I'm trying to create cert based client authentication using spring 5, without spring boot. Is there a good tutorial on how to do it? (For example: how to specify a truststore, etc...).
I've ended up not using spring security, because I did not need many things it provides, and instead used a simple filter, that checks the data of the used certificate (I also configured the application server used, to allow that certificate).
I get that Feign is declarative and hence it abstracts out a lot of things for the developer. But, when should one choose one over the other? Though feign is declarative, it has serious problems with oAuth. What are some of the considerations in using RestTemplate over Feign
Feign allows you to abstract the mechanics of calling a REST service. Once you configure and annotate the Feign interface, you can call a REST service by making a simple Java function call. The actual implementation of making a REST call is handled at runtime by Feign. This means that the implementation can be configured without changing your business logic code.
By just changing the Feign configuration in Java or using properties you can add encoding/decoding, logging, and change the REST call implementation library. All this is done through configuration only, while the business logic that calls the service remains unchanged.
Since Feign uses standard Java interfaces, it's also easy to mock them during unit tests.
There are certain advantages.
1.URLs are not hardcoded.
2.you don't have to write unit test cases for feign as there is no code to test however you have to write integration tests.
3.we can use Eureka Client ID instead of the URL.
4.Feign handled the actual code.
5.Feign integrates with Ribbon and Eureka Automatically.
6.Feign provides a very easy way to call RESTful services.
One of the advantages of using Feign over RestTemplate is that, we do not need to write any implementation to call the other services. So there is no
need to write any unit test as there is no code to test in the first place. However, it is advised that we write Integration tests.
Using Feign-clients over rest-templates has number of advantages. I will list down those below.
The developer need not worry about the implementation. Just to create abstract Feign interface and few annotations - declarative
principle. (If you want customized configuration, then it will hold
some code)
With Spring Cloud Eureka, Ribbon client-side load-balancer will be equipped with Feign client.
No need to worry about the unit test, because there is no implementation from you to test. (Arguable)
Supports Feign annotations and JAX-RS annotations.
Highly compatible and easily configurable with Spring Cloud (Specially with Eureka server registry)
Allows Feign client configuration via #Configuration class or application properties.
Allows us to add interceptors. (Add interceptors via #Configuration or application properties. Alternatively can use
Spring Cloud provided interceptors as well. Example -
BasicAuthRequestInterceptor)
Hystrix support for fall-back mechanism.
Logging
Error handling
Feign is a good choice, If you are fascinated with JPA and the way how it resolves your queries, then Feign is the tool for you. Feign will handle your server requests perfectly fine.
RestTemplate is used for making the synchronous call. When using RestTemplate, the URL parameter is constructed programmatically, and data is sent across to the other service. In more complex scenarios, we will have to get to the details of the HTTP APIs provided by RestTemplate or even to APIs at a much lower level.
Feign is a Spring Cloud Netflix library for providing a higher level of abstraction over REST-based service calls. Spring Cloud Feign works on a declarative principle. When using Feign, we write declarative REST service interfaces at the client, and use those interfaces to program the client. The developer need not worry about the implementation ...
Advantages of using Feign over RestTemplate:
Declarative approach: Feign provides a more declarative approach to define and use REST API clients, which can make the code more readable and easier to maintain.
Integrated with Eureka: Feign is integrated with Netflix Eureka for service discovery, making it easier to build and consume APIs in a microservices architecture.
Better error handling: Feign provides better error handling, including support for custom error handling and retries.
Support for multiple encodings: Feign supports multiple encoding types, including JSON, XML, and form data, while RestTemplate only supports JSON and XML.
Disadvantages of using Feign over RestTemplate:
Limited flexibility: Feign provides a more opinionated approach to defining and using REST API clients, which may limit flexibility in certain situations.
Limited control over HTTP request and response: Feign abstracts away some of the low-level details of the HTTP request and response, which can make it harder to control and customize these details if needed.
Lack of official support: Feign is not an officially supported library from Spring, which may be a consideration for some developers or organizations.
Everything I found on the internet about Spring Cloud Netflix is about running microservices from Boot applications using #EnableEurekaClients and so on.
Now I'm trying to connect my logging microservice within a traditional war application (springmvc, jaxws etc) - piece of legacy which can not be converted to Boot or modified in any way (by technical task).
I've created a new maven module "log-server-client" that knows nothing about upper web layer and intended to be used as a simple dependency in any maven project.
How should I configure access to Spring Cloud Netflix for this simple dependency? At least, how to configure Eureka and Ribbon?
I just extracted some lines of code from RestTemplate and created my custom JmsTemplate (microservice works with jms remoting with apache camel and activemq), exactly how it is done in RestTemplate, but this code stil lacks connection to infrastructure
afaik, we can create a global singleton bean, run a separate thread from this bean, and run Boot app from this thread, but don't you think that it is very ugly and can lead to problems? How it really should be used?
Great question!
One approach is to use a "sidecar". This seems to be a companion Spring Boot application that registers with the Eureka Server on behalf of your traditional web app.
See e.g.:
http://www.java-allandsundry.com/2015/09/spring-cloud-sidecar.html
http://cloud.spring.io/spring-cloud-netflix/spring-cloud-netflix.html#_polyglot_support_with_sidecar
Another approach is to use the following library:
"A small lib to allow registration of legacy applications in Eureka service discovery."
https://github.com/sawano/eureka-legacy-registrar
This library can be used outside of Spring Boot.
Based on an answer from #andy-wilkinson to a past Spring Boot question, it appears that with the exception of a couple parameters (port for example), the management server leverages the same configuration as the regular servlet container.
I would like to configure the main Spring Boot server to use HTTPS (for the application/service it is serving) and to use just HTTP for the actuator endpoints. Has anyone done this? Is this even possible?
-Joshua
It's not possible at the moment. Please open an issue if it's an enhancement that you'd like to see.
I have some REST services created using Jersey which use SPENGO for authentication. I am creating acceptance tests using the Jersey client. I am wondering how to use the Jersey client to set the SPENGO headers. I looked into filters but don't really understand it. If somebody could supply a code example, it would be much appreciated.