Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Spring Boot Admin Client Configuration Using Basic HTTP Authentication

DZone's Guide to

Spring Boot Admin Client Configuration Using Basic HTTP Authentication

Learn how to use Spring Boot Admin to set up HTTP authentication for microservices.

· Microservices Zone ·
Free Resource

Containerized Microservices require new monitoring. Read the eBook that explores why a new APM approach is needed to even see containerized applications.

Spring Boot Admin Application can be used to manage and monitor our applications.

Client applications register with our Spring Boot Admin Client (via HTTP) or are discovered using Spring Cloud (e.g. Eureka, Consul). The UI is just an AngularJS application on top of the Spring Boot Actuator endpoints.

Multiple boot applications, all registering to same boot admin server, have secured management endpoints with different authentication credentials (a different username/password for each application).

The boot admin UI pops up the window to enter the credentials for each application. This way, we can pass the authentication credentials from the client so that the admin server automatically reads it and connects to secure endpoints.

The solution below helps to take care of the problem above:

Image title

We can monitor the metrics of each of the deployed instances of the microservices. This solution provides the following features for the registered application:

  • Show health status
  • Show details like
    • JVM & memory metrics
    • micrometer.io metrics
    • Datasource metrics
    • Cache metrics
  • Show build-info number
  • Follow and download logfile
  • View JVM system & environment properties
  • View Spring Boot Configuration Properties
  • Support for Spring Cloud’s postable /env- &/refresh-endpoint
  • Easy log level management
  • Interact with JMX-beans
  • View thread dump
  • View http-traces
  • View audit events
  • View http-endpoints
  • View scheduled tasks
  • View and delete active sessions (using spring-session)
  • View Flyway/Liquibase database migrations
  • Download heap dump
  • Notification on status change (via e-mail, Slack, Hipchat, …)
  • Event journal of status changes (non-persistent)

Set Up Server and Client Configuration

Server Setup

  1. Add Spring Boot Admin Server starter to your dependencies:pom.xml
    <dependencies>
        <dependency>
            <groupId>de.codecentric</groupId>
            <artifactId>spring-boot-admin-starter-server</artifactId>
            <version>1.5.7</version>
        </dependency>
    </dependencies>
  2. Pull in the Spring Boot Admin Server configuration via adding @EnableAdminServer to your configuration:
    @Configuration
    @EnableAutoConfiguration
    @EnableAdminServer
    public class SpringBootAdminApplication {
        public static void main(String[] args) {
            SpringApplication.run(SpringBootAdminApplication.class, args);
        }
    }

Application Properties

spring.application.name=Boot-Admin
server.port=8080
security.user.name=admin
security.user.password=admin


Login Page is authenticated with username and password as admin

Client Setup

  1. Add spring-boot-admin-starter-client to your dependencies:pom.xml
    <dependency>
        <groupId>de.codecentric</groupId>
        <artifactId>spring-boot-admin-starter-client</artifactId>
        <version>1.5.7</version>
    </dependency>
  2. Enable the SBA Client by configuring the URL of the Spring Boot Admin Server:application.yml
    spring.boot.admin.url: http://localhost:8080 
    management.security.enabled: false 

Application Properties

We can monitor the memory metrics of the containers and can modify the performance based on the metrics.

server.port=8082
management.context-path=/mgmt
spring.boot.admin.url=http://localhost:8093
spring.application.name=resource-server

security.user.name=admin
security.user.password=admin
logging.level.org.springframework.security: DEBUG

security.basic.enabled=false
management.security.enabled=true

zuul.sensitive-headers=

spring.boot.admin.client.metadata.user.name = admin
spring.boot.admin.client.metadata.user.password = admin


Image title

Image title

We can change the log levels of the deployed instances in the runtime without the need to restart the containers.

We can add the security on the management endpoints by implementing Basic, oAuth2 or Session Authentication.

The above properties depict the way of securing management with Basic Authentication.

Source Code:

References:

Discover how to automatically manage containers and microservices with better control and performance using Instana APM. Try it for yourself today.

Topics:
tutorial ,spring boot ,microservices ,authentication ,spring security ,microservice security

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}