I'm using #RepositoryRestResource to quickly expose #Entity objects via spring-data-rest.
Question: is it possible to disable any _links self href links from the json response?
"_links" : {
"self" : {
"href" : "http://localhost:8080/people{?page,size,sort}",
"templated" : true
},
"search" : {
"href" : "http://localhost:8080/people/search"
}
},
"_embedded" : {
"persons" : [ {
[...]
Related
We are starting qpid broker from java code. Library used is qpid-broker-core, qpid-broker-plugins-amqp-1-0-protocol, qpid-broker-plugins-management-http.
Map<String, Object> attributes = new HashMap<>();
attributes.put("type", "Memory");
attributes.put("qpid.broker.defaultPreferenceStoreAttributes", "{\"type\": \"Noop\"}");
String resourcePath = findResourcePath("initial-config.json");
attributes.put("initialConfigurationLocation", resourcePath);
attributes.put("startupLoggedToSystemOut", "false");
System.setProperty("qpid.tests.mms.messagestore.persistence", "true");
System.setProperty("qpid.amqp_port", port);
System.setProperty("qpid.http_port", hport);
try {
URL.setURLStreamHandlerFactory(protocol -> ("classpath".equals(protocol) ? new Handler() : null));
} catch (final Error ignored) {
// Java is ridiculous and doesn't allow setting the factory if it's already been set
}
try {
LOGGER.info("*** Starting QPID Broker....");
broker.startup(attributes);
LOGGER.info("*** QPID Broker started.");
}
We can see debug log is enabled. All startup logs are getting printed in console. How to change log level to WARN.
Initial config json looks like
{
"name": "EmbeddedBroker",
"modelVersion": "8.0",
"authenticationproviders": [
{
"name": "anonymous",
"type": "Anonymous"
}
],
"ports": [
{
"name": "AMQP",
"bindingAddress": "localhost",
"port": "${qpid.amqp_port}",
"protocols": [ "AMQP_1_0" ],
"authenticationProvider": "anonymous",
"virtualhostaliases" : [ {
"name" : "nameAlias",
"type" : "nameAlias"
}, {
"name" : "defaultAlias",
"type" : "defaultAlias"
}, {
"name" : "hostnameAlias",
"type" : "hostnameAlias"
} ]
},
{
"name" : "HTTP",
"port" : "${qpid.http_port}",
"protocols" : [ "HTTP" ],
"authenticationProvider" : "anonymous"
}
],
"virtualhostnodes": [
{
"name": "default",
"defaultVirtualHostNode": "true",
"type": "Memory",
"virtualHostInitialConfiguration": "{\"type\": \"Memory\" }"
}
],
"plugins" : [
{
"type" : "MANAGEMENT-HTTP",
"name" : "httpManagement"
}
]
}
Tried adding brokerloggers in initial config json. but not working.
In config.json log level is defined by field "brokerloginclusionrules":
"brokerloggers" : [ {
"name" : "logfile",
"type" : "File",
"fileName" : "${qpid.work_dir}${file.separator}log${file.separator}qpid.log",
"brokerloginclusionrules" : [ {
"name" : "Root",
"type" : "NameAndLevel",
"level" : "WARN",
"loggerName" : "ROOT"
}, {
"name" : "Qpid",
"type" : "NameAndLevel",
"level" : "INFO",
"loggerName" : "org.apache.qpid.*"
}, {
"name" : "Operational",
"type" : "NameAndLevel",
"level" : "INFO",
"loggerName" : "qpid.message.*"
}, {
"name" : "Statistics",
"type" : "NameAndLevel",
"level" : "INFO",
"loggerName" : "qpid.statistics.*"
} ]
}
]
See documentation for complete example.
You could also read and update log level in runtime using broker-j REST API.
E.g. this curl command will return the list of broker loggers:
curl http://<USERNAME>:<PASSWORD>#<HOSTNAME>:<PORT>/api/latest/brokerlogger
This curl command will return the list of broker log inclusion rules:
curl http://<USERNAME>:<PASSWORD>#<HOSTNAME>:<PORT>/api/latest/brokerinclusionrule
This curl command will change log level of a log inclusion rule specified:
curl --data '{"level": "INFO"}' http://<USERNAME>:<PASSWORD>#<HOSTNAME>:<PORT>/api/latest/brokerinclusionrule/<BROKER_LOGGER_NAME>/<BROKER_LOG_INCLUSION_RULE_NAME>
Java Jersey project using following Swagger Core:
<dependency>
<groupId>io.swagger.core.v3</groupId>
<artifactId>swagger-jaxrs2</artifactId>
<version>2.0.2</version>
</dependency>
the document link goes to "openapi.json". Swagger-UI dist ver 3.20.5 is downloaded from here. Java code is like this:
#Path("/auth")
public class TestConttroller {
#GET
#Path("/{id}")
#Produces({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML})
public Response testGet(
#DefaultValue("") #HeaderParam("Authorization") String a,
#DefaultValue("") #PathParam("id") String id)
{
return Response.ok().build();
}
When sending request from Postman everything works. But when from following Swagger-UI, the header-param string "a" is an empty string while the path-param string is good. The part in openapi.json is here:
"paths" : {
"/auth/{id}" : {
"get" : {
"operationId" : "testGet",
"parameters" : [ {
"name" : "Authorization",
"in" : "header",
"schema" : {
"type" : "string",
"default" : ""
}
}, {
"name" : "id",
"in" : "path",
"required" : true,
"schema" : {
"type" : "string",
"default" : ""
}
} ],
"responses" : {
"default" : {
"description" : "default response",
"content" : {
"application/json" : { },
"application/xml" : { }
}
}
}
}
}
Check with WireShark found the header is not in request at all. Should the problem in Swagger-UI?
#HeaderParam("Authorization") is like a keyword of HTTP? when I used other name like "Auth" then it works.
I am using Swagger Core 2.0 to generate openAPI 3.0 definition files and
I am having trouble to disable "security" for a particular endpoint.
I have my securitySchemes and root security element defined:
{
"openapi" : "3.0.1",
"security" : [ {
"JWT" : [ ]
} ],
"paths" : {
"/auth" : {
"post" : {
"summary" : "authenticate user",
"operationId" : "authenticate",
"requestBody" : {
"content" : {
"application/json" : {
"schema" : {
"$ref" : "#/components/schemas/AuthenticationRequest"
}
}
}
},
"responses" : {
"200" : {
"description" : "when user is successfully authenticated",
"content" : {
"application/json" : {
"schema" : {
"$ref" : "#/components/schemas/AuthenticateUserOutput"
}
}
}
},
"401" : {
"description" : "when email/password not valid or user is blocked/inactive"
}
}
}
},
},
"components" : {
"schemas" : {
"AuthenticateUserOutput" : {
"type" : "object",
"properties" : {
"token" : {
"type" : "string"
},
"lastLoginAt" : {
"type" : "string",
"format" : "date-time"
},
"lastProjectId" : {
"type" : "string"
}
}
},
...,
"AuthenticationRequest" : {
"required" : [ "email", "password" ],
"type" : "object",
"properties" : {
"email" : {
"type" : "string"
},
"password" : {
"type" : "string"
}
}
}
},
"securitySchemes" : {
"JWT" : {
"type" : "http",
"scheme" : "bearer",
"bearerFormat" : "JWT"
}
}
}
}
According to OPEN API 3 spec https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.1.md#securityRequirementObject i shall be able to override global "security requirement" for an individual operation. I would like to "disable" JWT security for a few operations and according to https://github.com/OAI/OpenAPI-Specification/blob/3.0.1/versions/3.0.1.md#securityRequirementObject it can be done:
To remove a top-level security declaration, an empty array can be used.
Unfortunately I am struggling to define "empty security array" on Operation level using annotations...
I tried to specify
security = {}
or
security = #SecurityRequirement(name ="")
but no security element within operation is generated at all....
Any idea ?
Below is my java code (i use for swagger dropwizard integration) that allows one to have SecurityScheme and root level security defined
Info info = new Info()
.title("someTitle")
.description("some description")
.version("1.0")
SecurityScheme jwtSecurity = new SecurityScheme()
.type(SecurityScheme.Type.HTTP)
.name("Authorization")
.in(SecurityScheme.In.HEADER)
.scheme("bearer")
.bearerFormat("JWT");
String securitySchemaName = "JWT";
OpenAPI oas = new OpenAPI()
.info(info)
.components(new Components().addSecuritySchemes(securitySchemaName, jwtSecurity))
.addSecurityItem(new SecurityRequirement().addList(securitySchemaName));
SwaggerConfiguration oasConfig = new SwaggerConfiguration()
.openAPI(oas)
.prettyPrint(true)
.resourcePackages(Stream.of("my.resources.package")
.collect(Collectors.toSet()));
environment.jersey().register(new OpenApiResource()
.openApiConfiguration(oasConfig));
Then on a few dedicated endpoints i would like to disable security, so i am trying with:
#POST
#Operation(
summary = "authenticate user",
responses = {
#ApiResponse(responseCode = "200", description = "when user is successfully authenticated",
content = #Content(schema = #Schema(implementation = AuthenticateUserOutput.class))),
#ApiResponse(responseCode = "401", description = "when email/password not valid or user is blocked/inactive"),
}
,security = what to put here ?
)
if you want to do it in yml swagger hub style you can put
security: []
in that endpoint after request body, So swagger considers it as no auth for that particular path or endpoint.
According to a comment over on the OpenAPI-Specifiction GitHub project. It should be possible.
Did you try this?
security: [
{}
]
I had the same problem, on a Java SpringBoot webapp (dependency org.springdoc:springdoc-openapi-ui:1.5.2). As per this answer, I solved it adding an empty #SecurityRequirements annotation on the operation. For example:
#POST
#SecurityRequirements
#Operation(
summary = "authenticate user",
responses = {
#ApiResponse(responseCode = "200", description = "when user is successfully authenticated",
content = #Content(schema = #Schema(implementation = AuthenticateUserOutput.class))),
#ApiResponse(responseCode = "401", description = "when email/password not valid or user is blocked/inactive"),
} )
)
I need to implement stemmer search, I've found this link on elasticsearch documentation. There is json that I've had send to elascticsearch server. But I new in elasticsearch and cannot figure out how to implements this in java. I cannot also find any examples. Ccould you please help me with this?
I've add setting with
PUT /data
{
"settings": {
"analysis" : {
"analyzer" : {
"my_analyzer" : {
"tokenizer" : "standard",
"filter" : ["standard", "lowercase", "my_stemmer"]
}
},
"filter" : {
"my_stemmer" : {
"type" : "stemmer",
"name" : "english"
}
}
}
}
}
after that I am trying to find 'skis' with query:
GET data/_search
{
"query": {
"simple_query_string": {
"fields": [ "value36" ],
"query": "ski"
}
}
}
but result is empty
I would like to get the reference (it means the full object I see in the _source) from where each fragment highlighted originates.
Example :
Table = article
Columns = id, label, content
I would like to know for each fragments highlighted what is the id.
My ElasticSearch request :
GET /sa/_search
{
"query" : {
"bool" : {
"should" : {
"multi_match" : {
"query" : "oasis",
"fields" : [ "label", "content" ]
}
}
}
},
"highlight" : {
"order" : "score",
"fields" : {
"label" : { },
"content" : {
"fragment_size" : 250
}
}
}
}
Currently, with this request, I have only the fragment hightlighted, but I can't know which fragment is link to which id.
Does somebody has any idea to that ?