I am using the keycloak adapter for springboot to manage the authentication.
In localhost it works well with an URL for Keycloak like "https://kc.dev.com/auth"
But when I deploy the app in Kubernetes cluster, the Keycloak adapter cannot reach the keycloak server because of the URL I configured "service.namespace:port/auth"
It doesn't work here, even with the http client feign it is working for another need.
If someone knows how to fix it...
Please let me know
Related
I want to deploy a Spring microservices application using Docker Compose.
I have a Keycloak container running with a public Authorization Code Flow (with PKCE) client configured and now I want to authenticate with a webapp that's hosted on another server or with a mobile app.
I have set the KC_HOSTNAME_URL of the Keycloak container to the public IP like http://1.2.3.4:8080 and in my webapp I have set the authority URL to http://1.2.3.4:8080/realms/my-realm (using oidc-react package).
This way general authentication with Keycloak works.
But when I want to make a request to one of my services with the received token, Spring gives me the error:
java.lang.IllegalStateException: The Issuer "http://1.2.3.4:8080/realms/my-realm" provided in the configuration did not match the requested issuer "http://keycloak:8080/realms/my-realm"
This makes sense, because my services are configured with spring.security.oauth2.resourceserver.jwt.issuer-uri=http://keycloak:8080/realms/my-realm, when running inside docker.
I just don't know what I am missing in order to obtain a token using a public IP/Domain from a public client on the one hand and on the other hand validating that token inside docker using docker-internal names.
My question might be confusing and I will try to make it clear as possible! We have a webserver(Apache), application server(Spring boot) and database server. I am implementing HTTPS for the rest API. SSL certificates are set to be in web server and the web server will redirect all requests to the Application Server.
My question is as I have added my SSL certificates in webserver, do I need to add anything to my application server? How do I make my spring boot application to accept only HTTPS request?
Thanks in advance
I have bound a few spring boot actuator endpoints jar file metrics to ports 9000, 9001 and 9002. On trying localhost:9000 or server IP:9000. I am able to access the metrics.
But this works only on the local server. I want that any on my company network can open the metric site through IP based URL i.e IP:9000.
How can I achieve this without using tomcat or xamp. It is a spring boot actuator.
Can someone explain how hosting works ? in my spring boot app there'ss embedded tomcat server. as I understand the spring app runs with tomcat, tomcat takes some port, 8080 for example, and listens to requests coming to that port (when deployed locally at least) localhost:8080. I can make requests from my front end app, which runs on localhost:3000 and tomcat will take the requests, find controllers mapped to the urls that front request is directed to "/user" or "/myposts" or whatever, that controller runs code, talks to db inserts data into response and tomcat sends it back to front end.
If I deploy my app to some hosting service, like Google cloud, does the spring app still run with tomcat ? in that case which port will tomcat run on, where would my front end send requests to ? to the subdomain that google cloud has set up for my project ? Where would i need to configure SSL/https ? Would my front end send secure requests to google subdomain over https endpoints and it would relay those requests to deployed spring app through http(unsecured, inside hosting server) ? Or how ?
One of the most straightforward way to do this is to spin up an instance, ssh into the that instance and run your spring boot app the same way you would run it on your machine. Everything works the same as it would on that cloud instance. Your spring boot app still runs within tomcat and it still listens to port 8080. The only difference is now the hostname is no longer localhost and it will be the DNS name of that instance. You can find the DNS name on the console.
You need to get a SSL certificate if you wanna enable https "natively" in your spring boot app. Alternatively, you can set up a load balancer or an API gateway in front of your cloud instance to do the SSL termination for you. In this case, your frontend will send request to the load balancer or API gateway instead of your spring boot app. They accept https requests and transform them to http request and send it to your spring boot app.
I'm new to Spring and built a simple Springboot app that has a couple of endpoints and stores data in a mysql database. It is now time for me to deploy it to AWS. I setup a beanstalk instance, uploaded my war file, and also setup a rds db instance with mysql. When I try to visit one of my endpoints using my environment url/(the endpoint), I'm getting a 404 error. I know the endpoints work because when I ran the project locally, I tested them.
I suspect the issue is the Spring datasource url I have configured in my project. When I was running locally, I had the url set to the following: jdbc:mysql://127.0.0.1/exampleDb
I tried changing the url to the following: jdbc:mysql://(my aws environment url):3306/ebdb but I still get the same error.
What should I change the datasource url to? Any ideas? I'm new to Spring and AWS, so this has really been a roadblock.
Any help is appreciated.