I was trying to enable Spring boot admin server for my application. The default settings work perfectly fine but when I attempt to enable security, I am getting following error:
APPLICATION FAILED TO START
Description:
The bean 'conversionServicePostProcessor', defined in class path
resource
[org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.class],
could not be registered. A bean with that name has already been
defined in class path resource
[org/springframework/security/config/annotation/web/reactive/WebFluxSecurityConfiguration.class]
and overriding is disabled.
Action:
Consider renaming one of the beans or enabling overriding by setting
spring.main.allow-bean-definition-overriding=true
Process finished with exit code 1
I am using the latest SNAPSHOT version of spring-boot-admin-starter-server (2.2.0-SNAPSHOT). Here is my security configuration:
#EnableAdminServer
#EnableWebFluxSecurity
#Configuration(proxyBeanMethods = false)
class AdminServerSecurityConfigurations(val adminServerProperties: AdminServerProperties) {
#Bean
fun adminServerSecurityWebFilterChain(http: ServerHttpSecurity): SecurityWebFilterChain = http
// #formatter:off
.authorizeExchange()
.pathMatchers("${adminServerProperties.contextPath}/assets/**").permitAll()
.pathMatchers("${adminServerProperties.contextPath}/login").permitAll()
.anyExchange().authenticated().and()
.formLogin().loginPage("${adminServerProperties.contextPath}/login").and()
.logout().logoutUrl("${adminServerProperties.contextPath}/logout").and()
.httpBasic().and()
// #formatter:on
.csrf().disable()
.build()
#Bean
fun notifyLogger(instanceRepository: InstanceRepository) = LoggingNotifier(instanceRepository)
}
I found a pull request to update the documentation: https://github.com/spring-projects/spring-boot/issues/14069
For Reactive WebSockets,
{spring-reference}web-reactive.html#webflux-websocket[Spring WebFlux] offers rich support,
which is accessible through the spring-boot-starter-webflux module.
See the spring-boot-sample-websocket-reactive sample project to see how WebSockets may
be implemented using Spring WebFlux.
it turns out that using webflux and websocket leads to conflicts.
also in this pull request was denied in the resolution of the conflict
https://github.com/spring-projects/spring-boot/issues/14810
for reactive websocket see this sample https://www.baeldung.com/spring-5-reactive-websockets
I had the same issue and was able solve it by adding
spring.main.allow-bean-definition-overriding=true
to my application.properties.
Sounds like a workaround and it was also only necessary if I deployed it as WAR -- as a standalone application the exception never occured.
I also faced this error, after Reimport All Mavne Projects(Intellij IDE) it works fine for me. Here my detailed input on this issue here
Related
I am using R2DBC-H2 driver, and my UR.L is spring.r2dbc.url=r2dbc:h2:mem:///customer
Using this configuration, SpringBoot starts fine, however, I can not access the h2-console.
Does anybody know why, and how I can fix it?
If I understand the source code of H2ConsoleAutoConfiguration correctly, the h2 console auto configuration from spring boot does not work in a reactive environment.
...
#ConditionalOnWebApplication(type = Type.SERVLET)
...
public class H2ConsoleAutoConfiguration {
You can confirm this by yourself by changing the type of your web application to SERVLET (for example, by adding spring-boot-starter-web as a dependency) which will activate the route to the h2 console (if enabled in the application properties). The h2-console route endpoint will start working again.
As the whole code seems very servlet-specific, I don't know how to properly fix this problem.
H2 Console depends on traditional Jdbc drivers, not compatible with Spring WebFlux stack.
If you are developing a WebFlux application, you can use H2 as a standalone database, ane use H2 Console freely.
Following the official Getting Started guide to start H2 Database and H2 Console.
Set your spring.r2dbc.url to the database url you are running in the first step.
NOTE: Do not use a Memory DB here.
I am trying to use Spring LDAP in one of my Spring Boot projects but I am getting an 'Address already in use' error when running multiple tests.
I have cloned locally the sample project here:
https://spring.io/guides/gs/authenticating-ldap/
...and just added the boilerplate test normally created by Spring Boot to verify that the Application Context loads correctly:
#RunWith(SpringRunner.class)
#SpringBootTest
public class MyApplicationTests {
#Test
public void contextLoads() {
}
}
If run alone, this test passes. As soon as LdapAuthenticationTests and MyApplicationTests are run together, I get the error above for the latter.
After debugging a bit, I've found out that this happens because the system tries to spawn a second instance of the embedded server.
I am sure I am missing something very stupid in the configuration.
How can I fix this problem?
I had a similar problem, and it looks like you had a static port configured (as was in my case).
According to this article:
Spring Boot starts an embedded LDAP server for each application
context. Logically, that means, it starts an embedded LDAP server for
each test class. Practically, this is not always true since Spring
Boot caches and reuses application contexts. However, you should
always expect that there is more than one LDAP server running while
executing your tests. For this reason, you may not declare a port for
your LDAP server. In this way, it will automatically uses a free port.
Otherwise, your tests will fail with “Address already in use”
Thus it might be a better idea not to define spring.ldap.embedded.port at all.
I addressed the same issue. I solved it with an additional TestExecutionListener since you can get the InMemoryDirectoryServer bean.
/**
* #author slemoine
*/
public class LdapExecutionListener implements TestExecutionListener {
#Override
public void afterTestClass(TestContext testContext) {
InMemoryDirectoryServer ldapServer = testContext.getApplicationContext().getBean(InMemoryDirectoryServer.class);
ldapServer.shutDown(true);
}
}
And on each SpringBootTest (or only once in an abstract super class)
#RunWith(SpringRunner.class)
#SpringBootTest
#TestExecutionListeners(listeners = LdapExecutionListener.class,
mergeMode = TestExecutionListeners.MergeMode.MERGE_WITH_DEFAULTS)
public class MyTestClass {
...
}
also do not forget
mergeMode = TestExecutionListeners.MergeMode.MERGE_WITH_DEFAULTS
to avoid disabling the whole #SpringBootTest auto configuration.
Okay, I think I found a solution by adding a #DirtiesContext annotation to my test classes:
#DirtiesContext(classMode = DirtiesContext.ClassMode.AFTER_CLASS)
If you are using spring embedded ldap, try to comment or remove port value from config file as below :
spring :
ldap:
embedded:
base-dn: dc=example,dc=org
credential:
username: cn=admin,dc=example,dc=org
password: admin
ldif: classpath:test-schema.ldif
# port: 12345
validation:
enabled: false
Try specifying the web environment type and the base configuration class (the one with !SpringBootApplication on it).
#RunWith(SpringRunner.class)
#SpringBootTest(
classes = MyApplication.class,
webEnvironment = RANDOM_PORT
)
public class MyApplicationTests {
#Test
public void contextLoads() {
}
}
Do this for all your test classes.
I solved this problem by adding #DirtiesContext over each test class that requires embedded ldap server. In my case (and as I feel in many others), embedded ldap server was starting up at every #SpringBootTest, since I added all spring.ldap.embedded.* properties to general application-test.properties. Therefore, when I run a bunch of tests, the problem of 'Address already in use' broke all test passing.
Steps I followed:
create an additional test profile (with corresponding named application properties file, e.g. 'application-ldaptest.properties')
move to that file all spring.ldap.embedded.* properties (with fixed port value)
over all #SpringBootTest-s that do require embedded server running up, add #ActiveProfiles("testladp") and #DirtiesContext annotations.
Hope, that helps.
I'm trying to publish to a MQTT topic thanks to the appropriate Apache Camel MQTT component.
So in my spring context XML I have the following:
<camel:to uri="mqtt:test?host=ssl://myhost:8883&publishTopicName=test&userName=test&password=test"/>
But I'm getting the following error at startup :
Failed to create Producer for endpoint:
Endpoint[mqtt:test?host=ssl://myhost:8883&publishTopicName=test&userName=test&password=test]. Reason: java.lang.NullPointerException
Everything is working fine when not using ssl, the following configuration (regular tcp instead of ssl) is working well :
<camel:to uri="mqtt:test?host=tcp://myhost:1883&publishTopicName=test&userName=test&password=test"/>
I've added the javax.net.ssl.trustStore JVM property pointing to my certificates store but without any effect.
Does someone already met this issue ? Is there something to specifically add in the spring DSL configuration file when using the camel mqtt component with ssl ?
EDIT :
The stacktrace of the NPE :
Caused by: java.lang.NullPointerException at
org.fusesource.hawtdispatch.transport.SslTransport.connecting(SslTransport.java:194)
at
org.fusesource.mqtt.client.CallbackConnection.createTransport(CallbackConnection.java:285)
at
org.fusesource.mqtt.client.CallbackConnection.connect(CallbackConnection.java:138)
at
org.apache.camel.component.mqtt.MQTTEndpoint.connect(MQTTEndpoint.java:305)
at
org.apache.camel.component.mqtt.MQTTProducer.doStart(MQTTProducer.java:38)
at
org.apache.camel.support.ServiceSupport.start(ServiceSupport.java:61)
at
org.apache.camel.impl.DefaultCamelContext.startService(DefaultCamelContext.java:3219)
at
org.apache.camel.impl.DefaultCamelContext.doAddService(DefaultCamelContext.java:1209)
at
org.apache.camel.impl.DefaultCamelContext.addService(DefaultCamelContext.java:1170)
at
org.apache.camel.impl.ProducerCache.doGetProducer(ProducerCache.java:442)
... 33 more
Debugging through javax.net.debug=ssl was useful.
Actually there were an issue on the java.security where the security.provider property was not set properly. That was manually changed for testing purpose related to another application.
Since, everything is working fine. Sorry for the post related to a internal specific mistake.
Alex.
So I scoured the message boards and see some people that have bumped into this issue but usually it was due to a missing dependency in the POM file.
My case:
Running JBoss Fuse jboss-fuse-6.1.0.redhat-379
Apache Camel 2.14.1
Spring 3.2.8_RELEASE_1
Have the camel-jetty dependency in my POM file
Installed the feature in Karaf. Verified the feature is there in
OSGI list and feature list.
jetty / 8.1.14.v20131031
Runs fine within eclipse.
So I have a context with the following rest configuration:
<camelContext id="FIRST-CAMEL-CONTEXT" xmlns="http://camel.apache.org/schema/spring" streamCache="true">
<restConfiguration component="jetty" bindingMode="json" port="8881" host="0.0.0.0">
<dataFormatProperty key="prettyPrint" value="true"/>
</restConfiguration>
<rest path="/search" consumes="application/json" produces="application/json">
<description>Get Search Results</description>
<!-- this is a rest GET to find all users -->
<post uri="/SearchHotels" outType="HotelsEnvelope.Response" type="HotelsEnvelope.Request">
<description>Hotels</description>
<to uri="bean:searchRequest?method=ReturnHotels(Exchange,${body},${headers})"/>
</post>
</rest>
.....
</camelContext>
the beans defined above as such:
<bean id="searchRequest" class="ICEPricelineSVC.SearchRequest" />
In the Bean I basically create a context and then send a request to a third party service like so:
CamelContext context = new DefaultCamelContext();
ProducerTemplate template = context.createProducerTemplate();
.....
String url = String.format("jetty:http://api.rezserver.com/api/hotel/getResultsWithCacheV2?function_type=get&format=xml&refid=%s&api_key=%s¤cy=USD&latitude=%s&longitude=%s&radius=%s&check_in=%s&check_out=%s&adults=2&children=0&rooms=1&nearby=0&recent=0&promo=1&sort_by=most_popular&sort_order=ASC&limit=5000&offset=0&format=xml&function_type=get&poi_name=search&bridgeEndpoint=true&throwExceptionOnFailure=false",supplier.getCredentials().getRefid(),supplier.getCredentials().getKey(), request.getQryLocation().getLat().toString(), request.getQryLocation().getLng().toString(), request.getQryLocation().getRadius().toString(),formatter1.format(dateCheckIn), formatter1.format(dateCheckOut));
Exchange exchange = template.send(url, new Processor() {
public void process(Exchange exchange) throws Exception {
exchange.setPattern(ExchangePattern.InOut);
Message inMessage = exchange.getIn();
Inits.setupDestinationURL(inMessage);
// set the operation name
inMessage.setHeader(Exchange.HTTP_METHOD, org.apache.camel.component.http4.HttpMethods.GET);
}
});
.....
When the producer template sends I get the jetty error.
I have tried various things. One of which is injecting the ApplicationContext in the bean and getting the FIRST_CAMEL_CONTEXT bean to retrieve the context. In that case the request seems to be sent but the exchange returned from the processor is null.
Again, this all works in eclipse. I also noticed that when I deploy the bundle I see it adding the dependencies to the container. Is there a good way to chase this? I have resorted to using the HTPClient for now but would really like to understand why there seems to be a classpath issue when using the producer.
Thanks.
JBoss Fuse 6.1 comes with Apache Camel 2.12.x out of the box. You must use that version as that is the certified and tested version.
JBoss Fuse 6.2 which is the next release comes with Apache Camel 2.14.x and that release has the new rest-dsl.
I'm running Jackrabbit 2.6.4 in Glassfish 4. I have deployed Jackrabbit as a connector resource using the provided rar.
I have got it up and running so that I can call the Jackrabbit repository from inside stateless EJB's and can create nodes etc.. I am now trying to replace the Default LoginModule Mechanism that is provided out of the box with my own custom LoginModule.
So far I have:
Created a Custom Realm and LoginModule that returns a users Principles (currently String values e.g. admin, read, write) and deployed this to the domain/lib directory
Configured my web.xml and sun-web.xml files with the roles to group mappings and enabled basic authentication. This is all working as expected and I can enforce roles on my EJBs.
Got Jackrabbit to use my Custom Login module instead of it's own (I removed the login module configuration from repository.xml and changed the security app name to match my realm name)
I am now running into the following problems:
Jackrabbit does not find the existing subject created by the application container when I login. This appears to be a problem with the way Jackrabbit looks up the Subject:
AccessControlContext acc = AccessController.getContext();
subject = Subject.getSubject(acc);
This returns null in Glassfish. Instead it appears you need to use:
Subject subject = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container");
I worked round this issue by getting the subject using the above code and then logging in to a repository inside a Subject.doAs block e.g.
Subject.doAs(subject, new PrivilegedAction<String>() {
#Override public String run() {
Session session = null;
try {
session = repository.login();
} catch (RepositoryException e) {
log.error("Failed", e);
} finally {
if (session != null) {
session.logout();
}
}
This now works but the next problem is that the JackRabbit DefaultAccessManager expects the Subject to contain JackRabbit typed principles e.g. org.apache.jackrabbit.core.security.SystemPrincipal which I can not return from my custom login module as it does not have access to the JackRabbit classes.
My first attempt to work around this was to create my own AccessManager but JackRabbit can't instantiate this as it is in my WAR and is not available to the JackRabbit code inside the connector resource.
My next attempt was to programmatically add the principle to the Subject inside my EJB before passing it to Jackrabbit, this worked but then I discovered running Subject.doAs inside an EJB in glassfish causes a number of issues and does not appear to be supported. There are also background threads inside Jackrabbit that need a subject with the JackRabbit typed principles in it.
I am now completely stumped on how to get a custom JAAS glassfish login module to work with Jackrabbit inside Glassfish and am wondering if anyone out there has figured this out.
In the mean time I am currently considering giving up on JackRabbit security and handling it all in my application layer and just using the default login module under the covers to log into Jackrabbit.
I've finally got Glassfish, JackRabbit and JAAS working together so that I can create a Subject using my custom LoginModule that JackRabbit then uses to create a session. Below are the steps that I took to resolve this issues described in my original question:
Instead of using the JackRabbit RAR (Model 2) I now include the JackRabbit Jars inside my war (Model 1). This allowed me to implement my own custom AccessManager that does not rely on the JackRabbit typed principles. The biggest disadvantage of this approach is that I now have to create and shutdown the repository myself. The solution I went with was an ApplicationScoped CDI Producer that creates the repo and the shuts it down in the dispose method. This makes it easy to inject the repo into the classes.
I solved the issue with JackRabbit finding the Subject in Glassfish by patching jackrabbit-core. It appears this issue has been around for some time see (JCR-3188), and a patch has been provided but never included in the source code. I applied the patch to 2.6.4 and JackRabbit is now able to find and use the Subject in Glassfish.