Spring boot: forward-headers-strategy has no effect - spring

I have simple rest controller
public void getMyIp(HttpServletRequest request)
{
final var ip = request.getRemoteAddr();
....
}
And I emulate request through proxy server
curl --location --request GET 'localhost:8080/api/myIp' \
--header 'X-Forwarded-For: 10.10.10.10' \
--header 'X-Real-Ip: 10.10.10.10'
I changed strategy in application.yml
server:
forward-headers-strategy: FRAMEWORK
The application runs from IDE with build-in tomcat server.
Why I gets my real ip address?
UPD: I changed strategy to native, and it works now!

It need to use strategy NATIVE
server:
forward-headers-strategy: NATIVE

Related

How to properly connect to my VM to get json?

I'm new in Spring and I have a problem when I run Spring WEB in VM.
Test on local computer works:
I run app mvn spring-boot:run -Dspring-boot.run.profiles=test and check request:
curl -X POST ``http://localhost:8080/api/v1/dictionary/yandex-alice-skill`` -H "Content-Type: application/json" -d "{}"
and get {"response":{"text":"Hi! I can help you to learn words.","end_session":false},"version":"1.0"}
When I run app in VM and try to get json in my VM everything works fine too:
BUT when I try to get json in my local computer I get 404
Page have 404, but why I can't get json? How to properly connect to my virtual machine?
Controller:
#RestController
#Slf4j
#RequestMapping("/api/v1/dictionary/yandex-alice-skill")
#RequiredArgsConstructor
public class DictionaryController {
#Autowired
private DictionaryService dictionaryService;
#PostMapping
public #ResponseBody talkYandexAlice(
#RequestBody YandexAliceRequest request) {
return dictionaryService.talkYandexAlice(request);
}
}
I want to get json, but I get HTML from server.

Is there a way to set the user in org.springframework.web.client.RestTemplate

I'm trying to migrate a curl command with a username and password to a rest API consumer code of org.springframework.web.client.RestTemplate
curl -i -k --location -u username:userpass \
--request GET http://myserver:80/rest/api/2/project --header 'Accept: application/json' \
--header 'Content-Type: application/json' --data-raw ''
But such parameter username:password is not supported in RestTemplate (correct me if I'm wrong)
What other options can do this?
I'm using spring boot 2.4.3
If you use -u or --user, Curl will Encode the credentials into Base64 and produce a header like this: -H Authorization: Basic <Base64EncodedCredentials>
There is a way to build a RestTemplate with what you want to achieve. To do that just configure a singleton restTemplate bean in your configuration class.
Until version 2.1.0 it was available the basicAuthorization()
previous spring boot versions used basicAuthorization()
#Bean
RestTemplate rest(RestTemplateBuilder restTemplateBuilder) {
restTemplateBuilder.basicAuthorization("username", "userpass").build();
}
From 2.1.0 and forward the basicAuthorization() has been deprecated and in later versions removed. You can use basicAuthentication() instead
newer versions have only basicAuthentication()
#Bean
RestTemplate rest(RestTemplateBuilder restTemplateBuilder) {
restTemplateBuilder.basicAuthentication("username", "userpass").build();
}

Spring boot Cookie versus Authorization in header field

I have a very minimal spring-boot app with dependency spring-boot-starter-web and spring-boot-starter-security. I just learned spring boot yesterday. I noticed that sending a POST request like below even if provided with the wrong basic auth password the request succeeds. Because, of the presence of a cookie in a previous successful request.
curl --location --request POST 'http://localhost:8080/create' --header 'Content-Type: application/json' --header 'Cookie: JSESSIONID=EA39A09B47575D192845148AFFCAD85B' --data-raw '{
"surname":"Murdock",
"givenname":"John",
"placeofbirth":"Slovenia",
"pin":"1234"
}'
Is this the expected behavior? And how do I make spring-boot to always check the provided basic auth password?

Spring Cloud Config refresh configurations

Is it possible to refresh the configurations calling a java method instead to use the REST api:
curl localhost:8080/actuator/refresh -d {} -H "Content-Type: application/json"
You can use the ResartEndpoint class from spring-cloud-context:
#Autowired
private RestartEndpoint restartEndpoint;
...
Thread restartThread = new Thread(() -> restartEndpoint.restart());
restartThread.setDaemon(false);
restartThread.start();
This is how #alexbt suggests to do it. But note that the spring cloud documentation also says you can refresh individual beans provided they are RefreshScope.

Jersey 2.2 Client POST request to Parse.com utf-8 issue

I am a begginer in Dropwizard / Jersey so please bear with me. I am creating request from my Dropwizard application resource:
Client client = new JerseyClientBuilder(environment)
.using(new JerseyClientConfiguration())
.build("my-app-name");
String response = client
.target("https://api.parse.com/1/functions/myFunction")
.request(MediaType.APPLICATION_JSON)
.accept(MediaType.APPLICATION_JSON)
.header("X-Parse-Client-Key", "mysecredclientcode")
.header("X-Parse-Session-Token", "mysecretsessiontoken")
.header("X-Parse-Application-Id", "mysecretapplicationid")
.post(Entity.text(
"{\"postId\":\"xP0Jc2lrqS\"}"
));
I think I tried all possible variations of Entity.* followed by MediaType.* with no luck.
This should work according to documentation. And I can call other endpoints of my app locally this way with no problems. But requests to parse.com return following entity:
{"code":107,"error":"invalid utf-8 string was provided"}
When I curl from bash I get expected response. I feel like I tried everything, can you please point me in the right direction, what am I doing wrong here?
curl request that works:
#!/usr/bin/env bash
curl -X POST \
-H "X-Parse-Application-Id: mysecretapplicationid" \
-H "X-Parse-Client-Key: mysecretclientkey" \
-H "X-Parse-Session-Token: mysecretsessiontoken" \
-d '{"postId":"xP0Jc2lrqS"}' \
https://api.parse.com/1/functions/myFunction
Just in case you still facing this issue, I solved this adding in my maven project these properties:
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
</properties>
Regards,

Resources