This file provides guidance to Claude Code when working with this repository.
Fess is an Enterprise Search Server built on OpenSearch. It's a Java-based web application that crawls and indexes documents from various sources and provides full-text search capabilities. Licensed under Apache License 2.0.
Key Capabilities:
- Full-text search with OpenSearch backend
- Web, file system, and data store crawling
- Multi-format document support (Office, PDF, etc.)
- Admin GUI for configuration
- REST API for programmatic access
- SSO integration (OIDC, SAML, SPNEGO, Entra ID)
- i18n support (20+ languages)
| Component | Technology |
|---|---|
| Web Framework | LastaFlute (MVC framework) |
| DI Container | Lasta Di |
| Data Access | DBFlute (type-safe ORM for OpenSearch) |
| Search Engine | OpenSearch |
| App Server | Embedded Tomcat |
| Crawler | fess-crawler library |
| Scheduler | Lasta Job |
| Logging | Log4j2 |
| Testing | JUnit 4/5, UTFlute, REST Assured |
mvn antrun:run # Download OpenSearch plugins (required before first build)
mvn dbflute:download # One-time setup for DBFlute
mvn dbflute:freegen # Generate DBFlute source code
mvn license:format # Add license headersmvn package # Standard build
mvn clean package # Clean build
mvn rpm:rpm # Build .rpm package
mvn jdeb:jdeb # Build .deb packagemvn test # Run unit tests (*Test.java)
mvn test -Dtest=ClassName # Run single unit test
# To install fess jar for plugin dependency resolution:
# Change pom.xml <packaging>war</packaging> to <packaging>jar</packaging> first
mvn clean install -DskipTests # Then revert packaging back to war
# Integration tests (*Tests.java) - requires running Fess server
mvn test -P integrationTests -Dtest.fess.url="http://localhost:8080" -Dtest.search_engine.url="http://localhost:9201"./bin/fess # From command line
# Or run org.codelibs.fess.FessBoot from IDE
# Access: http://localhost:8080/ (Admin: admin/admin)mvn formatter:format # Format code
mvn license:format # Add license headerssrc/main/java/org/codelibs/fess/
├── FessBoot.java # Application entry point
├── Constants.java # Central application constants
├── app/
│ ├── web/ # Controllers (Actions)
│ │ ├── base/ # Base action classes (FessBaseAction, FessAdminAction)
│ │ ├── admin/ # Admin controllers ({feature}/ with Action, Forms)
│ │ └── api/ # API controllers
│ ├── service/ # Business logic services
│ ├── pager/ # Pagination handlers
│ └── job/ # Background jobs
├── api/ # REST API infrastructure
├── opensearch/ # DBFlute integration for OpenSearch
│ ├── config/ # Config index (crawl configs, schedules)
│ ├── log/ # Log index (search logs, click logs)
│ └── user/ # User index (users, groups, roles)
├── helper/ # Cross-cutting utilities (~40+ helpers)
├── crawler/ # Crawling engine (processor, transformer, service)
├── sso/ # SSO implementations (oic, saml, spnego, entraid)
├── auth/ # Authentication management
├── ldap/ # LDAP integration
├── filter/ # Servlet filters
├── validation/ # Custom validators
├── dict/ # Dictionary management
└── ds/ # Data store connectors
src/main/resources/
├── fess_config.properties # Main configuration
├── app.xml, fess.xml # DI configuration
├── fess_*.xml # Feature-specific DI
├── fess_label_*.properties # UI labels (i18n)
├── fess_message_*.properties # Validation messages (i18n)
└── fess_indices/ # OpenSearch index mappings
src/main/webapp/WEB-INF/view/ # JSP templates
src/test/java/.../it/ # Integration tests (*Tests.java)
- Hierarchy:
TypicalAction→FessBaseAction→FessAdminAction/FessSearchAction @Executemarks web endpoints@Resourcefor DI@Secured({ "role", "role-view" })for authorization- Return
HtmlResponsefor JSP,JsonResponsefor APIs
- Inject behaviors (Bhv) for data access
- Use
OptionalEntity<T>for nullable returns - Plain classes (no extends/implements)
- Stateless utility classes
- Access via
ComponentUtil.getXyzHelper() - Named with "Helper" suffix
opensearch/{index}/
├── bsentity/, bsbhv/ # Base classes (DO NOT EDIT)
├── exentity/, exbhv/ # Extended classes (customize here)
└── cbean/ # Condition beans (query builders)
- POJOs with public fields (no getters/setters)
- Validation:
@Required,@Size,@ValidateTypeFailure,@Pattern - Include
crudModefield for CRUD operations
@Securedannotation with role array ("admin-user","admin-user-view")- Role-based query filtering via
RoleQueryHelper - Authentication: Local (UserService), LDAP, OIDC, SAML, SPNEGO, Entra ID
- Security features: AES encryption, LDAP injection prevention, password policy, rate limiting
- Password hashing: BCrypt (
{bcrypt}$2a$10$..., Spring Security v5.8 compatible) viaPasswordHashHelperhelper. Configure withapp.password.algorithm/app.password.bcrypt.cost. Legacy SHA-256/512/MD5 hashes without prefix are verified viaapp.digest.algorithmfor backward compatibility and re-hashed on next successful login whenapp.password.upgrade.enabled=true(default). Downgrading to a pre-BCrypt Fess release will invalidate{bcrypt}-encoded passwords — document this in release notes and plan for admin password reset. - Password write paths (
UserService.changePassword,AdminUserAction,SearchEngineClientinitial admin) must callComponentUtil.getPasswordHashHelper().encode(plain)— do not callFessLoginAssist.encryptPasswordfrom new code.
| Element | Convention | Example |
|---|---|---|
| Classes | PascalCase | UserService, FessBaseAction |
| Methods | camelCase + verb | getUserList(), setupHtmlData() |
| Constants | UPPER_SNAKE_CASE | DEFAULT_PAGE_SIZE |
| Fields | camelCase | userPager, fessConfig |
- Logger:
LogManager.getLogger(ClassName.class) - Format:
key=value(e.g.,userId={},url={}) - Prefix with
[name]when context identification is needed - Mask sensitive values (passwords, tokens)
- This project supports up to 21 languages. When modifying user-facing strings, error codes, or labels, always propagate changes to ALL language files (fess_label_*.properties and frontend i18n files).
- Use
@Resourcefor field injection (not constructor injection) - Access helpers via
ComponentUtil.getXyzHelper() - Use
OptionalEntity<T>for nullable entity returns - Use DBFlute behavior classes (Bhv) for data access
- Put user-facing strings in
fess_label_*.properties - Run
mvn formatter:formatandmvn license:formatbefore committing
- Don't edit files in
bsentity/orbsbhv/(generated code) - Don't use direct OpenSearch client in business code (use Bhv classes)
- Don't hardcode strings that should be internationalized
- Don't skip validation in form processing
- Don't log sensitive data (passwords, tokens, credentials)
| Task | Files to Review |
|---|---|
| Add admin feature | app/web/admin/*/, app/service/, webapp/WEB-INF/view/admin/ |
| Add API endpoint | api/, app/web/api/ |
| Modify search | helper/SearchHelper.java, helper/QueryHelper.java |
| Add crawl config | opensearch/config/, crawler/ |
| Add SSO | sso/, fess_sso.xml |
| Add i18n | fess_label_*.properties, fess_message_*.properties |
- Documentation: https://fess.codelibs.org/
- GitHub: https://github.com/codelibs/fess
- Issues: https://github.com/codelibs/fess/issues