Docs: Add LDAP UAA Example

This commit is contained in:
David Turanski
2019-03-06 14:17:50 -05:00
committed by Gunnar Hillert
parent 70ca0050df
commit d83deb54a8
6 changed files with 21 additions and 13 deletions

View File

@@ -1,4 +1,4 @@
= LDAP Security and UAA Example
=== LDAP Security and UAA Example
This example provides an example on running
Spring Cloud Data Flow with a https://github.com/cloudfoundry/uaa[CloudFoundry User Account and Authentication (UAA) Server] (UAA) backed by _Lightweight Directory Access Protocol_ (LDAP) security.
@@ -26,7 +26,7 @@ In order to get everything running we need to setup the following server instanc
* Spring Cloud Skipper (secured by UAA, port `7577`)
* Spring Cloud Data Flow (secured by UAA, port `9393`)
== Requirements
==== Requirements
Please ensure you have the following 3 items installed:
@@ -34,7 +34,7 @@ Please ensure you have the following 3 items installed:
* https://git-scm.com/[Git]
* https://github.com/cloudfoundry/cf-uaac[CloudFoundry UAA Command Line Client] (UAAC)
== Build + Start LDAP Server
==== Build + Start LDAP Server
[source,bash]
----
@@ -44,7 +44,7 @@ $ ./mvnw clean package
$ java -jar target/ldapserver-uaa-1.0.0.BUILD-SNAPSHOT.jar
----
== Download + Start UAA Server
==== Download + Start UAA Server
Since by default the UAA Server is available as a war file only, we will
use a custom Spring Boot based version that wraps the UAA war file but makes
@@ -59,7 +59,7 @@ $ ./mvnw clean package
$ java -jar target/uaa-bundled-1.0.0.BUILD-SNAPSHOT.jar
----
== Prepare UAA Server
==== Prepare UAA Server
Simply execute the BASH script `./setup-uaa.sh`. It will execute the following
commands:
@@ -95,7 +95,7 @@ uaac client add skipper \
--secret skipper \
----
== Quick Test Using Curl
==== Quick Test Using Curl
[source,bash]
----
@@ -135,7 +135,7 @@ This should yield output similar to the following:
{"access_token":"eyJhbGciOiJSUzI1NiIsImprdSI6Imh0dHBzOi8vbG9jYWxob3N0OjgwODAvdWFhL3Rva2VuX2tleXMiLCJraWQiOiJrZXktaWQtMSIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI2MjQxMTIwNDc1YTA0NzZmYjhmMmQwZWJmOGZhNmJmZSIsInN1YiI6IjMyMTMzMmExLTZmZjAtNGQ1Yy1hYjMzLTE3YzIzYjk4MzcxNSIsInNjb3BlIjpbImRhdGFmbG93LnZpZXciLCJzY2ltLnVzZXJpZHMiLCJvcGVuaWQiLCJjbG91ZF9jb250cm9sbGVyLnJlYWQiLCJwYXNzd29yZC53cml0ZSIsImRhdGFmbG93Lm1hbmFnZSIsImNsb3VkX2NvbnRyb2xsZXIud3JpdGUiLCJkYXRhZmxvdy5jcmVhdGUiXSwiY2xpZW50X2lkIjoiZGF0YWZsb3ciLCJjaWQiOiJkYXRhZmxvdyIsImF6cCI6ImRhdGFmbG93IiwiZ3JhbnRfdHlwZSI6InBhc3N3b3JkIiwidXNlcl9pZCI6IjMyMTMzMmExLTZmZjAtNGQ1Yy1hYjMzLTE3YzIzYjk4MzcxNSIsIm9yaWdpbiI6ImxkYXAiLCJ1c2VyX25hbWUiOiJtYXJsZW5lIiwiZW1haWwiOiJtYXJsZW5lQHVzZXIuZnJvbS5sZGFwLmNmIiwiYXV0aF90aW1lIjoxNTQ1MzM2NTY3LCJyZXZfc2lnIjoiZjg3NjU2MTUiLCJpYXQiOjE1NDUzMzY1NjcsImV4cCI6MTU0NTM0MDE2NywiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL3VhYS9vYXV0aC90b2tlbiIsInppZCI6InVhYSIsImF1ZCI6WyJzY2ltIiwiY2xvdWRfY29udHJvbGxlciIsInBhc3N3b3JkIiwiZGF0YWZsb3ciLCJvcGVuaWQiXX0.OrV_UzlfGtv5ME6jgp0Xg_DKptUXyCalV7yNlUL0PxYonECJsfej1yzG3twIBuNJ8LGvNAkUIhIokdbBsRx1bVnn-tudaRxahihZDgbrOBOeTsG6MOOK8DrwyNqI9QksuPseh2IaQ8Q0RaPkwLTa_tmNJvZYpYmVaGSImhNsSvYnmVuxFXLALy0XhkLMhSf_ViTbA9-uyYw8n7u9Gsb46_pU3uGKUh-mSA4dETZvXqjFIalV07BBFJj0NhQ7jQPn3URRkKBULQVga1GWBuQkw18jwOF8Q6PA1ENmOOO6PJfqGJUXV0sCWDUC0TQhYSxLbpDodQOwAHVoqJ2M0lD78g","token_type":"bearer","id_token":"eyJhbGciOiJSUzI1NiIsImprdSI6Imh0dHBzOi8vbG9jYWxob3N0OjgwODAvdWFhL3Rva2VuX2tleXMiLCJraWQiOiJrZXktaWQtMSIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIzMjEzMzJhMS02ZmYwLTRkNWMtYWIzMy0xN2MyM2I5ODM3MTUiLCJhdWQiOlsiZGF0YWZsb3ciXSwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL3VhYS9vYXV0aC90b2tlbiIsImV4cCI6MTU0NTM0MDE2NywiaWF0IjoxNTQ1MzM2NTY3LCJhbXIiOlsiZXh0IiwicHdkIl0sImF6cCI6ImRhdGFmbG93Iiwic2NvcGUiOlsib3BlbmlkIl0sImVtYWlsIjoibWFybGVuZUB1c2VyLmZyb20ubGRhcC5jZiIsInppZCI6InVhYSIsIm9yaWdpbiI6ImxkYXAiLCJqdGkiOiI2MjQxMTIwNDc1YTA0NzZmYjhmMmQwZWJmOGZhNmJmZSIsInByZXZpb3VzX2xvZ29uX3RpbWUiOjE1NDUzMzQyMTY1MzYsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwiY2xpZW50X2lkIjoiZGF0YWZsb3ciLCJjaWQiOiJkYXRhZmxvdyIsImdyYW50X3R5cGUiOiJwYXNzd29yZCIsInVzZXJfbmFtZSI6Im1hcmxlbmUiLCJyZXZfc2lnIjoiZjg3NjU2MTUiLCJ1c2VyX2lkIjoiMzIxMzMyYTEtNmZmMC00ZDVjLWFiMzMtMTdjMjNiOTgzNzE1IiwiYXV0aF90aW1lIjoxNTQ1MzM2NTY3fQ.JOa9oNiMKIu-bE0C9su2Kaw-Mbl8Pr6r-ALFfMIvFS_iaI9c5_OIrE-wNAFjtPhGvQkVoLL2d_fSdgtv5GyjWIJ0pCjZb-VJdX2AGauNynnumsR7ct6F6nI9CGrTtCS2Khe6Tp54Nu1wxumk09jd42CaPXA1S2pmUcudQBZEa8AELpESjnjnwOYEbPiKba03cnacGJvqPtbMl3jfWGRMmGqxQEM0A-5CKCqQpMzhkAeokUkPnirVOuNsQHQXNERy1gygO7fji9nReRaOiaFKNYL9aS-hKjY_i3uuAawvY_qpe5qRZ3-xCEesi-TqOItqy2I3BBREDp99t9cfAr2UXQ","expires_in":3599,"scope":"dataflow.view scim.userids openid cloud_controller.read password.write dataflow.manage cloud_controller.write dataflow.create","jti":"6241120475a0476fb8f2d0ebf8fa6bfe"}
----
== Download + Start Spring Cloud Skipper
==== Download + Start Spring Cloud Skipper
[source,bash]
----
@@ -144,7 +144,7 @@ $ java -jar spring-cloud-skipper-server-2.0.0.BUILD-SNAPSHOT.jar \
--spring.config.additional-location=/path/to/ldap-uaa-example/skipper.yml
----
== Download + Start Spring Cloud Data Flow
==== Download + Start Spring Cloud Data Flow
[source,bash]
----
@@ -153,7 +153,7 @@ $ wget https://repo.spring.io/milestone/org/springframework/cloud/spring-cloud-d
$ java -jar spring-cloud-dataflow-server-local-2.0.0.BUILD-SNAPSHOT.jar --spring.config.additional-location=/path/to/ldap-uaa-example/dataflow.yml
----
== Helper Utility
==== Helper Utility
In case you want to experiment with LDAP users and make changes to them, be aware
that users are cached in UAA. In that case you can use the following helper BASH script
@@ -164,7 +164,7 @@ that will reload the user and display the UAA data as well:
$ ./reload-user.sh <username> <password>
----
== Configure and run a Composed Task
==== Configure and run a Composed Task
First start the Spring Cloud Data Flow Shell:
@@ -204,7 +204,7 @@ dataflow:> task launch my-composed-task --arguments "--dataflow-server-username=
This should execute the composed task successfully and yield task executions that look
similar to the following:
[source,bash]
[source,console,options=nowrap]
----
dataflow:>task execution list
╔════════════════════════════════╤══╤════════════════════════════╤════════════════════════════╤═════════╗
@@ -220,5 +220,5 @@ dataflow:>
Using the Dashboard, you should see task execution similar to these:
image::images/composed-task-success.png[Dashboard successful task executions]
image::composed-task-success.png[Dashboard successful task executions]

View File

Before

Width:  |  Height:  |  Size: 78 KiB

After

Width:  |  Height:  |  Size: 78 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 78 KiB

View File

@@ -1,5 +1,5 @@
= Spring Cloud Data Flow Samples
Sabby Anandan; David Turanski; Glenn Renfro; Eric Bottard; Mark Pollack; Chris Schaefer; Christian Tzolov
Sabby Anandan; David Turanski; Glenn Renfro; Eric Bottard; Mark Pollack; Chris Schaefer; Christian Tzolov; Gunnar Hillert
:doctype: book
:toc:
:toclevels: 4

View File

@@ -50,3 +50,7 @@ It supports downsampling, automatically expiring and deleting unwanted data, as
include::micrometer/influx/main.adoc[]
include::micrometer/prometheus/main.adoc[]
== Security
include::security/main.adoc[]

View File

@@ -0,0 +1,4 @@
:sectnums:
:docs_dir: ..
include::{docs_dir}/../../../security-ldap-uaa-example/README.adoc[]