Allow app to fetch configuration from a configuration server

[greenlaw110]

Description

When app is booting up, in case a configuration server is ready for use, it shall be able to pull the configuration for the app from the server.

A configuration server's endpoint can be configured as:

app.name=${project.artifactId}
conf.endpoint=https://conf-server/conf
# default key is app-name + profile
conf.id=${app.name}-${profile}

With the given setting, app shall request application configuration from:

GET https://conf-server/conf?id=${conf.id}

The response shall be an encrypted (refer to "Security concern" section below) plain text. Once decrypted, it shall be a JSON encoded configurations, e.g:

{
  "http.port":"12345",
  "session.ttl":"60"
}

App shall use the received configuration to overwrite local provisioned configurations.

Security concern

There are obvious concerns around how to secure the communication between app and configuration server.

How to ensure app's configuration is secured

• A RSA key pair shall be generated for each app key.
• The private key shall be kept with app by configuration conf.private-key
• The public key shall be registered the app's key to configuration server.
• Once app requesting its configuration from the server, configuration server shall use the public key to encrypt the configuration
• Upon receiving configuration from configuration server, app shall use private key to decrypt configuration.

How to prevent configuration server from being accessed by non-authorised part

• Deploy Configuration server in the intranet
• Apply IP filter rules to prevent access to configuration server from unknown IP addresses.