[英]Zuul proxy simple auth
I have simple spring boot app that proxy some api with zuul proxy 我有一个简单的Spring Boot应用程序,可以使用zuul代理服务器来代理一些API
@EnableZuulProxy
@SpringBootApplication
public class DemoClientApplication {
public static void main(String[] args) {
SpringApplication.run(DemoClientApplication.class, args);
}
}
application.yml application.yml
server:
port: 8080
zuul:
routes:
test:
path: /api/**
url: http://localhost:8081/api/
localhost:8081 has basic auth, something like 本地主机:8081具有基本身份验证,类似
localhost:8081/j_spring_security_check?j_username=user&j_password=pass
that return me cookies with JSESSIONID and by setting up this JSESSIONID to header i can get resource. 返回带有JSESSIONID的cookie并通过将此JSESSIONID设置为标头可以获取资源。 I cant change localhost:8081 because its not my service.
我不能更改localhost:8081,因为它不是我的服务。 How can I get this JSESSIONID and setting up to zuul?
如何获得此JSESSIONID并设置为zuul? Can I do this just with yml?
我可以只使用yml吗?
I think you are asking about Sensitive Headers in the configuration options. 我认为您在配置选项中询问的是敏感标题。 By default, headers Cookie, Set-Cookie, Authorization are blocked by the
sensitiveHeaders: Cookie,Set-Cookie,Authorization
configuration. 默认情况下,
sensitiveHeaders: Cookie,Set-Cookie,Authorization
阻止标头Cookie,Set-Cookie,授权sensitiveHeaders: Cookie,Set-Cookie,Authorization
配置。 It can be overridden, but you need to be sure that you are not leaking sensitive information in cookies down stream: 可以覆盖它,但是您需要确保不会在cookie的下游泄漏敏感信息:
zuul:
routes:
users:
path: /myusers/**
sensitiveHeaders:
url: https://downstream
But first you need to read why they are disabled in the Spring Cloud documentation: 但是首先您需要阅读Spring Cloud文档中为什么禁用它们:
You can share headers between services in the same system, but you probably do not want sensitive headers leaking downstream into external servers.
您可以在同一系统中的服务之间共享标头,但是您可能不希望敏感标头泄漏到下游到外部服务器中。 You can specify a list of ignored headers as part of the route configuration.
您可以在路由配置中指定忽略的标头列表。 Cookies play a special role, because they have well defined semantics in browsers, and they are always to be treated as sensitive.
Cookies发挥着特殊的作用,因为它们在浏览器中具有定义明确的语义,并且始终将它们视为敏感内容。 If the consumer of your proxy is a browser, then cookies for downstream services also cause problems for the user, because they all get jumbled up together (all downstream services look like they come from the same place).
如果代理的使用者是浏览器,那么下游服务的cookie也会给用户带来麻烦,因为它们都混杂在一起(所有下游服务看起来都来自同一位置)。
http://cloud.spring.io/spring-cloud-netflix/single/spring-cloud-netflix.html#_cookies_and_sensitive_headers http://cloud.spring.io/spring-cloud-netflix/single/spring-cloud-netflix.html#_cookies_and_sensitive_headers
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.