Spring-Boot-starter | Spring boot project with preconfigured JPA | Security library

The message typically entails that your JAVA_HOME environment variable points to a different Java version.

Here are the steps to follow:

• Close IntelliJ IDEA
• Open a terminal window and check your JAVA_HOME variable value:
  • *nix system: echo $JAVA_HOME
  • Windows system: echo %JAVA_HOME%
• The JAVA_HOME path should be pointing to a different path, then set it to the openjdk-17 path:
  • *nix system: export JAVA_HOME=/path/to/openjdk-17
  • Windows system: set JAVA_HOME=path\to\openjdk-17
• Open your project again in IntelliJ IDEA
• Make sure to set both source and target compatibility versions (not only the sourceCompatibility)

You should be able to build your project.

You may need also to instruct Gradle to use a different JVM than the one it uses itself by setting the Java plugin toolchain to your target version:

Please note that Spring Cloud Gateway is not compatible with Spring MVC (spring-boot-starter-web). This is outlined in section "How to include Spring Cloud Gateway in the official reference documentation":

Spring Cloud Gateway is built on Spring Boot 2.x, Spring WebFlux, and Project Reactor. As a consequence, many of the familiar synchronous libraries (Spring Data and Spring Security, for example) and patterns you know may not apply when you use Spring Cloud Gateway.

Additionally, it is stated that:

Spring Cloud Gateway requires the Netty runtime provided by Spring Boot and Spring Webflux. It does not work in a traditional Servlet Container or when built as a WAR.

As already suggested by the error message, you would need to remove the dependency on spring-boot-starter-web. You can list all your direct and transitive dependencies with the following command:

If this is a local environment, you don't need to configure Spring, instead you modify angular configuration.

Create a file proxy.conf.json in your project's src/ folder.

Add the following content to the new proxy file:

GeneratePdf does not match the default name pattern for test classes. The default pattern is Test*|*Test|*Tests.

You can change it in your Gradle file with

It is really simple. Just create a bean of the Logbook type in a @Configuration class:

I think you are just missing @Validated annotation on top of your controller class.

I have been struggling with a similar issue In my gradle spring boot project I am using the output of the following for adding modules in jlink in my dockerfile with (openjdk:17-alpine):

Is it possible to use Spring Authorization server without exposing it to outside?

The Spring Authorization Server is implementing the OAuth2 protocol. If we look at the specs, we can see that it's naturally a client, which wants to authenticate itself: https://datatracker.ietf.org/doc/html/rfc6749#section-1.2. In your setup, it seems like that client is not the gateway itself, but lets say an app. So if that app should use the Spring Authorization Server, it would authenticate with it (most of the time, that means acquiring a token), before the first interaction with the gateway happens. So to answer that question, if you want to use OAuth2 as it was meant to be used, you would need a direct connection between the app and the Spring Authorization Server, which means, it needs to be exposed to the outside. This makes perfect sense, since OAuth2 is meant to be used not with a single service, but with lots of different services, e.g. to allow single-sign-on.

What is the proper way to implement this?

You could setup your own Spring Authorization Server, implement your custom Authorization Code Grant logic, so that a client can authenticate itself and acquire a token. This could for example be a JSON Web Token (JWT). This can (should) be independent from your gateway and other services.

To authorize requests at the gateway, there are different ways. You could implement a logic yourself, which reads a JWT from the request and authorize it with the Spring Authorization Server or another identity provider, which you might have. You can also use Spring Cloud Security with the Spring Authorization Server, which is described here: https://spring.io/blog/2019/08/16/securing-services-with-spring-cloud-gateway. This is definitely a proper way to implement it.

One more thing: as you can see, OAuth2 comes with a price, being that it is not trivial to understand and configure. You must understand it in detail, before you deploy such a setup. On the other hand, its a solid standard and you can have feature like single-sign-on out of the box. So if you only need authorization for single or multiple apps to a single service, there are probably easier ways to gain a token and secure an app and OAuth2 is maybe overkill. But OAuth2 really pays off, if you have lots of services and lots of apps which should be authenticated with a central (sometimes company-wide) solution.

Since you have everything containerized, it's way simpler.

Just set up a small healthcheck endpoint with Spring Web which serves to see if the server is still running, something like: