I am in the process of upgrading to Spring Cloud Edgware.RELEASE, and I've got a question about how to properly set up a base class for Spring Cloud Contract tests. Following is what I have currently as a base class that works through Dalston.SR5:
import javax.servlet.Filter;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.context.ActiveProfiles;
import org.springframework.test.context.junit4.SpringRunner;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.setup.DefaultMockMvcBuilder;
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.web.context.WebApplicationContext;
import com.jayway.restassured.module.mockmvc.RestAssuredMockMvc;
#RunWith(SpringRunner.class)
#ActiveProfiles("local")
#SpringBootTest(classes = {Bootstrap.class})
#DirtiesContext
public class ConsumerDrivenContractTests {
#Autowired
private WebApplicationContext applicationContext;
#Autowired
private Filter springSecurityFilterChain;
#Test
public void generateTestsFromGroovyFiles() {
}
#Before
public void setup() {
DefaultMockMvcBuilder defaultMockMvcBuilder =
MockMvcBuilders.webAppContextSetup(applicationContext).addFilter(springSecurityFilterChain);
MockMvc mockMvc = defaultMockMvcBuilder.build();
RestAssuredMockMvc.mockMvc(mockMvc);
}
}
Upon upgrading to Edgware.RELEASE, my import com.jayway.restassured.module.mockmvc.RestAssuredMockMvc; no longer resolves, which is confusing. The Spring Cloud Contract documentation states "by default, Rest Assured 3.x is added to the classpath" (see http://cloud.spring.io/spring-cloud-static/spring-cloud-contract/1.2.0.RELEASE/single/spring-cloud-contract.html#maven-rest-assured), and the example given shows how to use Rest Assured 2.x with the <groupId>com.jayway.restassured</groupId> dependency. However, the <artifactId>spring-cloud-starter-contract-verifier</artifactId> for 1.2.0.RELEASE pulls in the <groupId>io.rest-assured</groupId> dependencies. Given the documentation, I was expecting the com.jayway... jars to be resolved.
Is my base class approach still valid upon upgrading to 1.2.0.RELEASE, and if so, do I need to explicitly add the com.jayway... dependencies to my pom.xml file? If so, it would be helpful if the documentation stated this.
By default, Rest Assured 3.x is added to the classpath. RestAssured 3.x. has imports io.restassured and they show up in your generated tests. You, in your base class have com.jayway which is RestAssured 2.x. So your generated tests require you to use io.restassured imports in your base class. So either you fix your base class to use Rest Assured 3.x or you have to provide an explicit dependency to Rest Assured 2.x. in your plugin to fix the imports in the generated tests.
Related
I am trying to access the ejb deployed on websphere liberty 18.0.0.3
The binding location is: java:global/ITSORemote/ITSORemoteEJB/HelloRemoteEJB!com.ibm.itso.ejbRemote.view.HelloRemoteEJBRemote
My ORB configuration in the server.xml is:
<orb nameService="corbaname::<ipaddress>:2809" iiopEndpointRef="defaultIiopEndpoint">
<iiopEndpoint host= id="defaultIiopEndpoint" iiopPort="2809">
</iiopEndpoint>
</orb>
I have also added ejbRemote-3.2 in feature manager
I have two scenarios:
1. Access ejb from a client code running on the same server - This works using the url java:global/ITSORemote/ITSORemoteEJB/HelloRemoteEJB!com.ibm.itso.ejbRemote.view.HelloRemoteEJBRemote
2. Access ejb from a client code running on the different server - This does not work using the url
corbaname::(ipaddress):2809#ejb/global/ITSORemote/ITSORemoteEJB/HelloRemoteEJB!com.ibm.itso.ejbRemote.view.HelloRemoteEJBRemote
I am using the following code for lookup:
package com.ibm.remoteaccess;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Hashtable;
import javax.ejb.EJB;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.rmi.PortableRemoteObject;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.ibm.itso.ejbRemote.view.HelloRemoteEJBRemote;
/**
* Servlet implementation class RemoteAccess
*/
#WebServlet("/RemoteAccess")
public class RemoteAccess extends HttpServlet {
private static final long serialVersionUID = 1L;
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
PrintWriter out = response.getWriter();
try {
out.println("Hi");
Context ctx = new InitialContext();
Object ejbBusIntf = ctx.lookup("java:global/ITSORemote/ITSORemoteEJB/HelloRemoteEJB!com.ibm.itso.ejbRemote.view.HelloRemoteEJBRemote");
HelloRemoteEJBRemote bean = (HelloRemoteEJBRemote)PortableRemoteObject.narrow(ejbBusIntf, HelloRemoteEJBRemote.class);
out.println(bean.hello());
}
catch (NamingException e) { // Error getting the business interface
out.println(e);
}
}
}
There is no error thrown in the console also. What could be the problem?
There is a functional acceptance test (FAT) in open-liberty that looks up a remote EJB from one liberty server to an EJB on a second liberty server. The specific test can be found here:
https://github.com/OpenLiberty/open-liberty/blob/master/dev/com.ibm.ws.ejbcontainer.remote_fat/test-applications/RemoteClientWeb.war/src/com/ibm/ws/ejbcontainer/remote/client/web/RemoteTxAttrServlet.java
Each server process includes the ejbRemote-3.2 feature and an iiopEndpoint configuration (different ports since the test runs both serves on the same host).
https://github.com/OpenLiberty/open-liberty/blob/master/dev/com.ibm.ws.ejbcontainer.remote_fat/publish/servers/com.ibm.ws.ejbcontainer.remote.fat.RemoteServerClient/server.xml
If you are not seeing any errors, then perhaps the iiopEndpoint is not configured properly in the client side server (as the ORB will not start without it). For example, the default iiop port is 2809, and if both servers are on the same host, then they cannot both use that port. Setting both servers to the same port would result in the ORB not starting properly on one of the servers, and lookups would fail.
A lookup across servers would use corbaname, and the value you have specified appears to be correct.
I'm getting a popup for downloading the fonts files(ttf) in a spring-boot application, the font file is related to bootstrap3.
I tried to add MimeTypes like this but still getting the popup for first time I open the application.
import org.springframework.boot.context.embedded.ConfigurableEmbeddedServletContainer;
import org.springframework.boot.context.embedded.EmbeddedServletContainerCustomizer;
import org.springframework.boot.context.embedded.MimeMappings;
import org.springframework.stereotype.Component;
#Component
public class ServletCustomizer implements EmbeddedServletContainerCustomizer {
#Override
public void customize(ConfigurableEmbeddedServletContainer container) {
MimeMappings mappings = new MimeMappings(MimeMappings.DEFAULT);
mappings.add("woff","application/x-font-woff");
mappings.add("eot","application/vnd.ms-fontobject");
mappings.add("ttf","application/x-font-ttf");
container.setMimeMappings(mappings);
}
}
I'm using Spring-boot 1.3.3.RELEASE+thymeleaf.
Anyone know how to resolve this issue?
I resolved the issue by adding this line to my security config
http.authorizeRequests().antMatchers("/fonts/**").permitAll();
I have a spring boot 1.2.5 service that uses jersey 2. I see the requests in my own logs but I'd like to see the raw http request and response in the console as well. How can you turn on printing http traffic to the console?
import java.util.logging.Logger;
import org.glassfish.jersey.filter.LoggingFilter;
import javax.ws.rs.ApplicationPath;
import org.springframework.stereotype.Component;
#Component
#ApplicationPath("/")
public class JerseyConfiguration extends ResourceConfig {
private static final Logger log = Logger.getLogger(JerseyConfiguration.class.getName());
public JerseyConfiguration() {
...
register(new LoggingFilter(log, true));
}
}
I look spring web site and want to prevent my website form xss and xframe attack
But My english is not well enough to figure out what to set
Please guide me what else should I setting??
I just add a WebSecurityConfig.java under src/com/test/web/security
Here is my code :
package com.test.web.security;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
#EnableWebSecurity
#Configuration
#ComponentScan
public class WebSecurityConfig extends
WebSecurityConfigurerAdapter {
#Override
protected void configure(HttpSecurity http) throws Exception {
http
// ...
.headers();
}
}
If you just specify the same code that you have above, Spring Security should automatically add all of the relevant security headers. Per the docs:
If you are using Spring Security’s Java configuration, all of the
default security headers are added by default.
Also:
As soon as you specify any headers that should be included, then only
those headers will be include
See details and code samples in this section:
http://docs.spring.io/spring-security/site/docs/3.2.0.RELEASE/reference/htmlsingle/#default-security-headers
We're a Spring Boot shop and rely heavily on Spring MVC for our REST endpoints. We use Boot and embedded Tomcat to create a self-hosting JAR. Is it possible to replace Tomcat with Ratback while still keeping all my Spring MVC code in place? I am afraid that Spring MVC is tied into the servlet specification somehow and will not run without a servlet container. I am aware of dsyer/spring-boot-ratpack work but after skimming the code couldn't decide if Spring MVC would play well using the bridge. Is anyone aware of any work that will allow us to retain our investment in Spring MVC and have Spring Boot use Ratpack to manage HTTP traffic?
I suspect the crux of your question can be distilled to: "can we put our Spring controllers on top of Ratpack's non-blocking HTTP layer?" and the simplest answer to that question is no, for reason that the MVC programming model doesn't fit well into the reactive/NIO model very well.
However, if your application has followed some common model-view-controller-(and service) patterns, then your controllers should really just be performing data binding and parsing and delegating out to a service layer. If that's the case, then likely the code in your controller is already non-blocking, and you could easily translate it to Ratpack code.
As an example, consider the following #RestController in a Spring Boot app:
#RestController
#RequestMapping("/user")
class UserController {
#Autowired
UserService userService
#RequestMapping(method = RequestMethod.POST)
Long create(#RequestBody #Valid User user) {
User savedUser = userService.save(user)
return savedUser.id
}
}
Spring's data binding aspect is a computation process (ie isn't I/O bound), so we can easily translate this into a Ratpack handler:
import app.SpringConfig
import app.User
import app.UserService
import org.springframework.boot.SpringApplication
import org.springframework.context.ApplicationContext
import ratpack.jackson.JacksonModule
import static ratpack.groovy.Groovy.ratpack
import static ratpack.jackson.Jackson.fromJson
import static ratpack.jackson.Jackson.json
import static ratpack.spring.Spring.spring
ratpack {
bindings {
add(new JacksonModule())
bindInstance(ApplicationContext, SpringApplication.run(SpringConfig))
}
handlers { ApplicationContext ctx ->
register(spring(ctx))
prefix("user") {
handler { UserService userService ->
byMethod {
post {
def user = parse(fromJson(User))
blocking {
userService.save(user)
} then { User savedUser ->
render(json(savedUser))
}
}
}
}
}
}
}
Where SpringConfig looks like this:
package app
import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration
#Configuration
class SpringConfig {
#Bean
UserService userService() {
new UserService()
}
}
And here's a functional test to prove it:
package app
import com.fasterxml.jackson.databind.ObjectMapper
import ratpack.groovy.test.GroovyRatpackMainApplicationUnderTest
import ratpack.test.ApplicationUnderTest
import ratpack.test.http.TestHttpClient
import spock.lang.Shared
import spock.lang.Specification
import static groovy.json.JsonOutput.toJson
class FuncSpec extends Specification {
#Shared ApplicationUnderTest aut = new GroovyRatpackMainApplicationUnderTest()
#Shared ObjectMapper mapper = new ObjectMapper()
#Delegate TestHttpClient client = aut.httpClient
def "should parse and save user"() {
given:
def user = new User(username: "dan", email: "danielpwoods#gmail.com")
when:
requestSpec { spec ->
spec.body { b ->
b.type("application/json")
b.text(toJson(user))
}
}
post('user')
then:
def savedUser = mapper.readValue(response.body.text, User)
and:
savedUser.id
}
}
Hope this helps!
The Spring MVC programming model is not very heavily dependent on Servlet APIs, but it's not supported in any other containers (i.e. not in Ratpack). There is some async stuff there now and Servlet 3.1 enhances it some more, so if that's the part of Ratpack that attracts you, maybe just using that would be a better approach. You won't get all the way to reactive and non-blocking IO that way though.