Tag: Spring Boot
-
Feign + Eureka: UnknownHostException when Attempting to Invoke a Service
PROBLEM When attempting use Feign to invoke a service through Eureka, the following exception occurs:- SOLUTION Go to the donkey-kong-service app and add the following line to the application.properties:- Now, when Feign tries to invoke the service, the IP address will be used instead of the OS’ reported hostname. Read More…
-
Spring Boot: Restarting App using Dev Tools with IntelliJ IDEA
Spring Boot provides spring-boot-devtools module that allows the app to “smartly” restart whenever the files on the classpath have changed. Because the rarely changed classes (ex: 3rd party JARs) are separated out into a different classloader from the app’s actively developed classes’ classloader, it allows Spring Boot to quickly restart the app compared to “cold… Read More…
-
Spring Boot: Connecting to IBM MQ over JMS using non-IBM JRE
There are several ways to connect to IBM MQ:- This article shows you how to connect with Spring’s JmsTemplate. CONNECTIVITY INFO Typically, the MQ admin will provide the following connectivity info that allows you to connect to MQ:- DEPENDENCY Add the following dependency:- SPRING CONFIGURATION While the connectivity info can be hardcoded in Spring Boot’s… Read More…
-
JEE Security: Preventing Clickjacking Attacks
PROBLEM Clickjacking is an attack that tricks the users to perform unintended actions… see OWASP’s Testing for Clickjacking (OTG-CLIENT-009) SOLUTION To prevent clickjacking attacks, the app must set X-FRAME-OPTIONS header with an appropriate value:- If set correctly, the HTTPS response should show X-FRAME-OPTIONS header:- There are several ways to set this header. Solution 1: Using… Read More…
-
JEE Security: Disabling HTTP OPTIONS method
PROBLEM HTTP OPTIONS method is used to provide a list of methods that are supported by the web server. For example, the following shows both GET and HEAD are allowed on the given link:- Enabling OPTIONS may increase the risk of cross-site tracing (XST)… see OWASP’s Test HTTP Methods (OTG-CONFIG-006). SOLUTION There are several ways… Read More…