Spring Boot Admin Client Configuration Using Basic HTTP Authentication
Learn how to use Spring Boot Admin to set up HTTP authentication for microservices.
Join the DZone community and get the full member experience.
Join For FreeSpring Boot Admin Application can be used to manage and monitor our applications.
Client applications register with our Spring Boot Admin Client (via HTTP) or are discovered using Spring Cloud (e.g. Eureka, Consul). The UI is just an AngularJS application on top of the Spring Boot Actuator endpoints.
Multiple boot applications, all registering to same boot admin server, have secured management endpoints with different authentication credentials (a different username/password for each application).
The boot admin UI pops up the window to enter the credentials for each application. This way, we can pass the authentication credentials from the client so that the admin server automatically reads it and connects to secure endpoints.
The solution below helps to take care of the problem above:
We can monitor the metrics of each of the deployed instances of the microservices. This solution provides the following features for the registered application:
- Show health status
- Show details like
- JVM & memory metrics
- micrometer.io metrics
- Datasource metrics
- Cache metrics
- Show build-info number
- Follow and download logfile
- View JVM system & environment properties
- View Spring Boot Configuration Properties
- Support for Spring Cloud’s postable /env- &/refresh-endpoint
- Easy log level management
- Interact with JMX-beans
- View thread dump
- View http-traces
- View audit events
- View http-endpoints
- View scheduled tasks
- View and delete active sessions (using spring-session)
- View Flyway/Liquibase database migrations
- Download heap dump
- Notification on status change (via e-mail, Slack, Hipchat, …)
- Event journal of status changes (non-persistent)
Set Up Server and Client Configuration
Server Setup
- Add Spring Boot Admin Server starter to your dependencies:pom.xml
<dependencies> <dependency> <groupId>de.codecentric</groupId> <artifactId>spring-boot-admin-starter-server</artifactId> <version>1.5.7</version> </dependency> </dependencies> - Pull in the Spring Boot Admin Server configuration via adding
@EnableAdminServerto your configuration:@Configuration @EnableAutoConfiguration @EnableAdminServer public class SpringBootAdminApplication { public static void main(String[] args) { SpringApplication.run(SpringBootAdminApplication.class, args); } }
Application Properties
spring.application.name=Boot-Admin
server.port=8080
security.user.name=admin
security.user.password=adminLogin Page is authenticated with username and password as admin
Client Setup
- Add spring-boot-admin-starter-client to your dependencies:pom.xml
<dependency> <groupId>de.codecentric</groupId> <artifactId>spring-boot-admin-starter-client</artifactId> <version>1.5.7</version> </dependency> - Enable the SBA Client by configuring the URL of the Spring Boot Admin Server:application.yml
spring.boot.admin.url: http://localhost:8080 management.security.enabled: false
Application Properties
We can monitor the memory metrics of the containers and can modify the performance based on the metrics.
server.port=8082
management.context-path=/mgmt
spring.boot.admin.url=http://localhost:8093
spring.application.name=resource-server
security.user.name=admin
security.user.password=admin
logging.level.org.springframework.security: DEBUG
security.basic.enabled=false
management.security.enabled=true
zuul.sensitive-headers=
spring.boot.admin.client.metadata.user.name = admin
spring.boot.admin.client.metadata.user.password = admin
We can change the log levels of the deployed instances in the runtime without the need to restart the containers.
We can add the security on the management endpoints by implementing Basic, OAuth2 or Session Authentication.
The above properties depict the way of securing management with Basic Authentication.
Source Code:
References:
Opinions expressed by DZone contributors are their own.
Comments