Eureka Server with Http basic security in spring microservice

Home / Eureka Server with Http basic security in spring microservice

As we know we use Eureka server to monitor the status of our microservices. Eureka server provides a dashboard on which we can see every microservice status and other details like port no on which microservice running and how many instance of microservice are running. But if you see we can easily see dashbord by hitting the URL of Eureak and it is open to all if anybody get your Eureka server URL, they will see all the details about your project.

So to protect our Eureka server we have to define some sort of security so only authorized person can see the server details. In this post we will see how to use HTTP basic security in Eureka Server. so to do this we have to follow below steps:

  1. Add required dependency in your pom.xml file of Eureka Server.
  2. Allow basic security property in your application.properties file with username and password.
  3. Enable security using @EnableWebSecurity annotation in your main class.
  4. Define a configuration class that extends WebSecurityConfigurerAdapter class and overrides configure methos.

Follow below steps:

  1. Add required dependency in your pom.xml file of Eureka Server.
<dependency>
 <groupId>org.springframework.boot</groupId>
 <artifactId>spring-boot-starter-security</artifactId>
</dependency>

<dependency>
 <groupId>org.springframework.cloud</groupId>
 <artifactId>spring-cloud-starter-netflix-eureka-server</artifactId>
</dependency>

2- Allow basic security in your application.properties file.

spring.security.basic.enabled=true
spring.security.user.name=vasu
spring.security.user.password=rajput


spring.application.name=netflix-eureka-server
server.port=8761
eureka.client.register-with-eureka=false
eureka.client.fetch-registry=false



3- Enable security using @EnableWebSecurity annotation in your main class.

package com.example.demo;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.netflix.eureka.server.EnableEurekaServer;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;

@EnableEurekaServer
@EnableWebSecurity
@SpringBootApplication
public class SecureEurekaServerApplication {

	public static void main(String[] args) {
		SpringApplication.run(SecureEurekaServerApplication.class, args);
	}

}

4- Define a configuration class that extends WebSecurityConfigurerAdapter class and overrides configure methos.

package com.example.demo;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

	@Override
	protected void configure(HttpSecurity http) throws Exception {
		http.csrf().disable().authorizeRequests().anyRequest().authenticated().and().httpBasic();
	}

}

Now Run your application and Hit the Eurka Server URL you will get a popup, Now enter username and password if credentials are valid you will be login otherwise you are not able to login on Eureka server.

Now we have to register our Eureka Client to Eureka server. We know how to connect Eureka client with Eureka Server we use

eureka.client.service-url.default-zone=http://localhost:8761/eureka

in application.properties file of our Eureka client. Now if you use the same configuration you will get error that no server found to connect with so you have to change the above property as

eureka.client.serviceUrl.defaultZone=http://vasu:rajput@localhost:8761/eureka

Now your Eureka client application.properties file look like below

spring.application.name=secureEurekaClient
server.port=9091
eureka.client.serviceUrl.defaultZone=http://vasu:rajput@localhost:8761/eureka



In the above URL http://vasu:rajput@localhost:8761/eureka vasu is username and rajput is password.

Now run your Eureka client and it will successfully register to Eureka Server.

Complete Code on GitHub : Eureka Server Security

Help Others, Please Share

About Author

Leave a Reply

Your email address will not be published. Required fields are marked *

x