0

I have three services running SpringBoot + Keycloak securtiy as a bearer client each. (Not realy microservices, but it should be one later on)

Now I want service-1 call service-2 with a REST call. But the services REST calls are secured with e.g: service1: .antMatchers("/service1/**").hasRole("chief") service2: .antMatchers("/service2/**").hasRole("chief") service3: .antMatchers("/service3/**").hasRole("chief") ...and so on.

On call GET "/service2/data" from service-1 I get a 401 return code of course.

What do I need to setup to get this running correctly?

Can I set up that all bearer-client are allowed to call each other? Or should I setup a login for the services? or just add roles to the clients?

mkrieger1
  • 19,194
  • 5
  • 54
  • 65
Gregor Sklorz
  • 1,645
  • 2
  • 19
  • 27
  • It depends on the kind of call. Would the end user have permission to make that kind of transitive call? If yes, then just use `KeycloakRestTemplate`. Otherwise, you'll need to setup a service account in order to service-1 to be able to reach some feature of service-2, logging in with `client_credentials`. Read this: https://stackoverflow.com/a/41781426/1199132 – Aritz Jun 01 '18 at 20:12
  • Thanks, good hint. Indeed the original user-call should not have that that permissions directly. But the services between each other. – Gregor Sklorz Jun 06 '18 at 13:32

0 Answers0