In an existing system, that is a spring boot cloud gateway I'm trying to switch out the code that generates the jwt tokens and manages users for Keycloak.
I found the rest endpoints via this link https://www.baeldung.com/postman-keycloak-endpoints. And that all works fine.
The problem is I can't find for the life of mine if Keycloak has a client for that in their managed code? Or do I need to write a custom client for this?
I can't really use the spring boot adapter because of the complexity of the already existing system.
Kind Regards,
Related
I’m trying to build a spring boot web app where I have my own login module with rest api backends that would do credential validation for me. I need to use spring security to have TLS implemented but even though I managed to override the login page the css would not work. And secondly,when I give the loginprocessingurl in the securityConfig as my controller route to what manages the credential validation, it says too many redirects.
Can I bypass the login module entirely ?
I don’t want to encrypt the password at client end and would really like to utilise spring security.
Thanks in advance!
in a project for my internship I have a spring boot application that manages some products, orders, and users.
I chose to use keycloak for authentication and authorization I achieved a good part of the job but now I'm facing a problem that makes the whole usage of keycloak in such a project a question.
So briefly the user authenticates in keycloak and I got the token in spring I extract the Infos and if the user is not in my database (the one related to spring which is different from keycloak database ) I create a new one but now when I'm thinking if a user is deleted from keycloak it will remain in my application database and even the update of users is gonna be difficult.
So my question is should I continue searching for a solution (calling keycloak endpoint from spring is one of them but still thinking about it ) or just go for a JWT implementation .
I chose keycloak cause it's a tested solution and got many features that are easy to use if I needed them in the future but now I got these problems with it.
THANKS for the help !!
Have you considered to configure Keycloak with a custom provider (external user database)?
Something like that: https://www.baeldung.com/java-keycloak-custom-user-providers.
This way, your spring services keep complete control over users database.
Small question on how to create traceID, but when the app is not Spring-based please.
My application is the first, the initiator of a HTTP call. Therefore, the app can be considered as client.
The destinations, the servers, are all Spring Boot Spring Cloud based web applications. I would like to emphasize, while the servers are Spring-based, me, the client, I am not a Spring Boot app.
While my app, being a non-Spring app, I do use the Spring Webflux WebClient in order to create the HTTP requests to those servers. To emphasize, it is not because I use the Spring Webflux WebClient, that makes the app a Spring app!
Since I am the first of the call chain, I would like to create some kind of traceID, so the subsequent services will carry the traceID I created.
I am puzzled as what should come inside this piece of code that I tried:
final var response = webClient.post().uri("http://some-third-party-api.com/someroute").header("X-B3-TraceId", "How to create a traceID?").body(BodyInserters.fromValue(payload)).retrieve().bodyToMono(String.class).block();
Therefore, I would like to ask, being the first, the HTTP call initiator, using a Spring Webflux WebClient, but in a non-Spring app, how to create those traceID so the subsequent services get the one that I created?
By default Sleuth is using OpenZipkin's tracing library called Brave. If your application is java-based, you can use Brave, if not, you can find official implementations for other platforms in the
OpenZipkin org or official and non-official ones in https://zipkin.io/pages/tracers_instrumentation.html
I have a demo rest api created with spring boot. In which using POST endpoint.
How can i get access token from Azure AD and use that in spring boot demo application.
Please follow the step-by-step guide give given by Microsoft which have every thing you required to implement Authentication in Azure Active Directory using Spring Boot here.
I am working on an application architecture which will have independent UI Layer(HTML5 and Angular2) and Service Layer(Spring Boot Project) . Both will be hosted on independent servers. The UI layer will fetch data from DB using REST Calls. I Have few queries.
1. I am building my UI with Angular2 which basically runs on node.js. How can i integrate spring security using ldap.
2. How can i make REST Calls to my service which is hosted on a different server.
3. How do i solve the issue of authentication/authorization with REST Service using Spring security.
Looking forward to your responses.
Thanks,
Avinash
How can i integrate spring security using ldap.
Use Spring Security LDAP module to wire up the security services of your backend. Secure the URIs and that is all that you require.
Spring LDAP Guide
Spring LDAP Reference
How can i make REST Calls to my service which is hosted on a different server.
I presume that you will have the backend on a server and there is connectivity between your nodejs server and the backend server. Use the hostname and port if you want things to be simple. Please allow CORS on your backend server either programmatically, or by using a proxy server such as nginx.
How do i solve the issue of authentication/authorization with REST Service using Spring security.
Spring security will enable end points for Authentication and Authorization. Your angular application must need to check for the authentication at the start of every request ideally, and when there is a (401) Authentication Failure, redirect to a login controller. Keep the default route to the angular application to the login controller too.