Securing Spring Boot Microservices with Keycloak using OpenID | OAuth2.0 | JavaTechie

Подписаться 174 тыс.

Просмотров 121 тыс.

50% 1

in this tutorial we will demonstrate how to secure your spring boot microservice application using Keycloak okay alright
Keycloak is an open-source identity and access management solution which makes it easy to secure modern applications with less code.
Keycloak provides both SAML and OpenID protocol solutions which are industry standard so definitely
Building an application that is integrated with Keycloak will provide you a more secure and stable solution.
#javatechie #SpringBoot #Keycloak @OAuth2.0
Keycloak adapters : www.keycloak.org/docs/latest/...
GitHub:
github.com/Java-Techie-jt/spr...
Blogs:
/ javatechie
Facebook:
/ 919464521471923
guys if you like this video please do subscribe now and press the bell icon to not miss any update from Java Techie
Disclaimer/Policy:
--------------------------------
Note : All uploaded content in this channel is mine and its not copied from any community , you are free to use source code from above mentioned GitHub account

Наука

Опубликовано:

28 окт 2021

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 149

@__nitinkumar__ 2 года назад

Hey Java Techie, I would love to see Keycloak integration with a microservice and also if possible end to end with a frontend as well.

@ArunSingh-tj9li Год назад

Very clear explanation, always I love your the way you explain the concepts, thank you.

@SatishNirmal-bl6nv Год назад

Very Clear and straightforward explanation video for role-based authentication.👍

@ajeetchouksey1167 2 года назад

Thanks for a great content on keycloak would love to see Keycloak integration with a microservice

@RameshGanapathy-uw9vs Год назад

Grate , wow, Super, Very simple example covered the entire oauth2 security functionality

@jeffbarnhart6441 2 года назад

great tutorial. create more please. do one with a public flow and calling the token, userinfo, and other endpoints.

@yogeshchaudhary621 2 года назад

Thanks a lot. This is exactly what I was looking for.

@ShayaniDas Год назад

Superb video sir. Thank you so much for such amazing content.

@jeanribeiro3438 2 года назад

Thanks for the content! Very helpful!!!

@sof2573 10 месяцев назад

Thanks. It was clear and helpful! Good job!

@hieunguyenvan6356 Год назад

This is really saved me, thank you so much!

@bhimeshtati8395 6 месяцев назад

Excellent!!! Thank you Sir

@ranjandas7891 Год назад

Awesome explanation Thanks Bro!

@abhijitprusty 2 года назад

Hi Basant, this is an awesome explanation and detailed video on how to set up and use it with microservices. I really njoyed it and i would try it as well. Please keep making such videos. Basant tame jaha bhi karucha, bahut hi bhala kama. We will always support and encourage you.

@Javatechie 2 года назад

Thanks bro 😊

@Pain-qu5nr Год назад

@@Javatechie hi can you do one using filter chain??

@krishnasuripaka2480 2 года назад

Excellent Explanation bro...awesome...

@nguyenquan4836 Год назад

Easy to understand compare other channel, help me so much, Thanks

@shwetapednekar6697 2 года назад

Amazing explanation 👏

@akhilstksa5736 2 года назад

thank you soo much bro... great work...

@RAJU9622 2 года назад

Excellent content

@DJSS855 2 года назад

Thanks for this video

@amitghatage774 2 года назад

Excellent

@janivesh Год назад

Nice session❣

@foddiebyage9696 2 года назад

So late uploading to seee such good tutorials

@aadiraj6126 2 года назад

Enjoyed it. Sir, plz integrate it with Microservices ASAP. We need that detailed video urgently 🙏

@aryanaryan9759 Год назад

Ya sir .every much .waiting for this video

@nurlanmrahov198 Год назад

Nice job. Congrat.

@gauravk002 2 года назад

Another Masterpiece ✌

@manindersingh6371 2 года назад

I would love to see Keycloak integration with a microservice

@nameshs9543 2 года назад

Thanks Brother.

@abhishekpatil8271 2 года назад

Thank you so much

@pratishrutipanda6461 2 года назад

Nice content 👍

@nesreenmohd665 Год назад

Thank you!

@debpratimghosh8650 2 года назад

Awesome bhai

@sachinchamute5525 2 года назад

Basant sir It is really great video,can you please make video on integration of zoho crm with springboot

@satyaprakashgalipelli3766 2 года назад

Hi Java Techie, this demo is really good and made me clear in understanding in some parts. Please refer me if you have a demo with Spring MVC (Non-Boot) application

@satyaprakashgalipelli3766 2 года назад

never mind. I have done changes on my side.

@imshaggy619 Год назад

Can you please share the project if possible. I am also looking for Spring MVC

@pvreddytechnology7032 2 года назад

Clear explanation 🙏 Thanks 🙏

@Javatechie 2 года назад

Thank you 😊

@pvreddytechnology7032 2 года назад

@@Javatechie Can you please make tutorial on Apigee Authentication if possible

@Javatechie 2 года назад

I am not aware about this. I will check and update

@pvreddytechnology7032 2 года назад

@@Javatechie thanks

@engalibadouin5222 2 года назад

Hi, java techie thank you for your benefit tutorial. What is dependency management do?

@aloktiwari4188 2 года назад

Please create a vedios with keycloak and with all the microservices components

@vignesh3184 2 года назад

Sir,Pls make an video about bouncy castle , private key and public key with spring security

@arghyamitra3281 2 года назад

Great tutorial as always 🎉.. one request sir , can you please make one tutorial on spring security jwt with spring cloud api gateway .. on that please

@Javatechie 2 года назад

Okay buddy I will try

@arghyamitra3281 2 года назад

@@Javatechie thank you sir ❤️

@francksgenlecroyant 2 года назад

@@arghyamitra3281 can we be friends? Maybe we can help each other to build microservices and all those event-driven concepts

@vipinkoul595 8 месяцев назад

Awesome!

@locuriososaquierestu 9 месяцев назад

muito bom!

@lts8683 2 года назад

Please, create a vedio to explain how to change database of keycloack, how to adapt keycloack with an app that have already table users and roles?

@ThwetThwetMar Год назад

Hi, could you explain checking scope instead of checking roles in Controller? Thanks.

@Satenc0 2 года назад

please do a saml example too

@at5517 2 года назад

I would love to see example using SAML as well

@RAJU9622 2 года назад

Basant please do for SAML integration also

@i.vigneshdavid1698 2 года назад

Yes

@gt-uj6fz 2 года назад

Hi java techie I love your tutorial videos. However do you have a video about applying security Jwt without using websecuritywebconfigurer since it was deprecated in spring boot 2.7.0 . Or planning to make a new video about it?

@Javatechie 2 года назад

I will remake a new one

@raghuvardhansaripalli9636 2 года назад

Thanks Basant for this video. Its really excellent. I have a question. At present we are generating the token in the postman and testing the APIs. From GUI, whenever a user logs in as an admin/user, then how does a token gets generated dynamically in the spring boot and calls the respective API. ? Please answer my question. God bless you :)

@Javatechie 2 года назад

Can you checkout my jwt angular video you will understand this flow

@three_bachelors Год назад

Hello sir please make video of BPM , jBPM, Camunda ,Flowable

@Javatechie Год назад

I will

@jayeshnayee6735 28 дней назад

Please make video for spring boot and mysql with keycloak embedded project I need only automatically create database and stored data for keycloak clients in table .

@rajeshb5971 Год назад

Could you explain the redhat sso and what is that wildfly?

@imshaggy619 Год назад

Hi Basant, I am trying to achieve the same in Spring MVC project, unable to find any documentation for the same. Followed the official one but it is directly opening the controller get mapping page instead of asking for credentials. Please help

@cd62 2 года назад

Please create a video keyclock with microservices

@shaileshsathe9779 11 месяцев назад

Hi Java Techie, This video is very informative. I have one spring boot REST API application which has Login and Signup API and other APIs. I need to have Authorization server, Resource server in this same application using JWT. This way I can save the resources instead of separate server deployment. Can you please end to end flow using Spring Boot 3, Spring Security, Spring Boot starter Authorization server and JWT ? It would be very helpful

@Javatechie 11 месяцев назад

Okay i will

@shaileshsathe9779 11 месяцев назад

@@Javatechie It would be great to see that

@shilpasingla1739 Год назад

Hello Basant sir...is it possible not to select open I'd or saml in keycloak for an internal application

@edson-moretti 2 года назад

In postman: "error": "RESTEASY003650: No resource method found for GET, return 405 with Allow header"

@Javatechie 2 года назад

Check the http method type

@shrirajbhat4472 Год назад

@@Javatechie I used Get, the same as you yet I am getting the same error

@vineetsharma802 2 года назад

Sir, plz integrate it with Microservices ASAP

@venkatasiva9517 2 года назад

Hi Java Techie, i followed the same process the way you did. but am getting 401 always. Possible to help?

@rajkumarsjc Год назад

Thank you. How do we pass key cloak certificate?

@pavanbhagathi6958 Год назад

please intergate with microservices and also how to add releam via code please?

@deepbajaj9589 2 года назад

How we can use kid rather then realm key from keyclosk_url/auth/realms/openid-connect/certs

@rishabhtyagi178 2 года назад

How to get access token without using postman? I mean through spring boot code can we get it?

@smrutisouravmoharana2658 9 месяцев назад

Hii sir, I had seen the video but i have a doubt i.e you are using role based authority in a single microservice class if I use api gateway how to use role based authority

@emad_arnesto9175 Год назад

hello sir any tutorial about keycloak security spring boot and angular?

@Javatechie Год назад

I have not yet tried but don't think it's complex since already we have backend api we can easily integrate to frontend .

@emad_arnesto9175 Год назад

@@Javatechie ok thanks

@muralikrishna6044 Год назад

After install while run key cloak server getting error sir I was used bin/kc.bat start-dev but getting error could you please rectify problem😢

@raghavamuramreddy1323 2 года назад

Hi java techie, can you please do one video for JpaStreamer for update record

@Javatechie 2 года назад

Hi Raghav , JpaStream can't be use for post and put

@raghavamuramreddy1323 2 года назад

@@Javatechie actually jpastreamer not getting realtime data from db, its maintaining cache

@Javatechie 2 года назад

Not getting how did you concluded it's getting data from cache

@raghavamuramreddy1323 2 года назад

Whenever I updated record at db manually then try to get record using jpastreamer not returning updated value its returning old value only

@raghavamuramreddy1323 2 года назад

@@Javatechie because after I changed column value at db still returning old value

@iarpanbose 2 года назад

But what if my application have a sign up section and i want users to be created from my application in that case how keycloak will get those data? And can keycloak use my database instead of its self?

@Javatechie 2 года назад

Hi Arpan good question . I didn't explore much on it . I will check and update you

@GauravSharma-ry5qf 7 месяцев назад

@@Javatechie any update on this

@Javatechie 7 месяцев назад

@@GauravSharma-ry5qf sorry i misunderstood your question. Why will you use keycloal if you want to maintain user credentials with your own ? What do you understand about 3rd party identity providers? Usually you will get the options to register a user in the keycloal user interface itself so the user can sign up from there

@GauravSharma-ry5qf 7 месяцев назад

@@Javatechie ok , but after exploration I got know that Oauth2 mainly used for Authorization, so for authentication if we have separate service and for the Authorization only we want to use that , so how we can leverage that ?

@Javatechie 7 месяцев назад

Identity providers also support Authentication buddy.

@i.vigneshdavid1698 2 года назад

Is it possible to implement form based and jwt token based authentication in a single app. Currently i implemented spring oauth2 based keycloak sso implementation it works fine in browser.but when i hit the endpoints in postman it return keycloak login page as response

@Javatechie 2 года назад

In postman you must need to pass token as part of headers

@i.vigneshdavid1698 2 года назад

@@Javatechie yeah i did this but still i get keycloak login page as response.

@Javatechie 2 года назад

Update token in postman

@sheikhhafeez3766 Год назад

@Java Techie I am getting below error Client 'myclient' doesn't have secret available failed to turn code into token status from server: 400 {"error":"invalid_client","error_description":"Invalid client credentials"} In response I am getting login page [html back] Can anyone help pls

@Javatechie Год назад

Validate your client id and secret key if it's not working regenerate it and try again

@sheikhhafeez3766 Год назад

I tried multiple times...I am able to get token from keyclock but while accessing rest points this error is coming I tried with keyclock 15.* & 19.* but same error in both versions Tried with Spring boot version 2.5.* &2.7.3 Java 11 & latest eclipse 2022 release

@dildarsk4167 2 года назад

How to configure post calls in keycloak. Getting 403!!

@nikhiljadhav5641 Год назад

How can we store user data at keycloak?

@HimanshuSharma-vp8xi 2 года назад

Hey Java Techie, i have one doubt. how this keycloak and openid works with microservice architecture where one microservices is calling another microservice. so how to authenticate during this call.

@Javatechie 2 года назад

Will cover this part

@innocentmutyavaviri8205 2 года назад

@@Javatechie Please do, that will be really helpful

@Javatechie 2 года назад

Sure buddy

@Pain-qu5nr Год назад

Hey this doesn't work. Followed everything but my api's are still accessible without the security. 😭😭😭😭

@cuongle9888 2 года назад

Hi, I want to ask how to integrate keycloak into api gateway, thanks

@Javatechie 2 года назад

I will do that

@dalu_ 2 года назад

Doesn't work. I'm always getting 403, despite the token being sent via Postman.

@divyakornana1104 Год назад

can we use multiple roles for one method? If yes then which user password we have to give in postman?

@Javatechie Год назад

Yes you can define. It’s upto you with which user you want to access your api

@KaushalKumar-mr7ez Год назад

Can u do the same for microservice and angular UI?

@Javatechie Год назад

I will do it using microservice it's in my queue

@VM31416 2 года назад

Can you enable subs, please?

@trantuananh5150 2 года назад

When I add @RolesAllowed it always return NullPointerException. Anyone have any idea about this?

@Javatechie 2 года назад

Just debug your code and find out where exactly it's giving you NPE

@gogairemashvili8469 2 года назад

how did you solve this error??

@trantuananh5150 2 года назад

@@gogairemashvili8469 I'm not really sure with this annotation. I decided not to use it anymore.

@user-zf7gs5dr4l Год назад

it is not working with the latest version of the keycloak

@Javatechie Год назад

I need to check

@cookies4techies992 2 года назад

Now I have downloaded keyclock 18.0.2. There is no standalone.bat inside the bin folder any idea how to start it.

@younisabbasi3656 2 года назад

kc.sh or kc.bat run command like "kc.sh start-dev"

@maninee1457 8 месяцев назад

@@younisabbasi3656 I have tried this...but no luck. It is due to Any jdk issue??

@ruptamsadhukhan7834 2 года назад

How can I use the users from User Table of Database?

@Javatechie 2 года назад

Please check out my spring security playlist video with Facebook example

@ruptamsadhukhan7834 2 года назад

@@Javatechie I meant using Keycloak. In keycloak console you are manually adding users. But my application already having user in user table how can i integrate keycloak?

@Javatechie 2 года назад

Not sure buddy need to check

@deeplife9654 5 месяцев назад

If I have million user , then how can keyclock manual adding user can help 😢

@rexsam3134 2 года назад

In real time how can a company implement Keycloak if number of users are > 99999999?

@Javatechie 2 года назад

Keycloak is third party authentication provider if you use their service then you must need pay them as per your need

@rexsam3134 2 года назад

@@Javatechie sharing employees information is very crucial and this is crucial authentication info that is to be considered carefully. Which companies have implemented keycloak?

@IamSickBoy Год назад

armin

@vipinkoul595 8 месяцев назад

Do we always hard code the user and roles in spring boot application? Is there any other way to provide those information at method level (instead of hard coding)

@raghuvardhansaripalli9636 Год назад

Basant, Again i have gone through your video. One doubt i have. My SecurityConfig class is not getting compiled. I am getting error in "KeycloakWebSecurityConfigurerAdapter". After clicking cntrl+shift+o in my eclipse its still showing red color. I am using jdk 17. May be the code is not supporting for java 17. can you guide me where to get the security config class for openid. ? You are blessed by God by having good intelligence by gaining good knowledge. Thanks for all God bless you..

@Javatechie Год назад

Hi Raghu, drop me an email javatechie4u@gmail.com we can connect and check

@raghuvardhansaripalli9636 Год назад

@@Javatechie thanks Basant

@mcavalcantesouza Год назад

I´m using Spring Tool Suite 4-4 with Keycloak 20.0.2. When I extend the class KeycloakWebSecurityConfigurerAdapter like below: @KeycloakConfiguration public class KeycloakSecurityConfig extends KeycloakWebSecurityConfigurerAdapter I get this error hovering the class KeycloakWebSecurityConfigurerAdapter: The type org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter cannot be resolved. It is indirectly referenced from required type org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter Have you seen this error?