This project implements microservices for the API backend using Authentication & Authorization security. With each service having its own database for microservices. PostgresSQL database used in this project and uses Spring Boot Maven.
You can install this Spring Boot Applications locally or on a server/cloud. Installation via the cloud such as: AWS, Azure, Google Cloud, and etc. You can visit the steps from this link Deploying Spring Boot Applications on Cloud. For this installation, I only did a local installation and on an Ubuntu server/VM.
-
On local (Windows):
- Install Java JDK 17
- Install PostgreSQL
- Install IDE Intellij
-
On Ubuntu Server/VM:
-
$ sudo su $ apt update $ apt install git $ apt install maven $ apt install openjdk-17-jdk $ apt install postgresql postgresql-contrib
- To ensure the "JAVA_HOME" environment variable on the ubuntu server operating system can find and use the right Java JDK version. You can run the command below:
$ export JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64
-
-
On local (Windows):
- Set the username and password corresponding to PostgreSQL/pgAdmin as well as the port and database name file
application.propertiesin each project service.spring.datasource.url= jdbc:postgresql://localhost:5432/auth-service spring.datasource.username= auth spring.datasource.password= veduser #spring.datasource.url= jdbc:postgresql://localhost:5432/auth-service # Default of the PostgreSQL database is postgres (Ex: jdbc:postgresql://localhost:5432/postgres) #spring.datasource.username= <Your Username PostgteSQL> #spring.datasource.password= <Your Password PostgteSQL>
- To create a database you can do "Right Click" > "Create" > "Database" in the PgAdmin 4 (PostgreSQL) application on Windows.
- Especially for
auth-servicedatabase in the roles table in PgAdmin4 (PostgreSQL). Add the following SQL query for the authorization function to run according to the role you want in the/model/ERole.javafile :INSERT INTO roles(name) VALUES('ROLE_USER'); INSERT INTO roles(name) VALUES('ROLE_ADMIN');
- Then, run each services in the Intelij IDE. Make sure you run Eureka Server with the default port 8761
localhost:8761and also make sure that all services are connected via the eureka server display.
- Set the username and password corresponding to PostgreSQL/pgAdmin as well as the port and database name file
-
On Ubuntu Server:
-
Running Spring Boot Applications can use
systemdon ubuntu server. Systemd is the successor of the System V init system and is now being used by many modern Linux distributions. Before making each service havesystemd, first set up the PostgreSQL database for each service on ubuntu server. -
Make sure you have installed PostgreSQL at the installation stage, now you can run command below :
$ sudo -u postgres psql
If the above command doesn't work, it's usually the case with recent versions of
Ubuntu-Server-22.04.2and above. To fix it you can run the following command, to see if the cluster on PostgreSQL is running or not : (Optional)$ sudo pg_ctlcluster
Or you can run the command directly cluster on PostgreSQL : (Optional)
$ sudo pg_ctlcluster 14 main start
Adjust the command above with your PostgreSQL version
psql --versionand run the command again. -
If you are already in PostgreSQL from the command :
$ sudo -u postgres psql
-
Run the command below, according to the username and password on
application.propertiesfile :# Create username and password CREATE USER auth WITH PASSWORD 'veduser'; # Create database CREATE DATABASE "auth-service"; # Give access permissions to users on the database GRANT ALL PRIVILEGES ON DATABASE "auth-service" TO auth;
-
Especially for
auth-servicedatabase in the roles table in PostgreSQLpsql. Run the command below to go to theauth-servicedatabase onpsql:\c auth-service -
To check you are already in the auth-service database. Run the command below :
SELECT * FROM roles;
-
If the roles table is empty, Add the following SQL query for the authorization function to run according to the role you want in the
/model/ERole.javafile :INSERT INTO roles(name) VALUES('ROLE_USER');
INSERT INTO roles(name) VALUES('ROLE_ADMIN');
-
Then, clone repository and go to the folder service. Example
auth-service:$ sudo su git clone https://github.com/d4v-id/Microservices_JWT_Authentication_Authorization_Spring_Boot_3.git $ cd Microservices_JWT_Authentication_Authorization_Spring_Boot_3 $ cd auth-service
-
Make sure there is a
POM.xmlin the folder uselsto check and run the following command to build package the maven project so it can be used later onsystemd:$ sudo su $ mvn clean package
[NOTE] Make sure the "BUILD SUCCESS", if not try to check again on the
application.propertiesfile and the PostgreSQLpsqldatabase has the correct naming including. -
Go to target folder. Every time you build a maven project, the build results will be in the target folder service with the name
SNAPSHOTwith the.jarextension :$ cd target -
Check that SNAPSHOT.jar is already in the target folder with the
lscommand (Example:demo-0.0.1-SNAPSHOT.jar) . Then, give permission to the file so that it can be executed and run. By running the command below :$ sudo su $ chmod +x demo-0.0.1-SNAPSHOT.jar $ chown -R ubuntuusername:ubuntuusername /home/ubuntuusername/auth-service $ chmod -R 755 /home/ubuntuusername/auth-service
-
Now, make
systemdfrom the maven build that has been made so that it can run on the Ubuntu Server. Go to path/etc/systemd/system:$ cd /etc/systemd/system $ nano auth.service[Unit] Description=Auth Spring Boot Application After=syslog.target [Service] User=root WorkingDirectory=/home/ubuntuusername/auth-service/target/ ExecStart=/usr/bin/java -jar /home/ubuntuusername/auth-service/target/demo-0.0.1-SNAPSHOT.jar SuccessExitStatus=143 [Install] WantedBy=multi-user.target
Adjust the directory in the [Service] section in
WorkingDirectoryandExecStartwith the service Spring Boot Application project path. You can check which directory is in the target folder with thepwdcommand, then set it back onnano auth.servicefile. -
The last step, To run the
systemdthat has been created, run the command below :$ sudo su $ systemctl daemon-reload $ systemctl restart auth.service $ systemctl status auth.service
Wait a few seconds to make sure the service is running and run it again
systemctl status auth.service.[NOTE] If status is inactive and still failed when running
systemctl status auth.service. Try change the[Service]section inUserroot with ubuntu username in nanoauth.serviceIMPORTANT] Do the same from the steps above for each service including the
eureka-server. For example, in the case of each ubuntu server, it can only have 2 services with different ports and eureka-server can stand alone in one ubuntu-server . -
Final step, give access to each firewall port so that it can be accessed from an external system with command
ufw allow <port>:$ sudo su $ ufw allow 8761 $ ufw allow 8099 $ etc...
-
http://<YOUR-IP-UBUNTU-SERVER>:<YOUR-PORT>. Example http://192.168.67.101:8761
If you do it in VirtualMachine (VirtualBox) with NAT network type you can set the port to be accessible externally by following the steps below:
- Go to "Settings" on your VM.
- Click "Advanced" and then "Port Forwarding".
- Add rules with "Add Port Forwarding Rules" on right section, then set
Host PortandGuest Portwith port for each service in the Spring Boot Applications. - Save with, OK
You can also test the API using Postman / Testmace.
Email me: d4vbusiness@gmail.com