Content negotiation in Spring MVC

In the HTTP protocol, when a client initiates an HTTP request, it can carry a request header Accept to tell the server which response types the client can accept (MIME), either one or more. It is now common for front- and back-end separation to use this. 1 Accept:application/json For Spring MVC framework to accept the corresponding Accept will be based on a certain policy to find the corresponding HttpMessageConverter to handle the format of the response data.

Protecting Resources with Resource Server in OAuth 2.0

Initial understanding of the resource server in OAuth 2.0 Resource Server is exactly what and how to use few tutorials to talk specifically about this stuff, today we will talk about the concept first, to lay a foundation for subsequent use. The shortcomings of the traditional security approach The traditional way to protect an application is to get the credentials (JWT is one of them) given by the server through

Spring Boot implements client-side theme switching

Theme, click to change a theme for the site, I believe we have used a similar function, this is actually very similar to the internationalization function, the code is actually very similar, today we will run through it. Considering that some of you may not have used Theme yet, let’s talk about the usage here first, and then we will do the source code analysis. 1. One click to switch

SpringBoot+RabbitMQ for RPC calls

When we talk about RPC (Remote Procedure Call Protocol), what pops into your mind is probably RESTful API, Dubbo, WebService, Java RMI, CORBA and so on. In fact, RabbitMQ also provides us with RPC function, and it is very easy to use. Today I’ll share with you a simple case of how to implement a simple RPC call with Spring Boot+RabbitMQ. Some readers may have misunderstandings about RabbitMQ’s implementation of

AOP in Spring Boot, is it a JDK dynamic proxy or a Cglib dynamic proxy?

As we all know, the underlying AOP is dynamic proxies, and there are two ways to implement dynamic proxies in Java: JDK-based dynamic proxy Dynamic proxy based on Cglib The biggest difference between these two is that JDK-based dynamic proxies require the object being proxied to implement an interface, while Cglib-based dynamic proxies do not require the object being proxied to implement an interface. So, how is AOP implemented in Spring?

Authorization server framework Spring Authorization Server filter chain

This article looks at the configuration of OAuth 2.0 Authorization Server related filters. In turn, it provides a better understanding of the entire architecture of Spring Authorization Server. Modular configuration of Spring Security Currently OAuth2.0 Client, Resource Server, Authorization Server these are already modularized in the Spring Security system. So how do they achieve flexible modularity? After analyzing the configuration I found a few similarities below. These are the core

Getting Started with Spring Authorization Server, Spring's new authorization server

Last November 8 Spring officials have strongly recommended to use Spring Authorization Server to replace the outdated Spring Security OAuth2.0. With not much time left before Spring Security OAuth2.0 ends its lifecycle, it’s time to make a change. Now that Spring Authorization Server is in production readiness, it’s time to learn it. The current Spring Security architecture Spring Security 5.x modularizes OAuth2.0 Client and OAuth2.0 Resource Server. Spring Security is a mandatory dependency.

Get Request object anywhere in Spring WebFlux

A different world In a normal Spring Web project, it is very easy to get the Request object and many libraries provide static methods to get it. The code to get it is as follows. 1 2 3 ServletRequestAttributes requestAttributes = (ServletRequestAttributes)RequestContextHolder.getRequestAttributes(); // get the request HttpServletRequest request = requestAttributes.getRequest(); The class RequestContextHolder provides static methods, which means you can call it from anywhere. And it uses ThreadLocal to hold the Request object, which means that different threads can get their own Request objects.

Spring Cloud Feign implements JWT token relay to deliver authentication information

In the process of Spring Cloud microservice invocation, you need to deal with token relaying, which is the only way to ensure the delivery of user authentication information in the invocation chain. Today we will share how to implement token relay in Feign. Token Relay To be clear, this means that the Token token is passed on between services to ensure that the resource server can properly authenticate the caller.

Summary of refactoring a standalone application to Spring Cloud microservices

Spent a few days to transform the project from Spring Boot monolithic project into Spring Cloud microservices. To be honest, the current volume of business is far from microservices, standalone can completely hold. But can not help the leadership above the daily urging, forget it, let’s do it. The hardest part is not the technology The most time consuming part of switching from standalone to microservices is not in the technology upgrade.

Spring Cloud OpenFeign timeout and retry

Today we share with you the timeout and retry configuration of feign. Timeout 1 2 3 4 5 6 feign: client: config: default: connectTimeout: 1000 readTimeout: 1000 The following points need to be noted. The connection timeout (connectTimeout) and the read timeout (readTimeout) will take effect when configured at the same time. The timeout unit is milliseconds. The timeout can be defined individually according to the service name. For example, if the provider-get service provides a query interface, the timeout can be set shorter as follows.

Solve the problem that RequestContextHolder.getRequestAttributes() returns null due to hystrix isolation policy

What is the Hystrix Isolation Policy? Official documentation: https://github.com/Netflix/Hystrix/wiki/Configuration#executionisolationstrategy Executing an isolation policy This property instructs HystrixCommand.run() which isolation policy to execute, being one of the following two options. THREAD - it is executed on a separate thread, and concurrent requests are limited by the number of threads in the thread pool SEMAPHORE - it is executed on the calling thread, and concurrent requests are limited by the amount of semaphore Problem When the isolation policy is THREAD, there is no way to get the value in ThreadLocal.

Take RemoteTokenServices as an example - analyze the entire process of obtaining OAuth2 access tokens from the authorization server and loading authentication objects into the SecurityContext from the source code

When we configure OAuth2, we will configure the resource server and authentication server. When our authorization service and authentication service are not in the same service, we can consider using RemoteTokenServices. If they are in the same service, you don’t need to configure tokenServices, because when ResourceServerConfigurerAdapter is configured, if tokenServices is not configured, a default DefaultTokenServices will be automatically configured. . The two tokenService classes both implement the ResourceServerTokenServices

External Configuration in Microservices: Spring Cloud Config

Let’s take a look at the overall microservice architecture that we have built as part of this spring cloud series. If you have not followed this Spring Cloud series from the beginning, check this index page and bookmark it if needed — Spring Cloud Tutorials. Why Spring Cloud Config? When we build a service, there are many values that we don’t want to hardcode and rather read from property files, for instance, endpoints, encrypted values, etc.

Kubernetes + Spring Cloud Integration Link Tracking SkyWalking

1. Overview 1. What is SkyWalking? Application performance monitoring tool for distributed systems, designed for microservices, cloud-native architectures and container-based (Docker, K8s, Mesos) architectures. Provides distributed tracing, service grid telemetry analysis, metric aggregation and visualization all-in-one solution. Official website address: http://skywalking.apache.org/ 2. SkyWalking features Multiple monitoring tools, language probes and Service Mesh Multilingual automated probes, Java, .NET Core and Node.JS Lightweight and efficient, no need for big data Modularity, with

Client Side Development with Spring Boot Applications

This article explores the different options that Spring Boot developers have for using Javascript and CSS on the client (browser) side of their application. Part of the plan is to explore some Javascript libraries that play well in the traditional server-side-rendered world of Spring web applications. Those libraries tend to have a light touch for the application developer, in the sense that they allow you to completely avoid Javascript, but still have nice a progressive “modern” UI.

Analysis of a memory overflow caused by Spring Cloud Netflix Core

Problem found The online service was restarted, and it was good to get the dump file of the online service and download it locally for analysis. Opened the snapshot file using MAT, omitted the process of using MAT here, and found that there was a large amount of com.netflix.servo.monitor.BasicTimer that was not released and was occupied by org.springframework.cloud.netflix.metrics.servo. ServoMonitorCache is occupied. Analysis Find the ServoMonitorCache class in the project, found under the spring-cloud-netflix-core package, then open the jar package, check its spring.

Get Request object anywhere in Spring WebFlux

1 A different world In a regular Spring Web project, it is very easy to get the Request object, and quite a few libraries provide static methods to do so. The code to get it is as follows. 1 2 3 ServletRequestAttributes requestAttributes = (ServletRequestAttributes)RequestContextHolder.getRequestAttributes(); // get the request HttpServletRequest request = requestAttributes.getRequest(); In class RequestContextHolder provides static methods, which means you can call them anywhere. And it uses ThreadLocal to hold the Request object, which means that different threads are able to get their own Request objects.

Log4j maintainer: old features that lead to vulnerabilities not removed for backward compatibility

The recently disclosed remote code execution vulnerability in Apache Log4j2, a Java-based logging component, has caused significant impact worldwide. This component is used extensively in business system development to record logging information about program input and output, and is extremely widely used. In most cases, developers write error messages caused by user input to the log. The sudden disclosure of this vulnerability has not only caused developers using Log4j2 to “fix” the problem overnight, but also caught the framework maintainers off guard.

Integrating Spring Cloud Stream Binder with GCP Pubsub for message sending and receiving

1 Preface This article will briefly introduce the integration of Spring Cloud Stream with Google Cloud Pub/Sub. 2 Starting Pub/Sub via Emulator Since it is relatively troublesome to use the actual GCP Pub/Sub, this article runs through the emulator. For the installation of Google Cloud SDK, please refer to: Installing Google Cloud SDK for Mac Install the necessary components. 1 2 gcloud components install beta gcloud components install pubsub-emulator To start the simulator.