My spring-boot+jersey application has integrated togglz. I added below dependencies as below.
// togglz
compile('org.togglz:togglz-servlet:'+togglzVersion)
compile('org.togglz:togglz-cdi:'+togglzVersion)
compile('javax.enterprise:cdi-api:2.0-EDR1')
compile('org.togglz:togglz-spring-web:'+togglzVersion)
compile("org.togglz:togglz-spring-boot-starter:"+togglzVersion)
compile("org.togglz:togglz-console:"+togglzVersion)
compile("org.togglz:togglz-spring-security:"+togglzVersion)
compile("com.github.heneke.thymeleaf:thymeleaf-extras-togglz:1.0.1.RELEASE")
In my boot class I added below code:
#Bean
public FeatureProvider featureProvider() {
return new EnumBasedFeatureProvider(AppFeatures.class);
}
after launch the app, I can see the json data from this link:http://localhost:8080/togglz.
But I can't access http://localhost:8080/togglz-console. I got "Failed to load resource: the server responded with a status of 403 (Forbidden" error.
I can see below log in my log file but I can't access togglz-console/*.
o.s.b.c.e.ServletRegistrationBean : Mapping servlet: 'togglzConsoleServlet' to [/togglz-console/*]
below is my togglz property file:
# togglz
togglz:
feature-enums: com.cooltoo.backend.features.AppFeatures # Comma-separated list of fully-qualified feature enum class names.
features:
SMS_CODE: false
console:
enabled: true # Enable admin console.
path: /togglz-console # The path of the admin console when enabled.
what did I miss here?
Step1 Add the below dependency :
<!-- Togglz Admin Console -->
<dependency>
<groupId>org.togglz</groupId>
<artifactId>togglz-console</artifactId>
<version>2.3.0.RC1</version>
</dependency>
Step2 Add the below in your application.yml or application.properties
togglz:
console:
enabled: true # Enable admin console.
or
togglz.console.enabled: true # Enable admin console.
Step3 Configure the console path by
togglz:
console:
path: /togglz-console # The path of the admin console when enabled.
For authentication : Add a dummy UserProvider which assigns admin privileges to every user:
public class MyTogglzConfiguration implements TogglzConfig {
#Override
public UserProvider getUserProvider() {
return new UserProvider() {
#Override
public FeatureUser getCurrentUser() {
return new SimpleFeatureUser("admin", true);
}
};
}
}
If you want to authenticate the user, instead of the above dummy one , implement your own UserProvider by following this documentation
Please add the below in your application.yml or application.properties:
togglz:
console:
enabled: true
path: /togglz-console
use-management-port: false
or
togglz.console.enabled: true
togglz.console.path: /togglz-console
togglz.console.use-management-port: false
Setting togglz.console.use-management-port to false will always run the Admin Console on the application port.
Related
I'm developing an SpringBoot REST project which runs perfectly. I'm trying to implement the OpenApi-ui in the project. It's working fine by default but I'd like to use my own yaml/json information file instead the default info.
I have been following the F.A.Q SpringDoc documentation , but nothing is working for me. It's throwing FAILED TO LOAD API DEFINITION : Fetch error undefined /open-api.yaml in the UI. Am I missing something in my configuration?
Thanks in advance.
Implementation
implementation group: 'org.springdoc', name: 'springdoc-openapi-ui', version: '1.5.9'
App config (route yaml = src/main/resources)
springdoc:api-docs:enabled: false
swagger-ui:url: /open-api.yaml
Configuration
#Bean
public OpenAPI customOpenAPI() {
return new OpenAPI()
.components(new Components().addSecuritySchemes("basicScheme",
new SecurityScheme().type(SecurityScheme.Type.HTTP).scheme("basic")))
.info(new Info().title("MyApp").version("1.0")
.license(new License().name("Apache 2.0").url("http://springdoc.org")));
}
#Bean
public SpringDocConfiguration springDocConfiguration(){
return new SpringDocConfiguration();
}
#Bean
public SpringDocConfigProperties springDocConfigProperties() {
return new SpringDocConfigProperties();
}
Yaml file
openapi: 3.0.3
info:
title: MyApp
description: MyApp Description
version: 1.0.0
servers:
- url: http://localhost:8080
description: Local server
{...more}
Access URL to OpenApi UI
http://localhost:8080/swagger-ui/index.html?configUrl=/v3/api-docs/swagger-config
OpenApi UI Image
Just if someone is looking for something similar, we finally created a new class, extending SwaggerIndexPageTransformer and implementing by SwaggerIndexTransformer , which led us to use #override method to change the url.
You can follow > https://github.com/springdoc/springdoc-openapi/issues/763
i'a trying to deploy my jar spring boot application on windows but get error : [Krb5LoginModule] authentication failed
KrbException: Cannot locate default realm
In my localhost, everything is OK with the authentication but whene i deploy the jar in the production server i got the error even if both windows are in the same campany doamin.
the system administrator told me that for other application, the authentication is based on Kerberos and iis so the ticket exchange for authentication is very easy.
Here's my security config :
#Bean
public KerberosAuthenticationProvider kerberosAuthenticationProvider() {
KerberosAuthenticationProvider provider =
new KerberosAuthenticationProvider();
SunJaasKerberosClient client = new SunJaasKerberosClient();
client.setDebug(true);
provider.setKerberosClient(client);
provider.setUserDetailsService(dummyUserDetailsService());
return provider;
}
#Bean
public SpnegoEntryPoint spnegoEntryPoint() {
//return new SpnegoEntryPoint("/login");
return new SpnegoEntryPoint();
}
#Bean
public SpnegoAuthenticationProcessingFilter spnegoAuthenticationProcessingFilter(
AuthenticationManager authenticationManager) {
SpnegoAuthenticationProcessingFilter filter =
new SpnegoAuthenticationProcessingFilter();
filter.setAuthenticationManager(authenticationManager);
return filter;
}
#Bean
public KerberosServiceAuthenticationProvider kerberosServiceAuthenticationProvider() {
KerberosServiceAuthenticationProvider provider =
new KerberosServiceAuthenticationProvider();
provider.setTicketValidator(sunJaasKerberosTicketValidator());
provider.setUserDetailsService(dummyUserDetailsService());
return provider;
}
#Bean
public SunJaasKerberosTicketValidator sunJaasKerberosTicketValidator() {
SunJaasKerberosTicketValidator ticketValidator =
new SunJaasKerberosTicketValidator();
ticketValidator.setServicePrincipal("HTTP/localhost#fgao.fr");
ticketValidator.setKeyTabLocation(new
FileSystemResource("c:\\user\\tomcat.keytab"));
ticketValidator.setDebug(true);
return ticketValidator;
}
#Bean
public DummyUserDetailsService dummyUserDetailsService() {
return new DummyUserDetailsService();
}
I don't know if i have to specify the keytab file because on windows no keytab or kb5.conf file is needed so the c:\user\tomcat.keytab file is empty.
Can someone help me with this please
You will need a Keytab file.
Keytab file contains keys which are required by kerberos module to decrypt the incoming kerberos token.
Keytab file is not out of the box present as it is specific to a user account in AD.It has to be generated by your system admin and give it to you.
You will need a service user (dedicated for your application). Generate keytab for it.
Copy it on your application server and specify its path in spring.
Check ktpass command on windows for more details about creating keytab.
You may also need to check for krb5 conf file, what it contains and how you can specify it inside Spring.
we are using brave api in our spring boot application. We are able to trace all controllers and services. But issue is we are getting traces in some controllers which we do not want to trace like health check controller. Is there any way to specify this in controller as by default it is tracing all controllers.
I have tried using
spring:
application:
name: abc
sleuth:
enabled: "true"
reporter:
enabled: "true"
sampler:
probability: "1.0"
instrument:
web:
skipPattern: (^status* | ^Status* | *status*)
and
spring:
application:
name: abc
sleuth:
enabled: "true"
reporter:
enabled: "true"
sampler:
probability: "1.0"
web:
skipPattern: (^status* | ^Status* | *status*)
But it did not work. Status controller
#RestController
public class StatusController {
#Autowired
public StatusController() {
}
#RequestMapping(value = "/status", method = RequestMethod.GET)
public Boolean status() {
return true;
}
}
Please help.
Thanks
*status* is not a valid regex. Try just /status. You can check the https://github.com/spring-cloud/spring-cloud-sleuth/blob/v2.1.4.RELEASE/spring-cloud-sleuth-core/src/main/java/org/springframework/cloud/sleuth/instrument/web/SleuthWebProperties.java#L34 for the default. Also, maybe it makes more sense to use the additionalSkipPattern property to append your custom values to existing ones.
I am trying to configure the LoggingMeterRegistry to log metrics for my Spring Boot 2.1.6 application. I want the metrics to be logged every hour.
In my application.yml, I've the following configured
management:
metrics:
export:
logging:
enabled: true
step: 60m
But in the logs I see the metrics being logged every minute. I've tried the other variation for the property key as well e.g.
management.metrics.export.logging:
enabled: true
step: 60m
I have also tried various formats for the duration string e.g. 1h, PT60M but with no success. The metrics are logged at 1 minute intervals.
I was looking at the code here StepDurationConverterTest and here StepDurationConverter that converts the step duration String to a Duration object and looks like both formats 60m and 1h should work.
Any ideas why I can't seem to change the logging interval?
I think the problem here is there's no
org.springframework.boot.actuate.autoconfigure.metrics.export.logging
package like there is for other MeterRegistrys (eg org.springframework.boot.actuate.autoconfigure.metrics.export.jmx).
Ie theres no auto configuration for the properties in Spring Boot. This is probably because the LoggingMeterRegistry is marked as #Incubating
You need to manually configure the LoggingMeterRegistry as a bean and create your own #ConfigurationProperties LoggingProperties and LoggingPropertiesConfigAdapter to get this to work. Or just hardcode the step period you want.
To configure step count duration in micrometer:
Please follow below step:
#Configuration
public class LoggingMeterRegistryConfig {
#Bean
public LoggingMeterRegistry loggingMeterRegistry() {
LoggingRegistryConfig config = new LoggingRegistryConfig() {
#Override
public String get(String s) {
return null;
}
#Override
public Duration step() {
return Duration.ofMinutes(2);
}
};
return LoggingMeterRegistry.builder(config).clock(Clock.SYSTEM).threadFactory(new NamedThreadFactory("logging-metrics-publisher")).build();
}
}
The following #Bean supplies config from Spring Environment allowing you to specify a property logging.step: 1h to get your desired period.
#Bean
LoggingMeterRegistry loggingMeterRegistry(Environment env) {
LoggingRegistryConfig springBasedConfig = prop -> env.getProperty(prop, String.class);
return new LoggingMeterRegistry(springBasedConfig, Clock.SYSTEM);
}
I have create a PostgreSQL health indicator like this:
#Component
public class PostgresHealthIndicator extends AbstractHealthIndicator {
#Autowired
DataSource postgresDataSource;
public DataSourceHealthIndicator dbHealthIndicator() {
DataSourceHealthIndicator indicator = new DataSourceHealthIndicator(postgresDataSource);
return indicator;
}
#Override
protected void doHealthCheck(Health.Builder builder) throws Exception {
Health h = dbHealthIndicator().health();
Status status = h.getStatus();
if (status != null && "DOWN".equals(status.getCode())) {
builder.down();
} else {
builder.up();
}
}
}
In my Application.java I am scanning this package for this component:
#ComponentScan({"com.bp.health"})
In my application.properties I have the following set:
endpoints.health.sensitive=false
endpoints.health.id=health
endpoints.health.enabled=true
when I hit {url}/health I see:
{"status":"DOWN"}
what do I need to do to get the custom health indicator to show?
You need to be authenticated to see all the details.
Alternatively you could set
management.security.enabled=false
endpoints.health.sensitive=false
to see full content unauthenticated
More information about that can be found here:
Production ready monitoring
Why would you want to do all that? That code doesn't even compile and Spring Boot does check your data sources by default already. If you only see the status, that's because you're not authenticated, check this table in the doc for more details.