Skip to content

Instantly share code, notes, and snippets.

@AdamBien
Created June 6, 2019 06:55
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save AdamBien/a72ef679c0651101c2598a9d79ff62bd to your computer and use it in GitHub Desktop.
Save AdamBien/a72ef679c0651101c2598a9d79ff62bd to your computer and use it in GitHub Desktop.
64thAirhacksQ&A.md

Ask questions and see you at July, 1st, 6.PM. CET: http://www.ustream.tv/channel/adambien

Also checkout recent episode:

64th airhacks.tv

Please keep the questions Java EE-stic. Means: as short and as concise as only possible. Feel free to ask several, shorter questions.

@mb-dbc-dk
Copy link

Hi Adam

When running payara-micro/server using micro-profile how do you go about implementing authentication for /health & /metrics, programatically?
The goal is to limit who can see metrics/health status, and log (remote ip) if somebody tries to do it that isn't allowed.
What I'm really interested in is implementing it in a jar that can be added with --addjars. This is meant to be in our payara docker image, so that all the services requires same authentication. Basically to ensure you don't forget to add configuration to your application to enable it.

@masumcse1
Copy link

I am using Java EE 8 code pattern according to this link.
https://developer.jboss.org/wiki/JavaEE8CrudApplication
Some of senior senior level java programmer some times provide suggestion need to use Apache - Delta spike for CDI.
I can not understand where Apache delta spike is necessary for this application code (example link).
Can you me a explanation why delta spike is important over CDI2.0(JavaEE8) ?
Note : my understand is apache delta spike is not important for java ee8(wildfy15).

@AdamBien
Copy link
Author

AdamBien commented Jul 1, 2019

Comments from adambien.blog:

what is the main difference between deploy java ee war from eclipse to
"JBoss" and deploy using wad jar: http://adambien.blog/roller/abien/entry/watch_and_deploy_wad_utility

@AdamBien
Copy link
Author

AdamBien commented Jul 1, 2019

SseEventSource (...), seems to me security does not exist in the sse client
api.

@AdamBien
Copy link
Author

AdamBien commented Jul 1, 2019

@AdamBien
Copy link
Author

AdamBien commented Jul 1, 2019

@AdamBien
Copy link
Author

AdamBien commented Jul 1, 2019

say i was using bce
pattern, what package would house the Filter class? http://adambien.blog/roller/abien/entry/monitoring_http_requests_with_microprofile

@AdamBien
Copy link
Author

AdamBien commented Jul 1, 2019

when are your using
Visual Studio Code for java vs. netbeans
http://adambien.blog/roller/abien/entry/thinjars_with_quarkus_io_on

@AdamBien
Copy link
Author

AdamBien commented Jul 1, 2019

Would you consider GlassFish 5.1 production ready? http://adambien.blog/roller/abien/entry/jakarta_ee_eclipse_glassfish_5

@AdamBien
Copy link
Author

AdamBien commented Jul 1, 2019

A framework from airhacks.tv alumni: https://developer.jboss.org/wiki/LargeScaleJEEFramework

@mrbyte2001
Copy link

mrbyte2001 commented Jul 2, 2019

Hi Adam

When running payara-micro/server using micro-profile how do you go about implementing authentication for /health & /metrics, programatically?
The goal is to limit who can see metrics/health status, and log (remote ip) if somebody tries to do it that isn't allowed.
What I'm really interested in is implementing it in a jar that can be added with --addjars. This is meant to be in our payara docker image, so that all the services requires same authentication. Basically to ensure you don't forget to add configuration to your application to enable it.

Hi,

does it make sense to hide health checks behind any security? because you want to use them for your services in e.g. kubernetes to restart pods if they get unavailable. I think you only need to hold them inside your network so that nobody can call http://yourserver/health from outside the cluster (e.g. with nginx or other possibilities).

For the metrics there is already a security configuration if you add

<basicRegistry id="basic" realm="MicroProfileMetrics"> <user name="admin" password="adminadmin"/> <user name="nonadmin" password="guest" /> </basicRegistry> <administrator-role> <user>admin</user> </administrator-role>

to your server.xml then only someone who can login as admin can read it. Maybe there is also a configuration for JWT but I didn't found any so far.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment