I am planning to use the hystrix command to publish a message to rabbitmq. If the publish fails for whatever reason, i want to fallback on a webservice call. Now i also want this webservice call to be protected by hystrix. If this call also fails, i want to log the exception and abort. I am using spring boot with hystrix annotations. My understanding is that hystrix command cannot be applied on fallback method. Instead we have to create a new spring component class with a method annotated with hystrixcommand and inject it and use it in the fallback method. Is this the only way or is there a simpler way to do this without creating a new class?
Related
I'm migrating an application with custom rest controllers to spring data rest. One problem I'm facing is that I had to add #PreAuthrozie annotations directly to my repositories instead of having them at a controller level. This is fine except some special cases.
The whole user repository is protected by a USER_ACCESS privilege. When the user authenticates, a new token is generated and the user has to be saved. Problem is, at this point there is no authentication in the Security Context so the request returns with 403
I have some code that on startup has all classes implementing PermissionProvider and saves new permissions to the database. Again, at this point there is no authentication in the Security Context so this fails since the repository is protected by PERMISSION_ACCESS privilege
I can manually create a tmp authentication that I set before the call then clear the context but this seems like a hack and can be problematic. Is there a way to disable #PreAuthorize in some context?
The only way you can work around this is to in cases 1. and 2. call another method in the repository that is not annotated with #PreAuthorize. This method would then call the methods annotated with #PreAuthorize. Since they are in the same class, #PreAuthorize has no effect. The reason being the way Spring AOP and CGLIB work. A proxy class is created that extends your class, providing the logic behind the #PreAuthorize behavior. When you call a method within the same class, such a call does not go through the proxy class, and as a consequence #PreAuthorize has no effect.
I am reading Spring integration source code, and I have some questions understanding the workflow:
Does the #SpringBootApplication class, when calling application.run(), will call directly beans annotated using #ServiceActivator ? For example in my config file I have :
#Bean
#ServiceActivator(inputChannel = test)
public MessageHandler myHandler() {
return new SomeHandler();
}
when the application.run() is fired, the method handleRequestMessage() of SomeHandler will be called ? Am I understanding it right ?
Well, you need to understand that there are two parts of this matter:
Configuration phase when Spring parses all the annotations to register beans in the AppplicaitonContext. This way even that #ServiceActivator is consulted and a event-driven endpoint is registered as a bean as well.
Runtime part of Spring Integration environment. Here the mentioned endpoint is subscribed to the inputChannel and when message is has arrived the handleRequestMessage() is triggered from that SomeHandler. That's why it is called "service activator".
You probably need to make yourself familiar with EIP first of all: https://www.enterpriseintegrationpatterns.com/ to understand what is messaging and why there are endpoints and channels in between. Then you go to Spring Integration docs: https://docs.spring.io/spring-integration/docs/current/reference/html/index.html and realize for yourself that this framework provides a bunch of out-of-the-box components for this or that EIP which may be registered automaticaly in the application context by just declaring some annotation.
I am trying to understand how ControllerAdvice is working in SpringBoot. It is suggested that for per application there should be one ControllerAdvice. But my question is how this ControllerAdvice is tied to Controllers and catching the exceptions. So basically what is the underhood?
Spring AOP works with proxies.
That is when you annotate a class with any of AOP annotation spring will create a proxy class by extending your annotated class and all the methods will be overridden there in the proxy class.
Thus here after when you call a method in your class spring will call the proxy object method first then your actual method. This is Spring AOP knows whether the method has been called or thrown some exception or returned successfully etc etc.
This is the reason why when you call a private method with in the class AOP cannot intercept that method call.
Simple scenario:-
In a Spring 4 app the following #Valid gets triggered when I make a REST call but not when I make an API call. The docs talks about it but does not state how to do it the way I want.
#RequestMapping(name="/something")
public Entity save(#Valid Entity e){ return repo.save(e);}
Without writing any custom AOP code to achieve this myself etc. how do I get bean validation #Valid triggered in Spring ? Looking for any Spring or Hibernate configuration that will turn this on for simple API calls.
Example: When I bundle my component as a maven I would like to get my beans validated irrespective of whether they run in a web context or outside , say Spring Batch or just JUnit Tests.
And when I bundle this jar in a web app I definitely don't want this executed twice.
I am wondering how others might have accomplished this. I found in the Spring documentation #required which I attempted to use in a 'test' but got this stmt INFO XmlConfigurationProvider:380 - Unable to verify action class [xxx] exists at initialization
I have found another way in spring to do this is to write custom init methods and declare those on the bean but it almost seems like this is a strange thing to do to a struts2 action.
In my application I inject through spring different web services (via setter injection) into different actions. I want to ensure on startup these are not null and set.
Use request or session spring scopes.
Then you can do the checks in a #PostConstruct method, what will you do there? Throw an exception? Well, something isn't set you will eventually get a NullPointerException.