I'm trying to get a Zuul reverse proxy setup with Spring Boot, Eureka, Zuul and Spring OAuth. Specifically, I'm trying to obtain an OAuth bearer token from our OAuth server that is behind Zuul. To do this, i need to make a POST request to the proxy endpoint that redirects to our OAuth server. This request is using the client_credentials grant type and thus am using BasicAuth to obtain the bearer token. I've verified that I can obtain the token by bypassing Zuul.
I been having trouble getting my expected results which are a reverse proxy that is OAuth aware but has no required security itself. I've tried a few different variations on configuration and cannot find the golden ticket.
Here is my Maven:
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>com.mycompany.cloud</groupId>
<artifactId>mycompany-cloud</artifactId>
<version>0.0.2-SNAPSHOT</version>
</parent>
<artifactId>mycompany-cloud-zuul-proxy</artifactId>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-zuul</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-eureka</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security.oauth</groupId>
<artifactId>spring-security-oauth2</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>Brixton.SR2</version>
<type>pom</type>
<scope>import</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-dependencies</artifactId>
<version>1.3.5.RELEASE</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<executions>
<execution>
<goals>
<goal>repackage</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>
I initially created a configuration that was just
#SpringBootApplication
#EnableZuulProxy
#EnableEurekaClient
#EnableOAuth2Sso
public class ZuulProxyApplication {
public static void main(final String[] args) {
SpringApplication.run(ZuulProxyApplication.class, args);
}
}
but this by default enabled basic auth security. I knew this because i would get CSRF erros on any POST request made. Setting security.enable-csrf=false did not disable this (i found this odd). Setting security.basic.enabled=false also did not disable any security also odd. I finally noticed the JavaDoc on #EnableOAuth2Sso said that if no WebSecurityConfigurerAdapter was provided then it would use a default. I tried adding the #EnableWebSecurity to my configuration which should have added a WebSecurityConfigurerAdapter but I was still getting CSRF errors on my POST requests. Maybe the default its using isnlt aware of SecurityProperties. So I ended up with this configuration:
#SpringBootApplication
#EnableZuulProxy
#EnableEurekaClient
public class ZuulProxyApplication {
public static void main(final String[] args) {
SpringApplication.run(ZuulProxyApplication.class, args);
}
#Configuration
#EnableOAuth2Sso
#EnableWebSecurity
#Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
protected static class SecurityConfiguration extends WebSecurityConfigurerAdapter {
#Autowired
public void globalUserDetails(final AuthenticationManagerBuilder auth) throws Exception {
// add no users
auth.inMemoryAuthentication();
}
#Override
protected void configure(final HttpSecurity http) throws Exception {
http.csrf().disable();
}
}
}
and the following properties:
spring:
application:
name: mycompany-cloud-zuul-proxy
index: 0
security:
oauth2:
client:
access-token-uri: http://mycompany-cloud-authorization-server/oauth/token
user-authorization-uri: http://mycompany-cloud-authorization-server/oauth/authorize
basic:
enabled: false
enable-csrf: false
sessions: stateless
server:
port: 9200
eureka:
client:
service-url:
defaultZone: http://localhost:9100/eureka/
And this was successful, it disabled the CSRF configuration and I was able to make POST requests to my services without receiving the CSRF error. However, now my OAuth server is rejecting the requests because the BasicAuth header is no longer on the request. It appears that Zuul is stripping the header. Am I misunderstanding that adding the #EnableOAuth2Sso annotation makes the application OAuth aware and that it would allow means of accessing the configured OAuth server or does it simply apply to Bearer tokens? Is it normal to place your OAuth server behind the proxy or is that not an expected thing to do? I'm guessing that I'm missing some important knowledge and/or configuration that I have yet to comprehend from the documentation.
Any help here would be appreciated.
However, now my OAuth server is rejecting the requests because the BasicAuth header is no longer on the request
By default Spring cloud Zuul implementation strips some headers for security purpose (see Cookies and sensitive headers documentation)
Thus since Spring cloud netflix 1.1 following headers Cookie, Set-Cookie, Authorization are considered as sensible headers
Is it normal to place your OAuth server behind the proxy or is that not an expected thing to do?
Spring cloud is basically not designed by default to have Authorization server (or OAuth server) behind proxy (Zuul). In most example and documention Authorization server is outside proxy.
I personally created a POC for Authorization behind Proxy https://github.com/kakawait/uaa-behind-zuul-sample that may (or not) help you.
Related
I am just trying to create a hello world SCDF task. It is my understanding that out of the box the task should be able to read the needed data from the h2 database by just including h2 in the pom, but I am wondering if that is the correct assumption. Can anybody lend any suggestions to why I am getting the following error: 'taskLifecycleListener'; nested exception is java.lang.IllegalArgumentException: Invalid TaskExecution, ID...
Task
package com.hello;
import org.springframework.boot.CommandLineRunner;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.task.configuration.EnableTask;
import org.springframework.context.annotation.Bean;
#SpringBootApplication
#EnableTask
public class HelloTask {
#Bean
public CommandLineRunner commandLineRunner() {
return new HelloWorldCommandLineRunner();
}
public static void main(String[] args) {
SpringApplication.run(HelloTask.class, args);
}
public static class HelloWorldCommandLineRunner implements CommandLineRunner {
public void run(String... strings) throws Exception {
System.out.println("Hello World!");
}
}
}
POM
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.5.2</version>
<relativePath /> <!-- lookup parent from repository -->
</parent>
<groupId>com.hello</groupId>
<artifactId>privet</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>privet</name>
<description>Demo project for Spring Boot</description>
<properties>
<java.version>11</java.version>
<spring-cloud.version>2020.0.3</spring-cloud.version>
<start-class>com.hello.HelloTask</start-class>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-task</artifactId>
</dependency>
<dependency>
<groupId>com.h2database</groupId>
<artifactId>h2</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-configuration-processor</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>${spring-cloud.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-resources-plugin</artifactId>
<version>3.1.0</version>
</plugin>
</plugins>
</build>
</project>
I run spring cloud data flow skipper 2.8.1
I run spring cloud data flow server 2.8.1, obviously launches h2
Start Embedded H2
2021-06-28 19:08:43.967 INFO 95256 --- [ main] o.s.c.d.s.config.web.WebConfiguration : Starting H2 Server with URL: jdbc:h2:tcp://localhost:19092/mem:dataflow
I build the app, and in the UI - import the app, create a task, start the task and I get the dreaded....
org.springframework.context.ApplicationContextException: Failed to start bean 'taskLifecycleListener'; nested exception is java.lang.IllegalArgumentException: Invalid TaskExecution, ID 7 not found
at org.springframework.context.support.DefaultLifecycleProcessor.doStart(DefaultLifecycleProcessor.java:181) ~[spring-context-5.3.8.jar!/:5.3.8]
Any suggestions?
Spring Cloud Data Flow and your Spring Cloud Task app need to access the same database. Your pom.xml suggests that your SCT app is using an embedded H2 database that only itself can access.
Your app needs the driver for the shared database on the classpath. Please also have a look at the official documentation: https://docs.spring.io/spring-cloud-dataflow/docs/2.8.1/reference/htmlsingle/#spring-cloud-dataflow-register-task-apps
The task execution with its id is created by Data Flow before launching the app. When the app starts, it expects to find a task execution with the given id in the database that it's connected to.
If you start your app stand alone from the command line, it should work fine, as it then does not expect that the task execution is already created in its database.
I am working on a microservice architecture developed in Spring boot with an API gateway service using Spring Cloud Gateway. I am using Keycloak as an identity provider. Everything is working fine normally, but I am getting intermediate authorization_request_not_found exception on user login and a whitelable error page occurs. If we try again, it works.
Below is the exception I received on Keycloak server:
[org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider] (default task-264) Failed to make identity provider oauth callback: org.keycloak.broker.provider.IdentityBrokerException: No access_token from server.
at org.keycloak.keycloak-services#9.0.3//org.keycloak.broker.oidc.OIDCIdentityProvider.verifyAccessToken(OIDCIdentityProvider.java:495)
at org.keycloak.keycloak-services#9.0.3//org.keycloak.broker.oidc.OIDCIdentityProvider.getFederatedIdentity(OIDCIdentityProvider.java:360)
at org.keycloak.keycloak-services#9.0.3//org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider$Endpoint.authResponse(AbstractOAuth2IdentityProvider.java:472)
at jdk.internal.reflect.GeneratedMethodAccessor938.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at org.jboss.resteasy.resteasy-jaxrs#3.9.1.Final//org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:138)
at org.jboss.resteasy.resteasy-jaxrs#3.9.1.Final//org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:517)
at org.jboss.resteasy.resteasy-jaxrs#3.9.1.Final//org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:406)
at org.jboss.resteasy.resteasy-jaxrs#3.9.1.Final//org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$0(ResourceMethodInvoker.java:370)
at org.jboss.resteasy.resteasy-jaxrs#3.9.1.Final//org.jboss.resteasy.core.interception.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:356)
at org.jboss.resteasy.resteasy-jaxrs#3.9.1.Final//org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:372)
at org.jboss.resteasy.resteasy-jaxrs#3.9.1.Final//org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:344)
... more stack trace
Below is the configuration code:
spring:
mvc:
favicon:
enabled: false
autoconfigure:
exclude: org.springframework.boot.actuate.autoconfigure.security.reactive.ReactiveManagementWebSecurityAutoConfiguration
thymeleaf:
cache: false
security:
oauth2:
resourceserver:
jwt:
jwk-set-uri : http://localhost:8080/auth/realms/<realm-name>/protocol/openid-connect/certs
client:
registration:
keycloak:
client-id: <client-id>
client-secret: <client-secret>
clientName: <client-name>
authorization-grant-type: authorization_code
provider: keycloak
redirect-uri: '{baseUrl}/login/oauth2/code/{registrationId}'
scope:
- openid
- profile
- email
provider:
keycloak:
issuer-uri: http://localhost:8080/auth/realms/<realm-name>
user-name-attribute: preferred_username
cloud:
gateway:
httpclient:
connect-timeout: 6000000
response-timeout: 600s
ssl:
close-notify-read-timeout: 600s
close-notify-flush-timeout: 600s
handshake-timeout: 600s
pool:
acquire-timeout: 6000000
type: fixed
max-connections: 5000
servlet:
multipart:
max-file-size: 100MB
max-request-size: 100MB
Below is some part of my pom.xml
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.1.9.RELEASE</version>
<relativePath /> <!-- lookup parent from repository -->
</parent>
<properties>
<java.version>1.8</java.version>
<spring-cloud.version>Greenwich.SR5</spring-cloud.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-webflux</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-gateway</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.thymeleaf.extras</groupId>
<artifactId>thymeleaf-extras-springsecurity5</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security.oauth</groupId>
<artifactId>spring-security-oauth2</artifactId>
<version>2.3.3.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-jwt</artifactId>
<version>1.0.9.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-resource-server</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
Below is the stack trace of exception on Gateway server:
2020-06-13 08:04:17.237 ERROR 1 --- [or-http-epoll-3] a.w.r.e.AbstractErrorWebExceptionHandler : [47e02fef] 500 Server Error for HTTP GET "/login/oauth2/code/keycloak?state=YpBEDGlrHg1-podfMyIrKp02WYVPDIMRu_59vuRqado%3D&session_state=e8f4736b-1985-4730-af00-f55b38edf44a&code=1050f391-8438-4c18-ba52-d343ed25aa1c.e8f4736b-1985-4730-af00-f55b38edf44a.5b3ba9ec-3da5-4549-aaa8-79cf360f1d6d"
org.springframework.security.oauth2.core.OAuth2AuthorizationException: [authorization_request_not_found]
at org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizationCodeAuthenticationTokenConverter.lambda$oauth2AuthorizationException$1(ServerOAuth2AuthorizationCodeAuthenticationTokenConverter.java:82) ~[spring-security-oauth2-client-5.1.6.RELEASE.jar!/:5.1.6.RELEASE]
at reactor.core.publisher.MonoDefer.subscribe(MonoDefer.java:44) [reactor-core-3.2.12.RELEASE.jar!/:3.2.12.RELEASE]
at reactor.core.publisher.Mono.subscribe(Mono.java:3858) ~[reactor-core-3.2.12.RELEASE.jar!/:3.2.12.RELEASE]
at reactor.core.publisher.FluxSwitchIfEmpty$SwitchIfEmptySubscriber.onComplete(FluxSwitchIfEmpty.java:75) ~[reactor-core-3.2.12.RELEASE.jar!/:3.2.12.RELEASE]
at reactor.core.publisher.FluxHandle$HandleSubscriber.onComplete(FluxHandle.java:207) ~[reactor-core-3.2.12.RELEASE.jar!/:3.2.12.RELEASE]
at reactor.core.publisher.FluxHandle$HandleSubscriber.onNext(FluxHandle.java:128) ~[reactor-core-3.2.12.RELEASE.jar!/:3.2.12.RELEASE]
at reactor.core.publisher.FluxMap$MapConditionalSubscriber.onNext(FluxMap.java:213) ~[reactor-core-3.2.12.RELEASE.jar!/:3.2.12.RELEASE]
at reactor.core.publisher.Operators$MonoSubscriber.complete(Operators.java:1515) ~[reactor-core-3.2.12.RELEASE.jar!/:3.2.12.RELEASE]
at reactor.core.publisher.MonoProcessor.onNext(MonoProcessor.java:389) ~[reactor-core-3.2.12.RELEASE.jar!/:3.2.12.RELEASE]
at reactor.core.publisher.FluxPeek$PeekSubscriber.onNext(FluxPeek.java:192) ~[reactor-core-3.2.12.RELEASE.jar!/:3.2.12.RELEASE]
at reactor.core.publisher.FluxSwitchIfEmpty$SwitchIfEmptySubscriber.onNext(FluxSwitchIfEmpty.java:67) ~[reactor-core-3.2.12.RELEASE.jar!/:3.2.12.RELEASE]
at reactor.core.publisher.Operators$MonoSubscriber.complete(Operators.java:1515) ~[reactor-core-3.2.12.RELEASE.jar!/:3.2.12.RELEASE]
at reactor.core.publisher.MonoSupplier.subscribe(MonoSupplier.java:61) ~[reactor-core-3.2.12.RELEASE.jar!/:3.2.12.RELEASE]
at reactor.core.publisher.Mono.subscribe(Mono.java:3858) ~[reactor-core-3.2.12.RELEASE.jar!/:3.2.12.RELEASE]
at reactor.core.publisher.FluxSwitchIfEmpty$SwitchIfEmptySubscriber.onComplete(FluxSwitchIfEmpty.java:75) ~[reactor-core-3.2.12.RELEASE.jar!/:3.2.12.RELEASE]
at reactor.core.publisher.MonoNext$NextSubscriber.onComplete(MonoNext.java:96) ~[reactor-core-3.2.12.RELEASE.jar!/:3.2.12.RELEASE]
at reactor.core.publisher.FluxConcatMap$ConcatMapImmediate.drain(FluxConcatMap.java:360) ~[reactor-core-3.2.12.RELEASE.jar!/:3.2.12.RELEASE]
at reactor.core.publisher.FluxConcatMap$ConcatMapImmediate.onComplete(FluxConcatMap.java:269) ~[reactor-core-3.2.12.RELEASE.jar!/:3.2.12.RELEASE]
at reactor.core.publisher.Operators.complete(Operators.java:131) ~[reactor-core-3.2.12.RELEASE.jar!/:3.2.12.RELEASE]
at reactor.core.publisher.FluxIterable.subscribe(FluxIterable.java:122) ~[reactor-core-3.2.12.RELEASE.jar!/:3.2.12.RELEASE]
at reactor.core.publisher.FluxIterable.subscribe(FluxIterable.java:63) ~[reactor-core-3.2.12.RELEASE.jar!/:3.2.12.RELEASE]
at reactor.core.publisher.FluxConcatMap.subscribe(FluxConcatMap.java:121) ~[reactor-core-3.2.12.RELEASE.jar!/:3.2.12.RELEASE]
... more stack trace.
As far as I have seen, this error occurs when user session timeouts.
I think the cookie is not getting deleted once the session is timeout. This issue never happens when the user logouts from the application.
Is there any way I can auto delete the cookie when the session timeouts? Or can I redirect the to logout API when I receive I receive timeout error before the user routes to the login screen?
I have visited several blogs and other stack overflow issues but I can't figure it out what's wrong in my configs.
Is there any way I can find out what is wrong ?
Any help is much appreciated. Thanks in advance!
I am trying to develop a new application to work on SCDF 2.4.1 and Skipper 2.3.1
I took the samples from
https://github.com/sabbyanandan/stream-programming-models
I built them locally. Downloaded the docker compose for SCDF kafka, set the Versions and mount my repo and start my docker compose.
When I deploy the "function" module and create a simple stream
http | customUpper | log
I see the sample working fine and able to see log output as expected.
When I modify the function stream app, to use Spring Boot, 2.2.4 and Hoxton.SR1 for cloud stream dependencies. I do not see any output in the log.
BootApp
public class FunctionStreamSampleApplication {
public static void main(String[] args) {
SpringApplication.run(FunctionStreamSampleApplication.class, args);
}
#Bean
public Function<String, String> uppercase() {
return data -> {
System.out.println("Input "+data);
return data.toUpperCase();
};
}
}
application.yml
spring:
cloud:
stream:
function:
definition: uppercase
pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.2.4.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<artifactId>function219</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>function219</name>
<description>Demo project for Spring Boot</description>
<properties>
<java.version>1.8</java.version>
<spring-cloud.version>Hoxton.SR1</spring-cloud.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-function-context</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-stream-binder-kafka</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>${spring-cloud.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
I have removed the test classes just to strip it to bare minimum to avoid other dependency. The same app does work when deployed as is using the 2.1.4 version of spring boot it was originally built on. Do let know if there are changes needed to be done to make it work on SCDF
When i use kafkatools to check the topics created by the stream, I see messages only in the streamname.http, but processor doesnt seem to be reading messages as my sysout is not getting printed.
I believe the problem is that the current published stream apps, http and log, use an earlier version of spring-cloud-stream, based on spring boot 2.1.x. The newer version of spring-cloud-stream that is compatible with boot 2.2.x is not backwards compatible. All apps in the stream must be on the same (or compatible) spring-cloud-stream versions. I expect if you look at the log for custom processor, you will see some conversion error.
For function based stream modules to work with SCDF, you need to add the appropriate binding name properties to input and output to your application properties as described here: https://cloud.spring.io/spring-cloud-static/spring-cloud-stream/3.0.3.RELEASE/reference/html/spring-cloud-stream.html#_functional_binding_names
Essentially, this maps the functional binding endpoint names to the SCDF endpoint names, input and output. For example, if you have a Function `foo':
spring.cloud.stream.function.bindings.foo-in-0=input
spring.cloud.stream.function.bindings.foo-out-0=output
.Future releases of the prepackaged stream modules will use the Functional paradigm and will provide these properties automatically.
I created a custom spring cloud data flow application.
I would like to create a stream with it and put some application properties in it, as we can add for the provided application log (0/3 properties):
I tried with application.yml file in resources folder:
spring:
application:
toto: 'titi'
but it didn't work.
I also tried to create some Properties.class
public class Properties {
//public static final String PREFIX = "portin";
private String toto;
public Properties(String toto) {
this.toto = toto;
}
public Properties() {
}
public String getToto() {
return toto;
}
public void setToto(String toto) {
this.toto = toto;
}
}
and add the folowing declaration in dataflow-configuration-metadata-whitelist.properties file:
configuration-properties.classes=com.mycompany.Properties
but that was not a success and the aplication doesn't have any property.
I couldn't find anything relevant in documentation (I am not English speaking native so I may have misread something).
Thanks for helping
EDIT after moving dataflow-configuration-metadata-whitelist.properties in META-INF folder
the whitelist property files were not under META-INF folder.
Now I have this project:
but it doesn't help. The pom.xml is:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-configuration-processor</artifactId>
<optional>true</optional>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>io.fabric8</groupId>
<artifactId>docker-maven-plugin</artifactId>
</plugin>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
<plugin>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-app-starter-metadata-maven-plugin</artifactId>
<executions>
<execution>
<id>aggregate-metadata</id>
<phase>compile</phase>
<goals>
<goal>aggregate-metadata</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
then I build the application with docker. Is there something docker specific to do then?
I could read the documentation but cannot see what is missing on my project
For the custom application properties, you can make sure if you follow Spring Boot configuration properties configuration correctly. You can see some of the examples from the out of the box apps here
I am not sure which version of SCDF do you use. If you are on the release before SCDF 2.x, then the name of the whitelist properties needs to be spring-configuration-metadata-whitelist.properties as the whitelist properties file with the name dataflow-configuration-metadata-whitelist.properties is supported only from SCDF 2.x.
Also, make sure to place the whitelist properties file into /META-INF directory under classpath (src/main/resources directory) for example here.
Regarding the documentation, please follow the instructions mentioned here in the SCDF documentation.
I could do the job thanks to this post: Spring Cloud Dataflow Kubernetes get properties of jar from dockerfile
The way I registered the app was wrong.
Now, I add the companion metadata URI and it works
I am newer in spring cloud, in my project (a microservice project build with spring boot), I used spring cloud version Brixton.RC2, and it worked fine. but when I try to upgrade its version to Brixton.RELEASE, the project is not work with zuul (if I access web microservice directly, it works, but if I access through zuul, it does not work), I didn't change anything in configuration. the maven dependency is:
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.3.5.RELEASE</version>
<type>pom</type>
<scope>import</scope>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-parent</artifactId>
<version>Brixton.RC2</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
can anyone specify what goes wrong with my project?
Thanks and Best regards!!
Even I have the same problem . I was on Brixton.M4 and upgraded to Brixton.Release . What is happening is , when you login , the request is hitting gateway and is being routed to ouath server . But when zuul routes the login request , the header is missing . ie the authorization header with base64 of clientId:clientSecret is missing . This is because of Sensitive Headers in zuul , which is new in Spring Cloud Netflix 1.1 . Please refer https://github.com/spring-cloud/spring-cloud-netflix/blob/master/docs/src/main/asciidoc/spring-cloud-netflix.adoc#cookies-and-sensitive-headers for more information.
Add
zuul.routes.myroute.sensitiveHeaders=''
to your application.yml or application.properties , which will overwrite the default value of sensitiveHeaders to empty .