AKHQ login with Keycloak

Introduction


This article describes case of running AKHQ with docker and enabling login with Keycloak requirement to browse data on AKHQ UI. All the code is available on my GitHub.


Specification:
- Protocol: HTTP
- AKHQ authorization: YES, with keycloak


Requirements:
- internet access - to download AKHQ docker image,
- installed docker - to run downloaded image,
- running kafka - visible within any connected network interface,
- running keycloak - with created realm and configured client (confidential access, service account enabled, redirect URL), also reachable via any connected network.


Configuration


First of all we have to create YAML file - to tell AKHQ where is our kafka running and how to authorize users via Keycloak. At this moment we are not using any role-based privileges and default logged user group is "reader". If you need to execute any write operation, you have to change default group to "admin". 
micronaut:
  security:
    enabled: true
    oauth2:
      clients:
        keycloak:
          client-id: AKHQ_KEYCLOAK_CLIENT_ID
          client-secret: AKHQ_KEYCLOAK_CLIENT_SECRET
          openid:
            issuer: http://localhost:8080/realms/my-realm
    token:
      jwt:
        signatures:
          secret:
            generator:
              secret: "GENERATED_SECRET"

akhq:
  ui-options:
    topic-data:
      sort: Newest
  connections:
    local:
      properties:
        bootstrap.servers: "localhost:9092"
  security:
    oidc:
      enabled: true
      providers:
        keycloak:
          label: "Login with Keycloak"
          default-group: reader


Then just run AKHQ docker image (on port 1790) with previously created YAML config: 
docker run -it -p 1790:8080 --name akhq_kc_container -v application-kc.yml:/app/application.yml tchiotludo/akhq


Once container is created you can start simple by: 
docker container start akhq_kc_container


Now you should be redirected to Keycloak login page after clicking login button on AKHQ. After login AKHQ UI content should be visible for user.


All AKHQ config examples can be found here.


Popular posts

Basic AKHQ running with docker (HTTP)

Introduction This article describes basic case of running AKHQ with docker. All the code is available on my GitHub . Specification: - Protocol: HTTP - AKHQ authorization: NO Requirements: - internet access - to download AKHQ docker image, - installed docker - to run downloaded image, - running kafka - visible within any connected network interface. Configuration First of all we have to create YAML file - to tell AKHQ where is our kafka running. akhq: ui-options: topic-data: sort: Newest connections: local: properties: bootstrap.servers: "localhost:9092" Then just run AKHQ docker image (on port 1790) with previously created YAML config: docker run -it -p 1790:8080 --name akhq_basic_container -v application-basic.yml:/app/application.yml tchiotludo/akhq Once container is created you can start simple by: docker container start akhq_basic_container ...
Read more »

My Ubuntu Desktop config

Image
This article describes Ubuntu configuration I’m personally using. Those are tools which makes my work much easier and more pleasant. Consider adding them to your setup. Extensions To add Ubuntu GNOME extensions you have to enable this possibility at first. Here is short tutorial: https://damiankumor.blogspot.com/2023/08/enabling-gnome-extensions.html Dash to panel Custom menu panel. I like to have it on the top. https://extensions.gnome.org/extension/1160/dash-to-panel Final effect looks like that: Audio selector Tool for easily selection of audio input and outputs. https://extensions.gnome.org/extension/5135/audio-selector Final effect: Extension list Tray icon for fast extension management. https://exten...
Read more »