How to configure ssl between spring boot application and cassandra using CassandraAutoConfiguration? - spring-boot

I am trying to connect to Cassandra from my Spring boot application using spring-boot-data-cassandra.I have two doubts.
1) Is it recommended to use the CassandraAutoConfiguration i.e. by providing all Cassandra configurations in application.properties with prefix(spring.data.cassandra.*) so that my app will create a cluster for me or do I need to manually create cluster bean, because in CassandraAutoConfiguration cluster bean is annotated with #ConditionalOnMissingBeanso which one is more preferred to use spring cassandra auto configuration or manually creating a cluster bean.
2) My cluster is enabled with ssl at Cassandra side. So when I am auto configuring Cassandra connections with ssl enabled (by setting spring.data.cassandra.ssl=true) then Default SSL context is created for me, but i need to provide my truststore path and truststore password to initialize SSLContext. There is no properties provided at data-cassandra like the one provided for kafka(spring.kafka.ssl.truststore-location= # Location of the trust store file.
spring.kafka.ssl.truststore-password= # Store password for the trust store file.), so is there any way to provide truststore file location and password to AutoConfigure my Cassandra configuration or to override default SSLContext created.
Please help me and correct me if my understanding is wrong. Thanks.
Updates:
https://github.com/spring-projects/spring-boot/issues/8476

Using Spring Boot's Auto-Configuration is the preferred approach but Boot goes out of your way if you need to apply a more specific configuration. Most conditional beans are created if there's no other provided #Bean.
If you provide Cluster yourself, then Spring Boot's Auto-Configuration will not provide a second Cluster bean.
The preferred approach since Spring Boot 1.5, if you need a more specific configuration, is providing a ClusterBuilderCustomizer bean that gets called to customize Cluster.Builder to your needs.
You might also want to file an issue in Spring Boot's issue tracker. Specific SSL configuration is a common configuration use-case.

Related

Spring data neo4j setup

How do you setup spring data neo4j username password with #Bean annotations? Do you use the ogm configuration class? Most sites say to just use standard spring properties in application.properties, however this is doesn’t allow for proper encryption mechanisms. It’s been challenging to find a good tutorial which has the #Bean configuration for spring data neo4j.
I am wondering if I need to set up session factory and entity manager as well in #Bean configurations or does spring data neo4j take care of that?

Spring boot LDAP auto configuration - anonymous access

If the ldap server allows anonymous access, how do I configure the following properties.
spring.ldap.username
spring.ldap.password
If I leave out these properties, I am getting null pointer exception as internally hashtable is used.
I run in the same problem with a transient dependency of Spring ldap security from another project and Spring boot 2.1 and Spring boot admin. My LDAP is not configured (with Spring boot) and a Spring boot admin console initiates a health check. Because of Spring boot auto-configuration a LDAP health check bean is enabled and then the check runs into a NullPointerException.
For this case I excluded the LdapHealthIndicatorAutoConfiguration.class via #SpringBootApplication.
For your problem your maybe need more excludes. Please refer https://docs.spring.io/spring-boot/docs/current/reference/html/auto-configuration-classes.html for existing auto configuration classes. Search for LDAP and try to exclude the found classes in your application.
I'm pretty sure this is a bug in Spring LDAP security, because an anonymous LDAP configuration (no user and password) was intended to work.
I think, this should able to use. Just don't provider membership detail.

Spring boot application having second datasource failing caching

The presence of a second datasource in a spring boot application is failing caching with the exception:
java.lang.IllegalArgumentException: Cannot find cache named 'entity-name' for CacheEvictOperation
With one datasource it's working.
Both the datasource is auto-configured by spring boot.
Datasource one using mysql, declared as primary
Datasource two using mongodb
Is this a known case? Do I need to explicitly configure entity and transaction managers?
Spring Boot does not support auto-configuring more than one datasources for general purposes so you may want to revisit your configuration (or the description).
Yes, you need to configure the entity manager and transaction managers explicitly when you need to use more than one datasource.
Hopefully, this sample shows you how to do it.

Spring-boot Actuator SSL configuration

I'm developing a webapplication with Spring-boot using embedded tomcat.
One of the requirements of this app is 2-way SSL (clientAuth).
Enabling ClientAuth is easy enough however we also like to use spring-boot Actuator for management of the app on a different port without clientAuth.
Is there is a clean way to do this?
(Disabling SSL on the actuator endpoints would also be enough)
According to latest spring docs, you can use
management.server.port=8080
management.server.ssl.enabled=false
in the properties to configure the management ports. see production-ready-management-specific-ssl in the spring boot doc for more options.

Enable Hazelcast SPI object via spring

I am working on some new custom distributed objects to run in Hazelcast SPI.
As can be seen in : http://docs.hazelcast.org/docs/latest/manual/html/spiaddproperties.html you can enable via the Hazelcast xml config, or of course, you can enable programmatically.
It appears that the spring hazelcast xml schema does not support SPI creation, and I would like to create/enable and inject spring beans as properties to the new service.
Can anyone advise if this is possible? I want to utilize spring to instantiate the hazelcast instance as this is the most robust way I've found to do so in a large application.
I think it is supported.
You can find an example here: https://github.com/hazelcast/hazelcast/blob/master/hazelcast-spring/src/test/resources/com/hazelcast/spring/fullcacheconfig-applicationContext-hazelcast.xml#L309

Resources