From developers, for developers. IBM Developer and Consol present a Cloud Native Story
Part 2 – Application Security with Keycloak and Quarkus: Please do not STATE your Business
Monolithic applications typically hold sessions states. With state-of-the-art technologies like container orchestration and serverless computing, sharing this state over a micro servicebackend becomes challenging. An alternative is to not hold the session state in the backend, but in a client-side tokens. One popular standard for this kind of state management is OAuth2. The client-side tokens are JSON Web Tokens (JWT), holding all necessary information defining the sessions. OpenID Connect (OIDC),which is an extension of OAuth2, furthermore provides “social login” capabilities (Login with google, github, facebook,…). Keycloak is an open-source and verified OAuth2- and OpenID Connect solution from Red Hat. The project is actively maintained. In this talk, we will create a base configuration for keycloak and use Keycloak to secure a Quarkus application.
Topics are: – Introduction to OAuth2, OIDC and keycloak
– Setting up a base keycloak in docker/k8s
– Configuring keycloak: – Define clients – Define users -Define roles
– Configure Quarkus to use and validate JWT Tokens
– Configure Role-Based Access Controlon endpoints
– Access token information within endpoints.
Talk (45 mins)
Q&A (15 mins)
Speaker: Marco Bungart, ConSol
Dr. Marco Bungart is a Software Engineer at ConSol GmbH. Their main field of work are cloud native java web applications,together with application lifecycle management (CI/CD) and infrastructureautomation.
Free IBM Cloud Account: https://ibm.biz/Bdqkie (no credit card required)
Learn more about ConSol’s Quarkus Services: https://www.consol.com/software-engineering/quarkus/
Subscribe for the event: https://www.consol.de/aktuelles/webcasts-software-engineering/#c24832
Keep up-to-date with the topics you are interested in, from Open Source monitoringto test automation, subscribe here to hear more from ConSol https://www.consol.de/newsletter/