Spring Boot | Kong | OpenLDAP
Using Kong to secure a Simple Spring Boot REST API with LDAP Authentication plugin
Configuring the LDAP Authentication plugin in Kong to secure a sensitive endpoint in Simple API application
In this article, we will create a Simple Spring Boot REST API called Simple API. The application has just two endpoints: /public
and /secured
. However, instead of implementing security within the application itself, this time we will utilize Kong.
Introduction
Kong is an open-source API gateway that simplifies API management, provides security, scalability, and analytics for APIs and microservices. It acts as a single entry point for clients to access backend services, offering features like authentication, load balancing, and custom plugins.
Both Kong and Simple API will be executed as Docker containers. However, the Simple API’s 8080
port won’t be exposed to the host machine, meaning users cannot access it directly. To circumvent this, we will utilize Kong as a gateway.
Additionally, we will run OpenLDAP (open-source software implementation of the LDAP protocol) and configure in Kong the LDAP Authentication plugin to secure the sensitive…