I am using Apache Camel Spring DSL to call a REST service over HTTPS. The application is a Spring Boot application and the dependency camel-http is added in pom.xml. I have the certificate file Test.p12 and the password of the certificate. To add the certificate while calling the HTTPS URL, I am following the instructions given in
https://camel.apache.org/components/latest/http-component.html
and trying to add the following bean definition:
<camel:sslContextParameters
id="sslContextParameters">
<camel:keyManagers
keyPassword="keyPassword">
<camel:keyStore
resource="/users/home/server/keystore.jks"
password="keystorePassword"/>
</camel:keyManagers>
</camel:sslContextParameters>
but not able to create a bean. Can anyone please guide me how to call a REST service using HTTPS in Camel and how to add the certificate while calling?
Check out the Spring-Boot configuration of SSLContextParameters in the YAML (or property) file of the application.
You can find it at the bottom of this page.
Related
I have created a sample SOAP Web Service project (spring boot) and trying to integrate Okta as a resource server for authentication.
I am able to deploy the application to WebLogic, but when testing the service using SOAP UI, it gives the response even when there is no Token included in the header.
When I access WSDL from a browser using my wsdl url, http://myhost:port/appservice/app.wsdl I see the 401 error, so I think it is picking up the Security config changes. But it is not working for SOAP requests, I would get response even with out Okta token.
Is it because for SOAP requests, do I need to include any interceptors on top of Security Config java file. Or am I taking a wrong path for security with SOAP. Can someone let me know what am I missing or point me to right direction. Is token validation part of WS-Security? or the authentication manager in Okta resource server enough for this?
I followed this documentation to create it.
I have read most of the SO questions related to this and spring documentation, but could not connect the missing dots. Please help me with this. After spending lot of time, I felt like I was moving in circles.
UPDATE:
I have enabled spring security debug logs by doing below
#EnableWebSecurity(debug=true)
logging.level.org.springframework.security.web.FilterChainProxy=DEBUG
UPDATE2:
I haven't made any big changes to my configuration, but when I ran the project on embedded tomcat locally, it started working. To run on Tomcat, I changed packaging from war to jar, excluded Tomcat in my POM and in my Main class, I had to remove the SpringBootServletInitializer and WebApplicationInitializer. That's it. I tested SOAP UI with the Okta bearer token and it gave me response. With out the token it did not give me response.
Spring Security not working only in case of WebLogic12c. I don't know what I am missing to include for that to work in WebLogic. when deployed through Tomcat, request is passed through all the beans in Security Filter Chain {
WebAsyncManagerIntegrationFilter,
SecurityContextPersistenceFilter,
HeaderWriterFilter,
CsrfFilter,
LogoutFilter,
BearerTokenAuthenticationFilter,
RequestCacheAwareFilter,
SecurityContextHolderAwareRequestFilter,
AnonymousAuthenticationFilter,
SessionManagementFilter,
ExceptionTranslationFilter,
FilterSecurityInterceptor}
But on WebLogic, the request is passed only through first four beans in Security Filter Chain {WebAsyncManagerIntegrationFilter,
SecurityContextPersistenceFilter,
HeaderWriterFilter,
CsrfFilter}
I just wanted to update the alternate solution I found for this problem, for completeness.
Spring Security Filter chain was not working for Weblogic, where as same was working in Tomcat, even for Weblogic version 12.2.1.4.
I had followed this example, and implemented Okta filter as spring boot version was not working in Weblogic 12.2.1.4.
Thanks to #Toerktumlare, I have implemented logging with logback-spring.xml
I am new to Spring boot.
While creating a New Spring Starter project in STS there is a Service URL dropdown defaults to https://start.spring.io as given below.
I searched in stack overflow but didn't find any information about it.
What is the use of specifying this? Why it has been given as editable? Is there any alternative available instead of https://start.spring.io?
I noticed that tried with any other URL, it tries to parse as json and gives exception given below.
JSONException: A JSONObject text must begin with '{' at character 3
Need clarification, what is happening in background?
It is a simple client server architecture which various UI clients such as Spring Boot CLI , IDE or official web UI talk to the same backend HTTP API that actually generates the spring starter project.
The service URL is the URL of this HTTP API. Spring Team already deploy an official one at https://start.spring.io which you can simply use it.
But in case if you want to build your own customised version , you can checkout its source codes , modify according to your needs and deployed to your own server. Then change the service URL to your API server 's URL in order to use it.
I have two different spring boot application with SSL enabled in it and also there is an eureka discovery server and these two applications are linked to eureka server.I need to make some https call between these two SSL enabled applications. So I decided to go ahead with feign client .Eureka is able to resolve https url properly for feign client. But while making the call I'm getting "unable to find valid certification path to requested target". I can understand this error is because public key of my client application is not present in truststore of the application from which I'm making feign call. I have already added the public key in my custom truststore, But it is of no use.Property file for the same is below
server.ssl.enabled=true
server.ssl.key-store=classpath:springboot.p12
server.ssl.key-store-password= Pass#123
server.ssl.keyStoreType= PKCS12
server.ssl.keyAlias= springboot
server.ssl.trust-store=classpath:springboot.jks
server.ssl.trust-store-password=Pass#123
eureka.instance.nonSecurePortEnabled=false
eureka.instance.securePortEnabled=true
After digging more into the issue I found that "server.ssl.trust-store" property will set truststore in the embeded tomcat server of spring boot application, But some have my https call is taking default JDK truststore. When I added system properties in my application then everything is working fine. But with spring boot properties file configuration it is not working .
System.setProperty("javax.net.ssl.trustStore", trustStorePath);
System.setProperty("javax.net.ssl.trustStorePassword",trustStorePassword);
I feel setting system properties is an workaround and I'm looking for a better solution .
I even tried enabling ribbon client and added "ribbon.IsSecure=true" property also. But still getting the same issue.
Can someone please provide a suggestion for the same.
Thank you
I have a spring cloud project. There are config server (config-srv), eureka server (eureka-srv) and some other service with business logic, let's call it main service (main-srv).
I'm packaging them into jars and run one by one. My apps get their properties from a file in the same directory with jars.
So, I'm setting properties to config-srv through "application-native.properties".
But if i want to change config-srv url (for example, i want http://localhost:9999), how can i share this url for all micro-services before they will boot ? I'm trying to share this url in "application-default.properties" but it makes no effect.
You can put the Spring Cloud Config server details in bootstrap.properties file in each microservices.
spring.application.name=microserviceName
spring.profiles.active=dev
spring.cloud.config.uri=http://localhost:9999
spring.cloud.config.username=your_username
spring.cloud.config.password=your_password
Go through the link to have more detail about spring cloud config
https://howtodoinjava.com/spring-cloud/spring-cloud-config-server-git/
I am working on sending a request to a web service and parsing the response. I have to use Spring 3 and Apache CXF. Using Maven's wsdl2java, I was able to generate request and response objects from the wsdl. These classes have been generated now and I see basically what appear to be annotated POJO's. I am unclear what the next step is to actually send the request to the web services. All I see is an ObjectFactory to create the initial web service.
What is the next step? Do I need to create a spring bean configuration file like this?
<jaxws:client id="XXXX"
serviceClass="XXXX"
address="http://localhost:8080/xxxx />
Any assistance would be greatly appreciates as I am not sure how to send the actual request to the web or what my next step would be. Thanks
If you want to look the webservice without using spring you can use the stubs generated & make a call to the service in a program with main. Something like..
http://61.153.44.88/apache/cxf/2.0/developing-a-consumer.html
If you want to use spring, see "Create a Client" section here
http://cxf.apache.org/docs/writing-a-service-with-spring.html
There is a post here with an example of how to create a CXF Client and server and integrate it with Spring.