问题描述
如果流程不包含基本授权,我就可以使用该服务.
I am able to hit the service, if the flow doesn't contain Basic Authorization.
如果我使用基本授权,则会抛出消息":访问此资源需要完整身份验证"
If i use Basic Authorization, it throws "message": "Full authentication is required to access this resource"
以下是我的观察结果:
在ZuulFilter中,run()方法中,我获得了以下值request.getHeader("Authorization")->基本的c29tOnNvbzz ==
In ZuulFilter, run() method, i get value forrequest.getHeader("Authorization") --> Basic c29tOnNvbzz==
但是一旦它到达微服务,我就会获得空"的价值, request.getHeader("Authorization")-> null
but once it reaches the Micro Service, i am getting value as 'null', request.getHeader("Authorization") --> null
使用Spring Boot版本:1.4.0.RELEASE
Using Spring Boot version : 1.4.0.RELEASE
This is my flow:
------------------
Zuul -> Service Discovery (Eureka Server) -> Service
请帮助,不确定Authorization标头在哪里消失.
Kindly help, not sure where the Authorization header is vanishing.
Eureka Server yml file:
-------------------------
server.port:4001
eureka.instance.hostname=localhost
eureka.client.fetch-registry:false
eureka.client.register-with-eureka:false
eureka.client.serviceUrl.defaultZone: http://${eureka.instance.hostname}:${server.port}/eureka/
eureka.client.healthcheck.enabled=true
Zuul yml file:
-----------------
server:
port: 8765
info:
component: Edge Server
eureka:
instance:
leaseRenewalIntervalInSeconds: 3
metadataMap:
instanceId: ${spring.application.name}:${random.value}
client:
# Default values comes from org.springframework.cloud.netflix.eurek.EurekaClientConfigBean
registryFetchIntervalSeconds: 5
instanceInfoReplicationIntervalSeconds: 5
initialInstanceInfoReplicationIntervalSeconds: 5
endpoints:
restart:
enabled: true
shutdown:
enabled: true
health:
sensitive: false
zuul.sensitive-headers: Cookie,Set-Cookie,Authorization
logging:
level:
ROOT: WARN
se.callista: INFO
# Get info regarding connection to the cofig server and retries if required
org.springframework.cloud.config.client.ConfigServicePropertySourceLocator: INFO
org.springframework.retry.support.RetryTemplate: DEBUG
# Set INFO to see the allocated port
org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer: INFO
---
eureka:
instance:
preferIpAddress: true
client:
serviceUrl:
defaultZone: http://localhost:4001/eureka,http://localhost:4002/eureka
推荐答案
默认情况下,授权是敏感标头,这意味着Zuul不会转发它们.如果您将其保留在敏感标头之外,Zuul将转发标头.
Authorization is by default a sensitive header, this means Zuul will not forward them. If you leave it out of the sensitive headers, Zuul will forward the header.
zuul.sensitiveHeaders: Cookie,Set-Cookie
它也应该是camelCase而不是连字符.
It should also be camelCase instead of hyphenated.
这篇关于Zuul-> Eureka Server,基本身份验证问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!