src/test/java/net/woggioni/gbcs/server/test/utils/CertificateUtils.java
+++ b/gbcs-server/src/test/java/net/woggioni/gbcs/server/test/utils/CertificateUtils.java
@@ -1,4 +1,4 @@
-package net.woggioni.gbcs.utils;
+package net.woggioni.gbcs.server.test.utils;

 import org.bouncycastle.asn1.DERSequence;
 import org.bouncycastle.asn1.x500.X500Name;
--- a/gbcs-server/src/test/java/net/woggioni/gbcs/server/test/utils/NetworkUtils.java
+++ b/gbcs-server/src/test/java/net/woggioni/gbcs/server/test/utils/NetworkUtils.java
@@ -1,4 +1,4 @@
-package net.woggioni.gbcs.utils;
+package net.woggioni.gbcs.server.test.utils;

 import net.woggioni.jwo.JWO;

--- a/gbcs-server/src/test/kotlin/net/woggioni/gbcs/server/test/AbstractBasicAuthServerTest.kt
+++ b/gbcs-server/src/test/kotlin/net/woggioni/gbcs/server/test/AbstractBasicAuthServerTest.kt
@@ -0,0 +1,78 @@
+package net.woggioni.gbcs.server.test
+
+import net.woggioni.gbcs.api.Configuration
+import net.woggioni.gbcs.api.Role
+import net.woggioni.gbcs.common.Xml
+import net.woggioni.gbcs.server.cache.FileSystemCacheConfiguration
+import net.woggioni.gbcs.server.configuration.Serializer
+import net.woggioni.gbcs.server.test.utils.NetworkUtils
+import java.net.URI
+import java.net.http.HttpRequest
+import java.nio.charset.StandardCharsets
+import java.nio.file.Path
+import java.time.Duration
+import java.util.Base64
+import java.util.zip.Deflater
+import kotlin.random.Random
+
+
+abstract class AbstractBasicAuthServerTest : AbstractServerTest() {
+
+    private lateinit var cacheDir : Path
+
+    protected val random = Random(101325)
+    protected val keyValuePair = newEntry(random)
+    protected val serverPath = "gbcs"
+    protected val readersGroup = Configuration.Group("readers", setOf(Role.Reader))
+    protected val writersGroup = Configuration.Group("writers", setOf(Role.Writer))
+
+    abstract protected val users : List<Configuration.User>
+
+    override fun setUp() {
+        this.cacheDir = testDir.resolve("cache")
+        cfg = Configuration(
+            "127.0.0.1",
+            NetworkUtils.getFreePort(),
+            serverPath,
+            users.asSequence().map { it.name to it}.toMap(),
+            sequenceOf(writersGroup, readersGroup).map { it.name to it}.toMap(),
+            FileSystemCacheConfiguration(this.cacheDir,
+                maxAge = Duration.ofSeconds(3600 * 24),
+                digestAlgorithm = "MD5",
+                compressionLevel = Deflater.DEFAULT_COMPRESSION,
+                compressionEnabled = false
+            ),
+            Configuration.BasicAuthentication(),
+            null,
+            true,
+            0x10000,
+            100
+        )
+        Xml.write(Serializer.serialize(cfg), System.out)
+    }
+
+    override fun tearDown() {
+    }
+
+    protected fun buildAuthorizationHeader(user : Configuration.User, password : String) : String {
+        val b64 = Base64.getEncoder().encode("${user.name}:${password}".toByteArray(Charsets.UTF_8)).let{
+            String(it, StandardCharsets.UTF_8)
+        }
+        return "Basic $b64"
+    }
+
+    protected fun newRequestBuilder(key : String) = HttpRequest.newBuilder()
+        .uri(URI.create("http://${cfg.host}:${cfg.port}/$serverPath/$key"))
+
+
+    protected fun newEntry(random : Random) : Pair<String, ByteArray> {
+        val key = ByteArray(0x10).let {
+            random.nextBytes(it)
+            Base64.getUrlEncoder().encodeToString(it)
+        }
+        val value = ByteArray(0x1000).also {
+            random.nextBytes(it)
+        }
+        return key to value
+    }
+}
--- a/gbcs-server/src/test/kotlin/net/woggioni/gbcs/server/test/AbstractServerTest.kt
+++ b/gbcs-server/src/test/kotlin/net/woggioni/gbcs/server/test/AbstractServerTest.kt
@@ -1,6 +1,6 @@
-package net.woggioni.gbcs.test
+package net.woggioni.gbcs.server.test

-import net.woggioni.gbcs.GradleBuildCacheServer
+import net.woggioni.gbcs.server.GradleBuildCacheServer
 import net.woggioni.gbcs.api.Configuration
 import org.junit.jupiter.api.AfterAll
 import org.junit.jupiter.api.BeforeAll
--- a/gbcs-server/src/test/kotlin/net/woggioni/gbcs/server/test/AbstractTlsServerTest.kt
+++ b/gbcs-server/src/test/kotlin/net/woggioni/gbcs/server/test/AbstractTlsServerTest.kt
@@ -1,23 +1,17 @@
-package net.woggioni.gbcs.test
+package net.woggioni.gbcs.server.test

-import io.netty.handler.codec.http.HttpResponseStatus
 import net.woggioni.gbcs.api.Configuration
 import net.woggioni.gbcs.api.Role
-import net.woggioni.gbcs.base.Xml
-import net.woggioni.gbcs.cache.FileSystemCacheConfiguration
-import net.woggioni.gbcs.configuration.Serializer
-import net.woggioni.gbcs.utils.CertificateUtils
-import net.woggioni.gbcs.utils.CertificateUtils.X509Credentials
-import net.woggioni.gbcs.utils.NetworkUtils
+import net.woggioni.gbcs.common.Xml
+import net.woggioni.gbcs.server.cache.FileSystemCacheConfiguration
+import net.woggioni.gbcs.server.configuration.Serializer
+import net.woggioni.gbcs.server.test.utils.CertificateUtils
+import net.woggioni.gbcs.server.test.utils.CertificateUtils.X509Credentials
+import net.woggioni.gbcs.server.test.utils.NetworkUtils
 import org.bouncycastle.asn1.x500.X500Name
-import org.junit.jupiter.api.Assertions
-import org.junit.jupiter.api.Order
-import org.junit.jupiter.api.Test
-import java.net.ServerSocket
 import java.net.URI
 import java.net.http.HttpClient
 import java.net.http.HttpRequest
-import java.net.http.HttpResponse
 import java.nio.charset.StandardCharsets
 import java.nio.file.Files
 import java.nio.file.Path
@@ -32,7 +26,7 @@ import javax.net.ssl.TrustManagerFactory
 import kotlin.random.Random


-class TlsServerTest : AbstractServerTest() {
+abstract class AbstractTlsServerTest : AbstractServerTest() {

    companion object {
        private const val CA_CERTIFICATE_ENTRY = "gbcs-ca"
@@ -48,21 +42,17 @@ class TlsServerTest : AbstractServerTest() {
    private lateinit var serverKeyStore: KeyStore
    private lateinit var clientKeyStore: KeyStore
    private lateinit var trustStore: KeyStore
-    private lateinit var ca: X509Credentials
+    protected lateinit var ca: X509Credentials

-    private val readersGroup = Configuration.Group("readers", setOf(Role.Reader))
-    private val writersGroup = Configuration.Group("writers", setOf(Role.Writer))
-    private val random = Random(101325)
-    private val keyValuePair = newEntry(random)
+    protected val readersGroup = Configuration.Group("readers", setOf(Role.Reader))
+    protected val writersGroup = Configuration.Group("writers", setOf(Role.Writer))
+    protected val random = Random(101325)
+    protected val keyValuePair = newEntry(random)
    private val serverPath : String? = null

-    private val users = listOf(
-        Configuration.User("user1", null, setOf(readersGroup)),
-        Configuration.User("user2", null, setOf(writersGroup)),
-        Configuration.User("user3", null, setOf(readersGroup, writersGroup))
-    )
+    protected abstract val users : List<Configuration.User>

-    fun createKeyStoreAndTrustStore() {
+    protected fun createKeyStoreAndTrustStore() {
        ca = CertificateUtils.createCertificateAuthority(CA_CERTIFICATE_ENTRY, 30)
        val serverCert = CertificateUtils.createServerCertificate(ca, X500Name("CN=$SERVER_CERTIFICATE_ENTRY"), 30)
        val clientCert = CertificateUtils.createClientCertificate(ca, X500Name("CN=$CLIENT_CERTIFICATE_ENTRY"), 30)
@@ -108,7 +98,7 @@ class TlsServerTest : AbstractServerTest() {
        }
    }

-    fun getClientKeyStore(ca: X509Credentials, subject: X500Name) = KeyStore.getInstance("PKCS12").apply {
+    protected fun getClientKeyStore(ca: X509Credentials, subject: X500Name) = KeyStore.getInstance("PKCS12").apply {
        val clientCert = CertificateUtils.createClientCertificate(ca, subject, 30)

        load(null, null)
@@ -120,7 +110,7 @@ class TlsServerTest : AbstractServerTest() {
        )
    }

-    fun getHttpClient(clientKeyStore: KeyStore?): HttpClient {
+    protected fun getHttpClient(clientKeyStore: KeyStore?): HttpClient {
        val kmf = clientKeyStore?.let {
            KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()).apply {
                init(it, PASSWORD.toCharArray())
@@ -167,6 +157,8 @@ class TlsServerTest : AbstractServerTest() {
                true
            ),
            false,
+            0x10000,
+            100
        )
        Xml.write(Serializer.serialize(cfg), System.out)
    }
@@ -174,17 +166,17 @@ class TlsServerTest : AbstractServerTest() {
    override fun tearDown() {
    }

-    fun newRequestBuilder(key: String) = HttpRequest.newBuilder()
+    protected fun newRequestBuilder(key: String) = HttpRequest.newBuilder()
        .uri(URI.create("https://${cfg.host}:${cfg.port}/${serverPath ?: ""}/$key"))

-    fun buildAuthorizationHeader(user: Configuration.User, password: String): String {
+    private fun buildAuthorizationHeader(user: Configuration.User, password: String): String {
        val b64 = Base64.getEncoder().encode("${user.name}:${password}".toByteArray(Charsets.UTF_8)).let {
            String(it, StandardCharsets.UTF_8)
        }
        return "Basic $b64"
    }

-    fun newEntry(random: Random): Pair<String, ByteArray> {
+    protected fun newEntry(random: Random): Pair<String, ByteArray> {
        val key = ByteArray(0x10).let {
            random.nextBytes(it)
            Base64.getUrlEncoder().encodeToString(it)
@@ -194,106 +186,4 @@ class TlsServerTest : AbstractServerTest() {
        }
        return key to value
    }
-
-    @Test
-    @Order(1)
-    fun putWithNoClientCertificate() {
-        val client: HttpClient = getHttpClient(null)
-        val (key, value) = keyValuePair
-
-        val requestBuilder = newRequestBuilder(key)
-            .header("Content-Type", "application/octet-stream")
-            .PUT(HttpRequest.BodyPublishers.ofByteArray(value))
-
-        val response: HttpResponse<String> = client.send(requestBuilder.build(), HttpResponse.BodyHandlers.ofString())
-        Assertions.assertEquals(HttpResponseStatus.UNAUTHORIZED.code(), response.statusCode())
-    }
-
-    @Test
-    @Order(2)
-    fun putAsAReaderUser() {
-        val (key, value) = keyValuePair
-        val user = cfg.users.values.find {
-            Role.Reader in it.roles && Role.Writer !in it.roles
-        } ?: throw RuntimeException("Reader user not found")
-        val client: HttpClient = getHttpClient(getClientKeyStore(ca, X500Name("CN=${user.name}")))
-        val requestBuilder = newRequestBuilder(key)
-            .header("Content-Type", "application/octet-stream")
-            .PUT(HttpRequest.BodyPublishers.ofByteArray(value))
-
-        val response: HttpResponse<String> = client.send(requestBuilder.build(), HttpResponse.BodyHandlers.ofString())
-        Assertions.assertEquals(HttpResponseStatus.FORBIDDEN.code(), response.statusCode())
-    }
-
-    @Test
-    @Order(3)
-    fun getAsAWriterUser() {
-        val (key, _) = keyValuePair
-        val user = cfg.users.values.find {
-            Role.Writer in it.roles
-        } ?: throw RuntimeException("Reader user not found")
-        val client: HttpClient = getHttpClient(getClientKeyStore(ca, X500Name("CN=${user.name}")))
-
-        val requestBuilder = newRequestBuilder(key)
-            .header("Authorization", buildAuthorizationHeader(user, PASSWORD))
-            .GET()
-
-        val response: HttpResponse<String> = client.send(requestBuilder.build(), HttpResponse.BodyHandlers.ofString())
-        Assertions.assertEquals(HttpResponseStatus.FORBIDDEN.code(), response.statusCode())
-    }
-
-    @Test
-    @Order(4)
-    fun putAsAWriterUser() {
-        val (key, value) = keyValuePair
-        val user = cfg.users.values.find {
-            Role.Writer in it.roles
-        } ?: throw RuntimeException("Reader user not found")
-        val client: HttpClient = getHttpClient(getClientKeyStore(ca, X500Name("CN=${user.name}")))
-
-        val requestBuilder = newRequestBuilder(key)
-            .header("Content-Type", "application/octet-stream")
-            .header("Authorization", buildAuthorizationHeader(user, PASSWORD))
-            .PUT(HttpRequest.BodyPublishers.ofByteArray(value))
-
-        val response: HttpResponse<String> = client.send(requestBuilder.build(), HttpResponse.BodyHandlers.ofString())
-        Assertions.assertEquals(HttpResponseStatus.CREATED.code(), response.statusCode())
-    }
-
-    @Test
-    @Order(5)
-    fun getAsAReaderUser() {
-        val (key, value) = keyValuePair
-        val user = cfg.users.values.find {
-            Role.Reader in it.roles
-        } ?: throw RuntimeException("Reader user not found")
-        val client: HttpClient = getHttpClient(getClientKeyStore(ca, X500Name("CN=${user.name}")))
-
-        val requestBuilder = newRequestBuilder(key)
-            .header("Authorization", buildAuthorizationHeader(user, PASSWORD))
-            .GET()
-
-        val response: HttpResponse<ByteArray> =
-            client.send(requestBuilder.build(), HttpResponse.BodyHandlers.ofByteArray())
-        Assertions.assertEquals(HttpResponseStatus.OK.code(), response.statusCode())
-        Assertions.assertArrayEquals(value, response.body())
-    }
-
-    @Test
-    @Order(6)
-    fun getMissingKeyAsAReaderUser() {
-        val (key, _) = newEntry(random)
-        val user = cfg.users.values.find {
-            Role.Reader in it.roles
-        } ?: throw RuntimeException("Reader user not found")
-        val client: HttpClient = getHttpClient(getClientKeyStore(ca, X500Name("CN=${user.name}")))
-
-        val requestBuilder = newRequestBuilder(key)
-            .header("Authorization", buildAuthorizationHeader(user, PASSWORD))
-            .GET()
-
-        val response: HttpResponse<ByteArray> =
-            client.send(requestBuilder.build(), HttpResponse.BodyHandlers.ofByteArray())
-        Assertions.assertEquals(HttpResponseStatus.NOT_FOUND.code(), response.statusCode())
-    }
 }
--- a/gbcs-server/src/test/kotlin/net/woggioni/gbcs/server/test/BasicAuthServerTest.kt
+++ b/gbcs-server/src/test/kotlin/net/woggioni/gbcs/server/test/BasicAuthServerTest.kt
@@ -1,93 +1,29 @@
-package net.woggioni.gbcs.test
+package net.woggioni.gbcs.server.test

 import io.netty.handler.codec.http.HttpResponseStatus
 import net.woggioni.gbcs.api.Configuration
 import net.woggioni.gbcs.api.Role
-import net.woggioni.gbcs.base.PasswordSecurity.hashPassword
-import net.woggioni.gbcs.base.Xml
-import net.woggioni.gbcs.cache.FileSystemCacheConfiguration
-import net.woggioni.gbcs.configuration.Serializer
-import net.woggioni.gbcs.utils.NetworkUtils
+import net.woggioni.gbcs.common.PasswordSecurity.hashPassword
 import org.junit.jupiter.api.Assertions
 import org.junit.jupiter.api.Order
 import org.junit.jupiter.api.Test
-import java.io.IOException
-import java.net.ServerSocket
-import java.net.URI
 import java.net.http.HttpClient
 import java.net.http.HttpRequest
 import java.net.http.HttpResponse
-import java.nio.charset.StandardCharsets
-import java.nio.file.Path
-import java.time.Duration
-import java.util.Base64
-import java.util.zip.Deflater
-import kotlin.random.Random


-class BasicAuthServerTest : AbstractServerTest() {
+class BasicAuthServerTest : AbstractBasicAuthServerTest() {

    companion object {
        private const val PASSWORD = "password"
    }

-    private lateinit var cacheDir : Path
-
-    private val random = Random(101325)
-    private val keyValuePair = newEntry(random)
-    private val serverPath = "gbcs"
-
-    override fun setUp() {
-        this.cacheDir = testDir.resolve("cache")
-        val readersGroup = Configuration.Group("readers", setOf(Role.Reader))
-        val writersGroup = Configuration.Group("writers", setOf(Role.Writer))
-        cfg = Configuration(
-            "127.0.0.1",
-            NetworkUtils.getFreePort(),
-            serverPath,
-            listOf(
-                Configuration.User("user1", hashPassword(PASSWORD), setOf(readersGroup)),
-                Configuration.User("user2", hashPassword(PASSWORD), setOf(writersGroup)),
-                Configuration.User("user3", hashPassword(PASSWORD), setOf(readersGroup, writersGroup))
-            ).asSequence().map { it.name to it}.toMap(),
-            sequenceOf(writersGroup, readersGroup).map { it.name to it}.toMap(),
-            FileSystemCacheConfiguration(this.cacheDir,
-                maxAge = Duration.ofSeconds(3600 * 24),
-                digestAlgorithm = "MD5",
-                compressionLevel = Deflater.DEFAULT_COMPRESSION,
-                compressionEnabled = false
-            ),
-            Configuration.BasicAuthentication(),
-            null,
-            true,
-        )
-        Xml.write(Serializer.serialize(cfg), System.out)
-    }
-
-    override fun tearDown() {
-    }
-
-    fun buildAuthorizationHeader(user : Configuration.User, password : String) : String {
-        val b64 = Base64.getEncoder().encode("${user.name}:${password}".toByteArray(Charsets.UTF_8)).let{
-            String(it, StandardCharsets.UTF_8)
-        }
-        return "Basic $b64"
-    }
-
-    fun newRequestBuilder(key : String) = HttpRequest.newBuilder()
-        .uri(URI.create("http://${cfg.host}:${cfg.port}/$serverPath/$key"))
-
-
-    fun newEntry(random : Random) : Pair<String, ByteArray> {
-        val key = ByteArray(0x10).let {
-            random.nextBytes(it)
-            Base64.getUrlEncoder().encodeToString(it)
-        }
-        val value = ByteArray(0x1000).also {
-            random.nextBytes(it)
-        }
-        return key to value
-    }
+    override val users = listOf(
+        Configuration.User("user1", hashPassword(PASSWORD), setOf(readersGroup)),
+        Configuration.User("user2", hashPassword(PASSWORD), setOf(writersGroup)),
+        Configuration.User("user3", hashPassword(PASSWORD), setOf(readersGroup, writersGroup)),
+        Configuration.User("", null, setOf(readersGroup))
+    )

    @Test
    @Order(1)
@@ -100,7 +36,7 @@ class BasicAuthServerTest : AbstractServerTest() {
            .PUT(HttpRequest.BodyPublishers.ofByteArray(value))

        val response: HttpResponse<String> = client.send(requestBuilder.build(), HttpResponse.BodyHandlers.ofString())
-        Assertions.assertEquals(HttpResponseStatus.UNAUTHORIZED.code(), response.statusCode())
+        Assertions.assertEquals(HttpResponseStatus.FORBIDDEN.code(), response.statusCode())
    }

    @Test
@@ -179,6 +115,20 @@ class BasicAuthServerTest : AbstractServerTest() {

    @Test
    @Order(6)
+    fun getAsAnonymousUser() {
+        val client: HttpClient = HttpClient.newHttpClient()
+        val (key, value) = keyValuePair
+
+        val requestBuilder = newRequestBuilder(key)
+            .GET()
+
+        val response: HttpResponse<ByteArray> = client.send(requestBuilder.build(), HttpResponse.BodyHandlers.ofByteArray())
+        Assertions.assertEquals(HttpResponseStatus.OK.code(), response.statusCode())
+        Assertions.assertArrayEquals(value, response.body())
+    }
+
+    @Test
+    @Order(7)
    fun getMissingKeyAsAReaderUser() {
        val client: HttpClient = HttpClient.newHttpClient()

--- a/gbcs-server/src/test/kotlin/net/woggioni/gbcs/server/test/ConfigurationTest.kt
+++ b/gbcs-server/src/test/kotlin/net/woggioni/gbcs/server/test/ConfigurationTest.kt
@@ -1,10 +1,10 @@
-package net.woggioni.gbcs.test
+package net.woggioni.gbcs.server.test

-import net.woggioni.gbcs.base.GbcsUrlStreamHandlerFactory
-import net.woggioni.gbcs.base.GBCS.toUrl
-import net.woggioni.gbcs.base.Xml
-import net.woggioni.gbcs.configuration.Parser
-import net.woggioni.gbcs.configuration.Serializer
+import net.woggioni.gbcs.common.GBCS.toUrl
+import net.woggioni.gbcs.common.GbcsUrlStreamHandlerFactory
+import net.woggioni.gbcs.common.Xml
+import net.woggioni.gbcs.server.configuration.Parser
+import net.woggioni.gbcs.server.configuration.Serializer
 import org.junit.jupiter.api.Assertions
 import org.junit.jupiter.api.io.TempDir
 import org.junit.jupiter.params.ParameterizedTest
@@ -16,8 +16,9 @@ class ConfigurationTest {

    @ValueSource(
        strings = [
-            "classpath:net/woggioni/gbcs/test/gbcs-default.xml",
-            "classpath:net/woggioni/gbcs/test/gbcs-memcached.xml",
+            "classpath:net/woggioni/gbcs/server/test/gbcs-default.xml",
+            "classpath:net/woggioni/gbcs/server/test/gbcs-memcached.xml",
+            "classpath:net/woggioni/gbcs/server/test/gbcs-tls.xml",
        ]
    )
    @ParameterizedTest
--- a/gbcs-server/src/test/kotlin/net/woggioni/gbcs/server/test/NoAnonymousUserBasicAuthServerTest.kt
+++ b/gbcs-server/src/test/kotlin/net/woggioni/gbcs/server/test/NoAnonymousUserBasicAuthServerTest.kt
@@ -0,0 +1,52 @@
+package net.woggioni.gbcs.server.test
+
+import io.netty.handler.codec.http.HttpResponseStatus
+import net.woggioni.gbcs.api.Configuration
+import net.woggioni.gbcs.common.PasswordSecurity.hashPassword
+import org.junit.jupiter.api.Assertions
+import org.junit.jupiter.api.Order
+import org.junit.jupiter.api.Test
+import java.net.http.HttpClient
+import java.net.http.HttpRequest
+import java.net.http.HttpResponse
+
+
+class NoAnonymousUserBasicAuthServerTest : AbstractBasicAuthServerTest() {
+
+    companion object {
+        private const val PASSWORD = "anotherPassword"
+    }
+
+    override val users = listOf(
+        Configuration.User("user1", hashPassword(PASSWORD), setOf(readersGroup)),
+        Configuration.User("user2", hashPassword(PASSWORD), setOf(writersGroup)),
+        Configuration.User("user3", hashPassword(PASSWORD), setOf(readersGroup, writersGroup)),
+    )
+
+    @Test
+    @Order(1)
+    fun putWithNoAuthorizationHeader() {
+        val client: HttpClient = HttpClient.newHttpClient()
+        val (key, value) = keyValuePair
+
+        val requestBuilder = newRequestBuilder(key)
+            .header("Content-Type", "application/octet-stream")
+            .PUT(HttpRequest.BodyPublishers.ofByteArray(value))
+
+        val response: HttpResponse<String> = client.send(requestBuilder.build(), HttpResponse.BodyHandlers.ofString())
+        Assertions.assertEquals(HttpResponseStatus.UNAUTHORIZED.code(), response.statusCode())
+    }
+
+    @Test
+    @Order(2)
+    fun getWithNoAuthorizationHeader() {
+        val client: HttpClient = HttpClient.newHttpClient()
+        val (key, value) = keyValuePair
+
+        val requestBuilder = newRequestBuilder(key)
+            .GET()
+
+        val response: HttpResponse<ByteArray> = client.send(requestBuilder.build(), HttpResponse.BodyHandlers.ofByteArray())
+        Assertions.assertEquals(HttpResponseStatus.UNAUTHORIZED.code(), response.statusCode())
+    }
+}
--- a/gbcs-server/src/test/kotlin/net/woggioni/gbcs/server/test/NoAnonymousUserTlsServerTest.kt
+++ b/gbcs-server/src/test/kotlin/net/woggioni/gbcs/server/test/NoAnonymousUserTlsServerTest.kt
@@ -0,0 +1,47 @@
+package net.woggioni.gbcs.server.test
+
+import io.netty.handler.codec.http.HttpResponseStatus
+import net.woggioni.gbcs.api.Configuration
+import org.junit.jupiter.api.Assertions
+import org.junit.jupiter.api.Order
+import org.junit.jupiter.api.Test
+import java.net.http.HttpClient
+import java.net.http.HttpRequest
+import java.net.http.HttpResponse
+
+class NoAnonymousUserTlsServerTest : AbstractTlsServerTest() {
+
+    override val users = listOf(
+        Configuration.User("user1", null, setOf(readersGroup)),
+        Configuration.User("user2", null, setOf(writersGroup)),
+        Configuration.User("user3", null, setOf(readersGroup, writersGroup)),
+    )
+
+    @Test
+    @Order(1)
+    fun getAsAnonymousUser() {
+        val (key, _) = keyValuePair
+        val client: HttpClient = getHttpClient(null)
+
+        val requestBuilder = newRequestBuilder(key)
+            .header("Content-Type", "application/octet-stream")
+            .GET()
+
+        val response: HttpResponse<ByteArray> = client.send(requestBuilder.build(), HttpResponse.BodyHandlers.ofByteArray())
+        Assertions.assertEquals(HttpResponseStatus.UNAUTHORIZED.code(), response.statusCode())
+    }
+
+    @Test
+    @Order(2)
+    fun putAsAnonymousUser() {
+        val (key, value) = keyValuePair
+        val client: HttpClient = getHttpClient(null)
+
+        val requestBuilder = newRequestBuilder(key)
+            .header("Content-Type", "application/octet-stream")
+            .PUT(HttpRequest.BodyPublishers.ofByteArray(value))
+
+        val response: HttpResponse<String> = client.send(requestBuilder.build(), HttpResponse.BodyHandlers.ofString())
+        Assertions.assertEquals(HttpResponseStatus.UNAUTHORIZED.code(), response.statusCode())
+    }
+}
--- a/gbcs-server/src/test/kotlin/net/woggioni/gbcs/server/test/NoAuthServerTest.kt
+++ b/gbcs-server/src/test/kotlin/net/woggioni/gbcs/server/test/NoAuthServerTest.kt
@@ -1,15 +1,14 @@
-package net.woggioni.gbcs.test
+package net.woggioni.gbcs.server.test

 import io.netty.handler.codec.http.HttpResponseStatus
-import net.woggioni.gbcs.base.Xml
 import net.woggioni.gbcs.api.Configuration
-import net.woggioni.gbcs.cache.FileSystemCacheConfiguration
-import net.woggioni.gbcs.configuration.Serializer
-import net.woggioni.gbcs.utils.NetworkUtils
+import net.woggioni.gbcs.common.Xml
+import net.woggioni.gbcs.server.cache.FileSystemCacheConfiguration
+import net.woggioni.gbcs.server.configuration.Serializer
+import net.woggioni.gbcs.server.test.utils.NetworkUtils
 import org.junit.jupiter.api.Assertions
 import org.junit.jupiter.api.Order
 import org.junit.jupiter.api.Test
-import java.net.ServerSocket
 import java.net.URI
 import java.net.http.HttpClient
 import java.net.http.HttpRequest
@@ -47,6 +46,8 @@ class NoAuthServerTest : AbstractServerTest() {
            null,
            null,
            true,
+            0x10000,
+            100
        )
        Xml.write(Serializer.serialize(cfg), System.out)
    }
--- a/gbcs-server/src/test/kotlin/net/woggioni/gbcs/server/test/TlsServerTest.kt
+++ b/gbcs-server/src/test/kotlin/net/woggioni/gbcs/server/test/TlsServerTest.kt
@@ -0,0 +1,136 @@
+package net.woggioni.gbcs.server.test
+
+import io.netty.handler.codec.http.HttpResponseStatus
+import net.woggioni.gbcs.api.Configuration
+import net.woggioni.gbcs.api.Role
+import org.bouncycastle.asn1.x500.X500Name
+import org.junit.jupiter.api.Assertions
+import org.junit.jupiter.api.Order
+import org.junit.jupiter.api.Test
+import java.net.http.HttpClient
+import java.net.http.HttpRequest
+import java.net.http.HttpResponse
+
+
+class TlsServerTest : AbstractTlsServerTest() {
+
+    override val users = listOf(
+        Configuration.User("user1", null, setOf(readersGroup)),
+        Configuration.User("user2", null, setOf(writersGroup)),
+        Configuration.User("user3", null, setOf(readersGroup, writersGroup)),
+        Configuration.User("", null, setOf(readersGroup))
+    )
+
+    @Test
+    @Order(1)
+    fun putAsAReaderUser() {
+        val (key, value) = keyValuePair
+        val user = cfg.users.values.find {
+            Role.Reader in it.roles && Role.Writer !in it.roles
+        } ?: throw RuntimeException("Reader user not found")
+        val client: HttpClient = getHttpClient(getClientKeyStore(ca, X500Name("CN=${user.name}")))
+        val requestBuilder = newRequestBuilder(key)
+            .header("Content-Type", "application/octet-stream")
+            .PUT(HttpRequest.BodyPublishers.ofByteArray(value))
+
+        val response: HttpResponse<String> = client.send(requestBuilder.build(), HttpResponse.BodyHandlers.ofString())
+        Assertions.assertEquals(HttpResponseStatus.FORBIDDEN.code(), response.statusCode())
+    }
+
+    @Test
+    @Order(2)
+    fun getAsAWriterUser() {
+        val (key, _) = keyValuePair
+        val user = cfg.users.values.find {
+            Role.Writer in it.roles
+        } ?: throw RuntimeException("Reader user not found")
+        val client: HttpClient = getHttpClient(getClientKeyStore(ca, X500Name("CN=${user.name}")))
+
+        val requestBuilder = newRequestBuilder(key)
+            .GET()
+
+        val response: HttpResponse<String> = client.send(requestBuilder.build(), HttpResponse.BodyHandlers.ofString())
+        Assertions.assertEquals(HttpResponseStatus.FORBIDDEN.code(), response.statusCode())
+    }
+
+    @Test
+    @Order(3)
+    fun putAsAWriterUser() {
+        val (key, value) = keyValuePair
+        val user = cfg.users.values.find {
+            Role.Writer in it.roles
+        } ?: throw RuntimeException("Reader user not found")
+        val client: HttpClient = getHttpClient(getClientKeyStore(ca, X500Name("CN=${user.name}")))
+
+        val requestBuilder = newRequestBuilder(key)
+            .header("Content-Type", "application/octet-stream")
+            .PUT(HttpRequest.BodyPublishers.ofByteArray(value))
+
+        val response: HttpResponse<String> = client.send(requestBuilder.build(), HttpResponse.BodyHandlers.ofString())
+        Assertions.assertEquals(HttpResponseStatus.CREATED.code(), response.statusCode())
+    }
+
+    @Test
+    @Order(4)
+    fun getAsAReaderUser() {
+        val (key, value) = keyValuePair
+        val user = cfg.users.values.find {
+            Role.Reader in it.roles
+        } ?: throw RuntimeException("Reader user not found")
+        val client: HttpClient = getHttpClient(getClientKeyStore(ca, X500Name("CN=${user.name}")))
+
+        val requestBuilder = newRequestBuilder(key)
+            .GET()
+
+        val response: HttpResponse<ByteArray> =
+            client.send(requestBuilder.build(), HttpResponse.BodyHandlers.ofByteArray())
+        Assertions.assertEquals(HttpResponseStatus.OK.code(), response.statusCode())
+        Assertions.assertArrayEquals(value, response.body())
+    }
+
+    @Test
+    @Order(5)
+    fun getMissingKeyAsAReaderUser() {
+        val (key, _) = newEntry(random)
+        val user = cfg.users.values.find {
+            Role.Reader in it.roles
+        } ?: throw RuntimeException("Reader user not found")
+        val client: HttpClient = getHttpClient(getClientKeyStore(ca, X500Name("CN=${user.name}")))
+
+        val requestBuilder = newRequestBuilder(key)
+            .GET()
+
+        val response: HttpResponse<ByteArray> =
+            client.send(requestBuilder.build(), HttpResponse.BodyHandlers.ofByteArray())
+        Assertions.assertEquals(HttpResponseStatus.NOT_FOUND.code(), response.statusCode())
+    }
+
+    @Test
+    @Order(6)
+    fun getAsAnonymousUser() {
+        val (key, value) = keyValuePair
+        val client: HttpClient = getHttpClient(null)
+
+        val requestBuilder = newRequestBuilder(key)
+            .header("Content-Type", "application/octet-stream")
+            .GET()
+
+        val response: HttpResponse<ByteArray> = client.send(requestBuilder.build(), HttpResponse.BodyHandlers.ofByteArray())
+        Assertions.assertEquals(HttpResponseStatus.OK.code(), response.statusCode())
+        Assertions.assertArrayEquals(value, response.body())
+    }
+
+    @Test
+    @Order(7)
+    fun putAsAnonymousUser() {
+        val (key, value) = keyValuePair
+        val client: HttpClient = getHttpClient(null)
+
+        val requestBuilder = newRequestBuilder(key)
+            .header("Content-Type", "application/octet-stream")
+            .PUT(HttpRequest.BodyPublishers.ofByteArray(value))
+
+        val response: HttpResponse<String> = client.send(requestBuilder.build(), HttpResponse.BodyHandlers.ofString())
+        Assertions.assertEquals(HttpResponseStatus.FORBIDDEN.code(), response.statusCode())
+    }
+}
--- a/gbcs-server/src/test/kotlin/net/woggioni/gbcs/server/test/X500NameTest.kt
+++ b/gbcs-server/src/test/kotlin/net/woggioni/gbcs/server/test/X500NameTest.kt
@@ -1,4 +1,4 @@
-package net.woggioni.gbcs.test
+package net.woggioni.gbcs.server.test

 import org.junit.jupiter.api.Assertions
 import org.junit.jupiter.api.Test
--- a/gbcs-server/src/test/resources/logback.xml
+++ b/gbcs-server/src/test/resources/logback.xml
--- a/gbcs-server/src/test/resources/net/woggioni/gbcs/server/test/gbcs-default.xml
+++ b/gbcs-server/src/test/resources/net/woggioni/gbcs/server/test/gbcs-default.xml
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<gbcs:server use-virtual-threads="false" xmlns:xs="http://www.w3.org/2001/XMLSchema-instance"
+             xmlns:gbcs="urn:net.woggioni.gbcs.server"
+             xs:schemaLocation="urn:net.woggioni.gbcs.server jpms://net.woggioni.gbcs.server/net/woggioni/gbcs/server/schema/gbcs.xsd">
+    <bind host="127.0.0.1" port="11443"/>
+    <cache xs:type="gbcs:fileSystemCacheType" path="/tmp/gbcs" max-age="P7D"/>
+    <authentication>
+        <none/>
+    </authentication>
+</gbcs:server>
--- a/gbcs-server/src/test/resources/net/woggioni/gbcs/server/test/gbcs-memcached.xml
+++ b/gbcs-server/src/test/resources/net/woggioni/gbcs/server/test/gbcs-memcached.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<gbcs:server use-virtual-threads="false" xmlns:xs="http://www.w3.org/2001/XMLSchema-instance"
+             xmlns:gbcs="urn:net.woggioni.gbcs.server"
+             xmlns:gbcs-memcached="urn:net.woggioni.gbcs.server.memcached"
+             xs:schemaLocation="urn:net.woggioni.gbcs.server.memcached jpms://net.woggioni.gbcs.server.memcached/net/woggioni/gbcs/server/memcached/schema/gbcs-memcached.xsd urn:net.woggioni.gbcs.server jpms://net.woggioni.gbcs.server/net/woggioni/gbcs/server/schema/gbcs.xsd">
+    <bind host="127.0.0.1" port="11443" />
+    <cache xs:type="gbcs-memcached:memcachedCacheType" max-age="P7D" max-size="101325" digest="SHA-256">
+        <server host="127.0.0.1" port="11211"/>
+    </cache>
+    <authentication>
+        <none/>
+    </authentication>
+</gbcs:server>
--- a/gbcs-server/src/test/resources/net/woggioni/gbcs/server/test/gbcs-tls.xml
+++ b/gbcs-server/src/test/resources/net/woggioni/gbcs/server/test/gbcs-tls.xml
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<gbcs:server use-virtual-threads="false" max-request-size="4096" xmlns:xs="http://www.w3.org/2001/XMLSchema-instance"
+             xmlns:gbcs="urn:net.woggioni.gbcs.server"
+             xs:schemaLocation="urn:net.woggioni.gbcs.server jpms://net.woggioni.gbcs.server/net/woggioni/gbcs/server/schema/gbcs.xsd">
+    <bind host="127.0.0.1" port="11443"/>
+    <cache xs:type="gbcs:fileSystemCacheType" path="/tmp/gbcs" max-age="P7D"/>
+    <authorization>
+        <users>
+            <user name="user1" password="password1"/>
+            <user name="user2" password="password2"/>
+            <user name="user3" password="password3"/>
+        </users>
+        <groups>
+            <group name="readers">
+                <users>
+                    <user ref="user1"/>
+<!--                    <user ref="user5"/>-->
+                    <anonymous/>
+                </users>
+                <roles>
+                    <reader/>
+                </roles>
+            </group>
+            <group name="writers">
+                <users>
+                    <user ref="user2"/>
+                </users>
+                <roles>
+                    <writer/>
+                </roles>
+            </group>
+            <group name="readers-writers">
+                <users>
+                    <user ref="user3"/>
+                </users>
+                <roles>
+                    <reader/>
+                    <writer/>
+                </roles>
+            </group>
+        </groups>
+    </authorization>
+    <authentication>
+        <client-certificate>
+            <group-extractor pattern="group-pattern" attribute-name="O"/>
+            <user-extractor pattern="user-pattern" attribute-name="CN"/>
+        </client-certificate>
+    </authentication>
+    <tls>
+        <keystore file="keystore.pfx" key-alias="key1" password="password" key-password="key-password"/>
+        <truststore file="truststore.pfx" password="password" check-certificate-status="true" />
+    </tls>
+</gbcs:server>
--- a/gradle.properties
+++ b/gradle.properties
@@ -2,9 +2,11 @@ org.gradle.configuration-cache=false
 org.gradle.parallel=true
 org.gradle.caching=true

-gbcs.version = 0.0.1
+gbcs.version = 0.0.8

-lys.version = 2025.01.10
+lys.version = 2025.01.17

 gitea.maven.url = https://gitea.woggioni.net/api/packages/woggioni/maven
 docker.registry.url=gitea.woggioni.net
+
+jpms-check.configurationName = runtimeClasspath
--- a/settings.gradle
+++ b/settings.gradle
@@ -27,9 +27,9 @@ dependencyResolutionManagement {
 rootProject.name = 'gbcs'

 include 'gbcs-api'
-include 'gbcs-base'
-include 'gbcs-memcached'
+include 'gbcs-common'
+include 'gbcs-server-memcached'
 include 'gbcs-cli'
 include 'docker'
-include 'benchmark'
-
+include 'gbcs-client'
+include 'gbcs-server'
--- a/src/main/resources/META-INF/services/net.woggioni.gbcs.api.CacheProvider
+++ b/src/main/resources/META-INF/services/net.woggioni.gbcs.api.CacheProvider
@@ -1 +0,0 @@
-net.woggioni.gbcs.cache.FileSystemCacheProvider
--- a/src/main/resources/net/woggioni/gbcs/gbcs-default.xml
+++ b/src/main/resources/net/woggioni/gbcs/gbcs-default.xml
@@ -1,10 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<gbcs:server useVirtualThreads="false" xmlns:xs="http://www.w3.org/2001/XMLSchema-instance"
-             xmlns:gbcs="urn:net.woggioni.gbcs"
-             xs:schemaLocation="urn:net.woggioni.gbcs jpms://net.woggioni.gbcs/net/woggioni/gbcs/schema/gbcs.xsd">
-    <bind host="127.0.0.1" port="8080"/>
-    <cache xs:type="gbcs:fileSystemCacheType" path="/tmp/gbcs" max-age="P7D"/>
-    <authentication>
-        <none/>
-    </authentication>
-</gbcs:server>
--- a/src/test/resources/logback.xml
+++ b/src/test/resources/logback.xml
@@ -1,21 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<!DOCTYPE configuration>
-
-<configuration>
-    <import class="ch.qos.logback.classic.encoder.PatternLayoutEncoder"/>
-    <import class="ch.qos.logback.core.ConsoleAppender"/>
-
-    <appender name="console" class="ConsoleAppender">
-        <target>System.err</target>
-        <encoder class="PatternLayoutEncoder">
-            <pattern>%d [%highlight(%-5level)] \(%thread\) %logger{36} -%kvp- %msg %n</pattern>
-        </encoder>
-    </appender>
-
-    <root level="info">
-        <appender-ref ref="console"/>
-    </root>
-    <logger name="io.netty" level="debug"/>
-    <logger name="com.google.code.yanf4j" level="warn"/>
-    <logger name="net.rubyeye.xmemcached" level="warn"/>
-</configuration>
--- a/src/test/resources/net/woggioni/gbcs/test/gbcs-default.xml
+++ b/src/test/resources/net/woggioni/gbcs/test/gbcs-default.xml
@@ -1,10 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<gbcs:server useVirtualThreads="false" xmlns:xs="http://www.w3.org/2001/XMLSchema-instance"
-             xmlns:gbcs="urn:net.woggioni.gbcs"
-             xs:schemaLocation="urn:net.woggioni.gbcs jpms://net.woggioni.gbcs/net/woggioni/gbcs/schema/gbcs.xsd">
-    <bind host="127.0.0.1" port="11443"/>
-    <cache xs:type="gbcs:fileSystemCacheType" path="/tmp/gbcs" max-age="P7D"/>
-    <authentication>
-        <none/>
-    </authentication>
-</gbcs:server>
--- a/src/test/resources/net/woggioni/gbcs/test/gbcs-memcached.xml
+++ b/src/test/resources/net/woggioni/gbcs/test/gbcs-memcached.xml
@@ -1,13 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<gbcs:server useVirtualThreads="false" xmlns:xs="http://www.w3.org/2001/XMLSchema-instance"
-             xmlns:gbcs="urn:net.woggioni.gbcs"
-             xmlns:gbcs-memcached="urn:net.woggioni.gbcs-memcached"
-             xs:schemaLocation="urn:net.woggioni.gbcs-memcached jpms://net.woggioni.gbcs.memcached/net/woggioni/gbcs/memcached/schema/gbcs-memcached.xsd urn:net.woggioni.gbcs jpms://net.woggioni.gbcs/net/woggioni/gbcs/schema/gbcs.xsd">
-    <bind host="127.0.0.1" port="11443" />
-    <cache xs:type="gbcs-memcached:memcachedCacheType" max-age="P7D" max-size="101325" compression-mode="gzip" digest="SHA-256">
-        <server host="127.0.0.1" port="11211"/>
-    </cache>
-    <authentication>
-        <none/>
-    </authentication>
-</gbcs:server>
Author	SHA1	Message	Date
Walter Oggioni	702556bfbb	added parameter to configure incoming connections backlog size All checks were successful CI / build (push) Successful in 2m12s Details	2025-01-20 10:22:03 +08:00
Walter Oggioni	06e9e7ca09	small optimization to make authenticator a singleton All checks were successful CI / build (push) Successful in 1m50s Details	2025-01-20 09:05:53 +08:00
Walter Oggioni	fa5bb55baa	uniformed xml configuration attributes, added max-request-size parameter	2025-01-20 08:24:44 +08:00
Walter Oggioni	007d0fffd6	removed deployment related files	2025-01-17 22:42:11 +08:00
Walter Oggioni	75ebf2248f	general refactoring All checks were successful CI / build (push) Successful in 2m30s Details	2025-01-17 14:17:57 +08:00
Walter Oggioni	241d95fe1c	added env variable and java properties substitution in configuration attributes All checks were successful CI / build (push) Successful in 3m29s Details	2025-01-16 21:11:35 +08:00
Walter Oggioni	3b7030c302	fixed mainClassName for native image build All checks were successful CI / build (push) Successful in 3m22s Details	2025-01-16 17:23:03 +08:00
Walter Oggioni	a8670277e7	fixed XML error handler for server command	2025-01-16 17:01:14 +08:00
Walter Oggioni	03ee75266d	added average turnaround time calculation in benchmark	2025-01-16 14:54:21 +08:00
Walter Oggioni	05a265e4b4	added connection pooling to gbcs-client All checks were successful CI / build (push) Successful in 3m55s Details	2025-01-16 13:37:14 +08:00
Walter Oggioni	5af99330f8	server is now a subcommand	2025-01-16 11:35:05 +08:00
Walter Oggioni	747168cda3	added client command	2025-01-16 11:16:01 +08:00
Walter Oggioni	225f156864	added anonymous user All checks were successful CI / build (push) Successful in 3m51s Details	2025-01-15 00:22:29 +08:00
				`@@ -1 +0,0 @@`
				`net.woggioni.gbcs.memcached.MemcachedCacheProvider`
				`@@ -0,0 +1 @@`
				`net.woggioni.gbcs.server.memcached.MemcachedCacheProvider`
				`@@ -0,0 +1 @@`
				`net.woggioni.gbcs.server.cache.FileSystemCacheProvider`
				`@@ -1 +0,0 @@`
				`net.woggioni.gbcs.cache.FileSystemCacheProvider`