How to access externalized configuration values programmatically in spring boot

Spring Boot come up with a very comprehensive configuration mechanism. This allows developers to change application behavior externally via configuration files, environment variables, configuration servers (in this case spring-cloud-config), etc. To see all possible ways to configure a spring boot application please take a look at respective part of official reference documentation.

In this article, we will discuss how to access this configuration values from our code.

In most of the cases, you can use @Value annotation to inject a specific configuration value into your code.

@Value("${property.key.name.from.application.properties}")
private String someConfiguration;

This construct is very simple and effective. But in a very rare case, you may not know the key name of the configuration property (in above example property.key.name.from.application.properties) and the key name may be a variable defined at runtime or provided by another class. In this case, you can use Environment class of Spring.

What you have to do is simply auto wire the Environment instance into your class and call getProperty() method.

@Component
public class YourImplementation {

    @Autowired
    private Environment environment;

    ...
    
    private String resolveConfigurationValue(String key) {
         return environment.getProperty(key);
    }
}

 

Integrating JWT with Spring Security – Part 1

Introduction

I’m a big fan of Spring framework. It makes my life easier and makes coding fun. A very cool part of Spring framework is the Spring security. It’s an extensible and customizable access control and authentication framework for Spring based applications. Especially for web applications, it is essential to use a well maintained and mature security framework since it frequently audited by the community (or by its maintainers) against security flaws and designed to prevent well-known security attacks.

Spring security provides easy to use mechanisms to restrict access to specific resources, built-in authentication providers to check authentication data from different sources (like SQL database, LDAP, JAAS etc.), login-logout handlers and much more. If you are interested you can look at Spring Security reference documentation to get more detail.

JWT on the other side is a relatively new technology to establish JSON based single sign-on (SSO) mechanism.

“JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties.” – https://jwt.io/

I first came across with JWT about 1 year ago and find it very cool, since it simple to use, simple to understand and quite effective. Click here to see what JWT capable of.

Motivation

In our new projects, we wanted to use microservice architecture at least apply some of the microservice patterns. My wish was to use both Spring framework and JWT to enable single sign-on across distributed microservices with a single authentication provider service. Spring ecosystem already provides wide variety tools and libraries for microservice implementation and orchestration. But unfortunately, I missed the JWT integration in Spring Security framework, which enables me to create JWT tokens after a successful login or provide mechanisms to verify JWT tokens attached to requests to authenticate users automatically.

But unfortunately, I missed the JWT integration in Spring Security framework, which enables me to create JWT tokens after a successful login or provide mechanisms to verify JWT tokens attached to requests to authenticate users automatically.

Thus I decided to implement my own JWT integration for Spring Security and make it free and open source.

You can fork the code on Github. I’m open to any suggestion and also for contributions. Please don’t hesitate to contact me via this form or open a ticket here.

In the second part of this article, I will tell you about the initial steps of the development, what I’ve learned from my research about JWT and Security, and some integral decisions I’ve made.

How to measure network speed between two machines

The network speed is really important performance parameter when it comes to microservice architecture, because most of the services running on separate machines even on separate networks. If you measure the performance, you have to be sure that the network link between services are fast enough.

I made a short research about the tools to measure network speed and found that there is a really cool and simple command line tool called iperf. It is cross platform and completely open source with BSD licence. So you can download it from its official website or install directly with your package manager (if you are using unix based or mac operating system). On MacOS i installed it with homebrew.

sudo brew install iperf

After installing iperf on both ends we can start to measuring.

On first machine you have to start iperf as server, so that it listens incoming transfer requests:

iperf -s

On the other machine we can start iperf as a client and put the ip address of server machine as argument

iperf -c 192.168.1.6

The measurement takes only few seconds and then you can see the results on both machine.

------------------------------------------------------------
Client connecting to 192.168.1.6, TCP port 5001
TCP window size: 129 KByte (default)
------------------------------------------------------------
[ 4] local 192.168.1.66 port 62284 connected with 192.168.1.6 port 5001
[ ID] Interval      Transfer     Bandwidth
[ 4]  0.0-10.0 sec  1.09 GBytes  938 Mbits/sec

 

How to disconnect your app from your users facebook account using spring social facebook

Spring social is an umbrella project (one of the Spring Framework projects), which contains a bunch of modules for connecting your spring application with different social media services like facebook, twitter, github, etc.

For a project we are currently developing I need to implement facebook integration for easy registration and login with facebook. There are plenty of documentations and tutorials out there, which describe how to connect users account with facebook using spring-social-facebook project, but practically no (at least I cannot find any) guidance how to disconnect. Disconnecting means removing (revoking) authorization of your app to access your users facebook account.

 

Here is my solution for that:

FacebookTemplate facebookTemplate = new FacebookTemplate(accessToken);
boolean authorized = facebookTemplate.isAuthorized();
if (authorized) {
    facebookTemplate.delete(userId, "permissions");
}

You have to fill accessToken and userId values according to current users context. When the delete method successfully executed (without throwing any exception), your applications authorization will be removed from facebook account of your user.

See official facebook API documentation for more information about de-authorization of your app.

How to load freemarker templates from external file system folder with Spring Boot

For a project we are currently working, we use freemarker templates for sending emails to the customers. Sometimes we need to change this templates on the fly to change some text parts or fix some typos. As default spring boot looks in /templates folder in the classpath for freemarker (actually any type of) templates and thus any change on templates needs actually a rebuild and redeploy of the application.

In fact spring boot is flexible enough to configure freemarker’s template loader to search templates in different folders even outside of the application’s jar file like a file system folder or http resource.

According to Common application properties document (the official spring boot documentation) we can configure the template path by placing the spring.freemarker.template-loader-path property into the application.properties file.


# Comma-separated list of template paths.
spring.freemarker.template-loader-path=file:./templates/, classpath:/templates/

With above example we say to template loader, “Dear Template Loader, please look first the ‘templates’ folder right beside of our application’s jar file and then please (if you can’t find the desired template) look into ‘templates’ folder in the classpath”.

To ensure the hot detection of changes in the templates files loaded from file system you may add following property in your application.properties file. (Actually you don’t need this, because hot loading is the default configuration)


# Prefer file system access for template loading. File system access enables hot detection of template changes.
spring.freemarker.prefer-file-system-access=true

Stay happy until our next blog entry. 🙂

How to define a class in javascript

As JavaScript is an object oriented language (may be not really object oriented, see discussions here), you may want to define classes and instantiate object from these classes like you would in other strongly typed languages (e.g. Java). But javascript doesn’t support classes, a.k.a there ara no classes in javascript. Instead of defining classes, you may define objects via using function keyword like this:

function User(id,name) {
    this.id = id;
    this.name = name;
    this.password = undefined;
}

And then you can instantiate it with new keyword:

var user = new User(1, "Max");

In javascript all objects may be extended on the fly (unless they are frozen). For example you may add new property or method into user object defined above.

user.age = 17;
user.isFullAged = function (){
    if (this.age >= 18){
        return true;
    } else {
        return false;
    }
}

If you want a method or property defined in all instances of an object you may add above extension directly into the object definition:

function User(id,name) {
    this.id = id;
    this.name = name;
    this.password = undefined;
    this.age = 0;
    this.isFullAged = function (){
        if (this.age >= 18){
            return true;
        } else {
            return false;
        };
}

The drawback of above technic is everytime if you create a new instance of user object, the function isFullAged created again and this means wasting resources. To avoid that, you may define object method once and inherit it from object definition for each instance. For this javascript provide a different mechanism called prototype (see more details about prototype and inheritance here).

User.prototype.toString = function(){
    return "UserId: " + this.id + " / Username: " + this.name;
};

Now every instance of User objects has a method called toString with the functionality defined above and this time the method toString created only once.

 

How to show memory usage status of eclipse in status bar

These days I evaluate IntelliJ and compare its features and competencies with my favorite IDE Eclipse. IntelliJ seems really full-fledged, but it will probably take a while to familiarize with its usage.

One of its features that I immediately noticed was the memory usage (heap size) indicator in the status bar.

I’d like to have this feature in Eclipse too and I made some research how to enable it. I thought it is only possible with plugin installation but Eclipse has this feature built-in. Unfortunately it is not enabled by default. To enable memory usage bar, go to Window > Preferences > General and check the option ‘Show heap status’.

Voilà! The memory usage bar is now visible in the progress bar.

Reading OS environment variables in spring boot application using @Value annotation

There are multiple ways to access system environment varibles in a spring boot application using @Value annotation.

The simplest way is to use normal property access with ${property.name} scheme. Spring boot automatically reads environment variables and system properties, makes it accessible as normal properties. You should only replace underscores with dots if the environment variable contains any. For example if you want to access JAVA_HOME you have to transform it as java.home or JAVA.HOME (it is not case sensitive) .

@Value("${java.home}") 
private String javaHome;

Alternatively you can use SpEL (Spring Execution Language). One of the powerful abilities of SpEL is accessing Collections, Arrays, Lists or Properties. While spring intializes our application it collects informations from execution environment including system environments, system properties, application properties etc. and aggregate them in an Environment object. So we can access this object with SpEL to read an environment variable. Here we need slightly different signature compared to above example. Instead of ${ …} we have to write #{ spel.statement }.

@Value("#{environment['JAVA_HOME']}")
private String javaHome;

The second alternative is quite similar to latest. Here we use systemEnvironment instead of environment.

@Value("#{systemEnvironment['JAVA_HOME']}")
private String javaHome;

The systemEnvironment is a key-value Map, which contains only system environment variables and their values, where environment is a StandardEnvironment object which is a collection of different property sources (bootstrap, systemProperties, systemEnvironment, random, integrationTest, applicationConfig: [classpath:/application.properties], defaultProperties, Management Server).

SSH login with authentication key (without using password)

If you have a remote server accessible via SSH and you often want to connect to this server, then typing password each time is very inefficient. Especially if you have multiple servers with different passwords (I hope they are different). To solve this problem you can use another authentication method called authentication by key.

To enable this first you have to create a public/private key pair on your local host. (I assume you are on a *nix system or use at least an emulator like cygwin and installed openssh already) This step is only necessary for one time and the public key can be used for multiple servers.

Creating these keys is very easy type following command on command line.

ssh-keygen

You will be asked for path where you want to store your key. You can let the defaults and press enter to continue.

And then you can type a passphrase for extra protection. Even if someone gain access to your private key without your permission (actually no one else except you should access your private keys) it is not enough to access your servers with this private key unless knowing your passphrase. If you don’t want extra protection, you can let passphrase emtpy and press enter.

Your public and private keys are generated already. (You can see them on the path you selected, by default  under ~/.ssh/ .File named id_rsa is your private key and id_rsa.pub is the public key)

Now you have to register your public key to the remote server.

ssh-copy-id username@servername

Change the username and servername (hostname or IP adress of the target server) and execute the above command. It will ask you your password and then copy your public key to target server. If it successful you can now login your remote server without password. Just try to connect in the usual way.

ssh username@servername

And that’s it.