<Tech>Brunch


SpringBoot Web Services Integration with Spring Cloud Slueth and Zipkin

In Microservices ecosystem, we have distributed application and microservices. How each distributed microservice is performing, what is the latency measurment of each component, and stuffs like this can be easily monitored using Distributed Tracing.

We have implemented a simple SpringBoot web service where we have integrated Spring Cloud Sleuth and Zipkin for the purpose of Distributed Tracing. Though we have only one web service for the demo, but the process of integration for the rest of the other microservices stays the same. If we have implemented for one microservice, the process for implementation is the same for the rest, and when all the microservices have implemented this, we get a seamless distributed tracing at one place.

What is Spring Cloud Sleuth?
Spring Cloud Sleuth implements a distributed tracing solution for Spring Cloud, borrowing heavily from Dapper, Zipkin and HTrace. In simple terms, Sleuth is a tool from Spring cloud family which is used to generate the trace id, span id and add these information to the service calls in the headers and MDC, so that these can be used with tools like Zipkin and ELK etc. to store, index and process log files.

Git Trying to Push with incorrect Username

It happens often that we are working on couple of repositories, performing push/pull operations on our branches. I faced one issue quite pre-dominantly that when I am trying to push into repository that required my different username, hosted on a different Github account of mine, then I saw that Git is using my previous username and the push is failing because of incorrect username.

1
git config --global user.name 'anshulbravo'

I tried to set the global username again with the valid one, but that didn’t work. Git still kept on trying to push with the incorrect username for the repository.

What worked for me was following:

1
2
git config --local credential.helper ""
git push origin master

Doing this made Git ask me for username everytime I am trying to push. This helped, and helped like a soothing breeze. Now I was able to provide the correct username and provide the password for it, and the push went successful.

Angular SPA with Auth0 Implementation

As part of Authorization Code flow implementation, we developed a sample Angular SPA, which made use of Auth0 as the Identity Provider and Validator.

Auth0 provides authentication and authorization as a service. We can connect any application (written in any language or on any stack) to Auth0 and define the identity providers we would want to use (how would we want our users to log in). Based on app’s technology, we just have to choose one Auth0 SDKs, or just call Auth0 APIs, and hook it up into our app. Now each time a user tries to authenticate, Auth0 will verify their identity and send the required information back to the app. Key thing to make note of is, Auth0 supports OAuth2 and OpenID Connect. Sad part is, Auth0 is not completely free. There is a free tier with limited resources available at our doorstep.




Fix Github Pages 404 Error

In order to have your static website hosted on Github pages, you must have a repository by name “github-username.github.io”. In this syntax, “github-username” refers to your Github username.
In case you have fiddled around with some default settings, or have made this particular repository private, or may be you played around some other Github repository settings, likelihood of getting error 404 hence forth becomes very much evident.

JWT Token Implementation with Dedicated Authentication-Authorization Server





JWT stands for JSON Web Token. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed. JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA or ECDSA.
JWT can have symmetric/asymmetric signatures for Signing. It is currently the latest standard for implementing Security in our web applications.

Flow, how it works with JWT:
- Each security tokens are protected data structures. it contains information about issuer, time of expiration of token, subject etc. These are identified under the claim section of JWT.
- Each JWT Token is signed, so its tamper proof and bears authenticity throughout its valid time frame.
- For accessing any resource, client requests for a token.
- Issuer issues a token to the client.
- Client makes use of that token when talking to resources. This token is generally placed in header of the request for consuming resource services.

LDAP vs RDBMS

Before having a look at LDAP, we should know about ‘Directory’.

What is directory structure?
The directory structure is the organization of files into a hierarchy of folders. It should be stable and scalable; it should not fundamentally change, only be added to. Computers have used the folder metaphor for decades as a way to help users keep track of where something can be found.
When information is stored in Directory Structure, it becomes very much feasible to manage hierarchical information, read/write to it. This directory structure can be scaled up to achieve three major functionalities on the web: Authentication, Authorization, and Personalization.




LDAP stands for Lightweight Directory Access Protocol. LDAP is a standards based specification for interacting with directory data. Directory Services can implement support of LDAP to provide interoperability among third party applications.
LDAP is an open, industrial standard application protocol for reading and editing distributed directories over the network. In these directories, we have set of records in an organized hierarchical structure, similar to how a corporate email directory or a telephone directory looks like. LDAP enables anyone to locate resources in a network, be it on a public internet or corporate intranet. LDAP read operations are extremely fast than any other possible alternatives.

When we have looked at LDAP, lets get to know what an Active Directory is…
Active Directory is Microsoft’s implementation of directory service that, among other protocols, supports LDAP to query it’s data.

Securing Rest Web Service with In-Memory model of BasicAuth

This post deals with Securing a Spring Rest Web Service, using in-memory model of BasicAuth offered by Spring Security. The sample application built for this purpose has used Java 1.8 and Spring dependencies for version 5.

An earlier post on this website, ‘Building REST Web Service with Spring 5‘, covered creating a Rest Web Service using Spring 5. In this post, I am going to build authentication on the same set of Rest Web Services.

I prefer annotations/Java Configuration, so I have entirely used Java configuration in this implementation.
Over the existing Rest Webservice, I used In-Memory credentials with Default Spring BasicAuth. I will be sharing what new changes I had to do in this implementation.

Building REST Web Service with Spring 5

Representational State Transfer (REST) is an architectural style that specifies constraints, such as the uniform interface, that if applied to a web service induce desirable properties, such as performance, scalability, and modifiability, that enable services to work best on the Web.
In the REST architectural style, data and functionality are considered resources and are accessed using Uniform Resource Identifiers (URIs), typically links on the Web. The resources are acted upon by using a set of simple, well-defined operations. The REST architectural style constrains an architecture to a client/server architecture and is designed to use a stateless communication protocol, typically HTTP.
In the REST architecture style, clients and servers exchange representations of resources by using a standardized interface and protocol.




Git issues with GUI Clients on MacOs Sierra 10.13

Lately, I changed my GitHub Username to ‘anshulgammy’. So as expected, urls of all of my repositories were affected. Most of the times, I make use of command line Git to push my changes. Nevertheless, I enjoy the ease that Git GUI clients have to offer.

I am using macOS sierra 10.13, and it had SourceTree installed for quite sometime. When I tried to push my changes to Git repo using SourceTree, it kept asking me for password for my previous username on host.github.com. However, I was able to push the changes from my Terminal, without any issues. It took quite long for me to figure out how to resolve this issue.