Use Spring-boot 2.x to verify test stages of your WebFlux and Reactive Data Apps
The Producer Environment In the world of testing critical business funcationality, we dont need much inspiration to get the job done. However, when it comes to what to use, you may be left wandering whether you’ll hit all of the right frameworks and tools to validate your business code. Also likely, you’ll also need to figure out how to cross validate a producer app with a consumer app(s) that you may not even own!
Use Spring-boot 2.x to verify test stages of your WebFlux and Reactive Data Apps
The Producer/Consumer exchange In the producer side, we setup a service that will let us query a database of teams. This article will focus on the consumer side of the communication chain - namely how to extract tests out of situations where the comunication chain is asymetrical. We will then dive into Spring Cloud Contract to aleviate this issue and produce a working producer/consumer contract.
To start, we’ll need a data object for client state.
Spring Security provides a intuitive and concise API for managing Authentication aspects within your app.
Customized WebFlux Form Authentication This demonstration examines Spring Security WebFlux’s Authentication mechanisms. We will look at authentication with HTML forms using Mustache, User Authentication, and customized form-based login / logout configurations.
The ServerHttpSecurity Configuration SecurityWebFilterChain is the governing chain of [WebFilter]’s that allows us to lock down reactive WebFlux applications. With @EnableWebFluxSecurity turned on, we can build this object by issuing commands to the ServerHttpSecurity DSL object.
SecurityConfiguration.java:
@EnableWebFluxSecurity @Slf4j @Configuration public class SecurityConfiguration { @Bean public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) { return http .
Spring Security provides a intuitive and concise API for managing Authentication aspects within your app.
Configuring Authentication against a WebFlux app This demonstration examines Spring Security WebFlux’s Authentication mechanisms. We will look at Authentication request escalation, as well as user-domain customizations.
Authentication flow-control How do we determine when a request must provide an authentication context? Spring does this with help from an AuthenticationEntryPoint that identifies un-authenticated requests and returns with a response to the user to perform some authentication action.
Configure ServerHttpSecurity to use HTTP-BASIC by calling it’s httpBasic() method.
Web-Socket that utilizes the Reactive Hot-Publisher pattern.
This Demo This is the multi-casting Flux variation of the standard WebSocket Service seen here
WebSocket Server Spring’s reactive [WebSocket] API is a part of Spring 5’s WebFlux API which bring reactive flow control to our projects via project reactor. We will introduce a single WebSocket handler, and show whats needed to get started using Spring’s WebSocketServer support.
You’ll want to start a new Spring project using start.spring.io[this link] to autogenerate a maven based POM.
Web-Socket that utilizes the Reactive Cold-Publisher pattern.
This Demo This demo will stand up Spring application service that exposes a WebSocket service through the Spring 5’s reactive WebSockets API. Typically, for inter-service comms, use a more traditional messaging system to deliver and expect events between services for example - messaging brokers such as Kafka, RabbitMq, etc.. WebSockets is an IETF standard and W3C API that provides a convenient way to issue and consume data streams across the Internet.
This Demo This demo client will connect and receive events from any URL that emits an open websocket stream. We have an existing server to stand up that can supply the socket events. A reactive client means that we can respond to backpressure, and weild the Observer pattern to our client connections.
The Client (SANS web) We can use our favorite Spring Application Initializr start dot spring dot io to generate the application.
Demonstrates how to trace a Spring Boot application that includes multiple hop services.
Tracing Motivation The more distributed a system the harder it is to debug errors, find latency, and to understand the potentially cascading impact of a bug. External monitoring only tells you the overall response time and number of invocations but doesn’t give us a way to understand internal invocations. Structured log entries can be correllated, eventually, to paint a picture of the movement of a request through a system, but structured logs are not easy to query.
This demonstration explains how to craft classical (not reactive) consumer/producer componentS within you Spring apps
Spring Kafka Writer and Readers What is Kafka Apache Kafka is an open-source stream-processing software platform developed by the Apache Software Foundation written in Scala and Java. You’ll find more information about Kafka at it’s Homepage.
Intro to Spring For Apache Kafka The Spring for Apache Kafka (spring-kafka) project applies core Spring concepts to the development of Kafka-based messaging solutions. It provides a “template” as a high-level abstraction for sending messages.
Simplify and deepen confidence in functional tests with Spring Test Slices.
Spring Test Slices Simplify testing by isolating the logical layers above and below that thing under test. These are the invariants. In a Spring Boot application, autoconfiguration produces a large monolithic application context.
Test slices allow us to segment the application context in terms of logical layers. As an example, the @WebMvcTest slice only includes components related to the web tier, like @Controller-annotated components.
The Basic Test As an example, let’s look at the structure of a unit test that looks something like the default unit test generated by the Spring Initializr.