I feel like your explanations are even better than people who have english as their first language lol. You really do have a gift for this!

This is the best channel about Spring and stuffs of all KZread. Thank you Java Techie.

Best course available in youtube. Thankfully it is free. Keep up the good work

I love you. Finally the architecture I'm looking for. A lot of tutorial are covering authentication for only one microservice and you are probably the only one that approaches the problem keeping in mind the whole microservice architecture.

@Javatechie

Жыл бұрын

Thank you so much Lukasz for appreciating my work 🥰🥰

@hkkabir2024

7 ай бұрын

you worth millions of like

Much waited ❤ Thank you sir for your wonderful teaching and the knowledge your sharing .

bro you helped me a lot, thank you very much and greetings from Argentina

THIS IS THE VIDEO I WAS LOOKING FOR, THANKS SO MUCH FROM COLOMBIA

Best video you can find for JWT auth ❤

Thank you so much for clear explain no one will explain like you.

Nobody explains like you do..Thank you very much for the video.

Fantastic video and an outstanding explanation ❤‍🔥. Thank you so much!!!

Thank you for such an awesome lecture. We many of us benefit from such work. Continue teaching brother

Searching every where finally got it thanks sir 😀

Excellent Work....Thank you

I had been waiting for this topic for long time. Finally wait is over.

This is what, I was waiting for ,Very Helpful for me

Grateful for such a wonderful insight on Microservices security. It will definitely help me to improve skills in my projects. Thankyou so much for the efforts. I'm learning a lot from your channel. Awaiting for more interesting videos.

@Javatechie

Жыл бұрын

Thanks buddy keep learning 😃

Actually without your tutorial I couldn't learn easily new things implementation in spring app... You are Guru. Thanks lot.

@Javatechie

Жыл бұрын

Thank you Siva . Keep learning 😃

it's awsome,, I was trying to solve this kind of problem and this tutorial helps me a lot. Thank You so much for the video tutorial.

Thanks Sir , Good explanation, your course was clear and understandable.

Excellent Explanation. this is the Video i was looking for. thanks

You are super talented man.clear explanation .Thank you

Great Video sir, completely Awesome...Add the role based security through api gateway.

Thanks!! Helpful for basic understanding.

I've been waiting this long, thanks java techie greetings from peru😎

Wonderful. Thank you very much for sharing

Hey Basant Anna, this is awesome 👌thanks for such a smooth flow..its really a very complex topic & nightmare for interview candidates.

No words Mind Blowing

Good explanation, your course was clear and understandable.

Thanks so much Basant. Appreciate your efforts. I am learning lot from your videos. Waiting for more videos.

thanks for giving us this much excellent content and awesome video

Nice video we learn couple of thing related to microservices and spring security ❤❤❤

Hi Basant sir, Jwt in microservices explanation is so good. Thank you so much...

Thanks a lot. I am looking for security in Microservices architecture. It is one of the best way, you have explained.

@Javatechie

11 ай бұрын

Glad to hear that😊

Thanks for sharing the knowledge ❤

This is Gold Boss... Thanks a ton for this video.. I lost most of my interview only because of not answering how to security is implemented in micro services question.... Appreciate your efforts.

@Javatechie

Жыл бұрын

Thank you buddy 🙂

Awesome explanation !!! Really i feel that you are one of the most amazing solution architect !!!

@Javatechie

10 ай бұрын

Thank you for appreciating buddy. I am just a senior software Engineer not an architect 🤪🤪

well explained concepts, thank you

Thank you for this tutorial... Kudos

Thank you for this wonderful video❤️❤️

Loved your explaination ❤❤❤❤

superb clear video

Awesome video Bhai.. much needed.. thanks a lot for the content shared. 🎉

Waited last couple of month to get solution which you explain about validate and filter the request form spring cloud getway. ##you make my weekend Basant Sir. Thank you Sir

@Javatechie

Жыл бұрын

Thanks buddy 😊. Keep learning 👍

Just what I needed. 👍

The best explanation

Thank you, Basant Bhai...

Looks really simple, just as I used to implement the JWT service in a monolithic way, but porting everything to a new independent webservice to validate JWT to access any endpoint without compromising the other webservices.

You're a life saver!

👍 very nice 🙂

Great job

Thank you for the great video. What do you think of integrating Datadog into your spring boot applications so that there is a centralized location to view everything related to your applications

love you bro you are helping so much

This Video is really helpful, Pls. Can you cover Role base authentication and Authorization on the individual microservices?

Thank you again.

This was Awesome!

Nice detailed video..

Awesome videos. Hats off to you in explaining it in a very simple and easy manner. One question. May I know if we have a requirement to secure our swiggy and restaurant service endpoint and grant access based on role, then how we can achieve this requirement .

very helpful thankyou

Thank you bro 🎉

Thank you very much for providing such a detailed explanation. Your video is undoubtedly superior to paid courses that tend to overcomplicate things and stretch on for more than 8 hours. I have a question: If I were to call Swiggy or a restaurant service directly, bypassing the gateway or discovery service, how would I handle authentication?

Thanks a lot 🙏

Thanks for the tutorial. I was waiting for this. How to handle token expired case.

Thank you so much. Can you do a video share how to config authorization with JWT in microservices ?

Thaaaaaaaaaaaaanks man! nice video

Really helpful. But I have couple of questions. You generated auth token in the same module where you register user and authenticate user. Is it a good practice? If I have 50 module that is registered with the api gateway, where should I generate refresh token? What is the best practice and what is best architecture ?

Wow Very Nicely Explained In Easy To Understand Manner. 1 Request can you please show how to implement role based authentication with Spring API Gateway ?

@Javatechie

Жыл бұрын

Yes buddy it's in queue i will upload soon

thanks a lot

Wooooow.... i seached a lot for this kind of scenario but i did not find and in so many interviews i faced this question and got stucked. A million thanks basanth.... it helps us a looooot......👏👏👏🤝🤝🤝🙏🙏🙏 Thanks you so much Next Please do videos on TESTING(mockito) microservices end to end and GLOBAL EXCEPTIONAL HANDLING (please think about it)

@Javatechie

Жыл бұрын

I will share the link with what you mentioned which i already uploaded. Even if you can search in the channel it's already there buddy

@Javatechie

Жыл бұрын

Exception handling : kzread.info/dash/bejne/mYSixo-hqrDFZqQ.html

@Javatechie

Жыл бұрын

Mockito testing: kzread.info/dash/bejne/epxlmax9oNaxocY.html

Thanks for sharing ❤ But how can we authenticate based on role. Here we can access the whole microservice but how can we access some end points of one microservice and other endpoint for another role.

Hi sir , great video . I have one question why we cant use simply OncePerRequestFilter here ? AbstractGatewayFilterFactory forcing many things like some un-necessary Config class , adding WebFlux depenecny even though we not even using any Webflux features .

Very good coverage ! I find the RouteValidator to be superficial. Why not using annotations on endpoints ?

A theoretical/conceptual question: Can we call this security API layer (identity-service) as an internal OAauth server? Since all authentication and authorization features have been delegated to this api for a client to be able to access a "resource server", it looks like a OAuth to me.

Hello Basant sir, just one question : we are providing token based only on user name if it exsits in db , is it good like generally we should provide on credentials match?

Thanks a lot. Jai jagarnath

Nice work man, please implement the swegger this application which is used for api documentation, thanks in advance

Thanks !!

Loved the explanations!! But, how can i do a role based authentication, like admin and user for example? I've faced with this question and got stucked. I wonder if you can help me.

Your explanation is amazing. Learned lot of concepts with this practical example. I have a request hope you would look into it. I need to integrate same service and gateway with AWS cognito as auth service. Possible to do one video on this. ?

@Javatechie

Жыл бұрын

Yes I will try that

Tq bro. I have one question . in statefull we save session in server side and same thing in stateless we are storing token what is the diff?

You are such a wonderful guy to share this useful information. Big thank you . When we have feature flag in external file and if you go toggle console and update it , will it change the flag in external file ? Also is there a way I can have some string values instead of Boolean value ?

@Javatechie

Жыл бұрын

Thanks buddy 🙂. No toggle switch won't update in file also i don't think we can set any string value for flag

HI, You created separate service for authentication purpose. what's the practice follow in real world? .I think API gateway will used for authentication right or what ?

Thanks for your informative vidoe, but I one quesiton if some know swiggy-service or restaurant-service end point then he/she can by pass the api-getway and directly call respective service, so how I can ensure that swiggy or restaurant service only accept request from api gateway

Thank you Basant ❤, this is like rock I really appreciate your time and efforts. Could you please also make a video for swagger in microservices services?

@Javatechie

Жыл бұрын

Swagger i have already implemented please check in my microservice playlist

@tararamgoyal2220

Жыл бұрын

@@Javatechie Thanks

You have one of the best educational channels out there. I would love to give you a constructive opinion: It would be great if you could change your microphone into something clearer, like what the java brain and Navin have. Trust me, it makes a huge difference.

@Javatechie

Жыл бұрын

Thanks Filz , i noted it and going forward i will come with better audio quality. Need to look into rode configuration

@archanasingh3060

Жыл бұрын

​@@Javatechie 🎉d o 😢😢😢😮😊😂😅😅😅😅😮😮😮😮😮😅😮fq😢😢😢😮😮😮😮😮😮😮😮😮😮😮😮😮😮😮😮😮😮😮😮😮😮😮😮😮😮😮😮😮😮😮😮😮😮😮😮😮😮😮

@Javatechie

Жыл бұрын

Archana not getting you

@filz4461

Жыл бұрын

@@Javatechie I think, that's a bot.

@Javatechie

Жыл бұрын

Even not getting you buddy. What do you mean by bot

Sir, Thanks for the great content ... sir how can we do role based authentication ? if role is user then user can access respective url and so on . pls suggest.

Thanks so much, it is the Best tutorial ive seen. I have one question. Hoy can I get the current loged user and roles from the servíces to make autorizations

@Javatechie

Жыл бұрын

Please check the next video you will get logged in user info but regarding Authorization i am working on it

What if you want to add roles to the service routes? Do you need to setup that at the token level?

what if we will cal the restarount api without gateway. from for exemple 8081. What will happen then? will auth work if i try without gateway ?

When i am trying to access through post man with identity service routes via gateway its giving me like "An expected CSRF token cannot be found". I guess my request has not been forwarded from api gateway to auth service. Because its preventing me due to spring security impl in api gateway. When i try to access it from a browser it redirects me to login page. What is the issue ?

Hello.. you are using 9898 port to token which is not part of the api-gateway , right ? then why you added this auth/token in Validator in api-gateway.

Hi Basant, Thank you for sharing the knowledge and for the informative content. I have one doubt...can we implement spring cloud gateway in kubernetes cluster or in any cloud platform ? Is it ideal to use spring cloud gateway as gateway API or cloud provided API gateway?

@Javatechie

8 ай бұрын

Yes we can in AWS please check my AWS playlist already i have done this video

Hi sir! I am grateful for this tutorial. In this tutorial you have two client services, one gate way, one security service and you added security in Api Gate. I like the way you did it. But i need to move forward and add some Authorization. Suppose in swiggy service there are some end points what only admin can access and some end points normal user can access. How to apply this type of Authorization. Would you please make second part of this tutorial please? I am following this tutorial and trying to learn. I tried to implement the security directly in the API GATE-WAY service. But that was not easy because gate-way supports webflux not the web.

@ASHISHKUMAR-jh9kw

Ай бұрын

make use of method level authorization and roles

@Javatechie

Ай бұрын

Yes I am still not finding any solution for this approach. Will check and update you

@sadiulhakim7814

Ай бұрын

@@Javatechie Thanks

@sadiulhakim7814

Ай бұрын

@@Javatechie I saw others using OAuth2 to solve this problem. KeyCloak is one of them.

Hi sir, I am using os linux and jdk1.8 for company project. But i have to practice whatever i learn from ur videos, Can you plz make 1 video how can we use projectwise different java versions in same system in eclipse IDE?

Direct to the point, that's the kind of videos I like! But i have a question: Which is the difference between secure microservices with JWT and securing them using Api Key, as you show us in one of your previous videos?

@Javatechie

Жыл бұрын

Thanks buddy. In case of api key you need to manually map key with specific service where jwt will be generic no manual mapping required

@hectorcortez7866

Жыл бұрын

@@Javatechie so in terms of best approach JWT would be a posible solution

@Javatechie

Жыл бұрын

Yes that's what my understanding

1:11:00 The rest call from gateway to auth service is not working. It is throwing an error saying cannot call from java.lang.illegalstateexception: block()/blockfirst()/blocklast() are blocking, which is not supported in thread reactor-http-nio-1. Please let me know if someone can help in this

instead of completely using spring cloud stack we can make this more OSS (open source stack) like every micro service is containerised (dockerised) then use KONG as API gateway. this way we can make the configuration more simple and reduce tight coupling.

@mirarima8877

Жыл бұрын

Could you please explain more about how that works?

@user-pi6wv9jn8j

11 ай бұрын

can you please come with your hands on similar like this using KONG.

after implementing spring security to microservices it will only validate token when URL passed through the API Gateway, what if we try to hit the URL of the particular service, how to stop that?

Firstly Thank you for all your tutorials. I tried this api gateway implementation and getting "An expected CSRF token cannot be found" when calling authenticate or register apis through gateway. It works if I directly call authentication service. Could you please help with this.

instead of using custom auth service can we use Azure AD with gateway?- with the same logic?