MassTransit ESB supports any/all of the following security aspects?
ACEGI
JAAS
PGP
As far as we analyzed there does not seem to any support for these security aspects in MassTransit ESB.
Depending on what you're looking for, you can create a custom serializer in MassTransit that does the encryption for you. A couple people have done so. The serializers are completely plugable, so have at it. Out of the box though, there is no support for these technologies.
See https://groups.google.com/d/msg/masstransit-discuss/TyrdqjYzjNg/MeJaXmhy1xIJ on the mailing list for an example discussion.
Related
Currently in our project we already implemented firebase messaging service(FCM).We already have service account created for this. Now we need to implement a pub/sub with different google and service account.
When I try to implement this its taking default credentials.
How can we configure different service account credentials for FCM and pub/sub?
Kindly let me know how can we fix this.
default credentials
Dependencies added
Error I am facing
To explicitly provide credentials for Spring Cloud GCP Pub/Sub, use the spring.cloud.gcp.pubsub.credentials.location or spring.cloud.gcp.pubsub.credentials.encoded-key property.
Documentation available here.
The error you have is unrelated to GCP authentication, though -- the issue is that two different starters are defining a Jwt parsing bean. If you don't need to extract identity from Firebase, then it can be turned off with spring.cloud.gcp.security.firebase.enabled=false. If you do need it, and com.magilhub is under your control, follow the Spring Boot suggestion and use #Qualifier to get the specific one you need.
My requirement is to implement SCIM 2.0 server for Spring Boot application which supports SAML for OKTA authentication.
I haven't found any library provided by Spring Boot for SCIM sever and neither the documentation exists for it in Spring's Repos.
I have found some third party implementations like Better Cloud SCIM 2.0 or WSO2 Charon etc. But should I use those third party implementations ? Because what if their git hub repos are messed up later or we may not get our issues resolved.
Also if there does not exist any documentation for SCIM server implementation in Spring Boot. Then should it just be treated as implementing other restful APIs ?
Any help on this will be much appreciated.
I'm watching over my company's SCIM API. So far what I have seen is there's no Spring official library and you should stick to the protocol description to provide your implementation (see more here: https://www.rfc-editor.org/rfc/rfc7644).
Despite the lack of an official Spring Boot library (that would be cool, I agree!), I'm using this thirty party library: https://github.com/pingidentity/scim2. It has all the resources you need to expose your endpoints for users operations as well as filtering when getting users, that can become quite complicated implementing from scratch as the specification provides a quite extensive query language for it.
Open source version for a lightweight SCIM spring-boot server.
https://bitbucket.org/wouter29/personify-scim-server/src
For using SAML, a custom java authentication filter can be plugged in, because only Basic and Bearer tokens are implemented.
Don't know if SAML is even mentioned in the specs/RFC
Storage layer can be chosen : ldap, mongo, postgres or MySQL.
So. We started working with the Spring Cloud (and Spring Cloud Netflix) library to get service discovery and client-side load balancing in our Spring Boot-based services. Part of the reason was I also, incorrectly, though it would also support the retrying that seems to be very important in a setup like that.
Another question has explained that is not actually the case. Fair enough but the documentation could have been clear on that. Would have saved me from some wrong assumptions at least.
But after investigating the code. I cannot figure out why Ribbon HttpClient is used at all? The load balancer support is currently implemented with Ribbon.
But the code that does the actual HTTP request only deals with that though the Spring Cloud abstracted API. So it seems fairly pointless specifically use a (now deprecated) HttpClient from Ribbon when it could as well has used the implementation Spring RestTemplate would default to.
Seems like it would be a lot easier to understand the behavior of if it behaved like whatever client RestTemplate is configured to use or actually behaved like the Ribbon client with the support for configuring it to do what is supposed to be able to do (like retry).
Kristoffer,
I also was looking for re-try logic in the load balanced RestTemplate and it turned out the RestClient (even though its been deprecated) does have support for fail-over and a small change to the request factory seems to work for me.
Here is a link
Developed Rest API using Java/Spring MVC
Can we provide authentication for RestAPI? If yes, How?
Now I am struggling with authentication for RestApi. Can anyone send some examples regarding the same.
Accessing rest API through AJAX request.
Since you are already using Spring, you can use Spring security to provide security related functionality. This can give you one stop solution for your security needs. Common security mechanisms for Rest API's (basic, digest) and features are supported out of box and it's very easy to add your custom security too. For a start tutorial you can have a look here
We have a web application using Jersey and Spring's rest template. Does anyone know of a tool that can scan a code base and produce a report that lists all exposed endpoints and also internal references to those endpoints?
You may also take a look at Swagger, a framework for describing, producing, consuming, and visualizing RESTful web services.
Swagger supports multiple REST frameworks and also JAX-RS based on Jersey.
From their GitHub Wiki:
The Swagger framework simultaneously addresses server, client, and documentation/sandbox needs for REST APIs. As a specification, it is language-agnostic. It also provides a long runway into new technologies and protocols beyond HTTP.
With Swagger's declarative resource specification, clients can understand and consume services without knowledge of server implementation or access to the server code. The Swagger UI framework allows both developers and non-developers to interact with the API in a sandbox UI that gives clear insight into how the API responds to parameters and options. Swagger happily speaks both JSON and XML, with additional formats in the works.
Jersey can provide a WADL report at the /application.wadl URI. It doesn't document complex types but at least gives you a list of endpoints.
See https://wikis.oracle.com/display/Jersey/WADL