samples.application-auth-keycloak.yaml Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of kafka-manager-ui Show documentation
Show all versions of kafka-manager-ui Show documentation
UI interface for managing Kafka
The newest version!
KEYCLOAK_BASE: https:///auth
KAFKA_MANAGER_BASE: https://localhost:8085/kafka-manager
KEYCLOAK_REALM:
KEYCLOAK_CLIENT_ID: keycloak-client-id
KEYCLOAK_CLIENT_SECRET: keycloak-client-secret
logging:
level:
com.epam.eco.kafkamanager: INFO
# root: debug
# com.epam.eco.kafkamanager.core: debug
# org.springframework.security.*: debug
server:
port: 8085
max-http-request-header-size: 10000
servlet:
context-path: /kafka-manager
tomcat:
remote-ip-header: x-forwarded-for
protocol-header: x-forwarded-proto
connection-timeout: 300000
forward-headers-strategy: framework
management:
metrics:
export:
prometheus: false
eco:
kafkamanager:
udmetrics:
enabled: true
calculationIntervalInMs: 60000
config.repo.kafka.bootstrapTimeoutInMs: 60000
core:
bootstrapServers:
schemaRegistryUrl:
transactionStoreBootstrapTimeoutInMs: 180000
transactionStoreBootstrapDataFreshness: ONE_HOUR
consumerStoreBootstrapTimeoutInMs: 180000
metadataStoreBootstrapTimeoutInMs: 180000
clientConfig[fetch.max.wait.ms]: 1500
clientConfig[fetch.min.bytes]: 20
clientConfig[max.poll.records]: 1000
clientConfig[security.protocol]: "SASL_SSL"
clientConfig[ssl.truststore.location]: "c:/ssl/truststore.jks"
clientConfig[ssl.truststore.password]: "password"
clientConfig[sasl.mechanism]: "GSSAPI"
clientConfig[sasl.kerberos.service.name]: "kafka"
clientConfig[sasl.jaas.config]: "com.sun.security.auth.module.Krb5LoginModule required \
useKeyTab=true \
principal='[email protected]' \
keyTab='c://ssl//km.keytab' \
storeKey=true;"
authz:
kafka:
enabled: false
zkClientConfig[zookeeper.clientCnxnSocket]: org.apache.zookeeper.ClientCnxnSocketNetty
zkClientConfig[zookeeper.client.secure]: true
zkClientConfig[zookeeper.ssl.client.enable]: true
zkClientConfig[zookeeper.ssl.trustStore.location]: "c:/ssl/truststore.jks"
zkClientConfig[zookeeper.ssl.trustStore.password]: "password"
ui:
showGridInTopicBrowser: true
topicBrowser:
useCache: false
cacheExpirationPeriodMin: 60
tombstoneGeneratorReplacements:
- headerName: operation_type
replacement: "delete"
- headerName: operation_time
replacement: T(java.time.LocalDateTime).now().toInstant(T(java.time.ZoneOffset).UTC).toEpochMilli()
- headerName: business_time
replacement: T(java.time.LocalDateTime).now().toInstant(T(java.time.ZoneOffset).UTC).toEpochMilli()
# externalTools:
# - name: External tool #1
# urlTemplate: https://integration.datahub.epam.com/external-tools/1/{topicname}
# icon: fa-external-link
# - name: External tool #2
# urlTemplate: https://integration.datahub.epam.com/external-tools/2/{topicname}
# icon: fa-external-link
KEYCLOAK_CLIENT_BASE_URL: ${KEYCLOAK_BASE}/realms/${KEYCLOAK_REALM}/protocol/openid-connect
KEYCLOAK_AUTH_URL: ${KEYCLOAK_CLIENT_BASE_URL}/auth
KEYCLOAK_ISSUER_URL: ${KEYCLOAK_BASE}/realms/${KEYCLOAK_REALM}
KEYCLOAK_REDIRECT_URI: http://localhost:8085/kafka-manager/login/oauth2/code/${KEYCLOAK_CLIENT_ID}
KEYCLOAK_LOGOUT_URL: ${KEYCLOAK_CLIENT_BASE_URL}/logout?redirect_uri=${KAFKA_MANAGER_BASE}/kafka-manager
## keycloak
spring:
main:
allow-bean-definition-overriding: true
allow-circular-references: true
mvc:
hiddenmethod:
filter.enabled: true
async:
request-timeout: 300000
pathmatch:
matching-strategy: ANT_PATH_MATCHER
security:
oauth2:
client:
registration:
eco-kafka-manager-ui:
provider: keycloak
client-id: ${KEYCLOAK_CLIENT_ID}
client-secret: ${KEYCLOAK_CLIENT_SECRET}
client-authentication-method: client_secret_post
authorization-grant-type: authorization_code
redirect-uri: ${KEYCLOAK_REDIRECT_URI}
scope: openid
provider:
keycloak:
authorization-uri: ${KEYCLOAK_AUTH_URL}
issuer-uri: ${KEYCLOAK_ISSUER_URL}
token-uri: ${KEYCLOAK_CLIENT_BASE_URL}/token
user-info-uri: ${KEYCLOAK_CLIENT_BASE_URL}/userinfo
user-name-attribute: email
jwk-set-uri: ${KEYCLOAK_CLIENT_BASE_URL}/certs
logout-url: ${KEYCLOAK_LOGOUT_URL}