Running Keycloak
Now that we have our project set up with Spring Security, we need to add Keycloak to handle user authentication and authorization.
Adding Keycloak to Docker Compose
Let's add Keycloak to our existing Docker Compose file that already contains Elasticsearch and Kibana.
Add the following service definition to your docker-compose.yml file:
keycloak:
image: quay.io/keycloak/keycloak:23.0
ports:
- '9090:8080'
environment:
KEYCLOAK_ADMIN: admin
KEYCLOAK_ADMIN_PASSWORD: admin
KC_DB: h2-file
volumes:
- keycloak-data:/opt/keycloak/data
command:
- start-dev
- --db=dev-fileDon't forget to add the volume definition at the bottom of your file:
volumes:
keycloak-data:
driver: localStarting the Services
Now we can start all our services using Docker Compose.
Open a terminal in your project directory and run:
docker-compose up -dThis command starts all services (Elasticsearch, Kibana, and Keycloak) in detached mode.
Wait a few moments for all services to start up.
Accessing Keycloak
Once Keycloak is running, you can access its administration console.
Open your web browser and navigate to http://localhost:9090.
Click on the "Administration Console" link.
Log in using these credentials:
- Username:
admin - Password:
admin
Configuring Spring Boot
Now we need to tell our Spring Boot application where to find Keycloak.
Add this property to your application.properties file:
spring.security.oauth2.resourceserver.jwt.issuer-uri=http://localhost:9090/realms/restaurant-reviewThis property tells Spring Security where to validate JWTs (JSON Web Tokens) that will be used for authentication.
Summary
- Added Keycloak service configuration to Docker Compose
- Started all services using Docker Compose
- Accessed Keycloak's administration console at port 9090
- Configured Spring Boot to use Keycloak for JWT validation
