I have a requirement where I want to view, modify the content of or add new entry to the cache entries. I am using JCache API to and EHCache as the provider.
I don't want to write any wrapper API to expose the cache contents. I am wondering is there a way to access the cache contents remotely.
I see there are two MBeans supported by JCache but those are for Configuration & Statistics data.
Thanks
JSR-107 has no remoting API defined.
You will need to look at the provider specific APIs, Ehcache in your case.
Related
I have a single grails (3.3.5) web server, and I am interested in improving the availability and I'd like to add another server and put a load balancer in front of it.
Rather than share sessions between servers, or use sticky sessions, i'd like to know if there is a good way to have a session-less front-end server. I don't use sessions for anything other than using spring-security to validate the session token that it is using to identify the user.
I'd like to find a token based authentication system suitable for the front-end such that the token is safe and sufficient for identifying the current user.
I've seen the grails-spring-security-rest plugin which looks promising, but it seems like everyone is using it for back-end rest api calls. Is it also suitable for front-end authentication when you aren't storing application data in the webapp session?
If you don't use the session objects in your controller then tomcat will not create any sessions for you.
Also you can define your controllers to be
static singleton = true
then they will be instantiated not on per-request basis.
Now, if you still want to use sessions, you can use something like Cookie Sessions and keep your data inside the cookies instead of tomcat's memory.
I haven't used the grails-spring-security-rest, but you should be able to tweak spring-security-core to be session-less. You should set scr.allowSessionCreation to false and use remember-me.
Since Grails is built on Spring Boot, you can access all the features of Spring Session (https://docs.spring.io/spring-session/docs/2.0.x/reference/html5/), which includes the ability to share session data between server instances with some data store instead of keeping it in memory.
In those docs you'll find this pointer to a guide with a Grails 3.1 example that uses Redis as the store. https://github.com/spring-projects/spring-session/tree/2.0.3.RELEASE/samples/misc/grails3
Is it also suitable for front-end authentication when you aren't storing application data in the webapp session?
Yes, you can use JWT tokens in your front-end. You need to properly configure the security filters of your controllers so that they are not using cookie for authentication but they are looking for JWT.
See : http://alvarosanchez.github.io/grails-spring-security-rest/latest/docs/#_plugin_configuration for configuration of endpoints that should validate JWT tokens.
Have a look at https://github.com/hantsy/angularjs-grails-sample/wiki/3-basic-auth for a stateless example with Angular.
I am trying to use hazelcast rest api (hazelcast version 3.9.1) to gather caching information. I am exposing Rest endpoint in my application (e.g. http://localhost:8080/cache/info) using which the caching information will get collected (using hazelcast rest api e.g. /cache/localinfo) but ever time I hit the endpoint it pop up "Authentication Required" dialog and entering same credential which I used to set group config name and password doesn't work.
I am wondering how to first disable authentication (if possible).
If not what credential it is looking for ? Shouldn't it be same what is being used to setup group config name and password while configuration hazelcast ? e.g. Config config = new Config();
config.getGroupConfig().setName("hazel-instance"); config.getGroupConfig().setPassword("password");
Hazelcast doesn't offer the possibility to secure the REST API by using credentials. Hazelcast is not designed to be open to the public internet. If you want to have it for internal authentication we recommend to put nginx in front of the Hazelcast REST API and use a proxy mechanism.
Anyhow the REST API is considered a legacy API for situations where the programming language doesn't have a native client. The REST API doesn't know about the internal partitioning and therefore will not offer best possible performance.
I am working on some new custom distributed objects to run in Hazelcast SPI.
As can be seen in : http://docs.hazelcast.org/docs/latest/manual/html/spiaddproperties.html you can enable via the Hazelcast xml config, or of course, you can enable programmatically.
It appears that the spring hazelcast xml schema does not support SPI creation, and I would like to create/enable and inject spring beans as properties to the new service.
Can anyone advise if this is possible? I want to utilize spring to instantiate the hazelcast instance as this is the most robust way I've found to do so in a large application.
I think it is supported.
You can find an example here: https://github.com/hazelcast/hazelcast/blob/master/hazelcast-spring/src/test/resources/com/hazelcast/spring/fullcacheconfig-applicationContext-hazelcast.xml#L309
How to enable caching with Spring Data Rest?
The reasoning behind is that repository listing and search methods won't change once the application is up. Also if the data behind the rest API is changed only through rest API it does makes a case to enable caching data too.
I believe some level is caching happens in REST API framework and it would be ideal if the caching happens at the final response stage i.e., json response (to avoid the overhead of marshalling objects to json)
Thoughts/comments?
The easiest way to implement this on the repository level is to use Spring's #Cacheable as it can be seen in the Spring Data JPA Examples project.
Another option is to leverage HTTP Caching using the Apache HTTPD settings or a Varnish for example.
I need to have web application which actually consist from few separate wars unified into same navigration bar on UI, i need to have all system secured but have authentication only to main web application and after automatic propagation of this security context to sub web applications. I'm using spring security, could someone help me with advice? thanks
This can be achieved by following approach. In Spring, SecurityContext by default is stored in HttpSession. Instead you can configure it to store in some shared repository.
So, configuration should be changed to use your own SecurityContextRepository implementation instead of HttpSessionSecurityContextRepository. Once configured, the security framework will look at the Repository which is available to all your web applications.
The Repository can be either a database or a cached server.
Spring Security stores the login data in the http session. So what I would try is to share the session between the applications.
It seams that this is possible (in Tomcat) by using the Single Sing On attribute.
But be warned, sharing the session between two applications is not without danger. See this Stack Overflow question.