search

it-at-m / refarch

Collection of different ready to use reference architecture (RefArch) components developed by it@M.
https://opensource.muenchen.de/in-house-development.html
MIT License
2 stars 2 forks source link

[Bug] Gateway not starting with Profile no security #193

Closed hupling closed 1 week ago

hupling commented 2 weeks ago

Bug description

SSO_ISSUER_URL not set the Gateway is not starting. Even if I want only no_security

Expected behaviour

start gateway or set a default value

Steps for reproduction

siehe oben

Affected version

1.0.0

Affected component

refarch-gateway

Last working version (optional)

No response

Operating system

No response

Browser

No response

Relevant log output (optional)

No response

Screenshots (optional)

No response

Additional context (optional)

No response

No duplicate

Code of Conduct

boal commented 2 weeks ago

The gateway and all other integrations should be decoupled from spring oauth setup as done in the following pull request for the s3-integration.

https://github.com/it-at-m/refarch/pull/159

The necessary spring security configuration should be shown as an example within the documentation.

simonhir commented 1 week ago

Fixed with version 1.2.0

hupling commented 1 week ago 
INFO exec -a "java" java -XX:MaxRAMPercentage=80.0 -XX:+UseParallelGC -XX:MinHeapFreeRatio=10 -XX:MaxHeapFreeRatio=20 -XX:GCTimeRatio=4 -XX:AdaptiveSizePolicyWeight=90 -XX:+ExitOnOutOfMemoryError -cp "." -jar /deployments/spring-boot-application.jar
INFO running in /deployments
---------------------------------------------------------------------------------------------------------------------------------------------------
RefArch-Gateway
https://github.com/it-at-m/refarch
Application Name : refarch-gateway (v1.2.0)
Spring Boot Version : (v3.3.4)
---------------------------------------------------------------------------------------------------------------------------------------------------
{"timestamp":"2024-10-09T05:30:29.159","appName":"refarch-gateway","TraceId":"","SpanId":"","thread":"main","level":"INFO","logger":"de.muenchen.refarch.gateway.ApiGatewayApplication","location":{"fileName":"StartupInfoLogger.java","line":"50"},"message":"Starting ApiGatewayApplication v1.2.0 using Java 21.0.4 with PID 1 (/deployments/spring-boot-application.jar started by 1003840000 in /deployments)"}
{"timestamp":"2024-10-09T05:30:29.250","appName":"refarch-gateway","TraceId":"","SpanId":"","thread":"main","level":"INFO","logger":"de.muenchen.refarch.gateway.ApiGatewayApplication","location":{"fileName":"SpringApplication.java","line":"660"},"message":"The following 2 profiles are active: \"hazelcast-k8s\", \"json-logging\""}
{"timestamp":"2024-10-09T05:30:39.262","appName":"refarch-gateway","TraceId":"","SpanId":"","thread":"main","level":"INFO","logger":"org.springframework.cloud.context.scope.GenericScope","location":{"fileName":"GenericScope.java","line":"282"},"message":"BeanFactory id=6037f589-8ce6-354e-b319-80504c7c2053"}
{"timestamp":"2024-10-09T05:30:44.772","appName":"refarch-gateway","TraceId":"","SpanId":"","thread":"main","level":"WARN","logger":"org.springframework.boot.web.reactive.context.AnnotationConfigReactiveWebServerApplicationContext","location":{"fileName":"AbstractApplicationContext.java","line":"633"},"message":"Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'clientAccessFilterChain' defined in class path resource [de/muenchen/refarch/gateway/configuration/SecurityConfiguration.class]: Failed to instantiate [org.springframework.security.web.server.SecurityWebFilterChain]: Factory method 'clientAccessFilterChain' threw exception with message: No qualifying bean of type 'org.springframework.security.oauth2.jwt.ReactiveJwtDecoder' available"}
{"timestamp":"2024-10-09T05:30:44.948","appName":"refarch-gateway","TraceId":"","SpanId":"","thread":"main","level":"INFO","logger":"org.springframework.boot.autoconfigure.logging.ConditionEvaluationReportLogger","location":{"fileName":"ConditionEvaluationReportLogger.java","line":"82"},"message":"\n\nError starting ApplicationContext. To display the condition evaluation report re-run your application with 'debug' enabled."}
{"timestamp":"2024-10-09T05:30:45.066","appName":"refarch-gateway","TraceId":"","SpanId":"","thread":"main","level":"ERROR","logger":"org.springframework.boot.diagnostics.LoggingFailureAnalysisReporter","location":{"fileName":"LoggingFailureAnalysisReporter.java","line":"40"},"message":"\n\n***************************\nAPPLICATION FAILED TO START\n***************************\n\nDescription:\n\nMethod clientAccessFilterChain in de.muenchen.refarch.gateway.configuration.SecurityConfiguration required a bean of type 'org.springframework.security.oauth2.jwt.ReactiveJwtDecoder' that could not be found.\n\n\nAction:\n\nConsider defining a bean of type 'org.springframework.security.oauth2.jwt.ReactiveJwtDecoder' in your configuration.\n"}

also ich bekomme jetzt einen anderen Errror

hupling commented 1 week ago 
      env:
        - name: SPRING_REALM
          value: km8
        - name: SPRING_PROFILES_ACTIVE
          value: 'hazelcast-k8s,json-logging'
        - name: SSO_ISSUER_URL
          value: 'https://ssodev.muenchen.de/auth/realms/${spring.realm}'
        - name: SSO_CLIENT_ID
          value: beispielprojekt
        - name: SSO_CLIENT_SECRET
          valueFrom:
            secretKeyRef:
              name: sso-client
              key: sso-client-secret
        - name: APP_SPRING-SESSION-HAZELCAST_NAMESPACE
          value: spseval
        - name: SPRING_CLOUD_GATEWAY_ROUTES_0_ID
          value: backend
        - name: SPRING_CLOUD_GATEWAY_ROUTES_0_URI
          value: 'http://a-backend:8080/'
        - name: SPRING_CLOUD_GATEWAY_ROUTES_0_PREDICATES_0
          value: Path=/api/beispielprojekt-backend-service/**
        - name: SPRING_CLOUD_GATEWAY_ROUTES_0_FILTERS_0
          value: 'RewritePath=/api/beispielprojekt-backend-service/(?<urlsegments>.*), /$\{urlsegments}'
        - name: SPRING_CLOUD_GATEWAY_ROUTES_0_FILTERS_1
          value: RemoveResponseHeader=WWW-Authenticate
        - name: SPRING_CLOUD_GATEWAY_ROUTES_1_ID
          value: sso
        - name: SPRING_CLOUD_GATEWAY_ROUTES_1_URI
          value: 'https://ssodev.muenchen.de/'
        - name: SPRING_CLOUD_GATEWAY_ROUTES_1_PREDICATES_0
          value: Path=/api/sso/userinfo
        - name: SPRING_CLOUD_GATEWAY_ROUTES_1_FILTERS_0
          value: 'RewritePath=/api/sso/userinfo, /auth/realms/${spring.realm}/protocol/openid-connect/userinfo'
        - name: SPRING_CLOUD_GATEWAY_ROUTES_2_ID
          value: frontend
        - name: SPRING_CLOUD_GATEWAY_ROUTES_2_URI
          value: 'http://a-frontend:8080/'
        - name: SPRING_CLOUD_GATEWAY_ROUTES_2_PREDICATES_0
          value: Path=/api/hallo/**
        - name: SPRING_CLOUD_GATEWAY_ROUTES_2_FILTERS_0
          value: 'RewritePath=/api/hallo/(?<urlsegments>.*), /$\{urlsegments}'
        - name: SPRING_CLOUD_GATEWAY_ROUTES_2_FILTERS_1
          value: RemoveResponseHeader=WWW-Authenticate
        - name: HAZELCAST_OPENSHIFTSERVICENAME
          value: a-refarch-gateway