Sunday, July 22, 2018

Spring Boot Security 5 and Oauth2

Ultimate guide and examples:

Here a very rich presentation on Oauth2:

Spring boot Oauth2

A simple application:
Code is here or also

Here the OAuth2 specs

Nice simplified and compact presentation

Baeldung example for Oauth2 here with explanation here

Saturday, July 14, 2018

Thursday, July 12, 2018

Spring Boot and Netflix: Eureka Server

let's start with an empty Eureka Server:

run it, and hit:


We have some basic working examples here at

first we run the Eureka Server:

git clone
cd sample-eureka
gradle build
java -jar ./build/libs/sample-eureka.jar

then a sample service

git clone
cd sample-recommendations
gradle build
java -jar build/libs/sample-recommendations.jar

download latest gradle from, unzip it to E:/apps and make sure /e/apps/gradle-4.8/bin/gradle can be executed (I use gitBash shell)

in build.gradle, change apply plugin: 'spring-boot' into apply plugin: 'org.springframework.boot'

to build, simply run "gradle build"

all the dowloaded jars are in %HOME%\.gradle\caches\modules-2\files-2.1 (the equivalent of %HOME%/.m2/repository )

Recommendations runs at

curl http://localhost:8001/api/recommendations/jschneider

and Eureka Server at http://localhost:9000/

Wednesday, July 11, 2018

ELK docker

you have to adjust permanently the max_map_count parameter:

sysctl -w vm.max_map_count=262144

(sysctl - configure kernel parameters at runtime)

ls /proc/sys/vm to get list of available parameters

sudo vi /etc/sysctl.conf

try starting the container like this:

sudo docker run -p 5601:5601 -p 9200:9200 -p 5044:5044 -it --name elk sebp/elk

if it fails with this error:

waiting for Elasticsearch to be up (30/30)
Couln't start Elasticsearch. Exiting.

try allowing more time:

sudo docker run -e ES_CONNECT_RETRY=300 -p 5601:5601 -p 9200:9200 -p 5044:5044 -it --name elk sebp/elk

(see )

then KIBANA (you have to wait 1 minute for Kibana to come up) Elasticsearch JSON

to create dummy entry:

docker exec -it elk /bin/bash
/opt/logstash/bin/logstash /tmp/logstash/data -e 'input { stdin { } } output { elasticsearch { hosts => ["localhost"] } }'
this is a dummy entry
this is a dummy entry2

Kibana logs : less /var/log/kibana/kibana5.log
Elasticsearch logs : less /var/log/elasticsearch/elasticsearch.log
Logstash logs: less /var/log/logstash/logstash-plain.log

tail -f /var/log/elasticsearch/elasticsearch.log /var/log/logstash/logstash-plain.log /var/log/kibana/kibana5.log

docker network create -d bridge elknet

good practical presentation of ELK:

Sunday, July 8, 2018

rsync in action

To play in full safety, let's run tests in a docker container!

docker run -dit --privileged --name centos centos
docker attach centos
yum install rsync
yum install openssh openssh-server openssh-clients openssl-libs
groupadd centos
useradd -g centos centos
su - centos
cd ~
mkdir dir1
mkdir dir2
touch dir1/file{1..100}

#the "n" flag is "try-run" only, "v" is verbose, "a" is copy also links and preserve times ownership etc
rsync -anv dir1/ dir2

see also to configure sshd

if you get "Failed to get D-Bus connection: Operation not permitted" when starting sshd, probably you are not running the container in privileged mode


rsync -a dir1/ centos@localhost:/home/centos/dir2

to syncronize 2 folders upon deletion:

rm dir1/file99
#this will delete file99 also on dir2
rsync -anv --delete dir1/ centos@localhost:/home/centos/dir2

more flags: -z adds compression, -P adds progress report,