I have a spring cloud microservices project which uses Spring Cloud Config Server for managing configurations and Eureka Server for service discovery.
My application was doing great until I wanted to add a new microservice with keycloak. This new microservice is simply a rest API for my Vue frontend application and user managament is expected to be handled by Keycloak.
The new service runs OK and registers itself to Eureka until I add keycloak dependencies to the project. Application does not crash or throw any errors, startsup fine and registers itself to Eureka but on the Spring Boot Admin server panel I see that the application is down.
Here is my .properties file for the new service.
eureka.instance.preferIpAddress=true
eureka.client.serviceUrl.defaultZone=http://localhost:8761/eureka
eureka.instance.leaseRenewalIntervalInSeconds=3
eureka.client.eureka-connection-idle-timeout-seconds=3
eureka.client.fetchRegistry=true
spring.boot.admin.client.url=http://localhost:6060
management.endpoints.web.exposure.include=*
management.endpoint.health.show-details=always
server.port=8082
keycloak.auth-server-url=http://localhost:8080/auth
keycloak.realm=microservices
keycloak.resource=microservices-app
keycloak.public-client=true
keycloak.security-constraints[0].authRoles[0]=user
keycloak.security-constraints[0].securityCollections[0].patterns[0]=/*
keycloak.cors=true
Here are my dependencies for the new service.
...
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<exclusions>
<exclusion>
<groupId>org.thymeleaf</groupId>
<artifactId>thymeleaf</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-config</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-spring-boot-starter</artifactId>
<version>4.8.3.Final</version>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-openfeign</artifactId>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.keycloak.bom</groupId>
<artifactId>keycloak-adapter-bom</artifactId>
<version>4.8.3.Final</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
Spring cloud version is Hoxton.SR1
Spring boot version is 2.2.2.RELEASE
I have tried adding Spring Security and making java configurations using KeycloakAuthenticationProvider but didn't help.
Throughout this project, I had many weird bugs caused by Spring Cloud version or Spring Cloud-Spring Boot Admin interaction so changing version or adding one little parameter to the configuration files usually did the trick, I am suspecting this Keycloak issue will be solved the same way.
Spring Boot Admin uses actuator endpoints, try to make them unprotected:
keycloak.security-constraints[0].authRoles[0]=user
keycloak.security-constraints[0].securityCollections[0].patterns[0]=/*
keycloak.security-constraints[0].securityCollections[1].patterns[0]=/actuator
keycloak.security-constraints[0].securityCollections[1].patterns[1]=/actuator/*