These are chat archives for spring-cloud/spring-cloud

16th
May 2016
Marius Bogoevici
@mbogoevici
May 16 2016 00:12
@donovanmuller an IBM MQ binder would be good to see though - looking forward to a contribution!
Donovan Muller
@donovanmuller
May 16 2016 04:21
@mbogoevici The idea is to contribute the MQ binder back...
Leon Radley
@leon
May 16 2016 09:43
Does spring cloud work with spring boot 1.4-M3?
Dave Syer
@dsyer
May 16 2016 09:46
As far as we know Brixton.RELEASE works with 1.4
We only tested with snapshots though, probably
Leon Radley
@leon
May 16 2016 09:48

I’m in a bit of a pickle
hibernate 4 has a nasty bug with NamedEntityGraphs, and it’s not fixed in the 4.x branch.
https://hibernate.atlassian.net/browse/HHH-9230

which means I need to either revert the whole entitygraph optimisation, or try pushing forwards.

bother :)
Robert Van Voorhees
@voor
May 16 2016 13:44
Before I go digging into this, has anyone with @EnableOAuth2Sso on @EnableZuulProxy ever seen the following? No thread-bound request found: Are you referring to request attributes outside of an actual web request, or processing a request outside of the originally receiving thread? If you are actually operating within a web request and still receive this message, your code is probably running outside of DispatcherServlet/DispatcherPortlet: In this case, use RequestContextListener or RequestContextFilter to expose the current request.
Dave Syer
@dsyer
May 16 2016 13:46
Background thread processing with an OAuth2RestTemplate?
A stack trace might help
Robert Van Voorhees
@voor
May 16 2016 13:51
Yeah, I think it's happening at OAuth2AccessToken accessToken = context.getAccessToken();
Sorry, gitter can't make up its mind if return sends a message or goes to a new line.
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'scopedTarget.oauth2ClientContext': Scope 'session' is not active for the current thread; consider defining a scoped proxy for this bean if you intend to refer to it from a singleton; nested exception is java.lang.IllegalStateException: No thread-bound request found: Are you referring to request attributes outside of an actual web request, or processing a request outside of the originally receiving thread? If you are actually operating within a web request and still receive this message, your code is probably running outside of DispatcherServlet/DispatcherPortlet: In this case, use RequestContextListener or RequestContextFilter to expose the current request.
    at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:355) ~[spring-beans-4.2.5.RELEASE.jar:4.2.5.RELEASE]
    at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197) ~[spring-beans-4.2.5.RELEASE.jar:4.2.5.RELEASE]
    at org.springframework.aop.target.SimpleBeanTargetSource.getTarget(SimpleBeanTargetSource.java:35) ~[spring-aop-4.2.5.RELEASE.jar:4.2.5.RELEASE]
    at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:187) ~[spring-aop-4.2.5.RELEASE.jar:4.2.5.RELEASE]
    at com.sun.proxy.$Proxy88.getAccessToken(Unknown Source) ~[na:na]
    at org.springframework.security.oauth2.client.OAuth2RestTemplate.getAccessToken(OAuth2RestTemplate.java:169) ~[spring-security-oauth2-2.0.9.RELEASE.jar:na]
Yeah, inside the JVM for the Zuul Gateway, it's pitching a fit when you attempt to grab the OAuth2AccessToken inside OAuth2RestTemplate
Dave Syer
@dsyer
May 16 2016 13:53
That's no background processing then
It's on startup?
Robert Van Voorhees
@voor
May 16 2016 13:54
No, it's whenever a request comes in
curl request into the gateway, using JWT for authentication
Dave Syer
@dsyer
May 16 2016 13:54
Right. So it's a background thread I guess because of ribbon.
You are using ribbon?
Robert Van Voorhees
@voor
May 16 2016 13:57
Yes
Dave Syer
@dsyer
May 16 2016 13:58
Does it work if you set the Hystrix isolation strategy globally to SEMAPHORE?
Robert Van Voorhees
@voor
May 16 2016 13:59
Haven't delved into Hystrix yet, so might have a long response time.
Dave Syer
@dsyer
May 16 2016 14:01
Google "hystrix isolation level" gets me the Netflix wiki page with all the configs on it
Robert Van Voorhees
@voor
May 16 2016 14:03
Do I use those same property names in the Spring config?
Oh, nevermind, see in the Spring Cloud Netflix docs -- references https://github.com/Netflix/Hystrix/tree/master/hystrix-contrib/hystrix-javanica#configuration
Dave Syer
@dsyer
May 16 2016 14:09
I don't think javanica is relevant here
Robert Van Voorhees
@voor
May 16 2016 14:09
Okay, I just added:
Dave Syer
@dsyer
May 16 2016 14:09
But, yes, you just use the same config properties
Robert Van Voorhees
@voor
May 16 2016 14:10
    @PostConstruct
    public void semaphoreSetting() {
        // to use semaphore isolation
        HystrixCommandProperties.Setter().withExecutionIsolationStrategy(
                HystrixCommandProperties.ExecutionIsolationStrategy.SEMAPHORE);
    }
Into my class annotated with the @EnableZuulProxy
Same error message.
Ganesh
@ganesh525
May 16 2016 14:12
Hi Guys
Can any one tell me the process of connecting OracleDB to predix?
Dave Syer
@dsyer
May 16 2016 14:13
@voor I think we need to boil it down to a simple sample then
Robert Van Voorhees
@voor
May 16 2016 14:14
Alright, give me a few minutes then.
Robert Van Voorhees
@voor
May 16 2016 14:40
Alright, so I was importing a @Configuration from another package that had @EnableWebMvc on there, removing that annotation resolved all my problems magically somehow.
Mariusz Smykuła
@mariuszs
May 16 2016 14:40

Hi, is zipkin java 7 compatibile?

Caused by: java.lang.UnsupportedClassVersionError: org/springframework/cloud/sleuth/zipkin/ZipkinAutoConfiguration : Unsupported major.minor version 52.0

?

anyone?
Robert Van Voorhees
@voor
May 16 2016 14:45
No clue @mariuszs not using Zipkin yet.
Mariusz Smykuła
@mariuszs
May 16 2016 14:45
but spring-cloud in general should work with java 1.7?
Robert Van Voorhees
@voor
May 16 2016 14:47
If there isn't a .jdk8 file inside the repository root it usually means it's compiled with Java 1.7
Dave Syer
@dsyer
May 16 2016 14:52
zipkin is java 8 I believe (nothing to do with Spring Cloud)
Mariusz Smykuła
@mariuszs
May 16 2016 15:10
ok, thanks
Robert Van Voorhees
@voor
May 16 2016 15:27
@dsyer Any good tips on things to turn on for debugging a Zuul filter?
I have the authentication working now (I think?) but the requests are always coming back with 200 and empty body.
Robert Van Voorhees
@voor
May 16 2016 15:40

Only asking since

zuul:
  debug:
    request: true

Doesn't seem to be wanting to work.

Dave Syer
@dsyer
May 16 2016 15:49
What version of Spring Cloud?
and did you need the SEMAPHORE setting to get authentication to work?
Robert Van Voorhees
@voor
May 16 2016 15:50
No, just removing that errant @EnableWebMvc got it working.
Spring Cloud 1.1.0.RC1
Dave Syer
@dsyer
May 16 2016 15:50
Why not use the latest stable?
Robert Van Voorhees
@voor
May 16 2016 15:50
Although I could probably move to another release fairly easily.
oh nevermind, I was on Brixton.RC1
Dave Syer
@dsyer
May 16 2016 15:53
So move to Brixton.RELEASE and then we can look at the 200
Tommy Ludwig
@shakuzen
May 16 2016 15:54
@mariuszs I believe Zipkin is Java 7 compatible, but you can ask on the Zipkin gitter channel also

https://github.com/openzipkin/zipkin-java#core-library

The core library requires minimum language level 7.

Robert Van Voorhees
@voor
May 16 2016 15:56
Okay, will need to go through and fix all those ribbon changes then.
Dave Syer
@dsyer
May 16 2016 15:56
@shakuzen I checked as well. The zipkin jars are being published with Java 8 compatibility, even though the code is Java 7.
I think they will fix that
Tommy Ludwig
@shakuzen
May 16 2016 15:57

Just found this in the Server section of the README

Note that the server requires minimum JRE 8.

Dave Syer
@dsyer
May 16 2016 15:57
I guess that tells us then
I was right the first time
Tommy Ludwig
@shakuzen
May 16 2016 15:59
openzipkin/zipkin-java#1 for background
Robert Van Voorhees
@voor
May 16 2016 16:53
Okay, updated to Brixton.RELEASE and still no joy on zuul.debug.request: true
Dave Syer
@dsyer
May 16 2016 16:53
Can you put together a simple sample then?
Robert Van Voorhees
@voor
May 16 2016 16:53
Yeah, my stuff's mostly open source, but it's spread around quite a few repositories unfortunately.
So probably doesn't qualify as simple sample. :P
Marcos Barbero
@marcosbarbero
May 16 2016 17:25
@voor are you using tomcat or undertow as web server?
Robert Van Voorhees
@voor
May 16 2016 17:40
Tomcat
That's a good suggestion, let me switch and see what happens.
Dave Syer
@dsyer
May 16 2016 17:42
Very unlikely to make any difference. But good luck.
Robert Van Voorhees
@voor
May 16 2016 17:42
Well, doesn't hurt, had another meeting and lunch so I haven't dug too far into it yet.
Marcos Barbero
@marcosbarbero
May 16 2016 17:43
@voor @dsyer I had a similar issue using undertow, that’s why I’m asking about. To solve it I’ve used this approach http://stackoverflow.com/questions/31905412/error-in-zuul-senderrorfilter-during-forward?answertab=votes#tab-top
Robert Van Voorhees
@voor
May 16 2016 17:44
I think the problem might have more to do with the fact I'm essentially using both Spring Security and Zuul -- the JWT bearer token in the request might be causing issues with the ZuulFilter?

I have the Gateway code (which is literally a couple annotations) https://github.com/SMARTRACTECHNOLOGY/smartcosmos-gateway that is pulling in a bunch of @Components that are doing JWT stuff -- https://github.com/SMARTRACTECHNOLOGY/smartcosmos-framework/tree/3.0.x/smartcosmos-framework/src/main/java/net/smartcosmos/security/user

I realize now looking through this that I essentially trigger a @EnableResourceServer on Zuul -- would that cause problems, you think?

Robert Van Voorhees
@voor
May 16 2016 17:49
If I basically turn off that Resource Server stuff, even if I have the JWT token in the authentication header, I'll get redirected to the auth server's login.
traylz
@traylz
May 16 2016 17:50
Hello, everyone!
I've got question regarding Spring Cloud + Docker. To be more precise - about ports. I have multiple containers running on single box and I want to store ports in cloud-config. Any good solution how can I expose ports in docker? If it wasn't docker, I would have deployed apps, and they would take server.port from cloud config. But with docker, I have no idea, how can I expose correct port
Robert Van Voorhees
@voor
May 16 2016 17:54
Spring Cloud Config can pull things from the system environment if need be as well.
traylz
@traylz
May 16 2016 17:58
Hm, maybe I can even avoid defining port, taking it from env (defining it in docker run) and then registering myself in eureka. Ok will try, thx
Robert Van Voorhees
@voor
May 16 2016 17:58
Switching to Undertow didn't resolve anything, @marcosbarbero , thank you for the suggestion though.
@traylz When the service registers itself into Eureka would it use the local port it was running on, or the docker container's port?
traylz
@traylz
May 16 2016 17:59
Hmm, right
Dunno(
@voor Any ideas how can I tie together docker+eureka
Robert Van Voorhees
@voor
May 16 2016 18:06
I was just going to have a generic "spring-boot-jar" docker container, and override how it registered with Eureka to use the docker container's port instead of the actual server port.
I haven't gotten to that point yet, so afraid I can't provide more specifics.
Looks like I'd hit a wall if I wanted to do it that way, though: docker/docker#3778
Robert Van Voorhees
@voor
May 16 2016 18:54
Does Zuul use RestTemplate underneath the hood, or is there a similar customizer bean template you can use?
Dave Syer
@dsyer
May 16 2016 19:00
It depends on whether you are using ribbon
(Ribbondo
(ribbon doesn't use rest template)
Robert Van Voorhees
@voor
May 16 2016 19:04
Well, I'm using Eureka, so I'm pretty sure I'm using Ribbon

If I make my @EnableOAuth2Sso bean extend WebSecurityConfigurerAdapter and add:

    @Override
    public void init(WebSecurity web) throws Exception {
        web.ignoring().anyRequest();
    }

Then it'll forward on all of the requests to the next endpoint, but it will not pass on the bearer token.

I'm thinking the whole way I'm doing this authorization is pretty orthogonal to a lot of OAuth processes, that would probably look for a cookie somewhere, where I'm trying to explicitly pass the JWT around in each header.
Dave Syer
@dsyer
May 16 2016 19:22
The proxy doesn't pass authorization headers by default
You have to configure it
It's in the user guide
Robert Van Voorhees
@voor
May 16 2016 19:28
Yay
That did it.
Just changed the configuration to sensitiveHeaders: Cookie,Set-Cookie and it worked after that.
eroubal
@rubesMN
May 16 2016 22:55
So, if I update Eureka and ConfigServer to Brixton, will Angel clients still be able to communicate properly?
ccit-spence
@ccit-spence
May 16 2016 23:12
when using JCE with Spring Cloud Config the decryption only happens during the initial load of the properties correct?