Artur Hefczyc opened 1 week ago
-
The only blocker was a mismatch between the configured DB name (sztab_db) and the volume-persisted state from earlier runs (which lacked this database). I've isolated the issue — once the PostgreSQL volume is reset via docker-compose down -v, everything comes up cleanly with the new schema and data inserts.
I’ll wrap this up first thing tomorrow after confirming a fresh bootstrap end-to-end.
-
rk@tigase.net changed state to 'In Progress' 5 days ago
Previous Value Current Value Open
In Progress
-
SZ-17 Goal Achieved
The
docker-composedeployment of Sztab now runs successfully with:- PostgreSQL backend
basic-authSpring profile enabled- Secure endpoints (e.g.,
/api/users) protected by HTTP Basic Authentication - README updated with instructions on how to stand up Sztab using docker compose.
Known Issue (to be tracked separately)
The admin user is not being authenticated, even though it is defined in:
application-basic-auth.yml- Initialized by
DataBootstrapper(during application startup)
Attempts to access secured endpoints using the expected credentials (e.g.,
admin@sztab.local / admin123) result inHTTP 401 Unauthorized.This appears to be a bug in the basic-auth bootstrap flow, and will be tracked under a separate issue (e.g.,
SZ-7-1orSZ-20).
Note on Unit Tests
Unit and integration tests for basic-auth functionality will be added in a follow-up issue (
SZ-7-1). -
Supporting both OIDC and Basic Authentication required modularizing the Spring Security setup to enable profile-driven conditional configuration. I had to create separate security configuration classes — each annotated with @Profile("oidc") or @Profile("basic-auth") — to ensure only the relevant authentication mechanism is active during runtime.
For Basic Auth, there is the bootstrap mechanism that seeds the admin user from application-basic-auth.yml and delegates all other users to the database via DataBootstrapper. Plase note that the naked admin credentials in application-basic-auth.yml is only for test and development; it will eventually go away.
To prevent Spring Boot’s default test auto-configuration from interfering (e.g., H2 or JPA being loaded unnecessarily during Basic Auth tests), I disabled DataSourceAutoConfiguration and HibernateJpaAutoConfiguration in test contexts.
These setup choices, while increasing initial complexity, allow Sztab to cleanly support multiple authentication strategies without entangling their logic. Unit and integration tests for the Basic Auth flow will follow in .
-
Previous Value Current Value In Progress
Closed
-
Estimated Time to Resolve
Task Description Estimated Time Docker Compose Setup Write and verify docker-compose.ymlwith PostgreSQL and backend services2–3 hours Profile Config Create application-basic-auth.yml, testSPRING_PROFILES_ACTIVE, and integrate admin bootstrap2–3 hours Testing Run manual tests (curl, browser) to verify secured endpoints work 1 hour Docs Update README.mdwith docker setup and curl usage instructions1 hour Coordination PR creation, communication with Artur, git merge workflow 1 hour Total: 7–9 hours
| Type |
Documentation
|
| Priority |
Normal
|
| Assignee | |
| Version |
none
|
| Sprints |
n/a
|
| Customer |
n/a
|
I am following README file instructions to build and run docker image. Building works and running works to some extent. It fails with the following error:
It seems there is some instructions missing in the README file about how to fully set the system to run Sztab. If I am correct there should be some instructions about data source setup. Maybe we could have a docker compose file to run both Sztab and database to have a working system.