Spring Framework

Spring Framework, Spring Boot & Spring Cloud

How ServiceInstanceListSuppliers is connected with Eureka server to get the registry list of microservices?

Leave a Comment / Spring Framework /

Spring Cloud LoadBalancer and Eureka How ServiceInstanceListSuppliers Connects to Eureka 🔗 Overview In a Spring Cloud microservices architecture using Eureka and Spring Cloud LoadBalancer, service discovery and load balancing involve the following flow: The Eureka Client registers services with the Eureka Server. The client keeps a local cache of the registry information from the server. […]

How ServiceInstanceListSuppliers is connected with Eureka server to get the registry list of microservices? Read More »

Spring Cloud 中自定义 FeignClient 负载均衡算法:加权随机示例

Leave a Comment / Spring Framework /

Spring Cloud 中自定义 FeignClient 负载均衡算法:加权随机示例 Spring Cloud 中自定义 FeignClient 负载均衡算法:加权随机示例 🧩 场景描述 本文将介绍如何在 Spring Cloud 2023+ 中,将 RestTemplate 替换为 FeignClient,并使用自定义的 加权随机负载均衡算法 实现服务实例选择。 1️⃣ 使用 FeignClient @FeignClient(name = “my-service”) public interface MyServiceClient { @GetMapping(“/api/hello”) String sayHello(); } 2️⃣ 实现 WeightedLoadBalancer public class WeightedLoadBalancer implements ReactorServiceInstanceLoadBalancer { private final ObjectProvider<ServiceInstanceListSupplier> serviceInstanceListSupplierProvider; private final String serviceId; public WeightedLoadBalancer(ObjectProvider<ServiceInstanceListSupplier>

Spring Cloud 中自定义 FeignClient 负载均衡算法:加权随机示例 Read More »

Leave a Comment / Spring Framework /

Spring Security – Individual Realm Access Control Spring Security – Ensuring Each Customer Accesses Only Their Realm Q: In a bank online app, every individual customer has their own sole realm. How can this requirement be satisfied with Spring’s role-based security mechanism? Spring’s role-based mechanism controls access to functionality like user vs. admin, but doesn’t

Read More »

What is Eureka REST API?

Leave a Comment / Spring Framework /

Eureka REST API in Spring Cloud Spring Cloud 中的 Eureka REST API 说明 🧩 什么是 Eureka REST API? 在 Spring Cloud 生态中,Eureka 是 Netflix 提供的一个服务注册与发现组件。 Eureka REST API 是 Eureka Server 提供的基于 HTTP 的接口,用于: 服务实例注册 服务心跳续约 服务下线注销 服务查询 Spring Cloud 已封装 Eureka 的调用逻辑,但我们也可以手动调用 REST API。 🔧 Eureka REST API 使用方式 1. 注册服务实例 POST /eureka/apps/{app-name} Content-Type:

What is Eureka REST API? Read More »

How to Satisfy “Only-Access-Own-Realm” in Spring Security

Leave a Comment / Spring Framework /

In a banking application where each individual customer has their own realm of data (e.g., account info, transaction history), the traditional role-based security mechanism in Spring Security (e.g., ROLE_USER, ROLE_ADMIN) is not enough on its own to enforce access control at the data level. What Role-Based Security Does Well Role-based access in Spring Security is

How to Satisfy “Only-Access-Own-Realm” in Spring Security Read More »

A colorful array of tulips blooming in a field, showcasing the beauty of spring season.

Secure Spring API Endpoints with KeyCloak & Spring Security 6+

2 Comments / Spring Framework /

Securing a Spring Boot endpoint with Keycloak and Spring Security 6 involves integrating your Spring Boot application with Keycloak as the identity provider (IdP) using the spring-boot-starter-oauth2-resource-server module. Below are the key steps: 1. Add Dependencies Add these to your pom.xml for Maven: 2. Configure application.yml or application.properties Assuming your Keycloak realm is myrealm, client

Secure Spring API Endpoints with KeyCloak & Spring Security 6+ Read More »

Spring框架基于角色的访问授权的局限性

Leave a Comment / Spring Framework /

在有些应用系统中,比如银行应用系统中,每个客户都有自己的数据领域(例如账户信息、交易历史),仅靠 Spring Security 中的传统基于角色的安全机制(例如 ROLE_USER、ROLE_ADMIN)本身不足以在数据层面实施访问控制。 Spring Security 中基于角色的访问控制非常适合以下场景:• 授予对功能区域的访问权限(例如,只有管理员才能访问管理员控制面板)。• 根据用户的角色允许或拒绝方法或端点。但您的需求需要基于所有权的访问控制,或者对象级别的安全性,而不仅仅是角色级别的。 如何在 Spring Security 中满足“仅访问自己的领域”这一要求? 你需要将基于角色的安全性与细粒度的基于所有权的授权逻辑相结合。 下面一步一步看看我们怎么进行将基于Role的安全与控制更进一步,完成每个人只能访问自己的领地: 1、标准的认证与角色设置

Spring框架基于角色的访问授权的局限性 Read More »

Subscribe
Subscribe