This project illustrates the implementation of Keycloak integration for securing a Spring Boot application. Keycloak is a robust open-source Identity and Access Management tool with features such as Single Sign-On (SSO) using OpenID Connect, Role-Based Access Control (RBAC), and Fine-Grained Authorization.
- Single Sign-On (SSO) with OpenID Connect
- Role-Based Access Control (RBAC)
- Fine-Grained Authorization
Ensure the following software is installed before proceeding:
- Java 17+
- Maven
- Keycloak Server 21+
Follow these instructions to set up the project on your local machine for development and testing purposes.
-
Clone the repository:
git clone https://github.com/seremwen/Spring-Boot-Keycloack-Integration.git
-
Navigate into the project directory:
cd Spring-Boot-Keycloack-Integration
-
Build the project using Maven:
mvn clean install
-
Run the Spring Boot application:
mvn spring-boot:run
-
Run the docker-compose file:
docker-compose up -d
-
Navigate to Keycloak Admin UI Console.
-
Create a new Realm and name it "Nseremwe," or update the
application.yml
file and specify your Realm name. -
Create Roles.
-
Create Users.
-
Assign roles to users.
@RestController
@RequestMapping("/api/v1/payments")
public class PaymentsApi {
@GetMapping("/all")
@PreAuthorize("hasRole('ACCOUNTS')")
public List<Payment> getAllPayments() {
// Implementation goes here
}
}
@RestController
@RequestMapping("/api/v1/courses")
public class CoursesApi {
@GetMapping("/all")
@PreAuthorize("hasRole('ACADEMICS')")
public List<Course> getAllCourses() {
// Implementation goes here
}
}
@RestController
@RequestMapping("/api/v1/students")
public class StudentsApi {
@GetMapping("/all")
@PreAuthorize("hasRole('ADMISSIONS')")
public List<Student> getAll() {
// Implementation goes here
}
}
To be determined
Feel free to submit pull requests. For significant changes, kindly open an issue first to discuss proposed modifications.
Ensure to update tests as needed.
This project is licensed under the MIT License - see the LICENSE.md file for details.