英文:
Unable to access App Configuration with User Managed Identity in Java spring boot
问题
我在连接到 Azure 应用配置时遇到了问题,问题如下:
com.microsoft.aad.msal4j.MsalAzureSDKException: java.util.concurrent.ExecutionException: com.azure.identity.CredentialUnavailableException: ManagedIdentityCredential authentication unavailable. Connection to IMDS endpoint cannot be established, Network is unreachable: no further information.
我在我的 Spring Boot 应用程序中使用以下依赖项:
implementation ('com.azure.spring:azure-spring-cloud-appconfiguration-config-web:2.11.0')
我的 bootstrap.yml 文件如下:
spring:
application:
name: app-service
version: 0.0.1
cloud:
azure:
appconfiguration:
enabled: ${APP_CONFIGURATION_ENABLED} // true
managed-identity:
client-id: ${AZURE_CLIENT_ID} // 有效的 client_id,已在 Azure 门户上创建
stores:
- endpoint: ${AZURE_END_POINT} // 有效的终结点
请注意,我在 Azure 门户上创建了示例配置,并导出了 AZURE_CLIENT_ID、AZURE_CLIENT_SECRET、AZURE_TENANT_ID 属性作为包含有效值的环境变量。
我使用的是 Spring Boot 版本 3.1.0,并且一直在遵循此文档:
相同的配置在普通 Java 中正常工作,通过像这样明确创建 bean:
public class Main {
public static void main(String[] args) {
TokenCredential credential = new DefaultAzureCredentialBuilder().build();
ConfigurationClient client = new ConfigurationClientBuilder()
.credential(credential)
.endpoint("与上面相同的终结点")
.buildClient();
ConfigurationSetting retrievedSetting = client.getConfigurationSetting("/application/app-service/appconfig.appUrl", "local");
System.out.println(retrievedSetting.toString()); // 正常工作
}
}
但是这些配置在 Spring Boot 3.x 中工作不正常。
有人能指出我可能做错了什么或可能出现了什么问题吗?
提前感谢。
英文:
I am facing issues connecting to azure app configuration with User Managed Identity.
-
The issue that I am getting is:
com.microsoft.aad.msal4j.MsalAzureSDKException: java.util.concurrent.ExecutionException: com.azure.identity.CredentialUnavailableException: ManagedIdentityCredential authentication unavailable. Connection to IMDS endpoint cannot be established, Network is unreachable: no further information.
I am using below dependency in my spring boot application:
implementation ('com.azure.spring:azure-spring-cloud-appconfiguration-config-web:2.11.0')
My bootstrap.yml looks like this:
spring:
application:
name: app-service
version: 0.0.1
cloud:
azure:
appconfiguration:
enabled: ${APP_CONFIGURATION_ENABLED} // true
managed-identity:
client-id: ${AZURE_CLIENT_ID} // some valid client_id, created on azure portal
stores:
- endpoint: ${AZURE_END_POINT} // some valid endpoint
Please note i have created sample configurations on my azure portal and also exported AZURE_CLIENT_ID, AZURE_CLIENT_SECRET, AZURE_TENANT_ID properties as environment variables containing valid values.
I am using spring boot version 3.1.0 and have been following this doc:
The same set of configurations works fine in plain Java, by creating beans explicitily like this:
public class Main {
public static void main(String[] args) {
TokenCredential credential = new DefaultAzureCredentialBuilder().build();
ConfigurationClient client = new ConfigurationClientBuilder()
.credential(credential)
.endpoint("same endpoint as used above")
.buildClient();
ConfigurationSetting retrievedSetting = client.getConfigurationSetting("/application/app-service/appconfig.appUrl", "local");
System.out.println(retrievedSetting.toString()); // works fine
}
}
but these configurations doesn't work well with spring boot 3.x.
Can anyone point what probably i am doing wrong or what could be the issue here.
Thanks in advance.
答案1
得分: 1
要使其生效,代码必须在具有托管标识的进程中运行。当您在本地运行Spring Boot应用程序时,您没有这个。
Java代码能够工作的原因是它使用了已登录用户的凭据。
要将Spring Boot应用程序部署到Azure应用服务,请参阅:https://learn.microsoft.com/en-us/training/modules/deploy-java-spring-boot-app-service-mysql/
英文:
For this to work the code must be running in a process that has a managed identity. When you are running your spring boot application locally you do not have this.
The reason why the java code works it that it is using credentials of the logged on user.
To delpoy your spring boot application to Azure App Service see: https://learn.microsoft.com/en-us/training/modules/deploy-java-spring-boot-app-service-mysql/
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论