I'm trying to build a system with an gateway server (Zuul), and UAA server (Spring OAuth2)
There's lots of examples but they are all used with Spring Boot 1 (1.5.X?). When I tried to migrate to Spring Boot 2, lots of things got moved or removed (in the auto-configure package).
My current understanding is that the gateway server will acts as an oauth2 client with sso. Hope someone can point me to the right direction.
Thanks.
Related
I want to use Spring Cloud Gateway with SAML. Is this possible?
It seems that the Saml extension for spring security is based on the old Spring Stack and won't work with Gateway.
Has anybody got any experience on this?
I'm afraid SAML is not supported as of time of writing. Spring Cloud Gateway has been redeveloped using Reactive programming and is now based on Spring WebFlux. Only the following authentication methods are currently supported :
OAuth 2.0 or OpenID Connect 1.0
x509 authentication
This is stated on SCG page:
Spring Cloud Gateway is built on Spring Boot 2.x, Spring WebFlux, and
Project Reactor. As a consequence, many of the familiar synchronous
libraries (Spring Data and Spring Security, for example) and patterns
you know may not apply when you use Spring Cloud Gateway. If you are
unfamiliar with these projects, we suggest you begin by reading their
documentation to familiarize yourself with some of the new concepts
before working with Spring Cloud Gateway.
The previous gateway spring-cloud-netflix-zuul, based on Servlets and which supported SAML, has been removed from Spring Cloud 2020.
Here is an open issue on GitHub, SAML2 for reactive environment, where we can vote for asking for this to be implemented.
We have a springboot application which is currently having gateway as Zuul 1. Our application is running in Springboot 2.0.0.M2. We are trying to upgrade our Zuul gateway to Zuul 2. We created a springboot application with Zuul 2 dependency and added webflux dependency to get Netty server. The server starts fine, but we are still unclear that how the springboot application will understand that this is a gateway and filters needs to be executed. Although we have created Routes filter, but the same is not getting invoked.
Thanks in advance,
Ron
if you go through the video "https://www.youtube.com/watch?v=9wocKqF15B8" at 18:00 from spring developers. They clearly stated that zuul2 is not going to be supported by the spring ecosystem. Also, the replacement of zuul2 (non-blocking calls) is a spring cloud gateway which is also non-blocking calls.
There are no much resources on this topic so thought to post it. Also I myself am trying to understand the different. Previously we just had only spring-boot application. So can anybody explain the difference.
Spring boot admin is nice monitoring dashboard for spring boot application. To feed data to this dashboard spring boot admin provide two approaches:
1) Using client library: client libary will send data to spring boot admin dashboard.
2) Use service discovery (eureka)
We have many microservices running using spring boot and we have secured them using Spring oauth2 (AuthorizationServer and Resource server microservices). However for one of the microservices which are using vertx as its throughput is much more than spring reactive web.I now need vertx end points to be secured using oauth2(configuring it as resource server), but it doesn't work since vertx starts its own server. So I configured OAuth2AuthHandler of vertx with authorization path and token path with little luck. I appreciate if someone can give insights on wiring spring oauth2 with vertx.
I have a running Spring based Apache CXF web service. I want to use Spring Security Oauth2 to secure the existing service. I have done this for SpringREST service but i am not able to find any help for securing CXF with Spring security Oauth2. Can some one please help me.