Sunday, July 22, 2018

Spring Boot Security 5 and Oauth2

Ultimate guide and examples:

Here a very rich presentation on Oauth2:

Spring boot Oauth2

A simple application:
Code is here or also

Here the OAuth2 specs

Nice simplified and compact presentation

Baeldung example for Oauth2 here with explanation here

Thursday, July 12, 2018

Spring Boot and Netflix: Eureka Server

let's start with an empty Eureka Server:

run it, and hit:


We have some basic working examples here at

first we run the Eureka Server:

git clone
cd sample-eureka
gradle build
java -jar ./build/libs/sample-eureka.jar

then a sample service

git clone
cd sample-recommendations
gradle build
java -jar build/libs/sample-recommendations.jar

download latest gradle from, unzip it to E:/apps and make sure /e/apps/gradle-4.8/bin/gradle can be executed (I use gitBash shell)

in build.gradle, change apply plugin: 'spring-boot' into apply plugin: 'org.springframework.boot'

to build, simply run "gradle build"

all the dowloaded jars are in %HOME%\.gradle\caches\modules-2\files-2.1 (the equivalent of %HOME%/.m2/repository )

Recommendations runs at

curl http://localhost:8001/api/recommendations/jschneider

and Eureka Server at http://localhost:9000/

Wednesday, July 11, 2018

ELK docker

you have to adjust permanently the max_map_count parameter:

sysctl -w vm.max_map_count=262144

(sysctl - configure kernel parameters at runtime)

ls /proc/sys/vm to get list of available parameters

sudo vi /etc/sysctl.conf

try starting the container like this:

sudo docker run -p 5601:5601 -p 9200:9200 -p 5044:5044 -it --name elk sebp/elk

if it fails with this error:

waiting for Elasticsearch to be up (30/30)
Couln't start Elasticsearch. Exiting.

try allowing more time:

sudo docker run -e ES_CONNECT_RETRY=300 -p 5601:5601 -p 9200:9200 -p 5044:5044 -it --name elk sebp/elk

(see )

then KIBANA (you have to wait 1 minute for Kibana to come up) Elasticsearch JSON

to create dummy entry:

docker exec -it elk /bin/bash
/opt/logstash/bin/logstash /tmp/logstash/data -e 'input { stdin { } } output { elasticsearch { hosts => ["localhost"] } }'
this is a dummy entry
this is a dummy entry2

Kibana logs : less /var/log/kibana/kibana5.log
Elasticsearch logs : less /var/log/elasticsearch/elasticsearch.log
Logstash logs: less /var/log/logstash/logstash-plain.log

tail -f /var/log/elasticsearch/elasticsearch.log /var/log/logstash/logstash-plain.log /var/log/kibana/kibana5.log

docker network create -d bridge elknet

good practical presentation of ELK:

Sunday, July 8, 2018

rsync in action

To play in full safety, let's run tests in a docker container!

docker run -dit --privileged --name centos centos
docker attach centos
yum install rsync
yum install openssh openssh-server openssh-clients openssl-libs
groupadd centos
useradd -g centos centos
su - centos
cd ~
mkdir dir1
mkdir dir2
touch dir1/file{1..100}

#the "n" flag is "try-run" only, "v" is verbose, "a" is copy also links and preserve times ownership etc
rsync -anv dir1/ dir2

see also to configure sshd

if you get "Failed to get D-Bus connection: Operation not permitted" when starting sshd, probably you are not running the container in privileged mode


rsync -a dir1/ centos@localhost:/home/centos/dir2

to syncronize 2 folders upon deletion:

rm dir1/file99
#this will delete file99 also on dir2
rsync -anv --delete dir1/ centos@localhost:/home/centos/dir2

more flags: -z adds compression, -P adds progress report,