简体   繁体   English

zuul 代理总是给 401 未经授权

[英]zuul proxy always giving 401 unauthorized

I am using zuul proxy for routes and have added JWT authentication for the same.我正在为路由使用 zuul 代理,并为此添加了 JWT 身份验证。 I have specified the APIs for with authorisation is to be skipped for example (/auth) but i am not able to call the same as I am getting 401 for the permitted URLs as well.我已指定要跳过授权的 API,例如 (/auth),但我无法调用相同的 API,因为我也为允许的 URL 获取了 401。

Following are the code snippet.以下是代码片段。

Class implementing WebSecurityConfigurerAdapter实现 WebSecurityConfigurerAdapter 的类

    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable()
                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                .and()
                .exceptionHandling().authenticationEntryPoint(new JwtAuthenticationEntryPoint())
                .and()
                .addFilterAfter(new JwtTokenAuthenticationFilter(jwtConfig), UsernamePasswordAuthenticationFilter.class)
                .authorizeRequests()
                .antMatchers(HttpMethod.POST, "/auth/**").permitAll()
                .antMatchers("/ping").permitAll()
                .antMatchers("/login/**").permitAll()
                .antMatchers("/signup/**").permitAll()
                .anyRequest().authenticated();

    }

And also my application.properties file looks as mentioned below而且我的 application.properties 文件看起来如下所述

server.port=8762
spring.application.name=zuul-server
eureka.client.service-url.default-zone=http://localhost:8761/eureka/

# A prefix that can added to beginning of all requests.
zuul.prefix=/api

# Disable accessing services using service name (i.e. gallery-service).
# They should be only accessed through the path defined below.
zuul.ignored-services=*

# Map paths to services
zuul.routes.user-service.path=/users/**
zuul.routes.user-service.service-id=user-service
zuul.routes.user-service.sensitive-headers=Cookie,Set-Cookie

# Map path to auth service
zuul.routes.auth-service.path=/auth/**
zuul.routes.auth-service.service-id=auth-service
zuul.routes.auth-service.strip-prefix=false
# Exclude authorization from sensitive headers
zuul.routes.auth-service.sensitive-headers=Cookie,Set-Cookie

But I am not able to hit /ping or /login or /auth APIs all are giving 401.但我无法点击 /ping 或 /login 或 /auth API 都给出 401。

Could someone please help me regarding the same.有人可以帮我解决同样的问题。

Thanks in advance !!!提前致谢 !!!

尝试这个

   .antMatchers(HttpMethod.POST, "/api/auth/**").permitAll()

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM