I'm using wiremock to mock another service while testing the current service.
Does it needed to regenerate wiremock on the current service after API changing on counterpart's service?
Related
I am studying Spring Cloud and I am developing a study project.
I create a project that represents a simple REST API using Spring Boot and I run this in localhost.
I also created another project API Gateway, this one gets the request coming and calls the REST API, I am also running this one in localhost.
When I run the REST API and send a request to it, it responds properly, but if I send the request to API Gateway when API Gateway tries to call the REST API using RestTemplate it is getting this exception:
java.lang.IllegalStateException: No instances available for localhost
Both services are running in localhost.
Do anyone knows what is the cause of this error?
Does anyone know if I can make HTTP calls to the API endpoint of a local Service Fabric cluster using "fabric:/my-fabric-app/api-service" directly, without going through an HTTP listener?
You cannot. The fabric:/ endpoints are intended for SF Remoting calls.
For using HTTP, an HTTP Listener is required.
I was trying to set up a Zuul proxy using a Spring boot application which can either produce mock response or reaching out to an external endpoint. The communication to the external endpoint uses mutual authentication where we need to present truststore and keystore files. The implementation of SimpleHostRoutingFilter default route filter doesn't seem to have any implementation to present the certs in newConnectionManager() method.
I tried to override that method by extending SimpleHostRoutingFilter, but no luck.
How do we overcome this? Please help
From Spring Cloud Edgware release, there is a way to provide your own HttpClient. If you are using Apache Http Client (it's default), you can create a bean of type ClosableHttpClient. If it is provided as a Spring Bean, SimpleHostRoutingFilter will be created with your own Http client. You can handle any your requirement with this.
You can find the brief note about this here.
You can find the code related to this change here.
I have two Spring Boot web applications. Both applications have different databases and different sets of users. Also, both applications use Spring Security for authentication and authorisation which works properly.
At any given point I will have one instance of the first application running and multiple instances of the 2nd web application running.
I want to expose REST APIs from 1st web application (one instance running) and be able to use that REST APIs from 2nd web application (multiple instances running).
How do I make sure that REST APIs can be accessed securely with proper authentication and by instances of the 2nd applications only.
If you could change your security, I would recommend you to use OAUTH2. Basically it generates a token that is used in your APP2 instances to make the API calls.
You can see more here.
https://spring.io/guides/tutorials/spring-boot-oauth2/
http://websystique.com/spring-security/secure-spring-rest-api-using-oauth2/
But if you can't change your APP's security, you can continue using your current schema. In the APP1 you can create an user for the API calls, this user only has access to the API services. In your APP2 you need to store the credentials to access the APP1. Finally you do login into APP1 and invoke the API using HTTP client, you can use Spring RestTemplate or Apache HttpComponents Client.
SSL based authentication could be an option, if you seriously thinking about the security aspects.
Assume that you REST api exposed by App 1 is over HTTPs, then you can configure the App 1 to ask the client to give their SSL/TLS certificate when they try to access this REST API (exposed by App 1).
This will help us identify that the client is indeed a client from app 2.
Two More Cents:
In case if your App 1 REST API calls needs load balancing, NGINX should be your chose. The SSL client certificate based authentication can be offloaded to NGINX and Your Spring boot app no more worry about the SSL related configurations.
The solution we went with was to secure both using an OAuth2 client_credentials workflow. That is the OAuth2 flow where clients request a token on behalf of themselves, not a calling User.
Check out Spring Cloud Security
1) Secure your services using #EnableResourceServer
#SpringBootApplication
#EnableResourceServer
public class Application ...
2) Make calls from one service to another using an OAuth2RestTemplate
Check out Resource Server Token Relay in http://cloud.spring.io/spring-cloud-security/spring-cloud-security.html which will specify how to configure an Oauth2RestTemplate to forward on security context details (token) from one service to another.
3) Service A and Service B should be able to communicate using these techniques if they are configured using the same Oauth2 Client and Secret. This will be configured in the applications' application.properties file, hopefully injected by the environment. Oauth2 Scopes can be used as role identifiers. You could therefore say that only a Client with Scopes (api-read, api-write) should have access to Endpoint A in Service A. This is configurable using Spring Security's Authorization configuration as well as #EnableGlobalMethodSecurity
Is there a way to pass the Request in Local proxy service as how we pass in the SOAP based Proxy Service? If no, then how do we ensure that flow in local proxy service is working fine?