stackoom
  简体   繁体   中英

How do I keep my Elastic Beanstalk instance healthy when using Spring WebSecurityConfigurerAdapter?

 原文  2021-04-08 10:51:47       java/ spring-boot/ amazon-elastic-beanstalk

Question

Context

I'm hosting a Java SpringBoot application on Elastic Beanstalk, and it's running. I've just merged a branch that adds WebSecurityConfigurerAdapter, requiring a username and password on loading the page.

When run locally, the environment properties are in application.properties , and they are set in Travis and on Elastic Beanstalk under Configuration -> Software.

When I Go to Environment , an alert prompts me for username and password, after which it works.

Setting incorrect username or password in Configuration causes 502 errors, as expected.

Problem

The health of this instance is 'Severe', with 100.0 % of the requests are erroring with HTTP 4xx.

I believe that I've found the relevant error in the logs:

ConfigServletWebServerApplicationContext: Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityFilterChain' defined in class path resource [org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.IllegalArgumentException: username cannot be null

New file, SecurityConfig.java

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    private Environment environment;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .csrf().disable()
            .authorizeRequests().anyRequest().authenticated()
            .and()
            .httpBasic();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication()
            .withUser(environment.getProperty("USERNAME")).password("{noop}" + environment.getProperty("PASSWORD")).roles("USER");
    }
}

My understanding of this is that the Health of the instance is evaluated by loading / , at which point no username is found so the page fails to load.

If this is the case, how can I allow the Health checks to not fail because of http security?

1 answers

solution1
 0  2021-04-09 10:35:07

Spring has an 'Actuator' for opening up a Health Check endpoint

By adding the gradle dependency compile group: 'org.springframework.boot', name: 'spring-boot-starter-actuator' , the application gains an /actuator/health endpoint that the ELB Load Balancer can be configured to perform checks on instead of / .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How do I connect to my AWS DynamoDB instance from a Spring Java Elastic Beanstalk app? How do I upload an updated JAR to an existing Java Elastic Beanstalk instance using the AWS CLI 2? How do I get the Client Hostname and/or client IP address from within a Spring Boot application in Elastic Beanstalk? How can i compress the MultipartFie[] size in spring boot when i deploy the spring boot project in aws elastic beanstalk.? How do I access servlets after deploying to AWS Elastic Beanstalk? How do I configure a load balancer in an AWS Elastic Beanstalk environment? How do I supply configuration to elastic beanstalk tomcat How do you use cron jobs using Elastic Beanstalk and Java? AWS Elastic Beanstalk (single instance) : how to enable HTTPS for a Spring Boot application? Keeping WAR name when using Elastic Beanstalk
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM