This project demonstrates a comprehensive Spring Boot Microservices architecture with robust security implementation using Spring Security, API Gateway, and Service Discovery. The system includes JWT-based authentication, header-based service communication, and distributed authorization.
- π API Gateway - Central entry point with routing and authentication
- π Auth Service - JWT token generation and validation
- π₯ User Service - User management and profiles
- π Custom Service - Business logic with role-based access control
- ποΈ PostgreSQL - Persistent data storage
- π Consul - Service discovery and configuration management
- Java 17+
- Gradle 8.5+
- Docker & Docker Compose
- Git
# Clone the repository
git clone https://github.com/furkankayam/spring-microservices-security-example.git
cd spring-microservices-security-example# Build Docker images
gradle jibDockerBuild
# Start all services
docker-compose up -d
# View logs
docker-compose logs -f# Start Consul (required for service discovery)
docker run -d -p 8500:8500 --name consul consul:latest
# Start PostgreSQL
docker run -d -p 5432:5432 --name postgres \
-e POSTGRES_DB=user_db \
-e POSTGRES_USER=postgres \
-e POSTGRES_PASSWORD=postgres \
postgres:15
# Run services in order
cd auth-service && ./gradlew bootRun
cd user-service && ./gradlew bootRun
cd custom-service && ./gradlew bootRun
cd api-gateway && ./gradlew bootRunPOST http://localhost:8080/auth/generate-token # Generate JWT token
POST http://localhost:8080/users/save # Register new user
GET http://localhost:8080/users/{username}/profile # Get user profile
GET http://localhost:8080/customs/public # Public custom endpointGET http://localhost:8080/customs/private/user # USER role required
GET http://localhost:8080/customs/private/admin # ADMIN role required
GET http://localhost:8080/customs/private/admin-and-user # USER or ADMIN role requiredDatabase URL: jdbc:postgresql://localhost:5432/user_db
Username: postgres
Password: postgresAPI Gateway: 8080
Auth Service: 8081
User Service: 8082
Custom Service: 8083
Consul: 8500
PostgreSQL: 5432# 1. Register a new user
curl -X POST http://localhost:8080/users/save \
-H "Content-Type: application/json" \
-d '{"username": "testuser", "password": "password123", "role": "USER"}'
# 2. Generate JWT token
curl -X POST http://localhost:8080/auth/generate-token \
-H "Content-Type: application/json" \
-d '{"username": "testuser", "password": "password123"}'
# 3. Access protected endpoint
curl -X GET http://localhost:8080/customs/private/user \
-H "Authorization: Bearer YOUR_JWT_TOKEN"- β JWT Authentication - Stateless token-based auth
- β
Role-Based Access Control - Method-level security with
@PreAuthorize - β API Gateway Integration - Centralized authentication
- β Header-Based Service Communication - Secure inter-service calls
- β Service Discovery - Dynamic service registration with Consul
- β CORS Configuration - Cross-origin request handling
# Service health endpoints
GET http://localhost:8080/actuator/health
GET http://localhost:8081/actuator/health
GET http://localhost:8082/actuator/health
GET http://localhost:8083/actuator/health
# Consul UI
http://localhost:8500/uispring-microservices-security-example/
βββ api-gateway/ # Spring Cloud Gateway
βββ auth-service/ # Authentication & JWT
βββ user-service/ # User management
βββ custom-service/ # Business logic
βββ docker-compose.yml # Multi-service setup
βββ README.md
- Fork the repository
- Create your feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the MIT License. See the LICENSE file for details.
Created with β€οΈ by Mehmet Furkan KAYA
