Is it possible in spring-boot application to create single management port/url of many application.
eg. in single instance we can do like below given property.
management.server.port=89090
We can implement it by creating management server of spirng-boot application for more details click on https://www.baeldung.com/spring-boot-admin
Related
Is there a way I can define the port for the management URLs (not the management.server.port) so that spring boot admin can identify the actuator URLs from the spring boot app for monitoring?
I'm running the spring boot app in a docker container and it's externally exposed on a different port using the Kubernetes NodePort.
If you are using service discovery for application lookup you could define the exposed management port in instance metadata. This metadata is used to build up the management URL.
More details documented here:
http://codecentric.github.io/spring-boot-admin/current/#spring-cloud-discovery-support
Handling is done in de.codecentric.boot.admin.server.cloud.discovery.DefaultServiceInstanceConverter
Example for Eureka:
eureka.instance.metadata-map.management.port=[K8S-EXPOSED-PORT]
If you are using Service Discovery, take a look into DefaultServiceInstanceConverter, try specifying the management.port property.
If you are not using Service Discovery, then take a look into de.codecentric.boot.admin.server.domain.values.Registration, you might need to use the builder apis to register your application correctly (try to set managementUrl properly). Note, you will need to do this in your client application (the one which is being monitored).
I'm currently trying to make a Spring Boot app. I've managed to create successfully user authentication using LDAP and custom logic.
However, I'm trying to add another layer of security on top of that, something like "htaccess" to prevent unauthorized users from even seeing the web page (client requirement), as well as stop Google from indexing the page. This can be a single predefined user (doesn't need to be connected to ldap auth).
I've read about configuring the tomcat realm, tomcat-users etc. but since it's Spring Boot app with embedded tomcat, I can't find a place to successfully configure it.
Does anyone have any idea how to create such setup?
I'm splitting up a monolith web service into several microservices using spring boot. To reduce duplicated code I extracted shared parts in a maven module that is used in the different microservices.
The monolith application had a healthcheck page that showed various information about the state of the service and some debbuging infos. It is implemented with Spring MVC and jsp.
I'd like to use this view in each of the microservices. Whats the best way to do this without duplicating the view/controller?
I was thinking of adding a web module to the shared maven project that contains the controller, view, spring mvc settings,...
But I'm not sure if it is good to have two web modules in one microservice.
Have you considered using spring boot actuator to retrieve health (and more) application information?
http://docs.spring.io/spring-boot/docs/current/reference/htmlsingle/#production-ready
You could then have another microservice that retrieves that information from each of your services, or just simply check it on then hitting the different endpoints (/health, /env, etc.).
UPDATE:
If you have you custom health logic you can even implement your own actuator endpoint for it. Furthermore, you can create your own library to reuse it in all your microservices:
http://docs.spring.io/spring-boot/docs/current/reference/htmlsingle/#production-ready-customizing-endpoints-programmatically
46.4 Adding custom endpoints
If you add a #Bean of type Endpoint then it will automatically be exposed over JMX and HTTP (if there is an
server available). An HTTP endpoints can be customized further by
creating a bean of type MvcEndpoint. Your MvcEndpoint is not a
#Controller but it can use #RequestMapping (and #Managed*) to expose
resources.
[Tip]
If you are doing this as a library feature consider adding a
configuration class annotated with #ManagementContextConfiguration to
/META-INF/spring.factories under the key
org.springframework.boot.actuate.autoconfigure.ManagementContextConfiguration.
If you do that then the endpoint will move to a child context with all
the other MVC endpoints if your users ask for a separate management
port or address. A configuration declared this way can be a
WebConfigurerAdapter if it wants to add static resources (for
instance) to the management endpoints.
I need to have web application which actually consist from few separate wars unified into same navigration bar on UI, i need to have all system secured but have authentication only to main web application and after automatic propagation of this security context to sub web applications. I'm using spring security, could someone help me with advice? thanks
This can be achieved by following approach. In Spring, SecurityContext by default is stored in HttpSession. Instead you can configure it to store in some shared repository.
So, configuration should be changed to use your own SecurityContextRepository implementation instead of HttpSessionSecurityContextRepository. Once configured, the security framework will look at the Repository which is available to all your web applications.
The Repository can be either a database or a cached server.
Spring Security stores the login data in the http session. So what I would try is to share the session between the applications.
It seams that this is possible (in Tomcat) by using the Single Sing On attribute.
But be warned, sharing the session between two applications is not without danger. See this Stack Overflow question.
I am new to Spring Security and am mulling over the idea of using it or not in my application.
The requirement is as follows :
In my web application i store a session information inside the database,a key for this is stored in a cookie
2.Now whenever someone tries to access a url which is not according to the flow i want to deny access.
3.Can i use Spring Security for this.
I am using Spring MVC,Mongo DB and MySQL as the develeoment environment.
Regards,
Abhishek
If you're trying to simply control the flow of an application, I'd suggest using Spring Webflow. This allows you to define set flows in a multi-page application.
Spring Security can be used to control flows, but only for access control. It integrates well with Webflow (and with Spring MVC) to ensure you can secure some or all of your flows.