chapter six

6 Exposing and securing web applications

This chapter covers

Developing a basic secured web application with HTML
Creating a more advanced HTMX-based UI
Propagating the security context for calls between a web application and a REST service
Exploring other alternatives for frontend development

In this chapter, we focus on two concepts: creating an HTML-based frontend for your application, and securing it to require authentication. We have already touched security with OIDC and Keycloak a little in chapter 3. We now use this concept in the car rental project.

The outcome of this chapter will be a new service called Users, that exposes a simple HTML frontend allowing logged-in users to view their car reservations, view available cars for given dates and create new reservations.

Figure 6.1 depicts the architecture what we will create in this chapter.

Figure 6.1. Diagram showing the architecture part used in chapter 6

In the practical parts of this chapter, we will use three services:

6.1 Creating a secured web application

6.1.1 Creating a simple HTML page

6 Exposing and securing web applications

This chapter covers

Figure 6.1. Diagram showing the architecture part used in chapter 6

6.1 Creating a secured web application

6.1.1 Creating a simple HTML page

6.1.2 Adding security to the application

6.2 Creating a UI for managing car reservations

6.2.1 Updates to the Reservation service needed by the Users service

6.2.2 Preparing backend parts in the Users service to be used by the UI

6.2.3 Creating the UI using Qute, HTMX and a REST backend

6.2.4 Trying the application

6.3 Running in production mode

6.3.1 Running Keycloak and PostgreSQL as containers

6.3.2 Wiring the services to use Keycloak

6.4 Wrap up and next steps

6.5 Summary