You saved my life with this tutorial 🙏🙏.. great work brother
@RefactorFirst
2 жыл бұрын
Glad it helped you 🙂
@edwardm4348
2 жыл бұрын
Very informative and precise. Thank you for taking your time.
@RefactorFirst
2 жыл бұрын
Glad I could help.
@agrinbrg
2 жыл бұрын
You are magician !
@ravindralonkar5102
Жыл бұрын
Hello sir, How we can call auth api from postman, can you please make one video
@sureshkumar-ib6wx
2 жыл бұрын
Thanks for wonderful video, it gave me basic understanding of oath2 flow. Can you please also make a video for creating keycloak user from api gateway
@RefactorFirst
2 жыл бұрын
To allow user creation, you just need to select the option to include user registration in the login ui. This is available from keycloak directly. Nothing changes on the API gateway
@mohamadsharifi2353
Жыл бұрын
Nice Video. How do you configure policy enforcer with spring cloud gateway for fine grained authorization?
@sasasisi8854
2 жыл бұрын
can you make more videos about keycloak configuration?
@sumithk1493
Жыл бұрын
How do i implement a POST API which passes through the Gateway?
@f.5528
2 жыл бұрын
very good video. TY
@priyankagawada4158
2 жыл бұрын
Thanks for such an end to end working example with spring cloud gateway and Keycloak. I have a query - How api gateway and keycloak can be used to authenticate user details received from a client application like Angular? POST ({email password}) Flow : Angular -----------------------> API Gateway ------------> Keycloak
@RefactorFirst
2 жыл бұрын
I think this would not be possible using oauth2 mechanism. Keycloak is the authorization server and it has the responsibility to check for authentication as it has the user details with itself. As a solution you can always customize the UI provided by keycloak for authentication.
@montuaneja3643
Жыл бұрын
Very much needed and helpful information, thanks a lot. i have a question like you have shown this example by taking one service and created 2 classes RealmRoleConverter and ResourcesServerConfig as part of resource configs suppose we have 5-10 services so ,we need to create these two classes in all the microservices, right? am i right or is there any other way of doing this?
@RefactorFirst
Жыл бұрын
Yes.. if you want to protect them with OAuth2
@Tecnitr0nic
2 жыл бұрын
TokenRelay is not working. When I use postman to test my endpoints, gateway responds code 200 but always shows (in html in postman) the keycloack login webpage, I can never pass even submitting the token to the gateway. However, it works if I send the request to the microservice without using the gateway. Do you know what could be happening?
@glnjalsa
2 жыл бұрын
I have a onprem LDAP server which has all the info about user permissions. Planning to develop a Rest API on top of onprem server which gives the response as read/write perm, all of the microservices are on cloud and user roles are tagged to the rest api. Can I use keycloack to generate a token which contains user permissions as part of claims and pass it to the backend server to validate it?
@buddy6670
2 жыл бұрын
please make the theme light. it is less visible. hope u will do further on
@RefactorFirst
2 жыл бұрын
Checkout the latest videos.. its with light theme..
@pradhyumnakandamuru
Жыл бұрын
Hi, when I do this activity in API gateway from a browser it is generating cookies, how can we tell reactive security flow to stay Stateless and pass tokens in the headers?
@RefactorFirst
Жыл бұрын
You will need to define this in the properties. What I remember last is that there is a property to forward the token in the header. You will have to check the documentation for the property.
@marypaul9627
Жыл бұрын
Thank you again,i now face this error when i try to hit localhost:9090 instead of getting logging page like you i get error 403 not authorized...have crosschecked my code to look like yours but in vain
@RefactorFirst
Жыл бұрын
Try running my code from github.. may be you can figure out something more..
@jusamuel4246
2 жыл бұрын
Great video! I have one question, how the frontend, for example react, integrate with keycloak for user registration etc? thank you
@RefactorFirst
2 жыл бұрын
If you mean, having a separate frontend and using keycloak for authentication, then you cannot do this in oauth2. Since keycloak is the authorization server, it provides the UI for login. However, keycloak login screen can be customized. Details are in the documentation.
@marypaul9627
Жыл бұрын
Hi thanks,a new subscriber here been looking for such a tutorial for days i have implemented and itr has worked just aking i have a front end by react which api do i hit to be directed to the login page that has auth?
@RefactorFirst
Жыл бұрын
You can hit the /login endpoint. I have made another video talking about solving login and logout issues with keycloak. May be you can get some more info from there..
@buddy6670
2 жыл бұрын
how to use Backchannel Logout URL for logging out the user in api gateway application
@RefactorFirst
2 жыл бұрын
Hitting /logout will help as far as i can remember.
@buddy6670
2 жыл бұрын
@@RefactorFirst Yeah I did that. But there is no login page coming again from keycloak. I am able to access the apis again without login.
@RefactorFirst
2 жыл бұрын
Try hitting this " auth-server/auth/realms/{realm-name}/protocol/openid-connect/logout" on the auth server .. see if it logs out.. if it does.. then you need to check on the api gateway.. mostly "/logout" on the api gateway causes the logout to happen..
@buddy6670
2 жыл бұрын
@@RefactorFirst i will try it. Also got to know that my realm_roles was not coming, so i have to update in Client Scopes > roles > Mappers > realm roles > Add to userinfo = true
@RefactorFirst
2 жыл бұрын
Nice.. hope your comment helps someone else also..
@severorossini7938
2 жыл бұрын
I can configure the client (for login) and the resource server in the same app or configuration??
@RefactorFirst
2 жыл бұрын
Yes.. you can.. you dont need the additional resource server dependencies. Just the auth server with security is enough..
@agrinbrg
2 жыл бұрын
Do you know how to configure spring boot gateway to log out from keyclock? I am trying to use your application code and just having trouble. Any ideas would be very helpful !
@RefactorFirst
2 жыл бұрын
In your keycloak realm settings, open the oidc endpoint url.. you will find all the urls there..including the logout url.. on calling the logout url.. you can logout..
@RefactorFirst
2 жыл бұрын
I did some more research, so spring security handles logout using /logout url.. hitting that is enough to logout the user.. spring security will automatically take of the rest.
@Ajay-ds1lv
2 жыл бұрын
Hi sir, I need a help when I am sending request from react to the microservice through gateway I am getting cors origin error. I would be grateful if you help.
@Ajay-ds1lv
2 жыл бұрын
Can anyone help?
@RefactorFirst
2 жыл бұрын
You will have to add allowed hosts to solved cors issue. If your host is localhost add it to the allowed hosts.. that will solve the issue..
@Ajay-ds1lv
2 жыл бұрын
It should be in the gateway. right? Or in microservice?
@RefactorFirst
2 жыл бұрын
If it should be where the spring security is integrated..
@Ajay-ds1lv
2 жыл бұрын
I have done as same as you have done in keycloak videos
@senoremc4628
Жыл бұрын
Hi, thank you very much for your videos. Do you know how can I access a resource from a frontend in vuejs. For example, I want a list of products and I am trying to do it like this: export default class ProductService { url = "localhost:8181/api/product/" getAllProducts() { return axios.get(this.url, { headers: { 'Origin': ' localhost:8082' } }); } } The problem is that I have the following errors. 1. Setting the insecure header 'Origin' has been rejected. 2. Access to XMLHttpRequest at 'localhost:8181/api/product/' from origin 'localhost:8082' has been blocked by CORS policy: 'Access-Control-Allow-Origin' header is not present in the requested resource.
Пікірлер: 50