[英]zuul proxy always giving 401 unauthorized
I am using zuul proxy for routes and have added JWT authentication for the same.我正在为路由使用 zuul 代理,并为此添加了 JWT 身份验证。 I have specified the APIs for with authorisation is to be skipped for example (/auth) but i am not able to call the same as I am getting 401 for the permitted URLs as well.
我已指定要跳过授权的 API,例如 (/auth),但我无法调用相同的 API,因为我也为允许的 URL 获取了 401。
Following are the code snippet.以下是代码片段。
Class implementing WebSecurityConfigurerAdapter实现 WebSecurityConfigurerAdapter 的类
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.exceptionHandling().authenticationEntryPoint(new JwtAuthenticationEntryPoint())
.and()
.addFilterAfter(new JwtTokenAuthenticationFilter(jwtConfig), UsernamePasswordAuthenticationFilter.class)
.authorizeRequests()
.antMatchers(HttpMethod.POST, "/auth/**").permitAll()
.antMatchers("/ping").permitAll()
.antMatchers("/login/**").permitAll()
.antMatchers("/signup/**").permitAll()
.anyRequest().authenticated();
}
And also my application.properties file looks as mentioned below而且我的 application.properties 文件看起来如下所述
server.port=8762
spring.application.name=zuul-server
eureka.client.service-url.default-zone=http://localhost:8761/eureka/
# A prefix that can added to beginning of all requests.
zuul.prefix=/api
# Disable accessing services using service name (i.e. gallery-service).
# They should be only accessed through the path defined below.
zuul.ignored-services=*
# Map paths to services
zuul.routes.user-service.path=/users/**
zuul.routes.user-service.service-id=user-service
zuul.routes.user-service.sensitive-headers=Cookie,Set-Cookie
# Map path to auth service
zuul.routes.auth-service.path=/auth/**
zuul.routes.auth-service.service-id=auth-service
zuul.routes.auth-service.strip-prefix=false
# Exclude authorization from sensitive headers
zuul.routes.auth-service.sensitive-headers=Cookie,Set-Cookie
But I am not able to hit /ping or /login or /auth APIs all are giving 401.但我无法点击 /ping 或 /login 或 /auth API 都给出 401。
Could someone please help me regarding the same.有人可以帮我解决同样的问题。
Thanks in advance !!!提前致谢 !!!
尝试这个
.antMatchers(HttpMethod.POST, "/api/auth/**").permitAll()
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.