I have a small doubt. I need to connect Spring Cloud Config Server with JDBC Backend. But the credentials to connect to the DB aren’t readily available. The real password has to be retrieved from Cyberark using a nickname and I have relevant Java Code for the same. I need a mechanism where this deciphered Password and Username can be used for setting the datasource of the Spring Cloud Config Server. Is this possible?
Related
I made a new Spring Boot project using the Spring Initializr. I'm building an On-premise backend so what I'm trying to achieve is that when the user opens the jar executable and the server starts, he should be able to configure the database connection by going to localhost:8080/ in his web browser. Basically the index.html will have a form with 4 fields for IP Address, Database Name, UserName and Password. When the form is submitted spring will try to connect to the database with the provided information.
I have all my entities, repositories and controllers but currently the only way i can connect to a database is with the application.properties file, but since the user wont have access to the source, there should be a way for him to configure his database.
Thanks for your time!
I would suggest to use the Spring cloud Config server to store database related properties which is capable of picking up configuration at run time. Although it is typically configured with a Git repository, you can store them locally as pointed out in this thread.
I'd like to install SCDF 2.6.x with an Oracle DB and Kerberos auth8n.
I am following the spring cloud data flow adocs in the source, and the online guides at https://docs.spring.io/spring-cloud-dataflow/docs/current-SNAPSHOT/reference/htmlsingle/#_oracle.
There's clarity on how to use an Oracle datasource, but only with username and password for authentication.
My aim is to be able to use Kerberos auth8n with an Oracle driver, and specify this in the server-config.yml for kubernetes deployment.
I have been using the Spring cloud Service connectors for Pivotal cloud foundry for a long time which gets the connection details from the VCAP_SERVICES env variable. Now we have a requirement to read these credentials from Vault . I am just curious , Can I still continue to use the Service binding approach with spring cloud connector ? I would assume we don't want to expose these credentials from vault to an VCAP_SERVICES variable which defeat the purpose of the vault. Has there been any enhancements in Spring cloud connectors to read the credentials directly from Vault rather than depending the VCAP_SERVICES env variable or should I resort back to the Spring boot's default Application Properties based approach instead of the service binding approach using cloud connectors ?
The Spring Cloud Connectors project is now in maintenance mode, in favor of the newer Java CFEnv project. However, Java CFEnv is also very specific to Cloud Foundry's VCAP_SERVICES model of exposing service bindings and won't help you if the service connection info is in Vault.
I would suggest that you fall back to the Spring Boot properties-based approach using Spring Cloud Vault or Spring Cloud Config Server's Vault integration to automate fetching the properties from Vault and making them available as Spring Boot properties.
We have a spring-boot 2 application that connects to db2 database via DAOs. The current application uses application.properties to store the credentials, like this:
spring.datasource.url=jdbc:db2://127.0.0.1:50000/bcupload
spring.datasource.username=db2user
spring.datasource.password=mysecretpa$$
spring.datasource.driver-class-name=com.ibm.db2.jcc.DB2Driver
I would like to store username and password in Hashicorp Vault and retreive it at runtime using Spring Cloud Vault facilities.
I've examined this example from Spring Guides but I'm not understanding what to do with these values I retrieve them from the Vault. How do convert them to properties that Spring Boot uses when connecting to my db2 data source?
Add the same property in vault and connect to Vault with Spring-cloud-vault Library. Have all Vault related configurations in
bootstrap.yml
Not required to convert that as a property. Above mentioned steps are enough
I have serveral microservices communicating with each other.
For general configuration I use Spring Cloud Config which works well.
Some of the services need to access database resources of a legacy system. So they need to know where the database (databases in a multi-tenant environment) is located and which credentials to use.
Using Spring Cloud Config I see two possibilities:
application.properties: This would expose the db settings to all services. That´s no option.
my-crazy-service.properties: This would work fine but I would have to configure any service which needs db access. Doesn´t scale well.
So my idea is to implement another microservice which is responsible for any connection infomation. This service exposes a rest endpoint using spring-data-rest.
In case Service A wants to use the legacy db it can call the new service and ask for the required data.
Now I wonder when the best time is to request the connection info from the remote service.
On startup of each microservice? Where should such startup code be located?
In general where should initialization stuff be done?