Basic Authentication service called By Zuul

后端未结

关注

 6  746

I\'m Zuul as edge server. so all request pass by this edge server. I have a micro-service A. all web services of A are protected by Basic Authentication. How can we call the

相关标签:

6条回答

猫巷女王i

2021-01-15 00:03

This is my Zuul filter:

public class BasicAuthorizationHeaderFilter extends ZuulFilter {


@Override
public String filterType() {
    return "pre";
}

@Override
public int filterOrder() {
    return 10;
}

@Override
public boolean shouldFilter() {
    return true;
}

@Override
public Object run() {

    RequestContext ctx = RequestContext.getCurrentContext();
    ctx.getRequest().getRequestURL();
    ctx.addZuulRequestHeader("Authorization", "Basic " + Utils.getBase64Credentials("user", "Token"));
    return null;
}

}

0 讨论(0)

终归单人心

2021-01-15 00:09
Ideally the requester would have the token in the request.
If you want to have Zuul add the authentication token then you can create a ZuulFilter and use:
```
context.addZuulRequestHeader("Authorization", "base64encodedTokenHere");
```
Doing this would give open access to the services - which may not be wise.
0 讨论(0)
发布评论:

提交评论
- 加载中...
爱一瞬间的悲伤

2021-01-15 00:14
You can call (through Zuul) your service A like this :
```
https://login:password@zuulurl.com/serviceA
```
but firslty allow AUTHORIZATION header through Zuul for this specific service (route) with the property sensitiveHeaders in your properties file :
```
zuul.routes.serviceA.sensitiveHeaders=Cookie,Set-Cookie
```
or let it empty if you want to pass the Cookie headers too.

Here more informations about headers through Zuul
0 讨论(0)
发布评论:

提交评论
- 加载中...

萌比男神i

2021-01-15 00:16

@Component
public class PreFilter extends ZuulFilter {
private static final Logger LOG = LoggerFactory.getLogger(PreFilter.class);

@Override
public String filterType() {
    return "pre";
}

@Override
public int filterOrder() {
    return 1;
}

@Override
public boolean shouldFilter() {
    return true;
}

@Override
public Object run() {
    RequestContext ctx = RequestContext.getCurrentContext();
    HttpServletRequest request = ctx.getRequest();
    ctx.addZuulRequestHeader("Authorization", request.getHeader("Authorization"));

    LOG.info("Parametres : {}", request.getParameterMap()
            .entrySet()
            .stream()
            .map(e -> e.getKey() + "=" + Stream.of(e.getValue()).collect(Collectors.toList()))
            .collect(Collectors.toList()));
    LOG.info("Headers : {}", "Authorization" + "=" + request.getHeader("Authorization"));
    LOG.info(String.format("%s request to %s", request.getMethod(), request.getRequestURL().toString()));
    return null;
    }
}

0 讨论(0)

醉梦人生

2021-01-15 00:20

This change is little tricky.

@Override
public int filterOrder() {
    return 1; // change the return value to more than 5 the above code will work.
}

try with the final code below:

@Component
public class PreFilter extends ZuulFilter {
    private static final Logger LOG = LoggerFactory.getLogger(PreFilter.class);

    @Override
    public String filterType() {
        return "pre";
    }

    @Override
    public int filterOrder() {
        return 10;
    }

    @Override
    public boolean shouldFilter() {
        return true;
    }

    @Override
    public Object run() {
        RequestContext ctx = RequestContext.getCurrentContext();
        HttpServletRequest request = ctx.getRequest();
        ctx.addZuulRequestHeader("Authorization", request.getHeader("Authorization"));
        return null;
    }
}

0 讨论(0)

-上瘾入骨i

2021-01-15 00:23
Use zuul's sensitive header property with the blank value,
```
zuul.sensitiveHeaders=
```
Above property will do the trick but if you want to have filters for Cookie headers you can use that property with values,
```
zuul.sensitiveHeaders=Cookie,Set-Cookie
```
0 讨论(0)
发布评论:

提交评论
- 加载中...