Eureka client failed to authenticate for eureka server

[Darlynnnn]

I have eureka server:

@SpringBootApplication
@EnableEurekaServer
public class DiscoveryServerApplication {
    public static void main(String[] args) {
        SpringApplication.run(DiscoveryServerApplication.class, args);
    }
}

Config:

    @Configuration
    public class WebConfig {

@Bean
public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity serverHttpSecurity){
    serverHttpSecurity.csrf()
            .disable()
            .authorizeExchange( exchange -> exchange.pathMatchers("/eureka/**")
                    .permitAll()
                    .anyExchange()
                    .authenticated()
            ).oauth2ResourceServer(ServerHttpSecurity.OAuth2ResourceServerSpec::jwt);

    return serverHttpSecurity.build();

}

}

application.properties:

eureka.instance.hostname=localhost
eureka.client.register-with-eureka=false
eureka.client.fetch-registry=false
server.port=8761

eureka.username=eureka
eureka.password=password

spring.security.user.name=eureka
spring.security.user.password=password

eureka.instance.metadata-map.user.name: ${spring.security.user.name}
eureka.instance.metadata-map.user.password: ${spring.security.user.password}

This "works" , go into localhost:8761, input eureka/password as name/password and im in.

Now i have client that i want to register in the eureka server.

I have this in application.properties:

eureka.client.serviceUrl.defaultZone = http://eureka:password@localhost:8761/eureka
server.port=8081
spring.application.name=service-name

Upon starting the app i receive:

*

2023-10-22T17:03:40.958+02:00  WARN 2528 --- [nfoReplicator-0] c.n.d.s.t.d.RetryableEurekaHttpClient    : Request execution failure with status code 401; retrying on another server if available
2023-10-22T17:03:40.959+02:00  WARN 2528 --- [nfoReplicator-0] com.netflix.discovery.DiscoveryClient    : DiscoveryClient_ORDER-SERVICE/darlyn:order-service:8081 - registration failed Cannot execute request on any known server
com.netflix.discovery.shared.transport.TransportException: Cannot execute request on any known server

*

I tried solution presented here e.g using

eureka.instance.metadata-map.user.name: ${spring.security.user.name}
eureka.instance.metadata-map.user.password: ${spring.security.user.password}

in server properties.

i have csrf disabled as most of the answers to this problem says its csrf problem,

i have tried to add custom restBean according to this post, e.g

@Bean
public RestTemplateTransportClientFactories restTemplateTransportClientFactories(EurekaClientHttpRequestFactorySupplier supplier)
{
    return new RestTemplateTransportClientFactories(new RestTemplateDiscoveryClientOptionalArgs(supplier));
}

in my client service, however the problem remains the same.

is there any solution to this problem or do i have to downgrade versions?

I am using:

<dependency>
    <groupId>org.springframework.cloud</groupId>
    <artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
    <version>4.0.3</version>
</dependency>

for client as

    <dependency>
        <groupId>org.springframework.cloud</groupId>
        <artifactId>spring-cloud-starter-netflix-eureka-server</artifactId>
        <version>4.0.3</version>
    </dependency>

for server with

    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-security</artifactId>
        <version>3.1.4</version>
    </dependency>

Using code samples from docs and github results in the same error...

Thanks for help

[oluwatobiiloba]

Same issue here

[Narendranath2]

I'm using spring boot 3.1.5 and spring cloud 2022.0.3 and I was able to achieve the basic authentication for service registry.

This is my config on eureka

spring:
   application:
      name: test
   security:
      user:
         name: test
         password: test
server:
   port: 8888
eureka:
   client:
      serviceUrl:
         defaultZone: http://localhost:${server.port}/eureka/
   instance:
      preferIpAddress: true
      instanceId: ${spring.application.name}:${random.int}

And this is the filterChain to disable the csrf

@Configuration
public class WebSecurityConfig {
    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        return http.csrf(AbstractHttpConfigurer::disable).securityMatcher("/eureka/**").build();
    }
}

And these are the properties I'm passing from the service which is supposed to be registered in eureka

eureka.client.fetch-registry=true;
eureka.client.register-with-eureka=true;
eureka.client.service-url.default-zone=http://test:test@localhost:8888/eureka/

[yashkumar7889]

Even I am also facing same issue. I am stuck here from past 2 weeks. Need urgent help

[OlgaMaciaszek]

Hello @Darlynnnn, @oluwatobiiloba, @Narendranath2, @yashkumar7889 , please see the proper configuration in the docs. You can also see a sample here. If you still have an issue after trying that, please provide a minimal, complete, verifiable example that reproduces the issue, as a link to a GitHub repo with an executable app. Please make sure to use Spring Boot 3.2.x and Spring Cloud 2023.0.x in your samples, as these are the only versions that are currently in OSS support.

[spring-cloud-issues]

If you would like us to look at this issue, please provide the requested information. If the information is not provided within the next 7 days this issue will be closed.

[spring-cloud-issues]

Closing due to lack of requested feedback. If you would like us to look at this issue, please provide the requested information and we will re-open the issue.

[developer-baku]

I got the solution. date 2/20/2024. Problem was that This guy(who asked the question) was using old video to learn spring microservice. In that video the video-maker uses old way to add security-filter-chain. But the way he disables csrf method is useless at this moment. So ,in short , problem is csfr. as this guy Narendranath2 shows you need to add .securityMatcher("/eureka/**") at the end of csrf method , otherwise the so-called issue happens