Rename X-B3-TraceId headers in spring cloud sleuth - spring

I have few services written in Node that are using "X-Request-Id" as the header to identify requests. I am now writing services in Java using spring-boot where I can use spring-cloud-sleuth to track traceId and spanId.
However, I would like to continue using the "X-Request-Id" as the request identifier across all of my services. Is there any way to rename the "X-B3-TraceId" header in spring-sleuth so that it sends the same header in HTTP requests and also uses the said header from incoming requests to set the traceId?

You can propagate extra fields, see the Propagation section of the Spring Cloud Sleuth docs.

spring:
sleuth:
propagation-keys: x-correlation-id

Related

Sending Zipkin Spans for #FeignClient

I'm running a Spring Boot app using:
Spring Boot 2.3.8
Spring Cloud Hoxton.SR10
I've declared the spring-cloud-starter-zipkin and spring-cloud-starter-openfeign dependencies, and have configured my app to point to a Zipkin server. Its a pretty vanilla setup and configuration (I also declare the spring-cloud-starter-netflix-ribbon and spring-cloud-starter-kubernetes-all dependencies o allow Spring Feign to use k8s service discovery).
My app declares a #SpringFeign annotated interface with a method to call to a remote service S.
So generally zipkin is getting spans from my app (for e.g. incoming REST calls) and B3 headers are being propagated via HTTP to the service S being called through feign.
But zipkin does not report a span from my app representing the Feign call to S.
Is that something that should "just happen", or am I missing a piece of the puzzle?
I can e.g. add #NewSpan to the feign interface method, but that doesn't give me HTTP details for the request/response as span tags. And I rather not do that if this is supposed to work out of the box.
This should be done out of the box: https://docs.spring.io/spring-cloud-sleuth/docs/2.2.7.RELEASE/reference/html/#feign
You can take a look at the feign sample (you need to go back in the history, currently it is for 3.x): https://github.com/spring-cloud/spring-cloud-sleuth/tree/master/spring-cloud-sleuth-samples/spring-cloud-sleuth-sample-feign
In order to see if propagation works, look into the outgoing request, it should contain the tracing-related headers.

How to store request data and reponse data into database in spring boot application

I am working on to store request data and response data if there any exceptions encountered while sending response back to client I need to store the exception also.
My DB table will ID,RequestData,ResponseData,Exception,TimeTakenToRespond
lets say I have endpoint called /athenticateUser so my input data would be
RequestData :{"username":"mate","password":"swamy"}
ResponseData :{"FirstName":"mate","LastName":"swamy","Email":"manteswamy#gmail.com"}
Like the above way I need to store all the request data and response data if any exception while sending response back to client that also we need store and the web service time taken respond.
As I am beginner to spring boot please guide step by step
Though you can write Interceptors, Filters etc for this. But don't do it.
Please try to use Spring Boot feature Actuator for tracing. It provides HTTP request logging out of the box.
There's an endpoint mapped to /trace or /actuator/httptrace which will show you last 100 HTTP requests. You can customize it to log each request, or write to a DB.
You will need spring-boot-starter-actuator dependency.
You can also whitelist endpoints.
For the guide step by step, you can check this actuator tutorial.
You can do it by using spring boot actuator httptrace..
add below dependency:
implementation('org.springframework.boot:spring-boot-starter-actuator')
Look at this step by step guide..
The Spring-boot actuator doesn't support getting the request/response bodies, they even removed some mechanisms to do it.
Here's a blog post on how to do it with a Filter.

Is it possible to disable Spring Cloud Sleuth header propagation based on destination URL?

We're using Brave's ExtraFieldPropagation feature to propagate custom fields (e.g. an internal-only request identifier) between services as HTTP headers.
Some of our services make requests to external services using a RestTemplate or Feign client in the course of processing a request. Since Sleuth enhances all RestTemplate beans and Feign clients with the propagation feature, this means that external services receive the internal-only headers, which I'd like to avoid.
I know of two workarounds that allow me to avoid this behavior, both of which are flawed:
Instantiate a client object manually as opposed to using a #Bean so that Sleuth does not add an interceptor. The downside I see here is that developers have to remember to follow this pattern to avoid leaking information, and this is difficult to enforce.
Add an interceptor that removes these headers from outgoing requests. The downsides here are that a) I need separate interceptors for RestTemplate and Feign clients (not a huge deal); b) it looks like Feign client interceptors do not have a way to influence order of execution (see javadoc here), so I can't guarantee that the new interceptor will run last / after the Sleuth one.
Is there a way to customize Sleuth (e.g. via some kind of injector bean) such that, prior to injecting headers in an outgoing HTTP request, I can reason about the destination of the request? I saw documentation regarding custom injector beans, but it appears those no longer exist in spring boot >= 2. I can't seem to find an equivalent construct in Brave.
You can unsample a given URL which means that the headers will be propagated but not sent to Zipkin. You can't disable instrumentation for only some of the URLs cause we're instrumenting all of the components that are registered as beans.

Is a HTTP server(Jetty) required for hosting camel routes processing HL7 messages

I want to create a HL7 listener in camel and process the HL7 messages I receive. I was planning to use SpringBoot/dropwizard along with camel for this purpose. The reason dropwizard is already used in my company for creating restful API's and I thought of reusing them for creating Camel routes as microservices also. My questions are,
HL7 messages are received using MLLP(Mina or Netty) over TCP. There isnt any HTTP involved. So is there any purpose of using a server like Jetty? Is it better to use Camel standlone?
If there is not any HTTP requests/listeners involved in my camel application, is there any use of me going for dropwizard/Springboot, as these frameworks were mainly created for creating Restful API's i.e for HTTP traffic?
Ad 1)
Yes HTTP is not involved and Camel uses Netty (preferred) or Mina.
Mind there is camel-mllp which is a more hardened than camel-hl7 which has some more advanced HL7 corner cases fixed. See the readme file: https://github.com/apache/camel/tree/master/components/camel-mllp
Ad 2)
You can opt out HTTP in spring boot, just dont have its -starter-web dependency and its a standalone non HTTP app. Just mind that you may need to turn on camel.springboot.main-run-controller=true in the application.properties to keep the JVM running.
And by using Spring Boot or DropWizard etc you have a similar deployment and packaging as other apps, instead of having to create something yourself.

Spring security and remoting

i am using spring remoting alongside spring security
I have 2 servers (let's call them "front" and "back")
The "front" server is exposed to the outside world and receives, along with the rest of the request, the "Authorization" header. However, i notice that when i use spring remoting to call the "back" that header is not copied. What do i do?
BTW, I haven't checked it yet but i am almost certain that it won't work for "JSESSIONID" as well.. what do i need to do in order to propagate these 2 headers?
If you are using Spring-Remoting, then spring-security-remoting to the rescue! This module contains several request factories and executors that enrich the requests with a security context.
For RMI: http://static.springsource.org/spring-security/site/apidocs/org/springframework/security/remoting/rmi/package-summary.html
For HTTP: http://static.springsource.org/spring-security/site/apidocs/org/springframework/security/remoting/httpinvoker/package-summary.html

Resources