I have 2 spring REST applications (gateway/security) that communicate with each other.
When I send a login request to the gateway, the gateway forwards it to the security application where it is checked whether the user has the correct rights. if this is the case, an account will be returned. This works great on my local pc, but when I put it in docker it stops working.
I tried:
Sending via POSTMAN a post request direct to the security server, this works
Sending via POSTMAN a post request direct to the gateway with the wrong data to check if I got a custom made error, this worked too.
Using it without using docker, this worked.
My docker-compose looks like.
Code where I think it goes wrong (This is in the gateway application when I try to send it to the security application):
If I need to provide more data, let me know
This is wrong way of doing it. First thumb rule of docker is not to use localhost at all.
You need to use the name of the service in your docker compose and you should depend on docker container to container communication.
So in your case the url should be like below
String url = "http://security:8083/auth/login";
Also as best practice never write urls directly into your code. Always take them using application.properties in your code and then later override them using the environment variables. This make sure that your code can run in different environments by just overriding environment variables and they don't need a code change
Related
I use React-Native for an app and Spring Boot for backend. For making requests from the app, I use Axios.
I am developing a new backend service and I wanted to test it on the app before making a backend deploy. Usually, I would simply use something like axios.post('http://192.168.1.25:8080/resource'), to access the server running on my PC connected to the smartphone via LAN. It works.
This new service, however, depends on the subdomain sent with the the HTTP request. For instance, on the previous example, I would have to make a post to 'http://english.192.168.1.25:8080/resource'. Making a axios.post() to that address however, doesn't work. Axios gives me the error "can't resolve english.192.168.1.25".
Does anyone know how to solve this? Testing with Postman from another machine, the endpoint 'http://english.192.168.1.25:8080/resource' works just fine (Only the axios lib running on the react-native phone fails).
TLDR;
try to disable your dns-rebind protection in your router by adding an exception for your subdomain.localhost
FritzBox -> Home Network -> Network settings -> DNS Rebind Protection
the other way would be to run your own dns on your system which does the same. Something like dnsmasq or https://github.com/hubdotcom/marlon-tools/blob/master/tools/dnsproxy/dnsproxy.py
I think i found a solution for this problem. something.localhost is routed to your primary dns. In a typically installation its your router. Most modern routers have a dns-rebind-security mechanism. https://en.wikipedia.org/wiki/DNS_rebinding
I ran into the same issue at home and when i tried to get foo.localhost running at work, it works as expected. So what can I say. At home we use a FritzBox 7560 with DNS Rebind protection enabled. At work I have a noname router from a "magenta company" without a rebind protection.
I would like to know if anyone has a way to get the IP address of the currently used proxy IP of a running TestCafe test. I would rather not add the overhead of first loading up a site that gives me the proxy IP I'm using and instead would like it if there was some internal way to discern it.
After much work on this, I have solved this by creating an express server, installing request-IP (a node.js library which gets the requesting IP), and then basically setting up an endpoint /givemyip to ping that first before actually navigating to the target testing page. Doing so let me view every single proxy in the terminal. I then simply wrote each IP to MongoDB along with the result data from each test. Solved!
I'm hoping that someone can help me out here.
I'll try to give as much information as I can but this is a work project so have to be very careful how much I post.
The situation is this. The user attempts to connect to a web page, as they are not authenticated they are re-directed to an oauth server and are presented with a login page. When the user completes login they are then re-directed back to the original URL and are presented with the landing page.
The projects are spring boot and when I run them locally everything works as intended.
I have created docker images and can run the containers and the projects are connecting to a eureka server with on the correct network with the correct hostname.
The issue that I have is that when I attempt to get to the web page, I can track the logs and see that the re-direct is happening and I can see the re-direct URL in the browser bar but then it seems to stop. The oauth server logs shows that nothing is happening and there is no login page presented. The web UI and the oauth server are both docker images and both use spring boot with java 8.
There isn't a firewall issue as the containers are running on the same subnet. The projects are copies of projects that are already running in another section of the network so I know that they do run ok.
Any pointers would be greatly appreciated.
ok so an update to this, it turns out that the server running the docker engine was running on a unix server but that was actually running inside of a Hyper-V container which was interfering with the network traffic and the redirects, I asked to have the image removed and started working on the windows server directly, I would have preferred to work on unix but there we go. So if you are working remotely where you are deploying docker images to a container engine on a remote server and getting redirect issues, this may be one thing to look at, especially if you can run your system locally without any issues.
i'm using the WSO2 ESB to integrate several services on the Windows virtual machine.
I used the simple proxy to map the services deployed on it. But the problem is what i can't access them from outside it nevetheless the port 8280 where services are deployed is open for internet, but i can see only blank page instead. What could be wrong?
Another question is i was trying to map the WSO2 ESB management console itself to be availbe from outside the machine using simple proxy, and i'm failed, it loads me the this is what i see on trying the service.
Could you please give me a hint on how to resolve this issue? is it possible to share the esb mgmt console using the ESB itself?
Thanks a lot in advance,
Do u have proxy in the middle? It looks like on screenshot webpage missing all pictures, meanwhile css was loaded successfully.
Another question which kind of virtual machine u use? For example in virtualbox by default virtual machine behind NAT.
I wasn't able to connect to server on virtual machine from host only opposite way server on host available in virtual machine.
To make server in virtual machine available on host need to configure network as bridge.
Not sure if it helps, but I think I had a similar problem in our corporate network after I applied all the security patches (poodle,Diffie-Hellman etc.). I had to configure the addresses in catalina.xml (if i remember right) that are/under which allowed to access the admin console. Cannot tell you more details because I'm on holiday :-)
Maybe it's worth to give it a try.
Another example from real life. HTTP Response from external resource was application/json, status of response 200 OK. ESB configured to use
<messageFormatter contentType="application/json"
class="org.apache.synapse.commons.json.JsonStreamFormatter"/>
but content was simple text/plain.
During parsing body of http response exception was thrown and just silently was written to log, without any fault message processing. Just empty response to client.
To clarify that services reachable, there is echo service by default on server, which respond content equal to request. Try to use it.
was trying to map the WSO2 ESB management console itself to be availbe
from outside the machine using simple proxy
By default the management console tries to enforce the port 9443 for dynamic links (JSP) pages. That's why you see only part of the pages and you shouldn't be able to log on.
what you can do is edit the repository/conf/tomcat/catalina-server.xml and to the Connector running the port 9443 you can add an attribute proxyPort="443", the carbon console will be happy to run on 443.
For the services, my educated guess would be on the firewall / network rules, however without other information I cannot answer (or - they are working, just you may not try to access them by simple browser request)
I have an application running in my personal network. This application can send emails to users and they can acknowledge the receipt via the email they receive as long as they are on my personal network. This is because they have to access the application to perform the acknowledge action.
I want to extend this and see if I can allow acknowledgements via emails from outside the network as well. I know I have to change my application to do this but not sure which way to go. Can some one throw some light?
My application is a spring based web application.
You need to configure your firewall to allow outside access to whatever port the app runs on.
You need to configure port fowarding on your gateway to direct outside traffic to the system running your app (unless your gateway is the server running the app).
After that you should just be able to go to youroutfacingip:portforapp
for example http://123.456.78.90:12345
in a web browser anywhere
you can setup DNS if you want to use a URL instead of an ip.
Keep in mind, anyone can go to this url, so make sure it has access control.