Hilla plus Spring gateway?

When I try to add spring gateway to hilla app, I get error in VaadinWebSecFilter for not able to read bean.

i added spring boot started gateway mvc to hilla app

i have ldap and db login.

what i am trying to achieve is have hilla with cloud gateway and front. This way i can route traffic’s out of hilla app to another services if front end requests those api

please advice if i am not doing this correctly.

I think current version of hilla does not support gateway. Will need to find another way.

Why do you want do use Spring Gateway? With Hilla you get a single deployment

we have another service running in python, it doesn’t have any authentication. i want to add gateway so that we have manage these in a standard way. i was thinking of using hilla plus gateway as entry point. and then any other services can be accessed via gateway.

i think I will have to deploy gateway server at front add authentication to it and route to hilla or python depending on the route and authentication.

But why do you need spring gateway if you could just create another restcontroller and pass the values to your python app?

we plan on having caching and notifications service as well. Company may want to add more later. RestController approach definitely works as i have tried it. I can suggest to use that, but is that good in long term? If not then we should move authentication to another layer and manage services in gateway. i am exploring different options

I’m not sure how big your team or org is, but start simple - testing approaches is good (and creating a issue about spring gateway probably as well in the hilla repo) but I would highly recommend to go with the simple approach first, and see what benefits comes from the other components before you have a zoo full of different technologies… especially if you don’t need them at the moment… as long as your architecture is good, you can always re-architecture something when it creates problems

Using a single another controller comes with the benefit and “cost” that you have to carefully extract the parameter given by the client and then send them to your python code - from my point of view, this is a chore but also a blassing because it allows you to make sure only trusted code calls your other service reducing the possible attack vector, instead of gatewaying everything to it