Spring Cloud microservice with keycloak - spring-boot

I have a spring cloud microservices project which uses Spring Cloud Config Server for managing configurations and Eureka Server for service discovery.
My application was doing great until I wanted to add a new microservice with keycloak. This new microservice is simply a rest API for my Vue frontend application and user managament is expected to be handled by Keycloak.
The new service runs OK and registers itself to Eureka until I add keycloak dependencies to the project. Application does not crash or throw any errors, startsup fine and registers itself to Eureka but on the Spring Boot Admin server panel I see that the application is down.
Here is my .properties file for the new service.
eureka.instance.preferIpAddress=true
eureka.client.serviceUrl.defaultZone=http://localhost:8761/eureka
eureka.instance.leaseRenewalIntervalInSeconds=3
eureka.client.eureka-connection-idle-timeout-seconds=3
eureka.client.fetchRegistry=true
spring.boot.admin.client.url=http://localhost:6060
management.endpoints.web.exposure.include=*
management.endpoint.health.show-details=always
server.port=8082
keycloak.auth-server-url=http://localhost:8080/auth
keycloak.realm=microservices
keycloak.resource=microservices-app
keycloak.public-client=true
keycloak.security-constraints[0].authRoles[0]=user
keycloak.security-constraints[0].securityCollections[0].patterns[0]=/*
keycloak.cors=true
Here are my dependencies for the new service.
...
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<exclusions>
<exclusion>
<groupId>org.thymeleaf</groupId>
<artifactId>thymeleaf</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-config</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-spring-boot-starter</artifactId>
<version>4.8.3.Final</version>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-openfeign</artifactId>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.keycloak.bom</groupId>
<artifactId>keycloak-adapter-bom</artifactId>
<version>4.8.3.Final</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
Spring cloud version is Hoxton.SR1
Spring boot version is 2.2.2.RELEASE
I have tried adding Spring Security and making java configurations using KeycloakAuthenticationProvider but didn't help.
Throughout this project, I had many weird bugs caused by Spring Cloud version or Spring Cloud-Spring Boot Admin interaction so changing version or adding one little parameter to the configuration files usually did the trick, I am suspecting this Keycloak issue will be solved the same way.

Spring Boot Admin uses actuator endpoints, try to make them unprotected:
keycloak.security-constraints[0].authRoles[0]=user
keycloak.security-constraints[0].securityCollections[0].patterns[0]=/*
keycloak.security-constraints[0].securityCollections[1].patterns[0]=/actuator
keycloak.security-constraints[0].securityCollections[1].patterns[1]=/actuator/*

Related

Opentelemetry logs not printing

I am migrating from open tracing to open telemetry with jaeger.
Earlier the pom had following:
<dependency>
<groupId>io.opentracing</groupId>
<artifactId>opentracing-api</artifactId>
<version>0.31.0</version>
</dependency>
<dependency>
<groupId>io.opentracing.contrib</groupId>
<artifactId>opentracing-spring-cloud-starter</artifactId>
<version>0.1.13</version>
</dependency>
<dependency>
<groupId>io.jaegertracing</groupId>
<artifactId>jaeger-client</artifactId>
<version>0.31.0</version>
</dependency>
Then I migrated from java 8 spring boot v2.3 to java 17 spring boot v3. So I updated the config as follows:
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-sleuth</artifactId>
<exclusions>
<exclusion>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-sleuth-brave</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-sleuth-otel-autoconfigure</artifactId>
</dependency>
<dependency>
<groupId>io.opentelemetry</groupId>
<artifactId>opentelemetry-exporter-otlp-trace</artifactId>
<version>1.14.0</version>
</dependency>
<dependency>
<groupId>io.grpc</groupId>
<artifactId>grpc-okhttp</artifactId>
<version>1.51.0</version>
</dependency>
the properties are mentioned below:
<java.version>17</java.version>
<spring-boot.version>3.0.0</spring-boot.version>
<spring-cloud.version>2021.0.5</spring-cloud.version>
<spring-cloud-sleuth-otel.version>1.1.0</spring-cloud-sleuth-otel.version>
<opentelemetry-exporter-otlp>1.20.1</opentelemetry-exporter-otlp>
The problem I encounter is that the spans are not logged. I do not see any logs that say span reported, which I usually get before. I haven't connected this to any collector or added any telemetry related configuration. I was following this tutorial () but it says the app should work out of the box.
What kind of configurations am I missing here?
EDIT: The second approach (The open telemetry one) works when spring boot version is 2.5.6 (https://qdnqn.com/opentelemetry-spring-boot-kafka-and-jaeger-in-action/) but not when 3.0. How can make this work in spring boot 3?

Spring boot with jersey only as a client

I uses latest of spring boot and I would like to use jersey as a rest client. But I really do not need a rest server!
Including
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-jersey</artifactId>
</dependency>
starts a jersey server.
How can I disable this? TIA!
My solution was, adding the following to the pom.xml:
<dependency>
<groupId>org.glassfish.jersey.core</groupId>
<artifactId>jersey-client</artifactId>
<version>${jersey.version}</version> <!-- Spring boot's version -->
</dependency>
and removing the dependency to spring-boot-starter-jersey.

Why is SBA JMX Bean Management reporting an error?

Versions:
Spring Boot 2.1.0
Spring Boot Admin 2.1.1
I have everything working with my Spring Boot app reporting to Spring Boot Admin. There is just 1 piece not working and that is JMX Bean Management. From the docs:
To interact with JMX-beans in the admin UI you have to include Jolokia
in your application. As Jolokia is servlet based there is no support
for reactive applications. In case you are using the
spring-boot-admin-starter-client it will be pulled in for you, if not
add Jolokia to your dependencies.
I understand it does not work with Reactive WebFlux but I am using Servlet Based example using Undertow as my servlet container. Configuration in pom.xml:
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-starter-server</artifactId>
</dependency>
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-starter-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<exclusions>
<exclusion>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-undertow</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
And as i stated everything is working except 1 thing and that is JMX control. I get the following error and I can't find any reason or logging as to why? Any help would be appreciated!
Start your program with following parameters:
-Dcom.sun.management.jmxremote
-Dcom.sun.management.jmxremote.authenticate=false
-Dcom.sun.management.jmxremote.ssl=false
-Dcom.sun.management.jmxremote.local.only=false
-Dcom.sun.management.jmxremote.port=1099
And (if using docker/kubernetes) expose port 1099

How to configure embedded jetty base resource for servlet in Spring Boot

How do I configure embedded jetty base resource for servlet in Spring Boot?
Spring Boot documentation contains pretty good piece of information regarding embedded containers. In order to have Jetty as your Embedded container all what you need to do is just to update boot dependencies. All other configuration should pretty standard for Servlet/Spring MVC application.
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<exclusions>
<exclusion>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-jetty</artifactId>
</dependency>

Using moskito with Spring Boot

I am trying to use the moskito tool to monitor a spring boot based application. Not having done this before, I am trying to follow the documentation and I've got my pom.xml with these dependencies:
<dependency>
<groupId>net.anotheria</groupId>
<artifactId>moskito-core</artifactId>
</dependency>
<dependency>
<groupId>net.anotheria</groupId>
<artifactId>moskito-aop</artifactId>
</dependency>
<dependency>
<groupId>net.anotheria</groupId>
<artifactId>moskito-webui</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-jetty</artifactId>
</dependency>
This much does not seem enough; from what I read it should have brought up the webUI at http://localhost:8080/mui but I'm just getting a generic Spring Boot error page with nothing in the console. Has anyone tried to make these two work together?

Resources