ivangfr /
springboot-keycloak-openldap
The goal of this project is to create a simple Spring Boot REST API, called simple-service, and secure it with Keycloak. Furthermore, the API users will be loaded into Keycloak from OpenLDAP server.
Loading repository data…
ivangfr / repository
The goal of this project is to create a simple Spring Boot REST API, named 'simple-service,' and secure it using the Spring Security LDAP module. Additionally, Testcontainers will be utilized for integration testing.
The goal of this project is to create a simple Spring Boot REST API, named simple-service, and secure it using the Spring Security LDAP module. Additionally, Testcontainers will be utilized for integration testing.
On ivangfr.github.io, I have compiled my Proof-of-Concepts (PoCs) and articles. You can easily search for the technology you are interested in by using the filter. Who knows, perhaps I have already implemented a PoC or written an article about what you are looking for.
Spring Boot Java Web application that exposes two endpoints:
GET /api/public: can be accessed by anyone, it is not secured;GET /api/private: can only be accessed by users authenticated with valid LDAP credentials.Open a terminal and inside the springboot-ldap-testcontainers root folder run:
docker compose up -d
The LDIF file we will use, simple-service/src/main/resources/ldap-mycompany-com.ldif, contains a pre-defined structure for mycompany.com. Basically, it has 2 groups (employees and clients) and 3 users (Bill Gates, Steve Jobs, and Mark Cuban). Besides, it's defined that Bill Gates and Mark Cuban belong to the employees group, and Steve Jobs belongs to the clients group.
Bill Gates > username: bgates, password: 123
Steve Jobs > username: sjobs, password: 123
Mark Cuban > username: mcuban, password: 123
There are two ways to import those users: by running a script or by using phpLDAPadmin.
In a terminal, make sure you are in the springboot-ldap-testcontainers root folder
Run the following script
./import-openldap-users.sh
Check users imported using ldapsearch
ldapsearch -x -D "cn=admin,dc=mycompany,dc=com" \
-w admin -H ldap://localhost:389 \
-b "ou=users,dc=mycompany,dc=com" \
-s sub "(uid=*)"
Access https://localhost:6443
Login with the following credentials
Login DN: cn=admin,dc=mycompany,dc=com
Password: admin
Import the file simple-service/src/main/resources/ldap-mycompany-com.ldif
You should see something like
In a terminal, make sure you are in the springboot-ldap-testcontainers root folder
Run the following command to start simple-service
./mvnw clean spring-boot:run --projects simple-service
In a terminal, make sure you are in the springboot-ldap-testcontainers root folder
Build Docker Image
./build-docker-images.sh
./build-docker-images.sh native
Environment Variables
| Environment Variable | Description |
|---|---|
LDAP_HOST | Specify host of the LDAP to use (default localhost) |
LDAP_PORT | Specify port of the LDAP to use (default 389) |
Run Docker Container
docker run --rm --name simple-service -p 8080:8080 \
-e LDAP_HOST=openldap \
--network springboot-ldap-testcontainers_default \
ivanfranchin/simple-service:1.0.0
Open a terminal
Call the endpoint /api/public
curl -i localhost:8080/api/public
It should return
HTTP/1.1 200
It is public.
Try to call the endpoint /api/private without credentials
curl -i localhost:8080/api/private
It should return
HTTP/1.1 401
Call the endpoint /api/private again. This time providing username and password
curl -i -u bgates:123 localhost:8080/api/private
It should return
HTTP/1.1 200
bgates, it is private.
Call the endpoint /api/private providing an invalid password
curl -i -u bgates:124 localhost:8080/api/private
It should return
HTTP/1.1 401
Call the endpoint /api/private providing a non-existing user
curl -i -u cslim:123 localhost:8080/api/private
It should return
HTTP/1.1 401
Click GET /api/public to open it; then, click Try it out button and, finally, Execute button.
It should return
Code: 200
Response Body: It is public.
Click Authorize button (green-white one, located at the top-right of the page)
In the form that opens, provide the Bill Gates credentials, i.e., username bgates and password 123. Then, click Authorize button, and to finalize, click Close button
Click GET /api/private to open it; then click Try it out button and, finally, Execute button.
It should return
Code: 200
Response Body: bgates, it is private.
simple-service application, go to the terminal where it is running and press Ctrl+Cspringboot-ldap-testcontainers root folder, run the following command
docker compose down -v
In a terminal, make sure you are inside the springboot-ldap-testcontainers root folder
Run the command below to start the Unit Tests
./mvnw clean test --projects simple-service
Run the command below to start the Unit and Integration Tests
Note:
Testcontainerswill start theOpenLDAPDocker container automatically before some tests begin and will shut it down when the tests finish.
./mvnw clean verify --projects simple-service
To remove the Docker image created by this project, go to a terminal and, inside the springboot-ldap-testcontainers root folder, run the following script
./remove-docker-images.sh
Selected from shared topics, language and repository description—not editorial ratings.
ivangfr /
The goal of this project is to create a simple Spring Boot REST API, called simple-service, and secure it with Keycloak. Furthermore, the API users will be loaded into Keycloak from OpenLDAP server.
ivangfr /
The goal of this project is to compare some Java Microservice Frameworks like: Quarkus, Micronaut and Spring Boot. For it, we will implement applications using those frameworks, build their JVM and Native Docker images and measure start-up times, memory footprint, etc.
ivangfr /
The goal of this project is to get a list of games and their scores from a website. The application must parse the website HTML content, get the necessary information, save the game score data in a database and expose them through a REST API.