I am trying to print the IP address of the requester of my web service.
I am a beginner with spring-boot, and I am not sure which class to import or variable to use to print the caller IP and port number.
This is my controller class :
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;//added
import org.springframework.web.bind.annotation.RequestParam;//added
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RestController;
import java.sql.*;
//Controller
#RestController
public class MyController {
#GetMapping(path = "/print-caller-address")
public String CallerAddress() {
return "Caller IP or Port Number";
}
}
I am using spring-boot-starter-web and spring-boot-starter-data-jpa as dependencies.
Many thanks.
Try this:
#RestController
public class MyController {
#GetMapping(path = "/print-caller-address")
public String getCallerAddress(HttpServletRequest request) {
return request.getRemoteAddr();
}
}
https://docs.oracle.com/javaee/6/api/javax/servlet/ServletRequest.html#getRemoteAddr()
Returns the Internet Protocol (IP) address of the client or last proxy
that sent the request.
If the request has gone through a proxy before hitting your REST server then you would need to look at the headers. The proxy will typically set a header idientifyign the originating IP, address as detailed below:
https://en.wikipedia.org/wiki/X-Forwarded-For
so you can use request.getHeader("X-Forwarded-For") to get the originating IP address. To catch all scenarios:
#RestController
public class MyController {
#GetMapping(path = "/print-caller-address")
public String getCallerAddress(HttpServletRequest request) {
if(request.getHeader("X-Forwarded-For") != null){
return request.getHeader("X-Forwarded-For")
}else{
return request.getRemoteAddr();
}
}
}
The solution is
#GetMapping(path = "/print-caller-address")
public String CallerAddress(HttpServletRequest request) {
return request.getRemoteAddr();
}
Add HttpServletRequest request to your method definition and then use the Servlet API
Spring Documentation here said in
15.3.2.3 Supported handler method arguments and return types
Handler methods that are annotated with #RequestMapping can have very flexible signatures.
Most of them can be used in arbitrary order (see below for more details).
Request or response objects (Servlet API). Choose any specific request or response type,
for example ServletRequest or HttpServletRequest
Related
I am new at loadBalancing so please I need help and thats what i did :
i built 2 services as 2 apps (A,B) I used spring security on both of them
(both of them are restfull api , they have theymleaf and full frontEnd pages ),
then i had made another app as spring cloud loadbalancer .
when i send a request , it go from loadbalancer app to one of the 2 services but the problem is when iam not authenticated the response will be empty , it wont take me to the default login page as usual as when i use the normal A app directly , and when i go to pages that does not need to be authenticated to get to it , it is returned without my css/js styles
this is my A app controller ( it is returning view not json )
package com.hariri_stocks.controllers;
import java.util.ArrayList;
import java.util.List;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;
import com.hariri_stocks.models.Estates;
import com.hariri_stocks.models.SoldEstates;
import com.hariri_stocks.models.Users;
import com.hariri_stocks.services.estatesService;
#Controller
public class LoginController {
#Autowired
estatesService ES;
#GetMapping(value = "/")
public String login() {
return "/signIn-up.html";
}
#GetMapping(value = "/dashboard")
public String dashboard(Model model ,#RequestParam(required = false) String add_result
,#RequestParam(required = false) String alert_err) {
List<Estates> estates = ES.findAll();
model.addAttribute("estates",estates);
return "/dashboard";
}
#GetMapping(value = "/dashboard/unSold")
public String unselled_stocks(Model model) {
List<Estates> estates = ES.findUnsold();
if(estates.size() > 0)
model.addAttribute("estates",estates);
else
model.addAttribute("error","there is no sold estates yet !!");
return "/dashboard";
}
#Value(value = "${server.port}")
String port_num;
#GetMapping("/port")
public String hello() {
return port_num;
}
}
and this is my loadbalancer controller iam using #restcontroller
package com.hariri_loadbalancer;
import reactor.core.publisher.Mono;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.client.loadbalancer.reactive.ReactorLoadBalancerExchangeFilterFunction;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.reactive.function.client.WebClient;
#SpringBootApplication
#RestController
public class UserApplication {
private final WebClient.Builder loadBalancedWebClientBuilder;
private final ReactorLoadBalancerExchangeFilterFunction lbFunction;
public UserApplication(WebClient.Builder webClientBuilder,
ReactorLoadBalancerExchangeFilterFunction lbFunction) {
this.loadBalancedWebClientBuilder = webClientBuilder;
this.lbFunction = lbFunction;
}
public static void main(String[] args) {
SpringApplication.run(UserApplication.class, args);
}
#RequestMapping("/port")
public Mono<String> showMePort() {
return loadBalancedWebClientBuilder.build().get().uri("http://hariri/port")
.retrieve().bodyToMono(String.class);
}
#RequestMapping("/")
public Mono<String> showMainPage() {
return loadBalancedWebClientBuilder.build().get().uri("http://hariri/")
.retrieve().bodyToMono(String.class);
}
}
So what should I do? I feel that what I am doing is stupid,
should I move all my Thymleaf pages to the loadbalancer maybe , so that the a app return what it want to return with #restController then the loadbalancer use #controller to get to the styling front pages or there is a way , and for the security , should i implement the spring security with the loadbalancer instead of the A,B apps
.........................
8080 is loadBalancer port
9091 is A app port
so it seams that when A is returning the html page , the html is searching for the css at the loadbalancer machin at 8080 , while they are existing at A app on 9091
bodyToMono decodes the body but you are not handling headers.
On spring security there is very likely a redirection to the login page ... so it wont work if you only attend to the body. This might be also affecting styles somehow.
Check something like this:
How to extract response header & status code from Spring 5 WebClient ClientResponse
I wanted to understand where is best location to read headers and use them inside my IntegrationFlow layer.
ServiceController.java
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
#RestController
#RequestMapping("/api/v1/integration")
public class ServiceController {
#Autowired
private ServiceGateway gateway;
#GetMapping(value = "info")
public String info() {
return gateway.info();
}
}
ServiceGateway.java
import org.springframework.integration.annotation.Gateway;
import org.springframework.integration.annotation.MessagingGateway;
#MessagingGateway
public interface ServiceGateway {
#Gateway(requestChannel = "integration.info.gateway.channel")
public String info();
}
ServiceConfig.java
import java.net.URISyntaxException;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.integration.annotation.IntegrationComponentScan;
import org.springframework.integration.config.EnableIntegration;
import org.springframework.integration.dsl.IntegrationFlow;
import org.springframework.integration.dsl.IntegrationFlows;
import org.springframework.integration.http.dsl.Http;
import org.springframework.messaging.MessageHeaders;
#Configuration
#EnableIntegration
#IntegrationComponentScan
public class ServiceConfig {
#Bean
public IntegrationFlow info() throws URISyntaxException {
String uri = "http://localhost:8081/hellos/simpler";
return IntegrationFlows.from("integration.info.gateway.channel")
.handle(Http.outboundGateway(uri).httpMethod(HttpMethod.POST).expectedResponseType(String.class)).get();
}
}
From Consumer I am receiving some Header meta data. I want to know in above flow whether it is good idea from following approaches:
Read headers in Controller and then pass through into my IntegrationFlow: For this I am not aware how to pass through.
Is there best or any way exist to read request headers into IntegrationFlow layer?
For this second approach I have tried below code but runtime I am getting error as channel is one way and hence stopping the flow.
return IntegrationFlows.from("integration.info.gateway.channel").handle((request) -> {
MessageHeaders headers = request.getHeaders();
System.out.println("-----------" + headers);
}).handle(Http.outboundGateway(uri).httpMethod(HttpMethod.POST).expectedResponseType(String.class)).get();
My problem is how to send request parameters from incoming call to carry those internally invoking another rest call. Here I wanted to transform the data from request headers and construct into new json body and then send this to http://localhost:8081/hellos/simpler URL.
The flow:
I am trying to construct this RequestBody before sending to internal REST POST call:
A gateway method with no paylaod is for receiving data, not requesting it.
https://docs.spring.io/spring-integration/docs/current/reference/html/messaging-endpoints.html#gateway-calling-no-argument-methods
Add a #Header annotated parameter to the gateway.
https://docs.spring.io/spring-integration/docs/current/reference/html/messaging-endpoints.html#gateway-configuration-annotations
#MessagingGateway
public interface ServiceGateway {
#Gateway(requestChannel = "integration.info.gateway.channel")
public String info("", #Header("x-api") String xApi);
}
This will send a message with an empty string as the payload with the header set.
I have a BE service A which is sending Rest JSON message to microservice B using Feign client:
#FeignClient(name = "mail-service")
#LoadBalancerClient(name = "mail-service", configuration = LoadBalancerConfiguration.class)
public interface EmailClient {
#RequestMapping(method = RequestMethod.POST, value = "/engine/emails/register")
void setUserRegistration(CreateUserDTO createUserDTO);
}
Endpoint:
#RestController
#RequestMapping("/emails")
public class EmailController {
#RequestMapping(method = RequestMethod.POST, value = "/register", consumes = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<?> register(#Valid #RequestBody CreateUserDTO createUserDTO) {
emailRestService.processCreateUserMessage(createUserDTO);
// Implementation of service to send mail to AWS SES
return new ResponseEntity<>(HttpStatus.OK);
}
}
Rest Endpoint is sending mail to AWS Ses mail or other mail provider.
The issue is that the fist call from Feign can take 5 seconds and more. I need to make it Async in order FE client not to wait for the mail to be send.
How I can make the Rest call made from Feign Async to there is no wait time for the http response OK to be expected? Is there some better solution to implement this?
AFAIK, Feign does not allow for non-blocking IO, it is a work in progress.
But you can implement your EmailRestService async. Consider the following code (I do no know if processCreateUserMessage is responsible for sending the email as well, but the solution proposed should be extensible to that functionally if necessary):
import org.springframework.scheduling.annotation.Async;
import org.springframework.stereotype.Service;
//...
#Service
public class EmailRestServiceImpl implements EmailRestService {
//...
#Async
public void processCreateUserMessage(CreateUserDTO createUserDTO) {
// Implementation of service to send mail to AWS SES
// ...
}
}
Please, note the #Async annotation definition.
To enable Spring asynchronous processing, you need to define the #EnableAsync annotation, in your main configuration or in a specific one:
import org.springframework.context.annotation.Configuration;
import org.springframework.scheduling.annotation.EnableAsync;
#Configuration
#EnableAsync
public class AsyncConfiguration {
}
There is no need to change your Controller, although you can return a more convenient HTTP status code if you prefer to:
#RestController
#RequestMapping("/emails")
public class EmailController {
#RequestMapping(method = RequestMethod.POST, value = "/register", consumes = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<?> register(#Valid #RequestBody CreateUserDTO createUserDTO) {
// Will be executed asynchronously and return immediately
emailRestService.processCreateUserMessage(createUserDTO);
return new ResponseEntity<>(HttpStatus.ACCEPTED);
}
}
I build a Rest Api using SpringBoot and the authentication I implemented using Firebase.
My problem right now is that I want to have control of the client applications that will access my application. The problem of using SpringSecurity is that as far as I know I have to do the authentication for it and I just want to "allow the client application."
Does anyone have any idea how to do?
Provide a unique key to your client. Which your microservice recognises and authenticates any request based on that key. This can be also given as a request parameter.
let say you add your key into a parameter called my-key, now before working on your logic inside you spring-boot app validate your key. like this -
your Rest Controller would look like this-
#RestController
class MyRest{
private static final String KEY = "someValue";
#RequestMapping("/some-mapping")
public #ResponseBody myMethod(#RequestParam(value="my-key", required=true) String key){
if(!validateRequest(key)){
//return error as response
}
System.out.println("Key Validation Successful!");
//here goes your logic
}
private boolean validateRequest(String key){
return key.equals(KEY);
}
}
in order to access this rest use - http://your-host:port/some-mapping?my-key=someValue
If you want to allow some of the clients to bypass the authentication, have a list of whitelisted IP addresses and check the IP of each incoming request. if the IP is in the list of whitelisted APIs, no need to authenticate.
Use HttpServletRequest.getRemoteAddr() to get the IP address.
Solution 1
Custom interceptor MyHandlerInterceptor.java:
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
public class MyHandlerInterceptor implements HandlerInterceptor {
private static final String YOUR_KEY = "KEY_VALUE";
#Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws IOException {
String key = request.getHeader("X-Key");
boolean isValid = YOUR_KEY.equals(key);
if (!isValid) {
//invalid key
response.setStatus(401);
PrintWriter writer = response.getWriter();
writer.write("invalid key");
}
return isValid;
}
#Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) {
}
}
Configure interceptor WebConfig.java:
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
#Configuration
public class WebConfig implements WebMvcConfigurer {
#Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(new MyHandlerInterceptor());
}
}
Following my question here, I have succeded in creating a custom REST controller to handle different kinds of requests to /api/urls and operate accordingly.
However, there is still a default controller handling requests at /urls which affects my application: When receiving a request that is not /api/something, it should fetch my database for the URL linked to said /whatever and redirect the user there. Moreover, under /api/urls I've developed certain validation rules to ensure integrity and optimization of the requests, which does not jhappen in /urls so anyone could insert any kind of data into my database.
What would be a possible way to disable this default handler? Seeing the logs I headed to register my own ServletRegistrationBean as instructed here but this is for having two isolated environments as far as I understand
My goal is to simply "disconnect" /urls URL from the default REST controller -which is no longer of any use to me now that I have my own one- and just use the custom one that I implemented in /api/urls (Or whatever other URL I may decide to use such as "/service/shortener* if possible)
Below are my Java classes:
Url.java (getters and setters omitted for brevity):
#Document
public class Url {
#Id private String id;
private String longURL;
private String hash;
private String originalUrl;
private String shortUri;
private Date creationDate;
}
UrlRepository.java
import org.springframework.data.mongodb.repository.MongoRepository;
public interface UrlRepository extends MongoRepository<Url, String> {
// Empty
}
UrlController.java:
import java.util.List;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;
#RestController
#RequestMapping("/api/urls")
public class UrlController {
#Autowired
private UrlRepository repo;
#RequestMapping(method=RequestMethod.GET)
public List<Url> getAll() {
System.out.println("Showing all stored links");
List<Url> results = repo.findAll();
return results;
}
#RequestMapping(method=RequestMethod.GET, value="{id}")
public Url getUrl(#PathVariable String id) {
System.out.println("Looking for URL " + id);
return null;
}
#RequestMapping(method=RequestMethod.POST)
public Url create(#RequestBody Url url) {
System.out.println("Received POST " + url);
return null;
}
#RequestMapping(method=RequestMethod.DELETE, value="{id}")
public void delete(#PathVariable String id) {
//TBD
}
#RequestMapping(method=RequestMethod.PUT, value="{id}")
public Url update(#PathVariable String id, #RequestBody Url url) {
//TBD
}
}
Application.java:
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
#SpringBootApplication
public class Application {
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}
}
Instead of trying to hack your way around Spring Boot and Spring Data REST I strongly suggest to work WITH the frameworks instead of around them.
To change the default context-path from / to /api simply add a property to your application.properties file.
server.context-path=/api
Now you would need to change your controller mapping to /urls instead of /api/urls.
If you only want /api for Spring Data REST endpoints use the following property
spring.data.rest.base-uri=/api
This will make all Spring Data REST endpoints available under /api. You want to override the /urls so instead of using #Controller use #RepositoryRestController this will make your controller override the one registered by default.
#RepositoryRestController
#RequestMapping("/urls")
public class UrlController { ... }