Delegating user management to Keycloak allows us to better focus on meeting the business needs of an application. However, we still need to provide the appropriate configuration to translate user roles and privileges between Keycloak and Spring Boot. Additionally, we’re going to need some handy techniques for debugging how roles are converted between the two services.
When an API is secured against CSRF attacks, we must ensure that our clients’ requests are adjusted to the security requirements. Learn how to successfully call an API that uses the Cookie-to-header token approach by adding the X-XSRF-TOKEN header to Postman requests.
Identifying the unassigned shards in Elasticsearch and finding the reason why a shard can’t be allocated is critical when we want to get rid of the “NoShardAvailableActionException: No shard available” warning. Additionally, the Elasticsearch APIs also provide helpful hints pointing to the possible cause of this issue.
In Angular 9 and 10 we can notice that the “my-element is not a known element” error is missing when our tests don’t have all required stubs. Make sure to check debug messages when running tests and add all absent stubs. Otherwise, you will have to update your test suite when the Angular team fixes this bug.
If a project needs the JAVA_HOME variable pointing to a particular value and this requirement is not met on our environment, we will get errors while trying to build that project, e.g. the “Unable to find javadoc command: The environment variable JAVA_HOME is not correctly set” error. Instead of exporting the JAVA_HOME value manually we can easily set the variable permanently with a custom script.
Angular provides a built-in support for sending requests secured with the XSRF-TOKEN header. However, it won’t add the token to absolute URLs for security reasons. One way to solve the “Invalid CSRF token found” issue is to use relative links in all mutable requests and apply a custom proxy.
Each API requires comprehensive documentaiton. You can generate it using Swagger for a REST API. Its clients will get standardized and thorough insight while you won’t need to worry about keeping it up to date. Learn how to configure Swagger, generate documentation in JSON and render it with Swagger UI when frontend is supported by Angular.
When debugging a hibernate related issue, it is useful to examine queries in the console. Check out how to print them with binding parameters.