Friday, July 7, 2017

What is Spring Boot Initilizr?

Spring Boot Initilizr is a web tool which is provided by Spring on official site using which Spring Boot project can be created by providing project details. It simplifies Spring Applications Development by providing initial project structure and build scripts which reduces development time thus increase productivity.
Steps to create Spring Boot project via initilizr
·        Select Maven project and dependencies. Fill other details as shown below and click on generate project.


·        Download the project, extract and now import this project As Maven by using Import option from the STS (Spring Tool Suite) IDE.
·        After finishing, You can see the project structure as shown below:

·    Spring boot generates a Java file in the src/main/java directory, pom.xml file with all required dependency. The default created Java file is the below.

·    Now run this project by selecting Java Application from run options and you will see the following output.


 Happy Coding…!!!
- No comments:
Labels: ,

Introduction to Spring Boot

Spring Boot is another module provided by Spring Framework which provides RAD (Rapid Application Development) feature to Spring framework. Using boot, we can create standalone Spring based application that you can “just run” in no time and Most Spring Boot applications need very little Spring configuration and it does not require any XML configuration. It uses convention over configuration software design paradigm that means it decrease the effort of developer.

Why Spring Boot?

As we know Spring framework provides flexibility to configure the beans in multiple ways such as XML, Annotations and JavaConfig. With the number of features increased the complexity also gets increased and configuring Spring applications becomes tedious and error-prone.
Spring Boot:
·         Ease the dependency Management, Java-based applications Development, Unit Test and Integration Test Process.
    • Eg: By adding springboot-starter-web dependency to pom.xml file will pull by default all the commonly used libraries such as spring-webmvc, jackson-json, validation-api and tomcat into your Spring MVC applications.
  • Do the Auto Configuration
    • Eg: By Adding above dependency will adds all these libraries but also configures the commonly registered beans like DispatcherServlet, ResourceHandlers, MessageSource etc beans with sensible defaults. Will see JDBC configuration blog in next blog.
  • Support for Embedded Servlet (Tomcat, Jetty )
    • It provides Embedded HTTP servers like Tomcat, Jetty etc. to develop and test our web applications very easily.
  • Easy to develop Spring Based applications with Java or Groovy and it reduces lots of development time and increases productivity. It also avoids writing lots of boilerplate Code, Annotations and XML Configuration.
  • Easy to integrate Spring Boot Application with its Spring Ecosystem like Spring-jdbc, Spring-orm, Spring-data-jpa, Spring security etc.

Spring Boot Components

·         Spring Boot Starter

    • Spring boot starter are just JAR Files or set of convenient dependency descriptors which we can include in our application to makes development easier and faster. It follows a naming pattern like: spring-boot-starter-*, where * is a particular type of application. This naming structure is intended to help when you need to find a starter. For example, if we want to get started using Spring and JPA for database access, just include the spring-boot-starter-data-jpa dependency in your project.

·        Spring Boot AutoConfigurator

·   It used by Spring Boot Framework to provide “Auto-Configuration. It attempts to automatically configure your Spring application based on the jar dependencies that you have added. For example, If HSQLDB is on your classpath, and you have not manually configured any database connection beans, then we will auto-configure an in-memory database.
·      You need to opt-in to auto-configuration by adding the @EnableAutoConfiguration or @SpringBootApplication annotations to one of your @Configurationclasses.

·        Spring Boot Actuator

·         It is used to expose different types of information about the running application – health, metrics, info, dump, env etc.
·         We can choose to manage and monitor our application using HTTP endpoints, with JMX or even by remote shell (SSH or Telnet). Auditing, health and metrics gathering can be automatically applied to your application.
·         To start using the existing actuators in Boot – we’ll just need to add the spring-boot-actuator dependency to the pom:
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-actuator</artifactId>
    <version>1.4.2.RELEASE</version>
</dependency>

·        Spring Boot CLI

·         Tool to run and test Spring Boot applications from command prompt. When we run Spring Boot applications using CLI, then it internally uses Spring Boot Starter and Spring Boot AutoConfigurate components to resolve all dependencies and execute the application.
·         It internally contains Groovy and Grape (JAR Dependency Manager) to add Spring Boot Defaults and resolve all dependencies automatically.

·        Spring Boot Initilizr

·         It is a web tool which is provided by Spring on official site using which Spring Boot project can be created by providing project details. Check here in depth details.
That’s it all about Spring Boot Framework. Will add few more blogs for depth details.





- No comments:
Labels: ,

Wednesday, April 12, 2017

Shibboleth Idp with External Authn Configuration

Shibboleth Idp comes with by default various flows like UsernamePassword, Mfa, X509, Kerberos, Spengo and various others flow but today I am going to discuss in details about one more flow which is also provided by Shibboleth Idp itself i.e External Flow

Use case:

Shibboleth Idp supports external Authn flow using which specific requirement can be fulfilled like your authentication database resides at some other location or some other servlet will do the authentication on the Idp’s behalf like authentication should be done at Facebook or Google side. All such scenario can be easily handled using External Authn flow.
Shibboleth team has already created document for the same which you can read it over here. I am writing this document to explain it in more details with example.

There are few predefined steps that we need to follow to add new custom flow in Shibboleth Idp as per Shibboleth guidelines. Let’s assume we have to create new flow named “Authn/Custom” in Shibboleth Idp. 

Here are the steps:

  • Copy opt\shibboleth-idp\conf\authn\ external-authn-config.xml and change it to custom-authn-config.xml and keep it under the same directory i.e. “opt\shibboleth-idp\conf\authn”.
  •  Replace all ‘External’ with ‘Custom’ in  custom-authn-config.xml file like 

<bean id="shibboleth.authn.External.externalAuthnPath" class="java.lang.String"
        c:_0="contextRelative:Authn/External" />                               
                                                TO
<bean id="shibboleth.authn.Custom.externalAuthnPath" class="java.lang.String"
        c:_0="contextRelative:Authn/Custom" />

  • Copy files from system to flow folder:

            cp system/flows/authn/external-authn-flow.xml flows/authn/Custom/Custom-flow.xml
            cp system/flows/authn/external-authn-beans.xml flows/authn/Custom/Custom-beans.xml

           Note: Make sure the name of the folder should be same as flow name. over here it is Custom  and Replace all ‘External’ with ‘Custom’ and edits the correct path too in both files.

  • Create a java project and create new Servlet CustomAuthnFlowServlet”. Servlet should contain final String key= ExternalAuthentication.startExternalAuthentication(httpRequest) and ExternalAuthentication.finishExternalAuthentication(key, httpRequest, httpResponse) and the authentication logic should be added between this statement and If you are doing any redirect then make sure you should persist the key as startExternalAuthentication & finishExternalAuthentication require the same key.
One more point principal should be set as httpRequest.setAttribute(ExternalAuthentication.PRINCIPAL_NAME_KEY, username) if you want to retrieve at Shibboleth SP side and in case of error mapped it with AUTHENTICATION_ERROR_KEY. httpRequest.setAttribute(ExternalAuthentication.AUTHENTICATION_ERROR_KEY, AUTHN_EXCEPTION);
                            
  •  Add new Servlet mapping to web.xml file of Shibboleth Idp.

             
  •  Add your custom exception that we have created in our Servlet in  opt\shibboleth-idp\conf\authn\authn-events-flow.xml.
                   
  •  Add below snippet to opt\shibboleth-idp\conf\errors.xml

<entry key="CustomException" value-ref="shibboleth.SAML2Status.AuthnFailed" />
        <entry key="AnotherException" value-ref="shibboleth.SAML2Status.AuthnFailed" />

Note: Map your Exception to correct value-ref as incase of error Idp will send this error Response to Shibboleth SP.
  • Register Custom Auth flow in conf/authn/external-authn-config.xml

                
  • Set idp.authn.flows as Custom (idp.authn.flows=Custom)
  • We can retrieve Principal at Shibboleth IdP side by adding below snipped in attribute-resolver.xml.
We are done here. Restart Shibboleth and hit target URL and you will see the SSO happening using your custom flow. Please feel free to comment or mail me for any queries.

Happy Coding!!!


- No comments:
Labels: , , ,
Subscribe to: Posts (Atom)

How TOPT Works: Generating OTPs Without Internet Connection

Introduction Have you ever wondered how authentication apps like RSA Authenticator generate One-Time Passwords (OTPs) without requiring an i...