I have a Spring boot (v1.5.9) based application with Jolokia provided by Spring boot actuator.
Jolokia works fine. I can read values, for example:
http://localhost:8080/jolokia/read/java.lang:type=ClassLoading/Verbose
gives me:
{"request":{"mbean":"java.lang:type=ClassLoading","attribute":"Verbose","type":"read"},"value":false,"timestamp":1527859447,"status":200}
What I want is to disable writing operations, for example:
http://localhost:8080/jolokia/write/java.lang:type=ClassLoading/Verbose/true
The spring boot configuration looks like this:
management.security.enabled=false
management.endpoints.jmx.exposure.exclude=*
management.endpoints.web.exposure.include=jolokia,metrics
management.endpoint.jolokia.config.policyLocation=classpath:/jolokia.xml
And the Jolokia's policy in WEB-INF\classes\jolokia.xml (in resulting war, according to https://jolokia.org/reference/html/security.html) contains:
<restrict>
<commands>
<command>read</command>
<command>list</command>
<command>version</command>
<command>search</command>
</commands>
</restrict>
Despite this I see the following note in application's log:
jolokia: No access restrictor found, access to any MBean is allowed
And the write operation from the example above is working fine.
What I'm doing wrong? Should I put the policy file somewhere else? Is it possible to configure Jolokia's policy directly from the Spring boot configuration?
It looks like you've inadvertently used Spring Boot 2.0 configuration properties with Spring Boot 1.5.x. In 1.5 you should use jolokia.config.policyLocation. There's a little more information in the reference documentation.
Related
Created a new Spring Initializer project in IntelliJ using Spring Boot version 3.0.2.
Included Spring Web and Spring Boot Actuator.
Did the same using Spring Boot version 2.7.8.
Both projects have the following in application.properties
management.endpoints.web.exposure.include=info
management.info.build.enabled=true
spring.jackson.serialization.indent-output=true
When requesting /actuator/info for version 3.0.2 project, the JSON is not indented or pretty printed.
The same request for version 2.7.8 project returns pretty printed and indented JSON.
Everything is left default, no code additions, config changes. etc. Just plain vanilla out of the box project.
Is this a bug in Spring Boot version 3?
Expected the JSON response to be pretty printed and indented as per the Spring documentation for the Application Properties settings.
This change has been introduced in Spring Boot 3 on purpose: changing a JSON configuration in your main application should not change the JSON format used by actuator, as it could confuse clients relying on the format to be the same for all Spring Boot applications.
See the related issuue and also the dedicated section in the migration guide. You can revert to the previous behavior by setting the management.endpoints.jackson.isolated-object-mapper=false configuration property.
I'm migrating a Spring MVC web application to a Spring Boot. The build (maven) generates a .war file then I upload it to Wildfly Server. I used to be able to upload large file now it doesn't work.
On the old way, using Spring MVC, I updated the Wildfly' server config itself /standalone/configuration/standalone-full.xml which no longer work after switching to Spring Boot
<http-listener name="default" socket-binding="http" max-post-size="304857600" redirect-socket="https" enable-http2="true"/>
So the config above says allow posting files up to ~300MB (see the 304857600)
How to modify Wildfly/JBoss config using Spring Boot?
My google search was redirected here by some user comment, but still unsure how to do it in Spring Boot
https://docs.jboss.org/author/display/WFLY10/Undertow+subsystem+configuration
I'm on:
JDK 1.8
spring-boot-2.1.2.RELEASE.jar
spring-core-5.1.2.RELEASE.jar
Wildfly 10.
SpringBoot ask to setup these two additional config parameter to control the size limits of file upload/post request. I am certain that's causing the limitation in your case, if your Wildfly server is configured to not limit it.
#Max file size.
spring.servlet.multipart.max-file-size
#Max Request Size
spring.servlet.multipart.max-request-size
Reference: SpringBoot guide for file upload feature.
How can I put into spring boot app properties logback-file.xml and logback-access.xml at the same time? And if I can, logs will write in one file, or in different?
See the available Spring Boot properties.
You will find generic logging.* ones as well as server.tomcat.accesslog.* OR server.jetty.accesslog.* depending on your embedded servlet container.
Core logs will be printed based on logback-spring.xml, and access-logs (logs written whenever someone accesses any of your API's) will be printed based on logback-access.xml.
In application.properties, use logging.* for core/server logs and server.(yourserver).accesslog.* for access logs.
I'm running a Spring Boot application.
When there's no application.properties file in standard config paths it is not loaded and default configuration seems to be loaded.
application.properties:
spring.datasource.url=jdbc:sqlserver:...
Because of that, Spring Boot creates empty database with scheme without data which leads to empty program output.
How can one prevent Spring Boot from loading database default configuration?
you can use something as follows exclude in #EnableAutoConfiguration annotations to exclude Datasource default configuration. Reference
#EnableAutoConfiguration(exclude={DataSourceAutoConfiguration.class})
I don't know if there is any provision to make the app fail fast.
In order to stop Spring-Boot from autoconfiguring certain features for you, you need to explicitly exclude the corresponding class from the auto-configuration config:
#EnableAutoConfiguration(exclude={DataSourceAutoConfiguration.class})
Note: using this annotation you are taking back the responsibility from Spring to setup things for you, so you need to configure your DB properly from now on.
What's the best method to initiate a new Spring Project ?
Initiating Spring project is a lot of pain with various xml and db configuration.
Is there an "official" repository with complete sample project, as MVC with db access and so ?
Spring Boot may also be the solution, but some point still not clear to me :
How to add external components (such as Quartz) without creating some xml config ? (No such xml in Boot apparently)
Is a Spring Boot builded app is production-proof ?
As writen in the comments http://start.spring.io/ is the best way to start Spring boot project(STS has integration for it).
If you want to use something that is not supported by Spring Boot you can init spring beans the same way you do it in xml, just use java configuration. See this for example: http://www.tutorialspoint.com/spring/spring_java_based_configuration.htm
Also useing xml is still available. You can add #ImportResource on your Configuration class
#EnableAutoConfiguration
#Configuration
#ImportResource({"classpath*:applicationContext.xml"})