I'm using SCG with Eureka, with discovery client based routes. Some clients have different security requirements (some unauthenticated, some with certain roles). I can set a path matcher on the ServerHttpSecurity object that builds the SecurityWebFilterChain, but I don't know in advance if any of the discovered services will be one of those that requires a different configuration from the default. I'm considering using metadata from the discovery client to configure this.
Is there something in Spring Security to refresh the ServerHttpSecurity config based on some application event or something like that? Or is there something SCG that controls this? Or am I overthinking this and it just happens at some point?
Related
I'm looking for a way to implement custom endpoints for a reactive application using Spring Boot 2.2.
The endpoints have some subsystems and perform specific resource operations on the subsystems. The URL paths look like:
/actuator/system1/subsystem_a
/actuator/system1/subsystem_b
/actuator/system2/subsystem_c
Furthermore, system1 and system2 are not both always deployed, so I'd like to add dynamically the endpoints of the deployed system only.
I know I can use ReactiveHealthContributorRegistry to add custom health check endpoints dynamically. Is there a similar way for a fully custom endpoint?
Thanks in advance.
It seems there is no way to construct such complex endpoints like what I asked in Spring Boot Actuator.
I finally decided to use RouterFunction and HandlerFunction referring to the following websites.
https://www.baeldung.com/spring-5-functional-web
https://spring.io/blog/2016/09/22/new-in-spring-5-functional-web-framework
I know there is a similar kind of question exist but if works only for glassfish server.
Listing all deployed rest endpoints (spring-boot, jersey)
Is it possible to list all my configured rest-endpoints with spring boot? The actuator lists all existing paths on startup, I want something similar for my custom services, so I can check on startup if all paths are configured correctly and use this info for client calls.
How do I do this? I use #Path/#GET annotations on my service beans and register them via ResourceConfig#registerClasses.
Is there a way to query the Config for all Paths?
Update2: I want to have something like
GET /rest/mycontroller/info
POST /res/mycontroller/update
...
In my opinion, you are already using the right tool (actuator) to answer to your request.
Actuator gives you all the rest method running and you can configure it on your own, by disabling/enabling specific endpoints
If you have a look on the documentationprobably it can help you.
In any case, the default configuration of actuator display the endpoints (built-in in Intellij for your development).
I'm pretty much new to spring cloud gateway. I have configured routing with two different apps with 'path'. Now, I need some help/docs on
1. How to route to different instance of an app from spring cloud gateway?
2. How to enable sticky session?
My apps are not using spring boot/eureka. I do see that I can use lb://service-name if i'm using any discovery client (unfortunately that is not my case).
Thanks in advance.
IMHO:
How to route to different instance of an app from spring cloud gateway?
Routing to different instances is the basic job of what spring cloud gateway is doing. Spring cloud gateway implements the pattern named client side routing along with the ease of service discovery. So if you are not using any discovery server or your apps are not registered with any discovery server, you loose the dynamic discovery and routing feature, BUT still you can specify your server list (refer to Netflix Ribbon). Until then you can think about your routing strategy.
How to enable sticky session?
I suppose that's one requirement of your routing strategy - implement sticky session because you are not using shared session store. According to my limited knowledge of spring cloud gateway, sticky seems not being supported out of box. But it could be customized with a Filter, see shipped LoadBalancerClientFilter for reference.
Good luck!
I have a simple Zuul app that has a single route in the application.yml to route to my microservice. It's working.
However, what I'm looking for is a more dynamic solution where I can wire up routes dynamically, either through code or perhaps by POSTing to some Zuul endpoints during a build (possibly by using springfox and a swagger definition from microservices). I could not find an API for Zuul.
I'm somewhat aware of Eureka and that seems like a solution to abstract away the routing by doing discovery. However, I'm curious if there's a solution without introducing Eureka. If there's a way to wire up these routes in Zuul during a build vs. having to edit the application.yml every time.
Thanks in advance.
If you go for Eureka this will actually work ootb. Zuul as packaged in spring cloud will automatically expose every service using its name. So if you register a service called users in Eureka, Zuul will automatically create a route /users forwarding to the instances by default. That will only allow simple url structures but should solve your problem.
Please see the official documentation for details:
By convention, a service with the ID "users", will receive requests from the proxy located at /users (with the prefix stripped). The proxy uses Ribbon to locate an instance to forward to via discovery, and all requests are executed in a hystrix command, …
I'm actually editing a blog post about this exact topic (Routing and Filtering using Spring Cloud Zuul Server) but the source code has been available and working for some time now. Feel free to use it as a reference:
https://bitbucket.org/asimio/zuulserver
https://bitbucket.org/asimio/discoveryserver (in case routes are configured with serviceIds)
https://bitbucket.org/asimio/demo-config-properties/src (Zuul-Server-refreshable.yml where routes are dynamically updated).
Look at the refreshable Spring profile settings. This Zuul setup works with both, hard-coding routes url or discovered using Eureka.
It also acting as a Spring Cloud Config client so that routes could be dynamically updated via Git, which is also covered in another blog post: Refreshable Configuration using Spring Cloud Config Server, Spring Cloud Bus, RabbitMQ and Git.
I have spring web application (not spring boot) running in AWS. I am trying to create centralized configuration server. How to refresh the spring-cloud-client after the changing the properties? As per tutorial
Actuator endpoint by sending an empty HTTP POST to the client’s refresh endpoint, http://localhost:8080/refresh, and then confirm it worked by reviewing the http://localhost:8080/message endpoint.
But my aws Ec2 instances are behind the loadbalancer so i can't invoke the client url. I didn't understand the netflix Eureka and Ribbon much but it seems like adding another level of load balancer in the client side. I don't like this approach. Just to change a property i don't want to make the existing project unnecessarily complex. Is there any other way? or Am I misunderstood Eureka/Ribbon usage?
I have looked at the spring-cloud-config-client-without-spring-boot, spring-cloud-config-client-without-auto-configuration none of them have answer. First thread was answered in 2015. Wondering is there any update?
To get the configuration properties from a config server. You can do a http request. Example:
From the documentation we can see:
/{application}/{profile}[/{label}]
/{application}-{profile}.yml <- example
/{label}/{application}-{profile}.yml
/{application}-{profile}.properties
/{label}/{application}-{profile}.properties
So if you would do a request to http://localhost:8080/applicationName-activeProfile.yml you would receive the properties in .yml format for the application with that name and active profile. Spring boot config clients would automatically provide these values but you will have to provide em manually.
You don't need Eureka/Ribbon for this to work, it's a separate component.
More info: http://cloud.spring.io/spring-cloud-static/spring-cloud.html#_spring_cloud_config
Maybe you could even use spring-cloud-config but I'm not sure what extra configuration is needed without spring-boot.
https://cloud.spring.io/spring-cloud-config/