Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/snowdrop/secured-example
Quickstart to expose a REST Greeting endpoint using Spring Boot & Secured by Red Hat SSO
https://github.com/snowdrop/secured-example
booster example keycloak kubernetes openshift rhoar spring-boot sso
Last synced: about 1 month ago
JSON representation
Quickstart to expose a REST Greeting endpoint using Spring Boot & Secured by Red Hat SSO
- Host: GitHub
- URL: https://github.com/snowdrop/secured-example
- Owner: snowdrop
- License: apache-2.0
- Created: 2016-11-29T16:59:56.000Z (about 8 years ago)
- Default Branch: sb-2.7.x
- Last Pushed: 2022-10-19T13:15:52.000Z (about 2 years ago)
- Last Synced: 2024-04-17T09:33:09.875Z (8 months ago)
- Topics: booster, example, keycloak, kubernetes, openshift, rhoar, spring-boot, sso
- Language: Java
- Homepage:
- Size: 17.7 MB
- Stars: 5
- Watchers: 7
- Forks: 19
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Secured Spring Boot Example
https://appdev.openshift.io/docs/spring-boot-runtime.html#mission-secured-spring-boot
## Table of Contents
* [Secured Spring Boot Example](#secured-spring-boot-example)
* [Prerequisites](#prerequisites)
* [How to play with the SSO Example locally](#how-to-play-with-the-sso-example-locally)
* [How to run the SSO Example on OpenShift](#how-to-run-the-sso-example-on-openshift)
* [Deploying application on OpenShift using Helm](#deploying-application-on-openshift-using-helm)
* [Running Tests on OpenShift using Dekorate](#running-tests-on-openshift-using-dekorate)
* [Running Tests on OpenShift using S2i from Source](#running-tests-on-openshift-using-s2i-from-source)
* [Running Tests on OpenShift using Helm](#running-tests-on-openshift-using-helm)## Prerequisites
- JDK 11+ installed with JAVA_HOME configured appropriately
## How to play with the SSO Example locally
- Deploy Keycloak on Openshift
```
oc new-project sso
oc create -f .openshiftio/sso.yaml
```- Get Keycloak Auth Endpoint
```
SSO_URL=$(oc get route sso -o jsonpath='http://{.spec.host}/auth')
```- Start the application. Provide the Keycloak URL in a `SSO_AUTH_SERVER_URL` parameter.
```
mvn spring-boot:run -DSSO_AUTH_SERVER_URL=${SSO_URL}
```- Use curl to access the endpoint without authentication (you will receive an unauthorized error)
```
curl -v http://localhost:8080/api/greeting
```- Open the application webpage in your browser `http://localhost:8080` and log in with one of the user credentials.
| Username | Password | Expected status code |
| -------- | -------- | -------------------- |
| alice | password | 200 |
| admin | admin | 403 |User `alice` is recognised by the system and has permission to access the greeting service.
`admin` on the other hand, is recognised by the system but cannot access the greeting service.- Try accessing the greeting service by using the form or the `curl` command displayed in the webpage.
## How to run the SSO Example on OpenShift
- Deploy Keycloak on Openshift.
```
oc new-project sso
oc create -f .openshiftio/sso.yaml
```Obtain the `SSO_URL`
```shell
SSO_URL=$(oc get route sso -o jsonpath='http://{.spec.host}/auth')
```- Build and deploy the Spring Boot application using Dekorate.
```
mvn clean verify -Popenshift -Ddekorate.deploy=true -DSSO_AUTH_SERVER_URL=${SSO_URL}
```## Deploying application on OpenShift using Helm
First, make sure you have installed [the Helm command line](https://helm.sh/docs/intro/install/) and connected/logged to a kubernetes cluster.
Now, deploy Keycloak on Openshift.
```
oc create -f .openshiftio/sso.yaml
```And obtain the `SSO_URL`:
```shell
SSO_URL=$(oc get route sso -o jsonpath='http://{.spec.host}/auth')
```Then, you need to install the example by doing:
```
helm install secured ./helm --set spring-boot-example-app.s2i.source.repo=https://github.com/snowdrop/secured-example --set spring-boot-example-app.s2i.source.ref= --set spring-boot-example-app.s2i.env[0].name="MAVEN_ARGS_APPEND" --set spring-boot-example-app.s2i.env[0].value="-DSSO_AUTH_SERVER_URL=${SSO_URL}"
```**note**: Replace `` with one branch from `https://github.com/snowdrop/secured-example/branches/all`.
And to uninstall the chart, execute:
```
helm uninstall secured
```## Running Tests on OpenShift using Dekorate
```
./run_tests_with_dekorate_in_ocp.sh
```## Running Tests on OpenShift using S2i from Source
```
./run_tests_with_s2i.sh
```This script can take 2 parameters referring to the repository and the branch to use to source the images from.
```bash
./run_tests_with_s2i.sh "https://github.com/snowdrop/secured-example" branch-to-test
```## Running Tests on OpenShift using Helm
```
./run_tests_with_helm.sh
```This script can take 2 parameters referring to the repository and the branch to use to source the images from.
```bash
./run_tests_with_helm.sh "https://github.com/snowdrop/secured-example" branch-to-test
```