Spring Boot Passthrough JWT with RestTemplate

In a microservice environment it is often the case, that calls from a client to a service result in further calls to other services. One possible scenario is a call to a GraphQL service which gathers information from different backend (REST) services and present it as a cohesive data graph.

In this scenario the user is authenticated to the backend services via OAuth2 (e.g., Keycloak or a Spring Boot OAuth2 server) and the GraphQL service should passthrough the authentication header (a JWT bearer) of incoming requests to the backend services. This way the authentication has to be validated only once in the backend services and as “near” as possible to the (REST) resources.

This is not meant as a replacement for service-to-service authentication, but as an addition if you do not use the full OpenID connect standard with a separate identity token to pass on, but still want to serve verifiable user data to your backend service. In contrast, you may use this to pass through any header (including a identity token). This is just a scenario that I faced.

Read More

Interview with Dr. Jan Köhnlein on Xtext, Xtend, Xcore, FXDiagram, and TypeFox

Dr. Jan Köhnlein is one of the founders of TypeFox, the moving force behind Xtext, Xtend, and FXDiagram. This is a very extensive follow-up interview to this one. Thanks again to Jan!

Dear Jan, thank you very much for your time. I really like the ecosystem around Xtext, Xtend, Xcore, Xbase, and EMF. I think it is one of the most-disrupting decisions (in a positive way) that, starting from 2.9.0, you address more than just the Eclipse platform! But with this new approach and your all new company TypeFox (as well as the spin-off from itemis), some questions arise…

Read More

Breadth-First Search with Java 8 Stream API

I recently had the problem to walk through some data and collect elements on the go. I thought it would be nice to use the (relatively) new Stream API in Java 8. After a short search in “the internet” I found a solution in this blog post for tree structures and in this one for recursing through a file system (which is a tree structure again). So, story told? No way! I needed to walk through graph structures (i.e., there might be cycles in it). In contrary, the solutions above will run forever, or more precisely they will terminate relatively fast with a StackOverflowException.
Read More

Task Queue for Heavy Weight Tasks in JavaSE Applications

Modern hardware systems have a multi-core architecture. So in contemporary software development concurrency is an even more crucial ingredient than before. But as we will see it is of great importance for single core systems, too. If you have already created a Java Swing application you’ve propably made an acquaintance with the SwingWorker, in order to delegate long running tasks from within Swing events to another thread. But first things first. In Swing the whole painting and event handling of the graphical user interface is executed in one thread the so called event dispatching-thread from AWT the underlying former window toolkit from Java. Therefore most of Swing-based methods are not thread-safe, meaning that you have to prevent race conditions by yourself, but it offers the possibility to dispatch tasks to the event-dispatcher thread. It is highly recommended to do everything, that updates the GUI in the corresponding thread.
Read More

Exception Handling for Injection Interceptor

Remember my post “Circular Injection of Util Classes in EJB 3.0“? There I offered a some kind of ugly solution to the circular dependency problem for managed classes in Java EE 5. In a preceding post (Circular Dependencies of Session Beans) I grumbled about the exception handling in jBoss-5.1. It lets you alone with a meaningless error message and you have to guess what the problem is. Unfortunately my own code presented in the former post is even worse, since it logs problems but ignores them. It wasn’t mentioned for productive use, but it was annoying to me, so here is a little tune up adding exception handling and readable error messages.
Read More

Inject CDI beans into Tapestry-5.x e.g. in Jboss-7.0.2-Final

As I explained in “Inject Java EE Beans into Tapestry-5.x“, the AppModule offers a way to configure Tapestry Web Applications directly in Java. In that post, we injected Java EE Beans into Tapestry applications. This time we do the same with Context and Dependency Injection (CDI) Beans. It follows the same procedure. The only difference is the way of looking up a bean. We still use JNDI for a lookup, but this time we retrieve the CDI BeanManager. In a second step we get the bean. For performance reasons we retrieve the bean only once per Thread (see annotation @Scope). It will be cached for subsequent lookups.
Read More

CDI and Transactions e.g. in JBoss-7.0.2

In Java EE applications you are safe to consider that every method in a session bean has an associated transaction, since there is an implicit declaration of the transaction attribute required. If you like to change this behavior you have to configure this proactively by adding the annotation @TransactionAttribute with another value (see enum TransactionAttributeType). Context and Dependency Injection (CDI) does not have such an implicit declaration and no direct container managed support for transactions. But it has a very nice realization of the interceptor concept. This post shows, how to facilitate an interceptor in order to add a transaction to every (or a selection) method in a CDI bean, if it does not already exist. This is the default behavior of required.
Read More

Circumvent Nested Transaction Issues in Tapestry-5.x

Ajax component events may be wrapped in a transaction as I pointed out in “Transaction Handling for Ajax Components in Tapestry-5.x“. But on some occasions an Ajax component event is surrounded by a component event. So the code in the ControllerUtil of article “Transaction Handling in Tapestry5” will lead to ‘transaction already active’ problems, since we try to begin a transaction in the nested ajax component event although there is already an active transaction attached to the current thread. We can overcome this situation by checking, whether an active transaction is present and begin/commit/rollback a new transaction iff not. This behavior is similar to the default transaction attribute REQUIRED in Java EE.
Read More

Transaction Handling for Ajax Components in Tapestry-5.x

In “Transaction Handling in Tapestry5” I described, how to configure transactions wrapping a complete page or component render request. The same is necessary (possible) for Ajax components. Besides having less transactions and sharing the first-level-cache for subsequent calls, this realizes the “Open Session in View Pattern” automatically. So you can access the database lazily via getter from an entity, for example, without running into lazy loading exceptions due to the fact that the transaction has been closed and the entities are detached already.
Read More