Deployment Quiz:
Question 1: Describe reverse proxy of server_name to proxy_pass
The server_name configuration indicates url of the domain, and the proxy_pass indicates the allowed url to access the server. In a more general sense, the server_name defines your backend, and the proxy_pass forwards the request to the server by allowing that url to access it.
Score: 0.9/1
Config File:
server {
listen 80;
listen [::]:80;
server_name -----.stu.nighthawkcodingsociety.com ;
# Configure CORS Headers
location / {
proxy_pass http://localhost:8084;
# Simple requests
if ($request_method ~* "(GET|POST|PUT|DELETE)") { # Customize Request methods based on your needs
add_header "Access-Control-Allow-Origin" *;
}
# Preflighted requests
if ($request_method = OPTIONS ) {
add_header "Access-Control-Allow-Origin"
add_header "Access-Control-Allow-Methods" "GET, POST, PUT, DELETE, OPTIONS, HEAD"; # Make sure the request methods above match here
add_header "Access-Control-Allow-Headers" "Authorization, Origin, X-Requested-With, Content-Type, Accept";
return 200;
}
}
}
Question 2: Show JWT signup and/or login process
JWT signin involves the /authenticate endpoint which creates a JWT token that can then be used to allow the user to access role-specific functions.
Score: 0.95/1
Question 3: Explain security configuration rules that are required for access (1 request matcher with permit, 1 with required)
Security configuration rules allow you to customize what kind of users can access what kind of endpoints. For example: .requestMatchers("/authenticate").permitAll() is an example of a request matcher that allows any user to use i.e. any user can try to authenticate. An example where only some users with specific properties/roles can access an endpoint would be requestMatchers("/api/person/post/**", "/api/person/delete/**").hasAnyAuthority("ROLE_ADMIN") where only those with the role ROLE_ADMIN can access the /post and /delete methods, ensuring security.
Score: 0.9/1
Question 4: Explain a POJO and changes to a POJO (show in VSCode editor, show changes made, show in Postman)
A POJO is a Plain Old Java Object, a custom object that is not restricted. In this case it will be a Person object.
Score: 0.9/1
Question 5: Describe docker and process for update docker application (show sequence of commands required to do an application update)
Sequence of commands for updating the application:
- docker-compose down
- git pull
- ./mvnw clean
- docker-compose up -d –build
Sequence of commands for a updating docker:
- docker images
- Get the list of existing docker images
- docker pull [docker_image]
- Use this to install the desired docker image (can use latest tag to get most recent)
- docker ps
- Get current image docker ID
- docker stop [container_id]
- Stop the current ID
- docker rm [container_id]
- Clear the old ID
- docker run –name=[container_name] [options] [docker_image]
- Use the newest image of docker
Score: 0.85/1