I deployed a Spring boot app on Azure and config Authentication.
After deployed success, I clicked in to App Service URL (HTTPs) and and executed some authorization steps and do more.
However, When I checked URL in HttpServletRequest. It is HTTP not HTTPs.
Does I need config more TLS/SSL in Azure App Service and source code ?
Related
We have a few cloud run services deployed on Cloud run with Ingress control set to "All" and Authentication set to "IAM". These are REST APIs created using Spring boot framework. We have one more Cloud Run service which is deployed as Spring boot admin server with Ingress control set to "All" and Authentication set to "Allow Unauthenticated Invocations".
Now the backend team have configured the Cloud run REST API services with the following cloud run endpoints in application.properties to communicate with Spring boot admin server:-
spring.boot.admin.client.url=${sm://cloud_run_rest_api_endpoint}
spring.boot.admin.client.instance.service-url=${sm://spring_boot_admin_server_cloud_run_endpoint}
This obviously fails on cloud run with 403 Unauthorized as the endpoints (Eg: /health, /metrics, /trace etc) required by Spring boot admin server from its clients need an Authorization Bearer token.
Is it possible to pass JWT token when accessing those endpoints ? Has anyone had success in setting up the same ? Or is there any possibility to have some of our cloud run service endpoints to be public on which we can later apply some security provided by spring ?
We are in the middle of setting up free API monitoring tool for our all APIs. Any recommendations are much appreciated.
Have created an API Gateway microservice (Sprint Boot project), using the Spring Cloud Starter Gateway.
Also the API Gateway would do the SSO Authentication, and on successful authentication, the IDP would redirect the SAML assertion to the API gateway HTTPS endpoint.
Added the spring-cloud-starter-gateway dependency and excluded all the transitive dependencies.
i have added the spring-boot-starter-web dependency so that the IDP would be able to redirect to the API gateway HTTPS endpoint.
I tested the SSO Authentication and it worked fine, but then when i wanted to test the gateway routing, it was not working.
So had to comment out the excluded spring-cloud-gateway-server dependency for routing.
But it gave error that Spring Web MVC found on Classpath is incompatible with Spring Cloud Gateway.
Either make application reactive or remove web dependency.
So made the application reactive by adding property in application.properties file to make it reactive.
But now, while doing SSO authentication, i get the following error in the Browser,
type=Unsupported Media Type, status=415
Is there a way in which we could do WEB SSO Authentication in the API Gateway ??
I have a spring boot application which runs on Azure Kubernetes Service and it exposes a private IP, using this IP I have configured this API on Azure API Manager. All the traffic will be coming to this spring boot application via API manager. Client to APIM connection is secured with SSL certificate coming from azure API manager. But from API manager to back end API application is not secured it is plain http. Is there any security issues for this architecture?
For your situation, since you already use SSL certificate to protect your APIM, I think the architecture is no problem even though there isn't any security configuration between APIM and backend api. APIM will not expose your backend, so others can't get your backend IP or backend url according to the APIM. So I think you do not need to add any other security configuration for your architecture.
For the comment about Azure AD mentioned by Tiny, you can also use Azure AD to protect your api or APIM, but I think it is unnecessary.
I created spring boot api with gradle build. everything working fine in my local.
I deployed angular app in Sites/DefaultsTest in IIS web server. it run in https://example.app.com/app
SpringBoot API base path is '/api'
I want to deploy spring boot api in same windows server machine and should able to access through Angular App globally.
please guide me.
IIS WebServer Dashboard
As far as I know, the spring boot API is a java web application, we don't suggest you directly hosted the java web application in the IIS.
I suggest you could try to install a docker or using tomcat to host the application, then you could use IIS reverse proxy to redirect the request to that API to get the result.
More details about how host the spring boot application on the docker, you could refer to below article.
https://blog.codecentric.de/en/2017/04/ansible-docker-windows-containers-spring-boot/
More details about how to use IIS reverse proxy, you could refer to below article.
https://blogs.msdn.microsoft.com/friis/2016/08/25/setup-iis-with-url-rewrite-as-a-reverse-proxy-for-real-world-apps/
I am working with spring boot microservice application and gateway generated using jhipster. I have hosted my site on AWS EC2 instance.
Site Url: http://192.167.1.17:8082
I have redirected the port to 443 to run on https.
Let's say my site is :
http://192.167.1.17 OR http://mytestsite.com
Now the requirement is that if I type in the browser - 192.167.1.17 OR mytestsite.com
It should automatically redirect to :
http://192.167.1.17 OR http://mytestsite.com
Spring boot application has embedded tomcat. How can I do this HTTP or HTTPS redirect automatically with the hosted site on AWS EC2 instance?