Jersey3DiscoveryClientOptionalArgs may be configured with TlsProperties in EurekaServerAutoConfiguration.java

Question

Jersey3DiscoveryClientOptionalArgs may be configured with TlsProperties in EurekaServerAutoConfiguration.java

limo520 opened this issue 9 months ago · 5 comments

When SSL for EurekaServer is enabled, I have to define my own jersey3DiscoveryClientOptionalArgs bean. It seems we can do this by default, as DiscoveryClientOptionalArgsConfiguration.java does.
DiscoveryClientOptionalArgsConfiguration.java is a part of spring-cloud-netflix-eureka-client, which is one dependency of spring-cloud-netflix-eureka-server. And it has already defined a TlsProperties bean too.

    @Bean
    @ConditionalOnMissingBean(AbstractDiscoveryClientOptionalArgs.class)
    public Jersey3DiscoveryClientOptionalArgs jersey3DiscoveryClientOptionalArgs(TlsProperties tlsProperties)
            throws GeneralSecurityException, IOException {
        Jersey3DiscoveryClientOptionalArgs optionalArgs = new Jersey3DiscoveryClientOptionalArgs();
        if (tlsProperties.isEnabled()) {
            SSLContextFactory factory = new SSLContextFactory(tlsProperties);
            optionalArgs.setSSLContext(factory.createSSLContext());
        }
        return optionalArgs;
    }

Answer 1 · 2024-04-02T06:53:13.000Z

The following class trys to do this , but it takes no effect currently.
org.springframework.cloud.netflix.eureka.config.DiscoveryClientOptionalArgsConfiguration$DiscoveryClientOptionalArgsTlsConfiguration

It seems that EurekaServerAutoConfiguration is registered after DiscoveryClientOptionalArgsTlsConfiguration, which results in failing to match @ConditionalOnBean(value = AbstractDiscoveryClientOptionalArgs.class, search = SearchStrategy.CURRENT) on DiscoveryClientOptionalArgsTlsConfiguration

Answer 2 · 2024-06-26T14:43:15.000Z

Hi @limo520, thanks for reporting the issue. Please provide a minimal, complete, verifiable example that reproduces the issue.

Answer 3 · 2024-06-27T16:45:26.000Z

@OlgaMaciaszek there is an example, https://github.com/limo520/spring-cloud-netflix-issues-4268

Answer 4 · 2024-06-28T14:08:39.000Z

Thanks, @limo520; so if I understand correctly, the scenario is to use TLS with the JerseyClient provided by EurekaServer for intra-peer EurekaServer communication, yes? And the Eureka Server's Jersey3DiscoveryClientOptionalArgs bean is created after DiscoveryClientOptionalArgsConfiguration's setup is processed, therefore it's not taken into account? Have added a draft solution that may address this. @spencergibb does this look ok to you?

Answer 5 · 2024-06-28T14:37:37.000Z

@OlgaMaciaszek Yes, you are right. And when I wrote the example, I find another similar issue which can be reproduced by removing eureka.server.my-url in application.yml. It seems becuase of Jersey3ReplicationClient, but I haven't found it out.