How to enable CORS in spring cloud dataflow to make it api accessible from external web app like angular?
Cross Origin Resource Sharing is not supported out of the box in SCDF.
But, Spring Cloud Data Flow server application is a Spring Boot app and can be customized and extended.
You could add global CORS configuration to SCDF custom application. For information on how to do this, you can refer to Spring Boot documentation.
You can also check the sample here on how to customize SCDF server application.
Related
Is there a recommended way to customize the user interface of Spring Cloud Data Flow?
I am trying to find a way to change the text of the dashboard, colors and logos.
I found the GitHub repo for the UI on https://cloud.spring.io/spring-cloud-dataflow-ui/
But I cannot understand how to integrate that with my backend because the APIs and docs are not provided. Neither style guides nor backend logic.
The Spring Cloud Data Flow UI is tightly coupled to the Spring Cloud Data Flow server (as one of the REST clients of the SCDF server) and hence it is not designed to be customizable or extensible. All the documentation we have for the SCDF UI is pertinent to the SCDF use cases only.
I need a Spring Batch Admin-like application to embed in my own SB-powered Spring Boot application.
The Spring website says it's deprecated and been moved to the Spring Attic. They recommend making use of Spring Cloud Dataflow Console.
I investigated this, and it appears that there is a lot of additional functionality I don't need -- all I want to do is inspect and retry batch job executions.
Is there a means of getting only this functionality, short of carving out the Jobs controllers out of the REST API implementation, and building my own admin screens?
Yes, it is possible; however, you'd still have to use SCDF to gain access to the REST-APIs.
Once when you have SCDF running, you'd get access to the Task/Batch-job specific REST endpoints and that you can use in your custom dashboard tooling.
I am developing the webapi using jaxrs plugin in a Grails project (existing) in which there is Spring Security configured which is not allowing me to access the api urls i.e /api/**
I am getting You are not authorised to access this page though I have logged in as Admin but I am not able to configure the access to this path with/without authentication.
I guess you're using spring security?
Authentication is generally handled a little differently when implementing a rest api. Check out the excellent Spring Security REST Plugin. There's some really nice documentation here that explains the authentication lifecycle.
I'm using Spring Boot to build a REST Api which I can secure with Oauth2 (using spring-security-oauth2).
I want to manage a separate authentication and authorization schema for the actuator management endpoints (metrics, health, etc.).
And I want the management endpoints to run on a different port (management.port=8081 in application.properties)
I've been reading quite a lot but couldn't find a way to do it.
Thanks
That's because you can't separate endpoints by port. If the actuator management endpoints and the management endpoints are on the same component, the Spring Boot container (Tomcat) will launch that whole component on one port.
What you are saying can maybe be achieved by a proxy. You would map some urls on the proxy to internally correspond with the urls on your component.
Currently we have web app which uses spring Security for role based Authentication and Authorization.
Since we want to use SSO I see this example to integrate Spring with Openam https://wikis.forgerock.org/confluence/display/openam/OpenSSO+Spring+Security+%28Acegi%29+Integration
so it's like
My Web app (using spring to talk to openam) <===> IDP Proxy <====> IDP
But when I use the SAML tracer (The plugin for Firefox to track SAML requests/Responses) I don't see any SAML payloads between My web app and IDP proxy.
Is it that Spring is using SOAP request to talk to IDP proxy by picking urls from AMConfig.properties ?
I thought of using Fedlet but reading the saml response from Fedlet and integrating that with Spring Security is not feasible.
If Spring security3 doesn't use SAML2 is it a good idea to use spring framework to talk to openam ?
Any inputs ?
Thanks in advance
Ram
Ok folks we got our JSF2 web app working by integrating with Spring SAML extension and Spring Security along with open am.
Spring SAML extension is here - (https://github.com/SpringSource/spring-security-saml)
So now we are pulling all user roles from LDAP using Openam as IDP and the saml request and response is processed by spring saml extension. The role based access within application is controlled by Spring Security.
I would like to thank
Vladimir Schaefer - Author of Spring Saml ,
Stefan - from opensaml team,
Peter Major- from Openam # forge rock.
Wanted to add this note to let others know that the integration can be done to JSF app or any other web app and it uses Spring security SAML extension (which uses SAML 2.0 end to end) .
We finally have single sign on working finally.
I will put up an article on this shortly and will update this post.
I was able to add some more notes please see my articles on
generic info related to Openam concepts
http://reddymails.blogspot.com/2013/03/sso-for-java-or-net-web-based.html
Steps to integrate JSF 2 web application with Openam using Spring SAML extension and Spring Security.
http://reddymails.blogspot.com/2013/06/integrating-jsf-web-applicataion-with.html
Thanks
Ram
I don't see any SAML payloads between My web app and IDP proxy
According to the page, the integration is very similar to a normal agent approach. This probably means that you app talks to OpenAM using SOAP and OpenAM talks to the IDP using SAML.
But when I use the SAML tracer (The plugin for Firefox to track SAML
requests/Responses) I don't see any SAML payloads between My web app
and IDP proxy. Is it that Spring is using SOAP request to talk to IDP
proxy by picking urls from AMConfig.properties ?
If things are working correctly you should see a SAML authentication request when you are forwarded to the IDP.
What you should do is probably start plowing through the OpenAM debug logs.
Especially the Federation log.
I thought of using Fedlet but reading the saml response from Fedlet
and integrating that with Spring Security is not feasible. If Spring
security3 doesn't use SAML2 is it a good idea to use spring framework
to talk to openam ? Any inputs ?
There is an spring extension that allows you to use SAML directly.
http://static.springsource.org/spring-security/site/extensions/saml/index.html
You could have a look at that.