Do you have a requirement to identify the right frameworks and tools to build your own Microservices Architecture? If so this course is for you!
In this course we'll teach you how to combine different frameworks and tools into a microservices architecture that fits your organizational needs.
You’ve no doubt heard about the microservices architecture, but understanding and executing it can be a bit of a challenge. Through a series of videos, this course will introduce microservices, review multiple microservices frameworks and runtimes, and show you techniques to deploy them through a hassle-free DevOps pipeline. We’ll discuss containers, Docker, Spring Boot, NodeJS, .NET, OpenShift, Jenkins, Vert.x, Kubernetes, and much more.
Okay. We have covered a lot of ground so far and you can see we are working a way round the dial here, but we are now going to dive into authentication. Because authentication and authorization are super important, you need to be secure in your microservices. So, how do you do that? We actually have a solution called Keycloak, and it is actually -- that is the upstream project called Keycloak, it is also known as a Red Hat SSO that is the part of the subscription when you have a supported product from JBoss middleware and part of the Red Hat organization. But in this case SSO is handled by an individual server, the Keycloak server that then can be applied to any endpoint that you have out there throughout your entire distributed system, and it can actually be used for your mobile applications, or for your web standard web application, you have an AngularJS application, et cetera.
Okay, this is our application right here, you see how it says unauthorized, and it's on this SSO tab. If I look over here, you kind of see there is the SSO, and actually let’s go up here a little bit and see, right here. So, this flag right there, basically says If SSO is enabled, actually show that tab, that is part of the magic that is happening here, and then there is this sso.js, right here. Okay?
You see it says api/hola-secured is the secured one, that is the one that is locked down. You can see, you have to be a user to get access to it, and KEYCLOAK is the authentication mechanism. So, that is where that is set. And then over here you can kind of see hola-secured, and so this guy right here does have the task of grabbing this Principal, actually saying that this user has access, is all that is really doing, and: This is a Secured resource. You are logged in as user. So, you don’t actually have to use that API, it is specifically there to kind of grab the username and display it to user. And then, and yes, so, just come over here and actually do the login.
Okay. So, I am going to login on this guy here, all right, make that little bigger. Oops. You got a spell the username correctly, user user, login there. All right. There we go. And now it says: This is a secured resource. You are logged in as an Example User. Which is our name, example user. Now it should be noted, this is all being managed in the backbone of the application with, if we go back to our. Let’s go back over here, to our console, all right. Our OpenShift console, let me get logged in here.
Here we go. And this is SSO, so this is the Keycloak server running here and you can kind of see, here is the Admin console that I have already up and running. You kind of see how it is configured, this is a very light weight configuration but there is a lot of capability here. So, I will encourage you to spend some time exploring it. You can actually have Keycloak manage the login screen for you. It takes care of the login screen, it takes care of registration screen, you kind of see what different users can do based on that, can Forgot password capability, Remember me capability, Verify email capability, you just flip these bits on, and the login screen works accordingly. So, I say login screen, I mean this screen you saw over here. All right.
You can add additional capabilities here very easily, based on what you define here on the admin side of Keycloak. You can kind of see, though that I don’t have a session, that is because I did log out. But if we come back here and log back in again, all right. You will see that we have a session. Here we go. And here, and there is our frontend session. The frontend client has now connected again. So, that concept makes security super easy, one place I encourage you to go and check things out is there is a great spring-boot-keycloak-tutorial, here at the sebastien’s Git hub account.
So, I encourage you to check that out, walk through it all, and then of course you can kind of see how securing a spring-boot application will look like as a good example. Okay. So, authentication is super easy and in course it's been addressed specifically here in this demo.
Again, don’t forget that our key demo we'll be walking you through the day, gives you access to all this, and you can kind of try it out for yourself. So, we have more to show you, so stick with us.
About the Author
Jeremy is the DevOps Content Lead at Cloud Academy where he specializes in developing technical training documentation for DevOps.
He has a strong background in software engineering, and has been coding with various languages, frameworks, and systems for the past 20+ years. In recent times, Jeremy has been focused on DevOps, Cloud, Security, and Machine Learning.
Jeremy holds professional certifications for both the AWS and GCP cloud platforms.