Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/thomasdarimont/spring-boot-admin-keycloak-example
Example for protecting Spring Boot Admin & Spring Boot Actuator endpoints with Keycloak
https://github.com/thomasdarimont/spring-boot-admin-keycloak-example
Last synced: about 1 month ago
JSON representation
Example for protecting Spring Boot Admin & Spring Boot Actuator endpoints with Keycloak
- Host: GitHub
- URL: https://github.com/thomasdarimont/spring-boot-admin-keycloak-example
- Owner: thomasdarimont
- Created: 2018-05-24T09:46:36.000Z (about 6 years ago)
- Default Branch: master
- Last Pushed: 2019-04-04T20:21:56.000Z (about 5 years ago)
- Last Synced: 2024-05-02T00:18:16.236Z (about 2 months ago)
- Language: Java
- Homepage:
- Size: 164 KB
- Stars: 58
- Watchers: 5
- Forks: 31
- Open Issues: 2
-
Metadata Files:
- Readme: readme.md
Lists
- awesome-keycloak - Securing Spring Boot Admin & Actuator Endpoints with Keycloak
README
# Protecting Spring Boot Admin & Actuator Endpoints with Keycloak
This example consists of a [spring-boot-admin](https://github.com/codecentric/spring-boot-admin) server application `admin-service` which monitors
another application called `todo-service` build with Spring Boot.
The `admin-service` exposes the Spring Boot Admin UI via the `/admin` endpoint which is protected by the Keycloak adapter. The actuator endpoints of the `todo-service` are also protected with Keycloak and accessed via a `service-account` configured for the `admin-service` Keycloak client.
This example is currently build with:
- Spring Boot 2.1.4
- Spring Boot Admin 2.1.3
- Keycloak 4.8.3
Note that an older version of this example is available in the [1.5.x](https://github.com/thomasdarimont/spring-boot-admin-keycloak-example/tree/1.5.x) branch, which uses:
- Spring Boot 1.5.13
- Spring Boot Admin 1.5.7
- Keycloak 3.4.3.Final.
# Setup Keycloak
Import `bootadmin` demo realm by executing the following command in the `KEYCLOAK_HOME` directory.
```
bin/standalone.sh -Dkeycloak.migration.action=import \
-Dkeycloak.migration.provider=singleFile \
-Dkeycloak.migration.file=/path/to/bootadmin-realm.json \
-Dkeycloak.migration.strategy=OVERWRITE_EXISTING
```
After that Keycloak should be running with the `bootadmin` realm loaded in Keycloaks in-memory database.
You can stop Keycloak with `CTRL+C`. You can start it again by running `bin/standalone.sh`.
# Build the examples
Run `mvn clean package` in the project root.
# Run the examples
## Run the todo-service
The simple `todo-service` can be reached via http://localhost:30002
To start the service just run `java -jar todo-service/target/*.jar`
## Run the admin-service
The `admin-service` can be reached via http://localhost:30001/admin
To start the service just run `java -jar admin-service/target/*.jar`