I am working on enabling spring boot health check using actuator. Since our app is dependent on Spring 1.5.21, so I have to use actuator 1.5.21 release. I read some configurations on their online documentation shows that you can apply the following to only allow "/health" endpoint to expose.
By default, all endpoints except for shutdown are enabled. If you prefer to specifically “opt-in” endpoint enablement you can use the endpoints.enabled property. For example, the following will disable all endpoints except for info:
endpoints.enabled=false
endpoints.info.enabled=true
Since I need to disable all endpoints except "/health" endpoint, so I configured it in application.properties file like below. However, it is not working for me.
endpoints.enabled=false
endpoints.health.enabled=true
Here is the result:
http://localhost:8080/health
{"message":"This endpoint is disabled"}
Environments:
Spring boot: 1.5.21 release
JDK: 1.8
Application: web application
Any thoughts on this? Thanks in advance!
UPDATES:
After I started a new project using the same spring boot 1.5.21.RELEASE, below settings worked.
endpoints.enabled=false
endpoints.health.enabled=true
2020-03-29 19:29:15.541 INFO 9796 --- [ restartedMain] o.s.b.a.e.mvc.EndpointHandlerMapping : Mapped "{[/health || /health.json],methods=[GET],produces=[application/vnd.spring-boot.actuator.v1+json || application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.HealthMvcEndpoint.invoke(javax.servlet.http.HttpServletRequest,java.security.Principal)
UPDATE on 3/30:
HOWEVER, when I used it with SDL Tridion 8.5, it stopped working. Any ideas?
<dependency>
<groupId>com.sdl.dxa</groupId>
<artifactId>dxa-common-api</artifactId>
<version>${dxaversion}</version>
</dependency>
<dependency>
<groupId>com.sdl.dxa</groupId>
<artifactId>dxa-common</artifactId>
<version>${dxaversion}</version>
</dependency>
<dependency>
<groupId>com.sdl.dxa</groupId>
<artifactId>dxa-tridion-provider</artifactId>
<version>${dxaversion}</version>
</dependency>
<dependency>
<groupId>com.sdl.dxa.modules</groupId>
<artifactId>dxa-module-core</artifactId>
<version>${dxaversion}</version>
</dependency>
endpoints.enabled=false
endpoints.health.enabled=true
Result:
http://localhost:8080/health
{"message":"This endpoint is disabled"}
No need to use disable. Use only below properties:
management.endpoints.web.exposure.include='health'
Related
I am trying to use limit rate API for a Spring Boot Rest application, with bucket4j based on the following online resource
Please find my configuration below:
Below is maven dependency added to use 4bucketj:
...
<dependency>
<groupId>com.giffing.bucket4j.spring.boot.starter</groupId>
<artifactId>bucket4j-spring-boot-starter</artifactId>
<version>0.4.0</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-cache</artifactId>
</dependency>
<dependency>
<groupId>org.ehcache</groupId>
<artifactId>ehcache</artifactId>
</dependency>
..
Below is my application.yml config:
spring:
main:
allow-bean-definition-overriding: true
cache:
jcache:
config: classpath:ehcache.xml
bucket4j:
enabled: true
filters:
- cache-name: buckets
url: .*
http-response-body: "{ \"status\": 429, \"error\": \"Too Many Requests\", \"message\": \"You have exhausted your API Request Quota\" }"
rate-limits:
- bandwidths:
- capacity: 2
time: 1
unit: minutes
Below I have added ehcache.xml in path src/main/resources/:
<config xmlns='http://www.ehcache.org/v3'
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:jsr107="http://www.ehcache.org/v3/jsr107"
xsi:schemaLocation="http://www.ehcache.org/v3 http://www.ehcache.org/schema/ehcache-core-3.0.xsd
http://www.ehcache.org/v3/jsr107 http://www.ehcache.org/schema/ehcache-107-ext-3.0.xsd">
<cache alias="buckets">
<expiry>
<ttl unit="seconds">3600</ttl>
</expiry>
<heap unit="entries">1000000</heap>
<jsr107:mbeans enable-statistics="true"/>
</cache>
Finally, I have added #EnableCachingin a config class which is being loaded when spring starts.
Based on the config in the application.yml file the API should not accept more than 2 request in one minute and if it is more that two requests, an error should be triggered as stated (http-response-body) in application.yml.
I have deployed the application on my PC and with Postman tool I am able to hit a Rest API more than 10 times within one minute with no error message.
Can anyone please advise why the error message is not triggered, since it should allow only 2 requests and I am sending 10 instead?
I got it working by following this guide from the point 6 onwards, but the only difference i can spot with your implementation is the caching system, so i can guess the problem lies there.
I am trying to configure an OAuth2 client using Spring Boot. I have the following dependencies:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-webflux</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-jose</artifactId>
</dependency>
And I have added these properties to my application.yaml:
security:
oauth2:
client:
registration:
azure:
client-id: ****
client-secret: ****
authorization-grant-type: client_credentials
provider:
azure:
authorization-uri: https://login.microsoftonline.com/2fdb7e27-9b62-44f7-a0fe-9836eaa1f161/oauth2/v2.0/authorize
token-uri: https://login.microsoftonline.com/2fdb7e27-9b62-44f7-a0fe-9836eaa1f161/oauth2/v2.0/token
jwk-set-uri: https://login.microsoftonline.com/2fdb7e27-9b62-44f7-a0fe-9836eaa1f161/discovery/v2.0/keys
As I understand it from the Spring documentation, this should be enough to auto-configure a ClientRegistrationRepository ("Spring Boot 2.x auto-configuration binds each of the properties under spring.security.oauth2.client.registration.[registrationId] to an instance of ClientRegistration and then composes each of the ClientRegistration instance(s) within a ClientRegistrationRepository. The auto-configuration also registers the ClientRegistrationRepository as a #Bean in the ApplicationContext so that it is available for dependency-injection, if needed by the application.".
I have the following code:
package com.sky.bnc.azurespring
import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientManager
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository
import org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizedClientManager
import org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository
import org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction
import org.springframework.web.reactive.function.client.WebClient
#Configuration
class WebConfiguration {
#Bean
fun authorizedClientManager(clientRegistrationRepository: ClientRegistrationRepository, authorizedClientRepository: OAuth2AuthorizedClientRepository): OAuth2AuthorizedClientManager {
val authorizedClientProvider = OAuth2AuthorizedClientProviderBuilder
.builder()
.authorizationCode()
.refreshToken()
.clientCredentials()
.build()
val authorizedClientManager = DefaultOAuth2AuthorizedClientManager(clientRegistrationRepository, authorizedClientRepository)
authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider)
return authorizedClientManager
}
#Bean
fun webClient(authorizedClientManager: OAuth2AuthorizedClientManager): WebClient {
val oauth2Client = ServletOAuth2AuthorizedClientExchangeFilterFunction(authorizedClientManager)
oauth2Client.setDefaultClientRegistrationId("azure")
return WebClient
.builder()
.apply(oauth2Client.oauth2Configuration())
.build()
}
}
But when I try and run the application I get this error:
APPLICATION FAILED TO START
***************************
Description:
Parameter 0 of method authorizedClientManager in com.sky.bnc.azurespring.WebConfiguration required a bean of type 'org.springframework.security.oauth2.client.registration.ClientRegistrationRepository' that could not be found.
Action:
Consider defining a bean of type 'org.springframework.security.oauth2.client.registration.ClientRegistrationRepository' in your configuration.
Process finished with exit code 1
I don't understand what the problem is, I have followed many examples and it seems like it should just be working.
The ClientRegistrationRepository refers to the configuration of the OAuth client in a blocking environment, not reactive. In case you build your application to be fully reactive, consider using the ReactiveClientRegistrationRepository implementation. Spring security project has an example project of how to use that one.
However, you could still mix the reactive and blocking approaches in the same application, although not terribly recommended, there is still a use case for that. For this, you only need to add the spring-boot-starter-web dependency, so that the blocking servlet implementation is added to the classpath. You could watch this talk where this approach is used.
Define the following properties:
azure.activedirectory.client-id=
azure.activedirectory.client-secret=
azure.activedirectory.tenant-id=
azure.activedirectory.authorization-clients.graph.scopes=https://graph.microsoft.com/Analytics.Read,
email
The issue you are facing is due to the configuration in application.yaml file. Please check everything is correct.
Since you are implementing oauth for Azure AD the configuration must look like below,
# Specifies your Active Directory ID:
azure.activedirectory.tenant-id=22222222-2222-2222-2222-222222222222
# Specifies your App Registration's Application ID:
spring.security.oauth2.client.registration.azure.client-id=11111111-1111-1111-1111-1111111111111111
# Specifies your App Registration's secret key:
spring.security.oauth2.client.registration.azure.client-secret=AbCdEfGhIjKlMnOpQrStUvWxYz==
# Specifies the list of Active Directory groups to use for authorization:
azure.activedirectory.user-group.allowed-groups=Users
For complete step-by-step guide please refer here.
Indentation issue,
spring:
security:
ref : click here
I have a Java Spring app and I'm using Amazon Keyspaces (for Apache Cassandra). I'm using the sigv4 plugin , (version 4.0.2), the cassandra java-driver-core (version 4.4.0) and have followed the official documentation on how to connect my java app with MCS. The app connects just fine but I'm getting a weird warning at start up:
WARN 1 --- [ s0-admin-0] .o.d.i.c.m.t.DefaultTokenFactoryRegistry : [s0] Unsupported partitioner 'com.amazonaws.cassandra.DefaultPartitioner', token map will be empty.
Everything looks good but after a few minutes that warning comes back and my queries start to fail. This is how the logs look after a few minutes:
WARN 1 --- [ s0-admin-0] .o.d.i.c.m.t.DefaultTokenFactoryRegistry : [s0] Unsupported partitioner 'com.amazonaws.cassandra.DefaultPartitioner', token map will be empty.
WARN 1 --- [ s0-io-1] c.d.o.d.i.c.m.SchemaAgreementChecker : [s0] Unknown peer xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx, excluding from schema agreement check
WARN 1 --- [ s0-io-0] c.d.o.d.i.c.control.ControlConnection : [s0] Unexpected error while refreshing schema after a successful reconnection, keeping previous version (CompletionException: com.datastax.oss.driver.api.core.connection.ClosedConnectionException: Channel was force-closed)
WARN 1 --- [ s0-io-1] c.d.o.d.i.c.m.DefaultTopologyMonitor : [s0] Control node ec2-x-xx-xxx-xx.us-east-2.compute.amazonaws.com/x.xx.xxx.xxx:xxxx has an entry for itself in system.peers: this entry will be ignored. This is likely due to a misconfiguration; please verify your rpc_address configuration in cassandra.yaml on all nodes in your cluster.
I have debugged a little and it looks like that partitioner comes from the actual node metadata, so I don't really know if there's an actual way to fix it.
I've seen there's a similar question asked recently here, but no solution has been posted yet. Any ideas? Thanks so much in advance
These are all warnings and not errors. Your connection should work just fine. They are logged due to how Amazon Keyspaces is slightly different from an actual Cassandra cluster. Try setting these to get rid of the noise:
datastax-java-driver.advanced {
metadata {
schema.enabled = false
token-map.enabled = false
}
connection.warn-on-init-error = false
}
Problem the same with me.
The above problems encountered when using a Spring boot version 2.3.x
Because is a Spring boot version 2.3.x
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-cassandra-reactive</artifactId>
</dependency>
OR
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-cassandra</artifactId>
</dependency>
When creating a Maven / Gradle will get "datastax-java-driver-core 4.6.1" and I think this is another reason that Amazon Keyspaces are not supported.
Okay, Clear.....
Back to the subject of AWS library aws-sigv4-auth-cassandra-java-driver-plugin 4.0.2
When creating a Maven / Gradle will get "datastax-java-driver-core 4.4.0"
Now I am starting to see that Amazon Keyspaces
Maybe not supported "datastax-java-driver-core" with version greater than 4.4.0
Okay, it's been very long.
If you want Application Spring Boot 2 to work
You try following the solutions follows.
look at pom.xml
remove aws-sigv4-auth-cassandra-java-driver-plugin
downgrade Spring boot version 2.3.x to 2.2.9
add dependency below,
spring-boot-starter-data-cassandra-reactive
OR
spring-boot-starter-data-cassandra
create Amazon digital certificate and download
If you used InteljiJ IDEA Edit Configurations
Goto Edit Configurations -> next VM Options add below,
-Djavax.net.ssl.trustStore=path_to_file/cassandra_truststore.jks
-Djavax.net.ssl.trustStorePassword=my_password
Reference: https://docs.aws.amazon.com/keyspaces/latest/devguide/using_java_driver.html
application-dev.yml add config below,
spring:
data:
cassandra:
contact-points:
- "cassandra.ap-southeast-1.amazonaws.com"
port: 9142
ssl: true
username: "cassandra-username"
password: "cassandra-password"
keyspace-name: keyspace-name
request:
consistency: local_quorum
Run Test Program
Pass.
Work for me.
Tech Stack
Spring Boot WebFlux 2.2.9.RELEASE
Cassandra Reactive
JDK 13
Cassandra Database with Amazon Keyspaces
Maven 3.6.3
Have fun with programming.
I have Spring Boot Application which listens to JCAPS. The Connection is Durable.
When I shutdown the Application using
Curl -X POST ip:port//shutdown
Application is not shutting down completely. I can see the PID when I grep the processes. So I tried to kill using
Kill -15 PID
or
Kill -SIGTERM PID
The PID is gone, but the subscription to JCAPS topic is still Active. Hence, When I restart the Application, I am unable to connect to the same Topic using the same subscriber name.
Please help on How to properly shutdown the spring boot application.
Add the following dependency in your pom.xml
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
Set following property in application.properties
management.endpoints.web.exposure.include=*
management.endpoint.shutdown.enabled=true
endpoints.shutdown.enabled=true
Then start spring-boot app
You want to shutdown app run following curl command
curl -X POST localhost:port/actuator/shutdown
Reference : https://www.baeldung.com/spring-boot-shutdown
I guys,
I'm using TomEE 1.6.0 (jax-rs) with a custom Application :
#ApplicationPath("/rest")
public class Whatever extends Application {...}
I do it in order to customize the base path for my REST services and to add a custom provider for every endpoints of this Application :
<?xml version="1.0" encoding="UTF-8"?>
<openejb-jar xmlns="http://www.openejb.org/openejb-jar/1.1">
<pojo-deployment class-name="Whatever">
<properties>
cxf.jaxrs.providers = WhateverProvider
</properties>
</pojo-deployment>
</openejb-jar>
I have a sample JAX-RS endpoint defined like this :
#Path("/whatever")
#Consumes(MediaType.APPLICATION_FORM_URLENCODED)
public class WhateverEndpoint {...}
Everything works fine when deploying in TomEE jax-rs (tomee-maven-plugin:start).
I can call my services on /rest/whatever
The problem is when I want to unit test this service with TomEE Embedded, WhateverEndpoint is not deployed...
The configuration I use for the tests setup (#BeforeClass) is the following :
Properties properties = new Properties();
properties.setProperty(OpenEjbContainer.OPENEJB_EMBEDDED_REMOTABLE, "true");
context = EJBContainer.createEJBContainer(properties).getContext();
I can test the DAO and so on but not the Endpoints...
When I add a #javax.ejb.* annotation like this :
#Singleton
#Path("/whatever")
#Consumes(MediaType.APPLICATION_FORM_URLENCODED)
public class WhateverEndpoint {...}
I have something better in the logs :
INFO - Initializing network services
INFO - REST Application: http://127.0.0.1:4204/web -> org.apache.openejb.server.rest.InternalApplication
INFO - Service URI: http://127.0.0.1:4204/web/whatever -> EJB Whatever
INFO - GET http://127.0.0.1:4204/web/whatever/a -> A a(HttpServletRequest)
INFO - ** Bound Services **
INFO - NAME IP PORT
INFO - httpejbd 127.0.0.1 4204
INFO - admin 127.0.0.1 4200
INFO - ejbd 127.0.0.1 4201
INFO - ejbds 127.0.0.1 4203
What should I do to make it works properly with my custom JAX-RS Application, Path and Provider, just like the TomEE JAX-RS do and without adding ejb annotations ? Should I define additional properties and which one when creating my EJBContainer ? I've see some in the sample applications :
https://github.com/apache/tomee/blob/trunk/examples/rest-on-ejb
https://github.com/apache/tomee/blob/trunk/examples/rest-example
But none of them are working.
Here is my pom.xml :
<dependency>
<groupId>org.apache.openejb</groupId>
<artifactId>javaee-api</artifactId>
<version>6.0-5</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.openejb</groupId>
<artifactId>tomee-embedded</artifactId>
<version>${tomee.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.openejb</groupId>
<artifactId>openejb-cxf-rs</artifactId>
<version>${openejb.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.openejb</groupId>
<artifactId>tomee-jaxrs</artifactId>
<version>${tomee.version}</version>
<scope>test</scope>
</dependency>
finally solved it by adding the EJBContainer.APP_NAME property to the properties passed when creating the embedded container :
Properties properties = new Properties();
properties.setProperty(OpenEjbContainer.OPENEJB_EMBEDDED_REMOTABLE, "true");
properties.setProperty(EJBContainer.APP_NAME, "/");
context = EJBContainer.createEJBContainer(properties).getContext();
I had also faced the same issue .I resolved this by adding a class in the TestProxyService annotated with #Singleton and then injecting the resource which I wanted to test.The proxy class would invoke the actual resource class .This
For example
#ApplicationPath("/rest")
public class SampleRestResource{
....methods
}
#Singleton
#ApplicationPath("/rest")
public class TestResource{
#Inject