Is there any way to decrypt encrypted properties in Spring Cloud config Server in other projects?
For example, I want to decrypt "test" = "{chip}asdasdasd" without using the crypto endpoint of the spring cloud server.
Thank you in advance for your reply.
If you are using Spring Boot application as a client, it's easy, just add
encrypt:
key: your_key
to bootsrap.yaml and Spring will handle everything else.
Problems appear when you have other clients.
Then you can try to find some libraries or create your own: Example for TypeScript
Related
I'm trying to create cert based client authentication using spring 5, without spring boot. Is there a good tutorial on how to do it? (For example: how to specify a truststore, etc...).
I've ended up not using spring security, because I did not need many things it provides, and instead used a simple filter, that checks the data of the used certificate (I also configured the application server used, to allow that certificate).
I'm looking for the Spring project which is providing some secure capability to sending JKS file between two Spring apps. I found a Spring Cloud Config project (currently I'm using it in my apps) and I found topics with same question in internet but no one answer it. Is there any feature that can I use from this project or maybe someone know another project with this features?
There is no project that provides such capability AFAIK. You could serve the JKS file as a resource which is exposed at a certain web endpoint. Add Spring Security to your project so the other application can request the JKS file over HTTPS, and maybe add basic authentication for that specific web endpoint so others can't download it too.
Hope that helps!
I have a spring boot api secured with spring basic security. I call the api from another application. So I currently have the password in plain text in the application.yml files of my api and also the application.yml file from which I am calling the service.
How can I avoid having it in plain text in the yml? is there a way to have an encrypted password in both yml files?
I ended up using Jasypt (Java Simplified Encryption). This was very helpful
I am new to AWS and Spring Cloud. I have accomplished a simple AWS Java Application where the AWS credentials are stored in ~/.aws/credentials file. It works just fine. I moved to a new project in Spring Boot and Spring Cloud. I would like to continue using the ~/.aws/credential that I have set up for the Java application. However, I have not been able to find a way to load the credentials from the credentials file. I had to move the access key and secret key to the aws-config.xml.
<aws-context:context-credentials>
<aws-context:simple-credentials access-key="${accessKey:}" secret-key="${secretKey:}"/>
<aws-context:context-resource-loader/>
When I accomplished this, the Spring Boot and Spring Cloud application worked fine. However, keeping the information in the xml file is not the safest way because I am using GitHub.
Can someone point me in the direction whereby I can pull the information from the ~/.aws/credentials file into Spring Boot /Spring Cloud using Maven?
Thank you for taking the time reading my post.
Russ
try below settings
cloud:
aws:
credentials:
instanceProfile: false
useDefaultAwsCredentialsChain: false
profileName: <name>
profilePath: ${user.home}/.aws/credentials
Instance Profile sounds like the right option!
It's a IAM-role that lives on instances, without the need to hardcode credentials in code.
Spring Cloud's Maven setup guide :)
I am writing spring data rest service and would like to generate Java client as a jar file for use by my other project. So is there some automated way to generate client or do I have to write one myself. If either way can you help me get started with this.
Thanks
I haven't used Spring Data Web Exporter Client but that seems to be good way to go but if you want to go the other way and write your own client you can use Spring RestTemplate to consume all the url on your server side.
Check this: Spring Data Web Exporter Client. You can assembly build script to create client jar archive.