Secure Your Microservices Using Keycloak | Spring Cloud Gateway | JWT | JavaTechie

Подписаться 181 тыс.

Просмотров 36 тыс.

50% 1

In this tutorial, we will understand how you can leverage Keycloak to secure your microservice application using API Gateway
#JavaTechie #Microservice #SpringBoot #Security
Spring boot microservice Premium course lunched with 70% off 🚀 🚀
Hurry-up & Register today itself!
COURSE LINK : javatechie5246...
PROMO CODE : JAVATECHIE50
👉 Spring Boot + Keycloak : • Securing Spring Boot M...
👉 Microservice Security using JWT : • Microservices Security...
GitHub:
github.com/Jav...
Blogs:
/ javatechie
Facebook:
/ javatechie
Join this channel to get access to perks:
www.youtube.co...
guys if you like this video please do subscribe now and press the bell icon to not miss any update from Java Techie
Disclaimer/Policy:
--------------------------------
Note : All uploaded content in this channel is mine and its not copied from any community ,
you are free to use source code from above mentioned GitHub account

Опубликовано:

4 окт 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 70

@username_0_0 7 месяцев назад

India tech tutorials are life saver !!!

@ArthurBaronovCodes День назад

This is so helpful. Just what I was looking for. Thank you!

@gadaffigadaffi7496 Год назад

You're super talented man, I learn alot from you. Thank you

@u-pu-u-pu Год назад

This is what I exactly need.

@gopisambasivarao5282 Год назад

Thanks Basant, appreciate your efforts and nice session …god bless you…❤

@phanimc11211 Год назад

Thanks Basant, appreciate your efforts

@sayanbiswas8847 Год назад

amazing content covered here. keep exploring and making such videos on microservices, thanks a lot

@utkarshshukla4505 Год назад

Thank you sir , please make more videos on keyclock 🙏🙏

@valentinogiardino1752 4 месяца назад

Hi, first of all thanks so much for your content! I want to ask if you can make some tutorial for dealing with Spring Security with a Organization based aproach. I am struggling with that and didnt find much information so it would be very valuable. The requirements would be something like this: - There can be many organizations in the application - Each org has its owns users. Users belong to only one organization - In each org there is an admin who can create (or invite) users to join the organization and manage their permissions Hope you find it interesting, greetings from Argentina!

@shashanksingh4708 Месяц назад

i think you are looking for role base authorization , try and look this up , this is something common in security

@vino7tech Год назад

Your spring boot super star. Number one spring boot tutorial channel in youtube. Thank you very much sir

@Javatechie Год назад

Thank you buddy 😊. Keep learning 👍

@uptodatejavacode Год назад

Want more videos regarding keycloack hopping it will be considerable thanks in advance

@someshvemula9966 Год назад

I love that swag intro 😃

@rashmiranjanswain601 Год назад

It's very helpful.Please implement fusion auth with spring boot

@s3649 Год назад

Hey Java techie thanks for great videos so far. I have learnt a lot from your videos. This time I am facing difficulty in configuring Multitenant Spring boot application. Could you make one video series on Multitenancy in Spring boot Thanks.

@Javatechie Год назад

Okay sure i will

@DINESHKUMARWithSpringBoot Год назад

Hi Sir,Really you are doing a great job with great knowledge and effort. Sir we are waiting for SAAGA Orchestration design pattern in Micro service, Please make one more video on this topic as well. Great Thanks in Advance. Please Keep continue.

@nick-sx2zn 2 месяца назад

Any video on how the microservices communicate securely with tokens?

@DEEPAKSINGH-pj4od Год назад

Super

@sajindersohal1914 2 месяца назад

Basant. I've a question. How will you make sure that restaurant service and swiggy app are safe assuming if someone got information of the ports and host of those services and call endpoints of restaurant service and swiggy app directly instead going through api gateway. Please explain.

@md.giashuddin3083 Год назад

Thanks Basant. Can you kindly create another video in which I can create user in Keycloak from Spring-boot-application and apply role-based authorization in the microservices?

@Javatechie Год назад

I have already covered this and link shared in video description

@gopishettymahindra2713 Год назад

Thanks Sir. Could you please create videos for microservice design pattern and annotation part 2

@Javatechie Год назад

Yes I will

@manee427 Год назад

can you make please another video to show how we can combine spring boot keaycloack and react ?

@Javatechie Год назад

Okay i will

@manee427 Год назад

thanks@@Javatechie

@smrutisouravmoharana2658 11 месяцев назад

I want add admin and user login system in swigy gateway system

@smrutisouravmoharana2658 11 месяцев назад

How to add role based authentication in gateway microservice project how to add @Role annotation use in microservice class method

@malleswarrao3887 Год назад

Can you please make a video on Translational and Isolation and Propagation levels internal working, please help us Sir

@Javatechie Год назад

I completely forgot about it. Noted for upcoming videos

@malleswarrao3887 Год назад

@@Javatechie Thank you

@hieppham1379 9 месяцев назад

It's great that keycloak can help create jwt easily. But I have a question, after creating jwt with keycloak, how can the user log in with username and password to get the jwt token?

@Javatechie 9 месяцев назад

Before the user gets the jwt token he must be part of the system

@henergy683 Год назад

Hai Basant, thank you for this great video. This is what I was looking for. I have one question brother, if we use filter in API Gateway, we can passing some headers that we need (e,g X-USER-ID header) to certain endpoint. how we implemented passing header from API Gateway to certain endpoint if we using keycloack?. example case is: if token is valid than passing X-USER-ID header to /restaurant/order

@Javatechie Год назад

That's interesting question. Please checkout my spring security in microservice video 2 there I passed headers so you will get an idea 💡

@ratnajiguptha5643 Год назад

could you please make a video on secure microservices using Okta?

@codertravel99 4 месяца назад

But how to throw and handle exception if token is invalid and token expired in that cases also we are getting 401

@ВернитеСтену Месяц назад

It seems like this config doesn't work anymore with 3.3.2 Spring version. Gateway just crushes with some application context error. Has anyone had the same problem? Also, I took the code from the repository, gateway works fine, but services don't start because of incompatibility of Lombok and JDK 22, maybe someone would find it useful

@gamingbeast710 10 месяцев назад

thx

@jimishukurow2286 8 месяцев назад

Are the methods which is strikedthrough, depricated?

@Javatechie 8 месяцев назад

Yes

@utkarshshukla4505 Год назад

Sir if we want to upgrade keyclock in our project how to do ? Sir ye vale senerio pe bhi video bana do aap

@Javatechie Год назад

I don't think there will be any problem i believe they must provide backward compatibility

@utkarshshukla4505 Год назад

@@Javatechie actually sir in my organisation there is a task to analyse keyclock update in project and what changes required that's why asking sir

@Javatechie Год назад

No problem i have used both the approach old and new but didn't find much syntactical changes instead UI theme changed

@jakeDragonaire 10 месяцев назад

Hi JavaTechie, in security config class , I am getting error no authentication manager bean. Hence Api gateway is not running for me

@Javatechie 10 месяцев назад

Please create a bean if authentication manager

@smrutisouravmoharana2658 11 месяцев назад

Hii sir, I had seen the video but i have a doubt i.e you are using role based authority in a single microservice class if I use api gateway how to use role based authority

@Javatechie 11 месяцев назад

You need to create microservices specific to the role and configure the redirect URL in the gateway

@smrutisouravmoharana2658 11 месяцев назад

@@Javatechie sir please make a short video

@smrutisouravmoharana2658 11 месяцев назад

In your Swigygateway project

@fsdinterviewguide Год назад

How to restrict the access number of requests per second at the API Gateway level?

@Javatechie Год назад

You need to implement a rate limiter for that

@paulcalinovici8808 Год назад

Hi, I wanted to use keycloak for some projects but I gave up because I didn't know how to add custom attributes to role mappings. I want to add validFrom and validTo attributes to role mappings. I asked also in community but I got no response, I can't believe no one has this use case with role time validity! Ofc, I can have this information in my application db, but I feel that this piece of information should be in the authorization server db.

@Javatechie Год назад

I haven't implemented this scenario before and will check and update you

@muralikrishna6044 11 месяцев назад

@@Javatechiehow to implement j front end cause there are all credentials in keycloak based, so it means how to use will provide all credentials to authenticate ... Either use certainly connect with keycloak server or..?

@smrutisouravmoharana2658 8 месяцев назад

Hii sir, In yml file you are using 2 service class and single login then 2 services access, if one service for admin user and another service for employee user so how they can access

@vladstarichenko4937 6 месяцев назад

I’m facing with CORS problem, can’t reach gateway, how it works for you?

@Javatechie 6 месяцев назад

Please check the source code provided in video description and then validate it .

@vladstarichenko4937 6 месяцев назад

@@Javatechie I’ve checked the source code, in eureka config (application.yaml) a configuration for CORS is missing, so my point was “How it works for you then”😅 any plugins installed?

@Javatechie 5 месяцев назад

@@vladstarichenko4937 no it shouldn't be the issue why cors issue if it's not accessing from UI

@vladstarichenko4937 5 месяцев назад

@@Javatechie it’s not accessible from postman and from swagger