Finchley version resolution based on Spring Boot 2.x

Source: Internet
Author: User
Tags auth decrypt csrf attack
Spring Boot 2.x has been released for a long time, and now spring Cloud has released the Finchley version based on spring boot 2.x, and now it's time to do an overall framework upgrade for the project.

Pre-upgrade = + After upgrade

Spring Boot 1.5.x = Spring boot 2.0.2

Spring Cloud Edgware SR4 = Spring Cloud Finchley.release

Eureka Server

Eureka Server Dependent Update

Before upgrade:

<dependency>    <groupId>org.springframework.cloud</groupId>    <artifactId> Spring-cloud-starter-eureka-server</artifactid></dependency>

After Upgrade:

<dependency>    <groupId>org.springframework.cloud</groupId>    <artifactId> Spring-cloud-starter-netflix-eureka-server</artifactid></dependency>

Eureka Client

Because the configuration center needs to be registered as a service to the registry, the Eureka Client needs to be upgraded, and other dependencies are not changed.

Eureka Client Dependency Update

Before upgrade:

<dependency>    <groupId>org.springframework.cloud</groupId>    <artifactId> Spring-cloud-starter-eureka</artifactid></dependency>

After Upgrade:

<dependency>    <groupId>org.springframework.cloud</groupId>    <artifactId> Spring-cloud-starter-netflix-eureka-client</artifactid></dependency>

Spring Cloud

Client instance IP inside the registry is not displayed correctly

Because the Spring Cloud gets the service client IP address configuration changed.

Before upgrade:

${spring.cloud.client.ipaddress}

After Upgrade:

${spring.cloud.client.ip-address}

Spring Security

The general registry, the configuration center will use secure encryption, will rely on spring-boot-starter-security components, after the upgrade there are a few two issues.

1. User name and password cannot be logged in

Because the parameters of Spring Security are changed.

Before upgrade:

Security:  User:    name:    Password:

After Upgrade:

Spring:  Security:     User:       name:        Password:

2. Registration Center does not have a registered instance

, two registries cannot register with each other without registering an instance.

Because Spring Security turns on all CSRF attack defenses by default, you need to disable/eureka's defenses.

In the Application Ingress class, add the Ignore configuration:

@EnableWebSecuritystatic class Websecurityconfig extends Websecurityconfigureradapter {    @Override    protected void Configure (Httpsecurity http) throws Exception {        http.csrf (). Ignoringantmatchers ("/eureka/**");        Super.configure (HTTP);}    }

3, the configuration center cannot add decryption

After the upgrade, the Discovery Access Configuration Center cannot read to the configuration, and can not decrypt the configuration information, access the Configuration Center link directly to the login page.

Now want to change back to the basic Auth authentication method, find source discovery is automatic configuration jumped to the login page, now rewrite.

automatically configure the source code:
Org.springframework.security.config.annotation.web.configuration.websecurityconfigureradapter#configure ( org.springframework.security.config.annotation.web.builders.HttpSecurity)
protected void Configure (Httpsecurity http) throws Exception {    logger.debug ("Using default Configure (httpsecurity) . If subclassed This would potentially override subclass configure (httpsecurity). ");    http. Authorizerequests (). Anyrequest (). authenticated (). and (). Formlogin (). and        ()        . Httpbasic ();}

After rewriting:

@EnableWebSecuritystatic class Websecurityconfig extends Websecurityconfigureradapter {    @Override    protected void Configure (Httpsecurity http) throws Exception {        http.csrf (). Ignoringantmatchers ("/**"). and (). Authorizerequests (). Anyrequest (). authenticated (). and                (). Httpbasic ();    }}

In fact, is to formLogin() kill, and return to the previous basic Auth authentication method, as shown.

Now we can use the following command to decrypt it.

After the basic auth is restored, the previous service requires the encrypted Connection Configuration Center to function again.

Maven

After upgrading to spring boot 2.x, it is not easy to find the spring boot Maven boot plugin, mainly the profile cannot be switched freely.

Before upgrade:

Spring-boot:run-drun.profiles=profile1

After Upgrade:

Spring-boot:run-dspring-boot.run.profiles=profile1

Summarize

The above are all the holes summed up the solution, the actual problem solving process far more complex. The version has changed a bit, and this time it has successfully upgraded the Spring Cloud base dependency, and the registry (Eureka server), configuration Center (config server).

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.