I've Springboot Application that interacts with client system via Graphql request/responses through RestTemplate (rest api) call.
I want to build interceptor to log these request response (without PHI & PII data) in it.
I tried to create my custom interceptor with ClientHttpRequestInterceptor, but not able to understand how do I decode the Http request and identify PHI & PII fields from it.
Related
I am trying to build an application with several microservices.
Let's say I have 4 microservices A,B,C and D which interact using Rest API (Springboot- webclient).
A would be the entry point for all external applications to interact with the application via an API gateway.
However there is no API gateway between microservices A,B,C & D.
Hence inorder to trace all the requests and responses, I have introduced a monitoring service that exposes an asynchronous non blocking rest endpoint as follows:
POST /messages
which can be invoked by services A,B,C and D to push the requests and response messages.
I am trying to add a WebClient Filter to invoke another rest call to push messages to monitoring service.
However since I need to make another rest call in the filter, how can I retrieve the WebClient in the filter.
WebClient webClient = WebClient.builder()
.baseUrl("http://localhost:8080|)
.filter(PushToMonitoringServiceFilter())
.build();
private ExchangeFilterFunction (PushToMonitoringServiceFilter() {
return (clientRequest, next) -> {
//TODO: Make an API call to push the request??
return next.exchange(clientRequest);
};
}
Also is this a bad idea? is there another pattern to monitor services without using API gateway.
I have a Keycloak instance in which i created an EventListener (Provider & ProviderFactory) that responds to register events.
But now I want this EventListener to call an endpoint in my SpringBoot app which is secured by this Keycloak instance (as client).
For this I can simply send a Http request from inside the EventListenerProvider. However, I am wondering how I can secure the endpoint so that only this Keycloak event listener can access the endpoint.
Can Keycloak authenticate itself for a client endpoint ???
Maybe u guys have an idea.
It's just like other apps that calls each other using a token they got from Keycloak. You can define a client for your even listener in Keycloak realm (or for your Keycloak as a whole in case it may want to call other endpoints in future). Then before making a call to your Spring endpoint, you get a token from Keycloak via the client-id/client-secret (by calling the /token endpoint of your realm) and put it as the Authorization header in your request.
From the beginning, I often write Spring Boot API with many API depend on what my application needs. I know there is a type like Filter Servlet, what is it? Can anyone help me to find the difference between API with Filter and without Filter?
I have go through some research: https://www.baeldung.com/spring-boot-add-filter and https://www.tutorialspoint.com/spring_boot/spring_boot_servlet_filter.htm
I have a sample for using Servlet Filter: https://help.shopify.com/en/api/reference/products/product#create-2019-10
A filter is an object used to intercept the HTTP requests and responses of your application. By using filter, we can perform two operations at two instances −
Before sending the request to the controller
Before sending a response to the client.
so its depends on requirement of your app if you need to do some work before sending request to controller or not.
Take an example below:
if we need to create an application where we need to authenticate and authorization of user with help of token so in each api we need to verify token before sending request to controller so we can use filter their.
and sending response back to client if we want to append some token then we can add same in filter.
example of filter:
https://www.javadevjournal.com/spring-boot/spring-boot-add-filter/
below method use for next call:
filterChain.doFilter(request, response);
We have created an soap request and sending the request using WebServiceTemplate
WebServiceTemplate.marshalSendAndReceive(request)
As my client is not ready with the server. I am trying to handle this request in my local and planning to post some dummy response.
Can you help me how I can mock this response?
If you are using CXF, see my JUnit Rule utility project. It creates an Endpoint using JaxWsServerFactoryBean.
I am using Spring integration WS 2.2 outbound gateway to invoke a webservice.
One of our requirement is to capture the soap request and response xmls to the database in addition to some other values like transaction id etc.
If i use ClientInterceptor to save the request/response to DB, it only has access to the soap request and the response but not to the values like transaction Id. So is there a way to retrieve and return the soap request and response from the interceptor OR a way to pass custom values to the interceptor?
Thanks