Skip to content

Spring Boot-based gRPC server with gRPC endpoints secured by Spring Security

License

Notifications You must be signed in to change notification settings

revinate/grpc-spring-security-demo

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

gRPC Spring Security demo

This project demonstrates how to use Spring Security's method-based security mechanism to secure gRPC services. It is a gRPC server written in Java and built on Spring Boot. It uses gRPC interceptors to integrate with Spring Security, and supports two authentication mechanisms: HTTP Basic Auth and OAuth2 with JSON Web Tokens.

Within this demo, the following may be of interest:

The accompanying blog post contains more details about the background and motivations for this demo.

Requirements

  • Java 1.8 or newer

Usage

To start the application, run the following command in the project root directory:

./gradlew bootRun

This brings up the gRPC server, which runs on localhost port 7080.

For a simple way to interact with the gRPC server, without the need to create a client application, grpcc can be used.

With grpcc installed, start a client that connects to the gRPC server by running the following command in the src/main/proto directory in this project:

grpcc -i -p revinate/demo/demo.proto -a localhost:7080

This command starts the grpcc shell. Once in the shell, first create a variable to hold the metadata entry for Basic Auth credentials:

var md = cm({Authorization: "Basic Z3JwY3NwcmluZzpncnBjc3ByaW5n"})

Then make a call to the server using the credentials:

client.fibonacci({value: 10}, md, pr)

About

Spring Boot-based gRPC server with gRPC endpoints secured by Spring Security

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages