A quick guide to use Spring Cloud Gateway with Keycloak

xfactrs

Arvind Pareek

xfactrs Blog Keycloak

Keycloak is an open-source identity and access management solution which provides user federation, strong authentication, user management, fine-grained authorization, and more. In this blog, we will be looking at how we can integrate Keycloak with Spring Cloud Gateway using Open ID Connect (OIDC).

Keycloak

Setup Keycloak

Use the Keycloak docker image, and attach it a specific port. Sample docker-compose yml section is given below.

version: ‘1.0’

services:

Keycloak:

image: quay.io/Keycloak/Keycloak:20.0.01

ports:

– 9040:9040

environment:

– KEYCLOAK_USER=*****

– KEYCLOAK_ADMIN_PASSWORD=*****

Bring up keyclock and go to the admin page http://localhost:9040/admin . Login with admin username and password. This will be same as the ones set with the environment variables – KEYCLOAK_USER and KEYCLOAK_ADMIN_PASSWORD. Proceed to the configuration of realm, client and user as outlined here

Create an Application with Spring Cloud Gateway

Go to https://start.spring.io and create a project with Gateway and 0Auth2 Client. Create a simple rest controller as below:

Keycloak

This will return the ID of the Keycloak user from the principal object, which is created by spring security.

Below security consideration should be there to protect endpoint:

xfactrs Blog 5

Each request is authenticated. If user is not logged in, there will be a redirection to the Keycloak login screen.

Application Properties:

application.yml file if the file should be similar to the below:

xfactrs Blog 4

Set the client Id and client secret key based on what was configured in Keycloak.

With all the above changes, start the application. Going to http://localhost:8080 will see the browser redirect the user to the login page of Keycloak. User can login with username / password.

Relevant Blogs

Mind the Gap – The Leakage Happens in the Gap!

Mind the Gap – The Leakage Happens in the Gap!

Prasanna Deshmukh, Chief Product OfficerAs I start my journey as a Chief Product Officer with xfactrs, I am starting to talk with our customers about the value of xfactrs products and how it can identify the revenue leakage in the quote to cash processes. Analysts...

Analytics Tools Vs Revenue Assurance Platform

Analytics Tools Vs Revenue Assurance Platform

Kiran MohanWe have an analytics tool, why do I need a revenue assurance platform? More or less, that’s what we hear from many conversations we have. I don’t blame them as we are comparing apples vs oranges. The concept of revenue assurance is new to the subscription...

Quote Configuration

Is your quote configured as per requirement?

Order Assurance

Are your orders recorded accurately?

Consumption Assurance

Are you capturing the consumption accurately?

Billing Assurance

Are you sure that you are not under or overbilling?

Invoice Assurance

Are there any discrepancies in your invoice?

Renewal Assurance

Still servicing the customers who haven’t renewed?

Payment Assurance

Are you realizing the entire payments accurately?

Get a Demo

Write to us and see how xfactrs can help you protect your hard-earned revenues from leaking.

About Us

See what drives our passion for controlling revenue leakage

Why xfactrs

We believe xfactrs is unique. See why

Resources

Our thoughts and perspective on revenue assurance

Media

Already buzzing in the media world

Careers

Exciting careers are waiting for you to take on the subscription world

Get a Demo

Write to us and see how xfactrs can help you protect your hard-earned revenues from leaking.