问题
In our domain, we have a number of Spring Boot applications and a Gateway Service (we are using Netflix Zuul). Our Gateway Service is handling our authentication and security. We expect all of our consumers to be coming in through our Gateway Service.
Because the security is being handled by the Gateway Service, we'd like to disable direct access to our Spring Boot applications. Any requests made that didn't originate from our Gateway Service should be rejected.
How can we accomplish this in Spring Boot? Are there any best practices around this?
回答1:
I would prefer to restrict this on the network level. Put all internal services on a private subnet which only accepts HTTP requests from the gateway service host(s).
来源:https://stackoverflow.com/questions/45045466/spring-boot-force-all-traffic-to-come-through-gateway-service