A fast, lightweight and more productive microservices framework

Last update: Jan 5, 2023

Overview

A fast, lightweight and cloud-native microservices framework.

Why call it Light-4J

Light means lightweight, lightning fast and shedding light on how to program with modern Java SE for cloud-native deployment.

Why am I doing it

I had been working on the Java EE platforms since early 2000 and suffered the performance and productivity issues. In 2014, I realized that the IT industry was moving from Monolithic to Microservices and from on-premise data centers to the public clouds.

To reduce the production cost for my applications, I need to find a lightweight platform that has a small memory footprint, high throughput, and low latency in Java. Java EE and Spring/Spring Boot are too heavy to be considered. Other lightweight Java platforms all have different issues on the separation between the business logic and technical cross-cutting concerns. Moreover, they are not cloud-native or designed for container/cloud.

Without finding anything suitable, I started to build my open-source platform light-4j on top of the Undertow HTTP core by following the principles. Because my approach is very radical, and it is against products from big corporations, I have been attacked by some entities online and offline constantly. However, I am so convinced that my approach is the future direction and spend all my effort to continue the development. Today, a lot of companies are using light-4j on production with very positive feedback. It further encourages me to devote myself to the framework and to extend the platform to build an ecosystem.

For users who benefit from the platform, you can become a sponsor for me so that I can put all my effort into the open-source projects.

Why use this framework

Fast and small memory footprint to lower production cost.

It is 44 times faster than the most popular microservices platform Spring Boot embedded Tomcat and use only 1/5 of memory. Here are the benchmark results compare with Spring Boot and other microservices frameworks. Here is the third party comparison with other Web frameworks.

Provide an embedded gateway to address cross-cutting concerns.

Plugin architecture for startup/shutdown hooks and middleware components
Distributed OAuth2 JWT security verification as part of the framework
Request and response validation against OpenAPI specification at runtime
Metrics collected in Influxdb/Prometheus and viewed from Grafana Dashboard for both services and clients
Global exception handling for runtime exception, API exception, and other checked exceptions
Mask sensitive data like the credit card, sin number, etc. before logging
Sanitize cross-site scripting for query parameters, request headers and body
Audit to dump important info or entire request and response.
Body parser to support different content types
Standardized response code and messages from the configuration file
Externalized configuration for all modules for the dockerized environment
CORS pre-flight handler for SPA (Angular or React) from another domain
Rate limiting for services that exposed outside to the Internet
Service registry and discovery support direct, Consul and Zookeeper
Client-side discovery and load balance to eliminate proxies
A client module that is tightly integrated with Light-OAuth2 and supports traceability

Design and Test driven development to increase productivity

Design OpenAPI specification and generate the service from it. The specification is also part of the framework to drive security verification and request validation at runtime.

Unit/End-to-End test stubs are generated to enable test driven approach for quality product.

Debugging within IDE just like standalone application for better developer productivity.

Built-in DevOps flow to support continuous integration to production

Dockerfile and DevOps supporting files are generated to support dockerization and continuous integration to production.

Multiple frameworks for different type of microservices

light-rest-4j is a RESTful microservice framework with OpenAPI specification for code generation and runtime security and validation
light-graphql-4j is a GraphQL microservice framework that supports schema generation from IDL and plugin.
light-hybrid-4j is a hybrid microservice framework that takes advantages of both monolithic and microservice architectures.
light-eventuate is a messaging based microservice framework based on Kafka, event sourcing and CQRS

Multiple languages support

All the open sourced frameworks are built in Java and we are working on Nodejs framework internally. In the future, we might provide Golang framework as well and all them are sharing the same eco-system and market place.

OAuth2 server, portal and services to form ecosystem

OAuth2 Server for security and Portal for production monitor and management. The portal is also a marketplace to link clients and services together.

Getting Started

There are two ways to start your project:

Light-codegen generator

You can use light-codegen to generate a working project. Currently, it supports light-rest-4j, light-graphql-4j, light-hybrid-server-4j and light-hybrid-service-4j. light-eventuate code generator is coming.

The light-codegen project README.md describes four ways to use the generator with examples.

Clone and build the light-codgen and use the codegen-cli command line utility
Use docker image networknt/light-codegen to run the codegen-cli command line utility
Use generate.sh from model-config repo to generate projects based on conventions.
Generate code from web site with codegen-web API. (API is ready but UI needs to be built)

Starting from an example project

The other way to start your project is to copy from light-example-4j.

You can find the description of these examples

Also, there are some tutorials

Debugging

To run/debug from IDE, you need to configure a Java application with main class "com.networknt.server.Server" and working directory is your project folder. There is no container and you are working on just a standalone Java application.

Start Server

In IDE

create a Java application that main class is com.networknt.server.Server and working directory is your project root folder. You can debug your server just like a POJO application.

From Maven

mvn exec:exec

Command Line

java -jar target/demo-0.1.0.jar

Stop Server

you can use Ctrl+C to kill the server but for production use the following command

kill -s TERM <pid>

The server has a shutdown hook and the above command allow it to clean up. For example, complete in-flight requests and close the database connections etc. If service registry and discovery is used, then the server will send shutdown event to service registry and keep processing requests for 30 seconds until all clients refreshes their local cache before shutting down.

Appreciation

Light-4j has been optimized by using open source license of JProfiler from ej-technologies.

License

Light-4j and all light-*-4j frameworks are available under the Apache 2.0 license. See the LICENSE file for more info.

Comments

Environment variable references in the light-4j yaml config files

This is enhancement request to create a "preprocessor" for yaml configuration files to be able to inject environment variables.

Proposed implementation specification:

You can use environment variable references in the config file to set values that need to be configurable during deployment. To do this, use:

${VAR}

Where VAR is the name of the environment variable.

Each variable reference is replaced at startup by the value of the environment variable. The replacement is case-sensitive and occurs before the YAML file is parsed. References to undefined variables are replaced by empty strings unless you specify a default value or custom error text.

To specify a default value, use:

${VAR:default_value} Where default_value is the value to use if the environment variable is undefined.

To specify custom error text, use:

${VAR:?error_text}

Where error_text is custom text that will be prepended to the error message if the environment variable cannot be expanded.

If you need to use a literal ${ in your configuration file then you can write $${ to escape the expansion.
enhancement

opened by pragmaticway 27
Feedback request to change interface of handler.yml to support multi-path/multi-method combinations
Current interface is designed such that each path in the path list defines a single target url with a single http method (as follows):

- path: /v1/health method: get exec: - unsecured - health

In order to support more terse configurations, we could support multiple items in the path field (changing name to paths), and multiple items in the method field (methods):

- paths: - /v1/health - /v2/health methods: - get - post exec: - unsecured - health

In which case both paths would support both get and post methods (cartesian product).

Any feedback for this would be greatly appreciated.

From: https://gitter.im/networknt/light-4j?at=5b647baba9426c705d210ebc
enhancement question
opened by NicholasAzar 27
Feat/#389 status merge
Overwritten status.yml by using app-status.yml [1] If the status code in application-status.yml is not contained by status.yml, the status code will be appended to the default status list. [2] If the status code in application-status.yml is contained by status.yml, the value will be overwritten with app-status.yml, and this behavior will be recorded in the log.

Adjusted format
opened by jiachen1120 24
provide skywalking light-4j plugin

Do light-4j team have interested to provide a light-4j plugin for Apache SkyWalking APM? We have supported a lot of popular framework, and new 5.0 will be released soon.

Plugin Development Guide

https://github.com/apache/incubator-skywalking/blob/master/docs/en/Plugin-Development-Guide.md

Supported list

https://github.com/apache/incubator-skywalking/blob/master/docs/Supported-list.md
enhancement help wanted

opened by wu-sheng 22
Hibernate or DBUtils

Hello, I am building several REST APIs with MySql. I am coming from using spring with hibernate. I am playing with your framework, however I see all of your examples using database are done using plain JDBC code. If we have larger models and nested, it would be difficult to map the resultSet to object model. What is your recommendation to use as an ORM for easy mapping between object to sql data and vice versa.
question

opened by raviada 21
Feat/connection pool
Related issue: https://github.com/networknt/light-4j/issues/572 https://github.com/networknt/light-4j/issues/595

This PR implements the connection pool of http2client to optimize the connection establishment of the http2client module.

implementation

By embedding the connection pool into an existing method

CompletableFuture<ClientResponse> callService(URI uri, ClientRequest request, Optional<String> requestBody)

, the user can call this method or getRequestService(URI uri, ClientRequest request, Optional<String> requestBody) which combine the callService() with circuit breaker to cache the established connections and reuse them without considering the type of connection.

When the connection is http/1.1, multiple connections will be added to the connection pool for the same host. The workflow is to monitor whether there are connections that are not yet occupied by other requests and are not waiting for a response when a request is sent. If so, reuse the connection until the connection is closed or the maximum number of requests is reached, otherwise a new connection is established and cached into connection pool for this host.

When the connection is http/2, only one connection will be added to the connection pool for the same host. When sending a request, reuse it until the connection is closed or the maximum number of requests is reached. When the connection is not encrypted(using the http protocol), more than one connection will be added to the connection pool. This is because the undertow will first establish a http/1.1 connection and then upgrade it to http2 instead of directly establishing http/2 connections.

The connection pool uses the LRU mechanism. Least recently used connection will be removed when the connection pool size reaches the set value.

Configuration

Users can configure the size of the connection pool; the maximum number of requests per connection and whether http/2 is enabled by configuring client.yml.

Or, user can clean up the connection pool manually by calling Http2ClientConnnectionPool.getInstance().clear()

For example,

request: errorThreshold: 2 timeout: 3000 resetTimeout: 7000 enableHttp2: false connectionPoolSize: 1000 maxReqPerConn: 1000000

Example

try { ClientRequest requestB = new ClientRequest().setMethod(Methods.GET).setPath(apibPath); CompletableFuture<ClientResponse> response = client.callService(new URI(apibHost), requestB, Optional.empty()); int statusCodeB = response.join().getResponseCode(); if (statusCodeB >= 300) { throw new Exception("Failed to call API B: " + statusCodeB); } String apibList = response.join().getAttachment(Http2Client.RESPONSE_BODY); } catch (Exception e) { logger.error("Exception:", e); throw new ClientException(e); }
enhancement 1.6.x 2.0.x
opened by jiachen1120 21
make the sanitizer handler context aware by config

The current sanitizer handler blindly applies the JavaScriptSource encoding for the body and it might not be the right thing to do based on the context of the API. The library was designed for JSP and server-side rendering with a clear context about the data it is trying to encode. In the API world, we don't have the context available. In order to apply the right encoding for the right API, we need to allow users to pass in a context from the sanitizer.yml so that the right encoding will be applied for the body of the request.

We also need to explore if there are new libraries available to replace the https://github.com/OWASP/owasp-java-encoder

https://github.com/networknt/light-4j/issues/513
enhancement help wanted

opened by stevehu 15
SSL error - client module - release 1.5.29

This issue happens after the upgrade to 1.5.29 at my client.

19:47:15.181 [Client task-6] ERROR com.networknt.client.ssl.SSLUtils handleTrustValidationErrors - No subject alternative names present java.security.cert.CertificateException: No subject alternative names present at sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:145) at sun.security.util.HostnameChecker.match(HostnameChecker.java:94) at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:455) at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:436) at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:252) at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:136) at com.networknt.client.ssl.ClientX509ExtendedTrustManager.checkServerTrusted(ClientX509ExtendedTrustManager.java:108) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1601) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052) at sun.security.ssl.Handshaker$1.run(Handshaker.java:992) at sun.security.ssl.Handshaker$1.run(Handshaker.java:989) at java.security.AccessController.doPrivileged(Native Method) at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1467) at io.undertow.protocols.ssl.SslConduit$5.run(SslConduit.java:1072) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) 19:47:15.200 [Client task-8] ERROR com.networknt.client.ssl.SSLUtils handleTrustValidationErrors - No subject alternative names present java.security.cert.CertificateException: No subject alternative names present at sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:145) at sun.security.util.HostnameChecker.match(HostnameChecker.java:94) at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:455) at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:436) at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:252) at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:136) at com.networknt.client.ssl.ClientX509ExtendedTrustManager.checkServerTrusted(ClientX509ExtendedTrustManager.java:108) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1601) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052) at sun.security.ssl.Handshaker$1.run(Handshaker.java:992) at sun.security.ssl.Handshaker$1.run(Handshaker.java:989) at java.security.AccessController.doPrivileged(Native Method) at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1467) at io.undertow.protocols.ssl.SslConduit$5.run(SslConduit.java:1072) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) Tests run: 2, Failures: 0, Errors: 2, Skipped: 0, Time elapsed: 0.073 sec <<< FAILURE! - in....
showstopper

opened by ddobrin 15
Feat/#427 config decryption
Hey! This PR is based on @dz-1 PR, https://github.com/networknt/light-4j/pull/414. Please merge that PR before this one :)

This PR includes the implementation of two new decryptor:

AutoASEDecryptor -- can retrieve configuration file decryption password from environment variables

ManualASEDecryptor -- can retrieve configuration file decryption password by stdin when server startup

This two implementation can be configured in the config.yml, more detailed can be referred from the RFC. Look forward to your review!

Related RFC: https://github.com/networknt/light-rfcs/blob/feat/%23427-config-decryption/light-4j/0018-retrieve%20symmetric%20key%20for%20config%20decryption.md

Related issue: https://github.com/networknt/light-4j/issues/427
opened by jiachen1120 14
Fix/#590 skip tests

-related issue: https://github.com/networknt/light-4j/issues/590 to make the existing user keep using "DskipTests", change the "skip.unit.tests" to property "skipTests" when run integration test, using "-P integration-test" -added some integration test files to fix some integration tests, the configs of integration tests and unit tests are independent after the change of issue https://github.com/networknt/light-4j/issues/502
1.6.x 2.0.x

opened by BalloonWen 13

make some of the server options configurable

One of the customers asked if we can make the worker threads configurable as they have servers with many cores and want to have thousands of worker threads instead of hard-coded 200.

I am thinking we should at least make the following configurable.

Buffer size
Io threads
Worker threads
Backlog
Always setdate
Server string

As there are so many existing projects, we need to make sure that these default values are still for backward compatibility.

            server = builder.setBufferSize(1024 * 16).setIoThreads(Runtime.getRuntime().availableProcessors() * 2)
                    // above seems slightly faster in some configurations
                    .setSocketOption(Options.BACKLOG, 10000)
                    .setServerOption(UndertowOptions.ALWAYS_SET_KEEP_ALIVE, false) // don't send a keep-alive header for
                    // HTTP/1.1 requests, as it is not required
                    .setServerOption(UndertowOptions.ALWAYS_SET_DATE, true)
                    .setServerOption(UndertowOptions.RECORD_REQUEST_START_TIME, false)
                    .setHandler(Handlers.header(handler, Headers.SERVER_STRING, "L")).setWorkerThreads(200).build();

enhancement

opened by stevehu 10

re-group http content related module package

Current we have three modules related to http content:

http-entity -- package name: com.networknt.http http-string -- package name: com.networknt.httpstring http-url -- package name: com.networknt.url

In those module, there are different classes which mixed with http meta info and undertow web server meta info.

We need re-group the module/package and classes for those modules

opened by GavinChenYan 0
Feature/bom

I made a mistake trying to put BOM files into a separate repository. This pull request is what I should have done since the beginning. I thought that the Light platform was split into a bunch of different repositories, but there's only a few main multi-module projects and various libraries (which are kind of independent). Most of my Microservice experience is with Gradle and our application was split into a bunch of different repositories instead of having a few repositories filled with a bunch of modules.

Tonight I've started to have second thoughts about the way my team decided to structure our application. This experience has been enlightening.

The work I've done in this pull request is based on strategies used in the Spring and Jersey projects. Their project structures are very similar to the light-4j and light-rest-4j projects.

Check the bom/README.md file for documentation on the strategy I've taken.

opened by jawaff 9
Gzip encoding: steps
Hi, Could you provide specific steps on how to enable compression for rest endpoint? Maybe a tutorial / example how to do it step by step for light-4j v2.x... I have read this FAQ: https://doc.networknt.com/faq/gzip-response/#how-to-compress-the-response-with-gzip but I don't understand how to apply this in my test app:

what config files to change?

need to create some provider & how to register it?
opened by chivas-bambook 3
Fix H2DataSource issue with data-source module and refactor, add factory construct arguments feature to SingletonServiceFactory
1. Refactor data-source module

The data-source module is refactored to use delegation as the means for code reuse instead of inheritance. As part of this refactoring, com.networknt.db.GenericDataSource becomes an interface instead of a concrete base class. Reusable code is placed in DataSourceHelper.

2. Fix case where H2DataSource params loaded for non-H2 DB's if no constructor arg provided

Fix issue with com.networknt.db.XDataSource classes, whereby instantiating any such class with its default constructor results in the class trying to load H2DataDataSource parameters from data-source.yml. E.g.: instantiating MySqlDataSource will see MySqlDataSource attempt to use H2DataSource parameters from data-source.yml (instead of MySqlDataSource parameters).

3. Add DI ability to provide parameters to factory constructor

These changes are in SingletonServiceFactory (e.g.: Light's Dependency Injection system).

Existing functionality

singletons: - javax.sql.DataSource: com.networknt.db.MysqlDataSource::getDataSource

In the example service.yml above, one can use a factory method of the constructed object to generate a class that implements the interface. Currently, one cannot provide arguments to the factory constructor.

New functionality

singletons: - javax.sql.DataSource: - com.networknt.db.MysqlDataSource::getDataSource: - java.lang.String: "MysqlDataSource"

The new syntax introduced (see above) allows one to specify parameters to the factory's constructor.

Note: The syntax shown under Existing Functionality above still works as it always has--no existing functionality of SingletonServiceFactory has been removed via this update.
pend/docs-required
opened by miklish 4

Releases(2.1.5)

2.1.5(Jan 4, 2023)
2.1.5 (2023-01-04)

Merged pull requests:

fixes #1557 update DirectRegistry to load serviceId to hosts configur… #1558 (stevehu)

fixes #1555 update config-loader to support static reload method to a… #1556 (stevehu)

fixes #1543 revert back to the old implementation but update header o… #1554 (stevehu)

fixes #1552 Port consul updates from 1.6.x to master to make the modu… #1553 (stevehu)

fixes #1550 add another set of borrowConnection methods with timeoutS… #1551 (stevehu)

fixes #1548 make sure the serviceId is not blank when lookup in the L… #1549 (stevehu)

fixes #1546 Port 1.6.x PR to put exchange listener call back into a t… #1547 (stevehu)

fixes #1543 only set the response content length header with ServerFi… #1544 (stevehu)

fixes #1541 missing handleRequest ends in the debug log for BasicAuth… #1542 (stevehu)

fixes #1539 update RouterHandler to support reload on light-gateway #1540 (stevehu)

fixes #1537 refactor JwtVerifier to support UnifiedSecurityHandler #1538 (stevehu)

Issue1535 #1536 (stevehu)

fixes #1533 refactor ApiKeyHandler to extact logic to another public … #1534 (stevehu)

fixes #1531 update reload to fresh the registry for SalesforceHandler #1532 (stevehu)

fixes #1529 status/src/main/resources/config/status.yml #1530 (stevehu)

Feature/jasonxhl/basic auth enable ad #1528 (jasonxhl)

fixes #1526 refactor BasicAuthHandler to change the config to static … #1527 (stevehu)

fixes #1524 use the jwt cache full size as the max cache size in JwtV… #1525 (stevehu)

fixes #1520 upgrade TLS version to minimum 1.2 #1521 (stevehu)

fixes #1517 Expose connectionPerThread configuration for router handler #1518 (stevehu)

fixes #1515 allow the client crendentials token and token key to over… #1516 (stevehu)

fixes #1513 BasicAuthHandler throws 500 error when authorization head… #1514 (stevehu)

fixes #1510 Add a flag in security.yml to skip scope verification if … #1511 (stevehu)

fixes #1508 add jwtCacheFullSize to security.yml and log an error whe… #1509 (stevehu)

fixes #1506 create a ldap-util module and move the implementation cod… #1507 (stevehu)

Source code(tar.gz)
Source code(zip)
1.6.44(Dec 22, 2022)
1.6.44 (2022-12-22)

Merged pull requests:

Consul connection creation can block forever and service cache erased if Consul connection fails #1504 (miklish)

Fix the potential risks of ExchangeCompleteListener #1342 (atmoshaman)

fixes #1522 upgrade 1.6.x server TLS version to 1.2 #1523 (stevehu)

Source code(tar.gz)
Source code(zip)
2.1.4(Nov 30, 2022)
2.1.4 (2022-11-30)

Merged pull requests:

Bump postgresql from 42.4.1 to 42.4.3 #1497 (dependabot)

Added relaxed verification debug flag #1505 (KalevGonvick)

Issue1501 #1502 (stevehu)

basic-auth handler test fix #1500 (KalevGonvick)

Fix flaky test #1469 (anantdahiya8)

Fix flaky test #1499 (tt0suzy)

BasicAuthHandler Refactor #1496 (KalevGonvick)

fixes #1494 update LightProxyHandler to recreate the ProxyHandler aft… #1495 (stevehu)

fixes #1490 add debug log for handler start and end time for performa… #1493 (stevehu)

fixes #1491 remove conquest handler from ingress-proxy module #1492 (stevehu)

fixes #1488 update the register and reload for LimitHandler #1489 (stevehu)

fixes #1486 update salesforce password grant type multipart form-data… #1487 (stevehu)

fixes #1494 support header config reload #1485 (stevehu)

fixes #1482 dummy oauth server support other content type and basic a… #1483 (stevehu)

fixes #1480 Mras Anonymous authorization header is null #1481 (stevehu)

fixes #1478 fix the anonymous serviceHost in the MrasHandler #1479 (stevehu)

fixes #1476 Update middleware handlers to register the module after r… #1477 (stevehu)

fixes #1474 update PathPrefixServiceHandler config to static to suppo… #1475 (stevehu)

fixes #1472 update the LimitHandler to use a static RateLimiter object #1473 (stevehu)

fixes #1470 allow values.yml to be reloaded after config-reload #1471 (stevehu)

Source code(tar.gz)
Source code(zip)
2.1.3(Nov 11, 2022)
2.1.3 (2022-11-10)

Merged pull requests:

fixes #1466 recreate RateLimiter object after the config reload #1467 (stevehu)

fixes #1464 update path handlers to allow the mapping to be empty #1465 (stevehu)

fixes #1460 do not skip PathPrefixServiceHandler if server_url is in … #1463 (stevehu)

fixes #1461 mask bootstrapStorePass in the server config during regis… #1462 (stevehu)

fixes #1458 implement the password grant_type for salesforce handler #1459 (stevehu)

fixes #1454 standardize the built-in config files for some modules #1455 (stevehu)

fixes #1451 add api-key module and dummy OAuth server #1452 (stevehu)

fixes #1449 udpate the BasicAuthHandler to make the config an instanc… #1450 (stevehu)

Added shutdownApp method #1447 (fortunadoralph)

fixes #1445 support multiple rules in the response transformer interc… #1446 (stevehu)

Fixed Chunked Encoding When writing transformed Payload to SinkConduit (+ some refactor) #1444 (KalevGonvick)

fixes #1442 resolve NPE in TokenHandler is appliedPathPrefixes missin… #1443 (stevehu)

fixes #1439 request and response transform interceptors though NPE if… #1440 (stevehu)

ResponseBodyInterceptor Update #1437 (KalevGonvick)

fixes #1435 checked content encoding in the response interceptor inje… #1436 (stevehu)

fixes #1433 update the ModifiableContentSinkConduit to add some trace… #1434 (stevehu)

fixes #1431 add debug and trace to the ProxyHandler to confirm retry #1432 (stevehu)

fixes #1429 check the response headers to identify if the response co… #1430 (stevehu)

fixes #1426 call the interceptors directly if there is no request body #1427 (stevehu)

fixes #1424 add requestHeaders and responseHeaders to the request res… #1425 (stevehu)

Source code(tar.gz)
Source code(zip)
1.6.43(Nov 9, 2022)
1.6.43 (2022-11-09)

Merged pull requests:

do not clear the local service registry cache when a consul connection fails #1457 (miklish)

Changes made to the code as required. Mentioned in issue #1274 & #1287 #1357 (AkashWorkGit)

Source code(tar.gz)
Source code(zip)
2.1.2(Oct 22, 2022)
2.1.2 (2022-10-22)

Merged pull requests:

Fix flaky test in URLNormalizerTest.java #1419 (yannizhou05)

fixes #1418 enhance the token handler to add applied path prefixes #1422 (stevehu)

fixes #1420 check the appliedPathPrefixes for the RequestTransformInt… #1421 (stevehu)

fixes #1415 add a new external handler for conquest planning API access #1416 (stevehu)

Updated ModifiableSinkConduit + RequestInterceptInjectionHandler #1414 (KalevGonvick)

fixes #1412 move the rewrite rules to inside the match condition for … #1413 (stevehu)

fixes #1407 Add a new config property to control the size of the requ… #1410 (stevehu)

Update RequestInterceptorInjectionHandler.java #1409 (KalevGonvick)

fixes #1406 adding config reload for router.yml and others used by th… #1408 (stevehu)

fixes #1402 add skip list for the security.yml to allow some prefix t… #1404 (stevehu)

fixes #1401 add url rewrite rules for the salesforce handler for exte… #1403 (stevehu)

Issue1399 #1400 (stevehu)

fixes #1396 remove the stream body get as start blocking is remove #1397 (stevehu)

fixes #1394 add properties to allow connect and host update in header #1395 (stevehu)

fixes #1392 remove blocking as it causes the ModifiableContentSinkCon… #1393 (stevehu)

fixes #1390 update response headers for external service handler to r… #1391 (stevehu)

fix for RequestTransformer plus debug logging for ResponseTransformer #1389 (DiogoFKT)

Update RequestInterceptorInjectionHandler.java #1387 (KalevGonvick)

fixes #1384 fix a bug in the AuditConfig for the enabled flag #1385 (stevehu)

fixes #1382 stop calling next middleware handler in request andd resp… #1383 (stevehu)

fixes #1380 external salesforce and mras reponse header missing #1381 (stevehu)

fixes #1378 add a config property to pre-resolve the host in egress-r… #1379 (stevehu)

fixes #1376 allow the empty body for RequestBodyInterceptor and all e… #1377 (stevehu)

Feature/body handler trace enhancement #1374 (KalevGonvick)

fixes #1372 ExternalService handler cannot handle empty body #1375 (stevehu)

fixes #1371 add url rewrite to the external service handler in egress… #1373 (stevehu)

fixes #1369 update header handler to support header manipulation per … #1370 (stevehu)

Changes made to the code as required. Mentioned in issue #1274 & #1287 #1357 (AkashWorkGit)

fixes #1367 handle the null content type for the mras request #1368 (stevehu)

fixes #1363 add url rewrite rules in the mras handler #1366 (stevehu)

fixes #1364 update the logic to copy the same hosts configuration to … #1365 (stevehu)

Issue1361 #1362 (stevehu)

fixes #1359 update MRAS handler to load the certificate from the keys… #1360 (stevehu)

h2c config option #1358 (KalevGonvick)

fixes #1355 Donot run response body interceptor if the response is st… #1356 (stevehu)

fixes #1352 disable all test cases for the request body interceptor #1353 (stevehu)

fixes #1350 do not call the next handler in the chain from request bo… #1351 (stevehu)

fixes #1348 A typo in the proxy.yml in ingress-proxy resources/config #1349 (stevehu)

fixes #1346 fix typos in the Salesforce and MRAS handlers to set the … #1347 (stevehu)

fixes #1344 update salesforce handler to support multiple APIs with d… #1345 (stevehu)

fix typo for ExternalService response headers #1343 (DiogoFKT)

Fix for 1339 #1340 (KalevGonvick)

fixes #1337 disable several test cases in client module that only wor… #1338 (stevehu)

fixes #1335 check the request path with the key set in MRAS and Sales… #1336 (stevehu)

fixes #1332 refactor salesforce handle to support multiple configurat… #1333 (stevehu)

fixes #1330 update MRAS config to add resource to the Microsoft token… #1331 (stevehu)

fixes #1328 Handle non-JSON request body in the AuditHandler #1329 (stevehu)

fixes #1326 refactor the MRAS handler to resolve multiple use cases w… #1327 (stevehu)

fixes #1324 support xml request body parsing in the RequestBodyInterc… #1325 (stevehu)

Bump postgresql from 42.3.3 to 42.4.1 #1321 (dependabot)

fixes #1319 remove the status from the audit list #1320 (stevehu)

fixes #1317 convert the audit handler to interceptor for logging requ… #1318 (stevehu)

fixes #1314 upgrade yaml-rule to 1.0.1 in pom.xml #1315 (stevehu)

Issue1308 #1312 (stevehu)

fixes #1302 Do an iteration to get the serviceId from the request path #1303 (stevehu)

fixes #1300 update ServiceConfig to allow the singletons to be null #1301 (stevehu)

fixes #1298 cache the jwk with all kids in the jwk result #1299 (stevehu)

fixes #1294 update BasicAuthConfig to support JSON string for the users #1295 (stevehu)

fixes #1292 upload ServiceConfig to support load singletons as JSON s… #1293 (stevehu)

fixes #1290 update GatewayRouterHandler to add the caller_id to the r… #1291 (stevehu)

fixes #1288 change the ProxyConfig to remove httpsEnabled #1289 (stevehu)

fixes #1285 add hosts and path for debugging in proxy handlers #1286 (stevehu)

fixes #1283 update gateway service dict handler to use HandlerUtils.t… #1284 (stevehu)

fixes #1281 refactor the ServiceDictConfig to use internal format #1282 (stevehu)

fixes #1279 update path service handlers with new config class to sup… #1280 (stevehu)

fixes #1277 update TokenKeyRequest to make the clientId and clientSec… #1278 (stevehu)

fixes #1275 update AuditConfig methods to public so that it can be ac… #1276 (stevehu)

fixes #1272 update security.yml to use JsonWebKeySet for keyResolver #1273 (stevehu)

fixes #1270 add providerId to the security.yml for oauth key service #1271 (stevehu)

fixes #1268 gracefully handle the security config missing in the Secu… #1269 (stevehu)

fixes #1266 update the security.yml with SecurityConfig class to supp… #1267 (stevehu)

fixes #1264 upgrade json-path and remove the exclusion in the pom.xml #1265 (stevehu)

fixes #1262 externalize module configurations for default #1263 (stevehu)

fixes #1260 externalize the audit.yml andupdate the AuditConfig to su… #1261 (stevehu)

fixes #1258 add logging statements to the SingletonServiceFactory #1259 (stevehu)

fixes #1256 add default service.yml with template in service module #1257 (stevehu)

fixes #1254 remove the full jwt from the logging for security reason #1255 (stevehu)

fixes #1252 resolve a class cast exception in TokenHandler #1253 (stevehu)

fixes #1250 change the passwords and secrets in client.yml and server… #1251 (stevehu)

fixes #1248 update the TokenHandler to support multiple OAuth 2.0 pro… #1249 (stevehu)

fixes #1246 update client module to copy the config map for registry #1247 (stevehu)

fixes #1244 add trace info in ExternalServiceHandler for debugging #1245 (stevehu)

fixes #1242 externalize scope with a list of strings in client.yml fo… #1243 (stevehu)

fixes #1240 add ssl context to the connection for the external servic… #1241 (stevehu)

fixes #1238 add values.yml with serviceId and rename the test values.yml #1239 (stevehu)

Added shutdown handler #1237 (mayurikasaxena)

fixes #1235 add MRAS handler for external service authentication and … #1236 (stevehu)

Issue1233 #1234 (stevehu)

fixes #1231 add a generic handler to access external services via pro… #1232 (stevehu)

fixes #1229 update salesforce handler and config #1230 (stevehu)

fixes #1227 add some debug statements to the JWT access in client and… #1228 (stevehu)

add empty checking for scopes #1226 (fortunadoralph)

fixes #1224 Add a Salesforce handler to authentication and invocation #1225 (stevehu)

Source code(tar.gz)
Source code(zip)
1.6.42(Aug 24, 2022)

1.6.42 (2022-08-23)

Merged pull requests:
Source code(tar.gz)
Source code(zip)
1.6.41(Aug 11, 2022)
1.6.41 (2022-08-11)

Merged pull requests:

Fix confusing service discovery result message #1334 (jsu216)

Add a time buffer before terminate the blocking query connection to C… #1323 (jsu216)

Source code(tar.gz)
Source code(zip)
1.6.40(Aug 5, 2022)
1.6.40 (2022-08-05)

Merged pull requests:

Update log messages to make it easier for monitoring #1316 (jsu216)

Issue1304 - Add more debug and info messages #1309 (jsu216)

fixes #1304 Consul ServiceLookupThread connect to consul server get s… #1305 (stevehu)

Source code(tar.gz)
Source code(zip)
2.1.1(Apr 27, 2022)
2.1.1 (2022-04-26)

Merged pull requests:

fix for NPE if input is null for Mask methods (issue 1208) #1222 (miklish)

fixes #1220 update the rate-limit config to ensure backward compatibi… #1221 (stevehu)

fixes #1216 add query parameter and header rewrite in the ProxyHandler #1217 (stevehu)

fixes #1218 handle the case that clientId and userId resolver failed … #1219 (stevehu)

Issue1211 #1212 (stevehu)

fixes #1213 move the tableau authentication handler to the light-4j i… #1214 (stevehu)

fixes #1209 NPE is thrown when the server is selected as key without … #1210 (stevehu)

fixes #1206 update the default rate limit handle configuration after … #1207 (stevehu)

fixes #1204 update rate-limit to add an overloaded constructor with c… #1205 (stevehu)

fixes #1202 remove the 500 sleep and enable multiple requests test #1203 (stevehu)

Rate limit handler fix #1201 (GavinChenYan)

Issue1178 #1200 (stevehu)

fixes #1198 return an status object for generic exception from the Pr… #1199 (stevehu)

Feature/content length error message #1197 (KalevGonvick)

ProxyBodyHandler Rework #1196 (KalevGonvick)

add DefaultConfigLoaderTest.java #1192 (wswjwjccjlu)

fixes #1191 We have ProxyHandler in both egress-router and ingress-pr… #1194 (stevehu)

Issue1188 #1189 (stevehu)

ProxyBodyHandler rework #1187 (KalevGonvick)

fixes #1183 add the Transfer-Encoding of http header into the client.yml #1185 (stevehu)

fixes #1181 Update the config class to output the config file name wh… #1182 (stevehu)

fixes #1179 remove a trace statement that can cause NPE #1180 (stevehu)

fixes #1176 add a status code for OBJECT_NOT_UNIQUE #1177 (stevehu)

fixes #1174 #1175 (GavinChenYan)

fixes #1172 output the status in log if get service from portal fails #1173 (stevehu)

fixes #1170 add enabled flag to the rule-loader.yml to bypass the rul… #1171 (stevehu)

Update on config loader for nested values.yml #1168 (wswjwjccjlu)

fixes #1166 Handle the LoadBalancingRouterProxyClient has empty host … #1167 (stevehu)

fixes #1126 update the config.yml and router.yml with templates #1165 (stevehu)

fixes #1162 Add a new error code for Startup Hook not loaded correctly #1163 (stevehu)

fixes #1160 Update a typo in a test case comment #1161 (stevehu)

fixes #1158 update default client.yml to enable the token serverUrl a… #1159 (stevehu)

fixes #1156 add more tracing statements in OauthHelper #1157 (stevehu)

fixes #1154 adding logging statements in AbstractRegistry #1155 (stevehu)

fix the empty body issue for config reload handler #1153 (GavinChenYan)

fixes #1151 add a default constructor for ClientCredentialsRequest #1152 (stevehu)

fixes #1149 make the sanitizer.yml backward compatible #1150 (stevehu)

fixes #1147 remove the serviceId from the header in the router client #1148 (stevehu)

fixes #1140 Update client module to verify JWT tokens from many OAuth… #1146 (stevehu)

Issue1139 #1145 (stevehu)

Issue1143 #1144 (GavinChenYan)

fixes #1141 update logging statements in OauthHelper and ProxyHandler #1142 (stevehu)

fixes #1137 update the rule-loader startup to avoid loading the same … #1138 (stevehu)

fixes #1135 add a new status code to indicate the access control rule… #1136 (stevehu)

fixes #1133 Add method rewrite in the gateway use case to support leg… #1134 (stevehu)

fixes #1131 update sanitizer handler to support all owasp encoders #1132 (stevehu)

fixes #1129 update RuleLoaderStartupHook to only get the ruleId and i… #1130 (stevehu)

fixes #1127 upgrade jaeger-client to 1.8.0 from 1.6.0 to resolve depe… #1128 (stevehu)

Upgrade Guidelines:

This is a release with some bug fixes and enhancements. It is backward compatible with the 2.1.0 release.
Source code(tar.gz)
Source code(zip)
1.6.39(Apr 26, 2022)
1.6.39 (2022-04-26)

Merged pull requests:

fix for NPE if input is null for Mask methods (issue 1208) #1222 (miklish)

Source code(tar.gz)
Source code(zip)

2.1.0(Feb 28, 2022)

2.1.0 (2022-02-27)

Merged pull requests:

fixes #1124 enhance the sanitizer to make the configuration separated… #1125 (stevehu)
fixes #1122 log the stacktrace if a middleware handler is not loaded … #1123 (stevehu)
Issue1120 #1121 (stevehu)
fixes #1118 allow router to support serviceId from query parameters a… #1119 (stevehu)
fixes #1116 Update the rate-limit to allow customzied the error code … #1117 (stevehu)
fixes #1112 add Jdk8Module to the ObjectMappers in config module to h… #1113 (stevehu)
fixes #1108 update the rule-loader to add another rule action to tran… #1109 (stevehu)
Bump postgresql from 42.2.25 to 42.3.3 #1107 (dependabot)
fixes #1105 disable a test case in the body handler as it is not stable #1106 (stevehu)
Truncated Exception Fix #1104 (KalevGonvick)
fixes #1102 update the LoggerGetLogContentHandler to return map and h… #1103 (stevehu)
fixes #1100 remove a logging statement in the DefaultConfigLoader as … #1101 (stevehu)
fixes #1097 add isNumeric to StringUtils in the utility #1098 (stevehu)
Bump postgresql from 9.4.1211 to 42.2.25 #1095 (dependabot)
Issue1093 #1094 (stevehu)
fixes #1091 update the default rate limit concurrent requests to 2 fr… #1092 (stevehu)
fixes #1089 update audit status key from Status to status #1090 (stevehu)
fixes #1087 externalize rate-limit, header and whitelist-ip config files #1088 (stevehu)
Bump h2 from 2.0.206 to 2.1.210 #1086 (dependabot)
fixes #1084 update the DefaultConfigLoader to get the values.yml from… #1085 (stevehu)
Bump httpclient from 4.5.6 to 4.5.13 #1077 (dependabot)
Bump h2 from 1.4.196 to 2.0.206 #1083 (dependabot)
fixes #1081 update the ClaimsUtil to name the service id claim with s… #1082 (stevehu)
fixes #1079 add method and path to the method not found error message #1080 (stevehu)
fixes #1075 Add rule-loader module to support fine-grained access con… #1076 (stevehu)
fixes #1073 update the sanitizer.yml to externalize properties for va… #1074 (stevehu)
fixes #1071 externalize jaeger-tracing configuration properties #1072 (stevehu)
fixes #1069 update server.yml to externalize server.ip #1070 (stevehu)
fixes #1067 update the SignKeyRequest to get the proxy info from the … #1068 (stevehu)
fixes #1065 Turn off hostname verification for OAuthHelper based on t… #1066 (stevehu)
change promethus config to be extendable #1064 (GavinChenYan)
fixes #1061 #1062 (GavinChenYan)
Issue1059 #1060 (stevehu)
fixes #1057 add ProxyHealthGetHandler in ingress-proxy for the http-s… #1058 (stevehu)
fixes #1053 update the pom.xml and jaeger-client dependency to avoid … #1054 (stevehu)
Issue 1048 #1051 (stevehu)
max json payload for proxy which using buffer stream #1050 (GavinChenYan)
fixes #1048 update ProxyBodyHandler to handle the data form and add t… #1049 (stevehu)
add other contentType for proxy body handler #1047 (GavinChenYan)

Upgrade Guidelines:

The following middleware handlers have been changed in this release and the config file needs to be updated to leverage the new features.

config.yml

For this release, we have set the default value to true for allowDefaultValueEmpty so that an empty value can be used in the template for other config files.

# For some configuration files, we have left some properties without default values as there
# would be a negative impact on the application security. The following config will ensure that
# null will be used when the default value is empty without stopping the server during the start.
allowDefaultValueEmpty: true

limit.yml

The errorCode is newly added to allow the users to customize the error response if the request is dropped. By default, code 503 is returned.

# If the rate limit is exposed to the Internet to prevent DDoS attacks, it will return 503
# error code to trick the DDoS client/tool to stop the attacks as it considers the server
# is down. However, if the rate limit is used internally to throttle the client requests to
# protect a slow backend API, it will return 429 error code to indicate too many requests
# for the client to wait a grace period to resent the request. By default, 503 is returned.
errorCode: ${limit.errorCode:503}

sanitizer.yml

This file is changed a lot so that we can set up the encoders for both body and header separately.

---
# Sanitize request for cross-site scripting during runtime

# indicate if sanitizer is enabled or not
enabled: ${sanitizer.enabled:false}

# if it is enabled, the body needs to be sanitized
bodyEnabled: ${sanitizer.bodyEnabled:true}
# the encoder for the body. javascript, javascript-attribute, javascript-block or javascript-source
# There are other encoders that you can choose depending on your requirement. Please refer to site
# https://github.com/OWASP/owasp-java-encoder/blob/main/core/src/main/java/org/owasp/encoder/Encoders.java
bodyEncoder: ${sanitizer.bodyEncoder:javascript-source}
# pick up a list of keys to encode the values to limit the scope to only selected keys. You can
# choose this option if you want to only encode certain fields in the body. When this option is
# selected, you can not use the bodyAttributesToIgnore list.
bodyAttributesToEncode: ${sanitizer.bodyAttributesToEncode:}
# pick up a list of keys to ignore the values encoding to skip some of the values so that these
# values won't be encoded. You can choose this option if you want to encode everything except
# several values with a list of the keys. When this option is selected, you can not use the
# bodyAttributesToEncode list.
bodyAttributesToIgnore: ${sanitizer.bodyAttributesToIgnore:}

# if it is enabled, the header needs to be sanitized
headerEnabled: ${sanitizer.headerEnabled:true}
# the encoder for the header. javascript, javascript-attribute, javascript-block or javascript-source
# There are other encoders that you can choose depending on your requirement. Please refer to site
# https://github.com/OWASP/owasp-java-encoder/blob/main/core/src/main/java/org/owasp/encoder/Encoders.java
headerEncoder: ${sanitizer.headerEncoder:javascript-attribute}
# pick up a list of keys to encode the values to limit the scope to only selected keys. You can
# choose this option if you want to only encode certain fields in the body. When this option is
# selected, you can not use the headerAttributesToIgnore list.
headerAttributesToEncode: ${sanitizer.headerAttributesToEncode:}
# pick up a list of keys to ignore the values encoding to skip some of the values so that these
# values won't be encoded. You can choose this option if you want to encode everything except
# several values with a list of the keys. When this option is selected, you can not use the
# headerAttributesToEncode list.
headerAttributesToIgnore: ${sanitizer.headerAttributesToIgnore:}

router.yml

The router config in egress-router has been changed to add the query parameter for service_id and URL rewrite rules.

# support serviceId in the query parameter for routing to overwrite serviceId in header routing.
# by default, it is false and shouldn't be used unless you are dealing with a legacy client that
# doesn't support header manipulation. Once this flag is true, we are going to overwrite the header
# service_id derived with other handlers from the prefix, path, endpoint etc.
serviceIdQueryParameter: ${router.serviceIdQueryParameter:false}

# URL rewrite rules, each line will have two parts: the regex pattern and replace string separated
# with a space. The light-router has service discovery for host routing, so when working on the
# url rewrite rules, we only need to create about the path in the URL.
# Test your rules at https://www.freeformatter.com/java-regex-tester.html#ad-output
urlRewriteRules: ${router.urlRewriteRules:}

Source code(tar.gz)
Source code(zip)

1.6.38(Feb 19, 2022)
1.6.38 (2022-02-19)

Merged pull requests:

fixes #1110 add Suppression annotation for TypeParameterUnusedInFormals #1111 (stevehu)

Source code(tar.gz)
Source code(zip)
1.6.37(Nov 11, 2021)
1.6.37 (2021-11-10)

Merged pull requests:

Issue1055 #1063 (jaydeepparekh1311)

Issue1055 - ClassCastException in maskList method #1056 (jaydeepparekh1311)

fixes #970 #976 (GavinChenYan)

Upgrade Guidelines:

This is a release with some bug fixes and enhancements. It is backward compatible with the 1.6.36 release. For all the changes for the entire platform, please refer to https://trello.com/b/189msq9S/release-schedule
Source code(tar.gz)
Source code(zip)
2.0.32(Oct 19, 2021)
2.0.32 (2021-10-19)

Merged pull requests:

fixes #1045 add checkInterval to the TTL check body to find the right #1046 (stevehu)

Feature/get log contents #1044 (KalevGonvick)

fixes #1042 create a TimeUtil in the utility module for scheduler and… #1043 (stevehu)

java.lang.IllegalArgumentException: Label cannot be null. #1039 #1040 (helloalbin)

Added handler for grabbing log contents #1041 (KalevGonvick)

fixes #1037 A typo in the deregister url for the protal registry #1038 (stevehu)

fixes #1035 #1036 (GavinChenYan)

Upgrade Guidelines:

This is a release with some bug fixes and enhancements. It is backward compatible with the 2.0.31 release. For all the changes for the entire platform, please refer to https://trello.com/b/189msq9S/release-schedule
Source code(tar.gz)
Source code(zip)
2.0.31(Sep 22, 2021)
2.0.31 (2021-09-22)

Merged pull requests:

fixes #1033 #1034 (GavinChenYan)

add default header when client request missed the setting #1032 (GavinChenYan)

fixes #1030 update the portal de-registry to add checkInterval to the… #1031 (stevehu)

fixes #1026 #1027 (GavinChenYan)

add caller id header to audit map which will be used metrics #1025 (GavinChenYan)

Source code(tar.gz)
Source code(zip)
2.0.30(Aug 24, 2021)
2.0.30 (2021-08-23)

Merged pull requests:

fixes #1023 #1024 (GavinChenYan)

add status change and new method for Result object #1022 (GavinChenYan)

Add new error code #1021 (wswjwjccjlu)

fixes #1019 #1020 (GavinChenYan)

issue#1017 add new error codes #1018 (wswjwjccjlu)

fixes #1015 #1016 (GavinChenYan)

Issue1011 #1014 (stevehu)

change egress router to allow user to extend the router handler #1013 (GavinChenYan)

fixes #1011 update the health.yml to enable downstream health check w… #1012 (stevehu)

fixes #1009 update config server path with config-server base path #1010 (stevehu)

Upgrade Guidelines:

This is a release with some bug fixes and enhancements. It is backward compatible with the 2.0.29 release. For all the changes for the entire platform, please refer to https://trello.com/b/189msq9S/release-schedule
Source code(tar.gz)
Source code(zip)
2.0.29(Jul 26, 2021)
2.0.29 (2021-07-25)

Merged pull requests:

add two constants for http-sidecar usage #1008 (chenyan71)

Issue1006 #1007 (chenyan71)

build error fix, change egress_router value scope #1005 (chenyan71)

fixes #1003 audit request body serialize to JSON if possible and fall… #1004 (stevehu)

fix an issue on jwt.yml config file #1002 (chenyan71)

fixes #1000 support both X509Certificate and JsonWebKeySet at the sam… #1001 (stevehu)

fixes #998 add portalToken to the portal-registry.yml and use the tok… #999 (stevehu)

fixes #995 #996 (chenyan71)

fixes #993 add a test case to generate a bootstrap token for service … #994 (stevehu)

fixes #991 add a status code for the service claim mismatch to the path #992 (stevehu)

fixes #989 trim the environment variable for config server uri and co… #990 (stevehu)

Fix the NPEs in Issues 962 and 981 #988 (containerAnalyzer)

fixes #986 add a new error code for oauth to indicate that the author… #987 (stevehu)

fixes #984 #985 (chenyan71)

fixes #982 disable loadConfigs from DefaultConfigLoader #983 (stevehu)

fixes #979 lazy creation of the jdk11 http client to connect to confi… #980 (stevehu)

fixes #970 #975 (chenyan71)

fixes #977 output content of the config files from config server in log #978 (stevehu)

fixes #973 switch to jdk 11 http client to connect to the config server #974 (stevehu)

fixes #971 remove the server.config and switch to getServerConfig method #972 (stevehu)

Upgrade Guidelines:

This is a release with some bug fixes and enhancements. It is backward compatible with the 2.0.28 release. For all the changes for the entire platform, please refer to https://trello.com/b/189msq9S/release-schedule
Source code(tar.gz)
Source code(zip)
2.0.28(Jun 27, 2021)
2.0.28 (2021-06-27)

Merged pull requests:

fixes #965 #969 (chenyan71)

fixes #967 make the jaeger-client optional in the client module #968 (stevehu)

fixes #963 update the logic to support both http and https port cache… #964 (stevehu)

fixes #960 support both environment variable and jvm option for confi… #961 (stevehu)

fixes #958 add a new error code to the status.yml to indicate kafka-s… #959 (stevehu)

fixes #956 add registerModule for the SingletonServiceFactory #957 (stevehu)

fixes #954 remove the specification section from the server info resp… #955 (stevehu)

fixes #952 upgrade jaeger to 1.6.0 to resolve security vulnerabilities #953 (stevehu)

Upgrade Guidelines:

This is a release with some bug fixes and enhancements. It is backward compatible with the 2.0.27 release. For all the changes for the entire platform, please refer to https://trello.com/b/189msq9S/release-schedule
Source code(tar.gz)
Source code(zip)
1.6.36(Jun 27, 2021)

1.6.36 (2021-06-27)

Merged pull requests:
Source code(tar.gz)
Source code(zip)
2.0.27(May 25, 2021)
2.0.27 (2021-05-25)

Merged pull requests:

fixes #950 make the body.yml externalizable with the values.yml #951 (stevehu)

url config loader #947 (xlongwei)

fixes #948 Add ProxyBodyHandler for sidecar to intercept the body #949 (stevehu)

fixes #942 handle only one element in an array for masking #946 (stevehu)

Issue942 #945 (ssoifer)

fixes #943 update client.yml to move the OAuth token proxyHost and pr… #944 (stevehu)

fixes #940 update OauthHelper getTokenResult to check before apply pr… #941 (stevehu)

fixes #938 add healthPath to the portalRegistryService for controller #939 (stevehu)

Upgrade Guidelines:

This is a release with some bug fixes and enhancements. It is backward compatible with the 2.0.26 release. For all the changes for the entire platform, please refer to https://trello.com/b/189msq9S/release-schedule
Source code(tar.gz)
Source code(zip)
1.6.35(May 11, 2021)
1.6.35 (2021-05-10)

Merged pull requests:

Fix audit issue #935 and #936 #937 (jsu216)

Source code(tar.gz)
Source code(zip)
2.0.26(Apr 28, 2021)
2.0.26 (2021-04-27)

Merged pull requests:

added base path in the HandlerConfig #934 (BalloonWen)

fixes #932 make the health check path configurable in the portal-regi… #933 (stevehu)

fixes #929 add error codes for the light-mesh kafka-sidecar #930 (stevehu)

Source code(tar.gz)
Source code(zip)
1.6.34(Apr 27, 2021)

1.6.34 (2021-04-27)

Merged pull requests:
Source code(tar.gz)
Source code(zip)
2.0.25(Mar 28, 2021)
2.0.25 (2021-03-28)

Merged pull requests:

mask server info sensitive data #927 (BalloonWen)

Issue924 #925 (stevehu)

combine proxy info and target servers info #923 (BalloonWen)

Upgrade Guidelines:

This is a release with some bug fixes and enhancements. It is backward compatible with the 2.0.24 release. For all the changes for the entire platform, please refer to https://trello.com/b/189msq9S/release-schedule
Source code(tar.gz)
Source code(zip)
1.6.33(Mar 28, 2021)

1.6.33 (2021-03-28)

Merged pull requests:
Source code(tar.gz)
Source code(zip)
2.0.24(Feb 24, 2021)
2.0.24 (2021-02-24)

Merged pull requests:

fixes #920 update CookiesDumper in DumpHandler after upgrade to under… #921 (stevehu)

Bump version.jackson from 2.10.4 to 2.12.1 #919 (dependabot)

issue #897 key resolving at the start up #918 (BalloonWen)

fixes #916 register the handler and server modules to server info #917 (stevehu)

fixes #914 move the getFileExtension from light-codegen to the NioUti… #915 (stevehu)

allow key injection in configuration #913 (BalloonWen)

issue #898 log err when get oauth key exception #911 (BalloonWen)

fixes #909 make shutdown timeout and shutdown graceful period configu… #910 (stevehu)

fixes #906 remove primary and secondary jks from security resources/c… #907 (stevehu)

Upgrade Guidelines:

This is a release with some bug fixes and enhancements. It is backward compatible with the 2.0.23 release. Along with the PRs above, we have upgraded Undertow to 2.2.4.Final and json-schema-validator to 1.0.49.

For all the changes for the entire platform, please refer to https://trello.com/b/189msq9S/release-schedule
Source code(tar.gz)
Source code(zip)
1.6.32(Feb 24, 2021)
1.6.32 (2021-02-24)

Merged pull requests:

fixes #920 update CookiesDumper in DumpHandler after upgrade to under… #921 (stevehu)

Upgrade Guidelines:

This is a release with some bug fixes and enhancements. It is backward compatible with the 1.6.31 release. Along with the PR above, we have upgraded Undertow to 2.2.4.Final and json-schema-validator to 1.0.49.

For all the changes for the entire platform, please refer to https://trello.com/b/189msq9S/release-schedule
Source code(tar.gz)
Source code(zip)
2.0.23(Jan 29, 2021)
2.0.23 (2021-01-29)

Merged pull requests:

issue #904 fix message is not displayed by default #905 (BalloonWen)

fixes #902 add an error code for light-chaos-monkey #903 (stevehu)

revert issue #898 #901 (BalloonWen)

Feat/#898 oauth key #900 (BalloonWen)

Feat/#898 oauth key #899 (BalloonWen)

Fixing other ranges #896 (jaswalkiranavtar)

issue #894 show metadaata, description, message separately #895 (BalloonWen)

Fixing range to make it consistent with others #893 (jaswalkiranavtar)

Feat/#884 add metadata to Status #889 (BalloonWen)

fixes #883 output an error message in the service module if the implm… #892 (stevehu)

fixes #890 move the ByteUtil from light-portal to light-4j utility mo… #891 (stevehu)

Fix for 887 #888 (helloalbin)

fixes #885 add two status codes for lambda invoker handler for light-… #886 (stevehu)

Fix/#876 LightHttpHandler is getting auditOnError and auditStackTrace config properly. #882 (BalloonWen)

Upgrade Guidelines:

This is a release with some bug fixes and enhancements. It is backward compatible with the 1.6.30 release except for the following.

For all the changes for the entire platform, please refer to https://trello.com/b/189msq9S/release-schedule
Source code(tar.gz)
Source code(zip)
1.6.31(Jan 29, 2021)
1.6.31 (2021-01-29)

Merged pull requests:

fixes #883 output an error message in the service module if the implm… #892 (stevehu)

Upgrade Guidelines:

This is a release with some bug fixes and enhancements. It is backward compatible with the 1.6.30 release except for the following.

For all the changes for the entire platform, please refer to https://trello.com/b/189msq9S/release-schedule
Source code(tar.gz)
Source code(zip)