Skip to content

Instantly share code, notes, and snippets.

@AdamBien
Created June 6, 2019 06:55
Show Gist options
  • Save AdamBien/a72ef679c0651101c2598a9d79ff62bd to your computer and use it in GitHub Desktop.
Save AdamBien/a72ef679c0651101c2598a9d79ff62bd to your computer and use it in GitHub Desktop.
64thAirhacksQ&A.md

Ask questions and see you at July, 1st, 6.PM. CET: http://www.ustream.tv/channel/adambien

Also checkout recent episode:

64th airhacks.tv

Please keep the questions Java EE-stic. Means: as short and as concise as only possible. Feel free to ask several, shorter questions.

@AdamBien
Copy link
Author

AdamBien commented Jul 1, 2019

@AdamBien
Copy link
Author

AdamBien commented Jul 1, 2019

say i was using bce
pattern, what package would house the Filter class? http://adambien.blog/roller/abien/entry/monitoring_http_requests_with_microprofile

@AdamBien
Copy link
Author

AdamBien commented Jul 1, 2019

when are your using
Visual Studio Code for java vs. netbeans
http://adambien.blog/roller/abien/entry/thinjars_with_quarkus_io_on

@AdamBien
Copy link
Author

AdamBien commented Jul 1, 2019

Would you consider GlassFish 5.1 production ready? http://adambien.blog/roller/abien/entry/jakarta_ee_eclipse_glassfish_5

@AdamBien
Copy link
Author

AdamBien commented Jul 1, 2019

A framework from airhacks.tv alumni: https://developer.jboss.org/wiki/LargeScaleJEEFramework

@mrbyte2001
Copy link

mrbyte2001 commented Jul 2, 2019

Hi Adam

When running payara-micro/server using micro-profile how do you go about implementing authentication for /health & /metrics, programatically?
The goal is to limit who can see metrics/health status, and log (remote ip) if somebody tries to do it that isn't allowed.
What I'm really interested in is implementing it in a jar that can be added with --addjars. This is meant to be in our payara docker image, so that all the services requires same authentication. Basically to ensure you don't forget to add configuration to your application to enable it.

Hi,

does it make sense to hide health checks behind any security? because you want to use them for your services in e.g. kubernetes to restart pods if they get unavailable. I think you only need to hold them inside your network so that nobody can call http://yourserver/health from outside the cluster (e.g. with nginx or other possibilities).

For the metrics there is already a security configuration if you add

<basicRegistry id="basic" realm="MicroProfileMetrics"> <user name="admin" password="adminadmin"/> <user name="nonadmin" password="guest" /> </basicRegistry> <administrator-role> <user>admin</user> </administrator-role>

to your server.xml then only someone who can login as admin can read it. Maybe there is also a configuration for JWT but I didn't found any so far.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment