如何使用 Spring Cloud Netflix Zuul 作为 SSL 反向代理
[英]How to use Spring Cloud Netflix Zuul as SSL reverse proxy
问题描述
I've setup a simple Spring Boot application with Spring Cloud Zuul via @EnableZuulProxy annotation as reverse Proxy for some other backend applications deployed as separate microservices.
我已经通过@EnableZuulProxy注释使用 Spring Cloud Zuul 设置了一个简单的 Spring Boot 应用程序,作为部署为单独微服务的其他一些后端应用程序的反向代理。
The zuul reverse proxy is acting as an API gateway in front of the various backend services. zuul 反向代理在各种后端服务之前充当 API 网关。
Since this API gateway is the only external reachable destination, it also acts as single secured entry point via HTTPS.由于此 API 网关是唯一的外部可访问目的地,因此它还通过 HTTPS 充当单一安全入口点。 The proxied backend services are not secured separately, so they just using plain HTTP.代理后端服务没有单独保护,所以它们只使用普通的 HTTP。
In the past I was using Nginx for this setup and I am now evaluating Spring Cloud Netflix Zuul as an replacement with Eureka service discovery but it seems that Zuul is not adding the required X-Forwarded-Proto: https HTTP header.过去我使用 Nginx 进行此设置,现在我正在评估 Spring Cloud Netflix Zuul 作为 Eureka 服务发现的替代品,但似乎 Zuul 没有添加所需的X-Forwarded-Proto: https HTTP 标头。
How can I tell zuul to act as SSL proxy for non-secured HTTP backend services?如何告诉 zuul 充当非安全 HTTP 后端服务的 SSL 代理?
1 个解决方案
解决方案1
1 2015-09-07 12:43:10
Just figured out that spring-cloud-netflix is adding the X-Forwarded-* HTTP headers and therefore responsible for them.刚刚发现 spring-cloud-netflix 正在添加X-Forwarded-* HTTP 标头,因此对它们负责。
Filed a PR for adding the X-Forwarded-Proto header to their org.springframework.cloud.netflix.zuul.filters.pre.PreDecorationFilter at https://github.com/spring-cloud/spring-cloud-netflix/pull/515在https://github.com/spring-cloud/spring-cloud-netflix/pull/提交 PR 以将X-Forwarded-Proto标头添加到他们的org.springframework.cloud.netflix.zuul.filters.pre.PreDecorationFilter 515
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.