[英]Getting error while accessing Azure API developer portal while using Azure Application Gateway with Azure API Management service
[英]Getting an 403 Error while send a GetRequest to my Azure Kubernetes API-Gateway
我在 Azure Kubernetes 提供了一個 API 網關微服務。 當我登錄獲取令牌時,它可以工作,但是如果我想使用 Bearer 令牌訪問資源,它不允許我這樣做。
@Override
public void configure(HttpSecurity http) throws Exception {
http.csrf().disable().authorizeRequests().antMatchers("/authenticate").permitAll().
antMatchers("/users").hasRole("ADMIN")
.anyRequest().authenticated()
.and().sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
http.addFilterBefore(jwtRequestFilter, UsernamePasswordAuthenticationFilter.class);
}
我的登錄數據來自管理員,但他仍然不允許我從 /users 訪問。 Postman 出現的錯誤代碼是 403。
我懷疑這是由於 Azure SQL 防火牆造成的。
有人能告訴我為什么我可以向我的 API 網關和 JWT 發起發布請求,但沒有得到用戶數據的 GetRequest 嗎?
apiVersion: apps/v1
kind: Deployment
metadata:
name: apigateway-front
spec:
replicas: 1
selector:
matchLabels:
app: apigateway-front
template:
metadata:
labels:
app: apigateway-front
spec:
nodeSelector:
"beta.kubernetes.io/os": linux
containers:
- name: apigateway-front
image: containerregistry.azurecr.io/apigateway:11
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 250m
memory: 512Mi
ports:
- containerPort: 8800
name: apigateway
---
apiVersion: v1
kind: Service
metadata:
name: apigateway-front
spec:
type: LoadBalancer
ports:
- port: 8800
selector:
app: apigateway-front
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: contacts
spec:
replicas: 1
selector:
matchLabels:
app: contacts
template:
metadata:
labels:
app: contacts
spec:
nodeSelector:
"beta.kubernetes.io/os": linux
containers:
- name: contacts
image: containerregistry.azurecr.io/contacts:12
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 250m
memory: 512Mi
ports:
- containerPort: 8100
name: contacts
---
apiVersion: v1
kind: Service
metadata:
name: contacts
spec:
ports:
- port: 8100
selector:
app: contacts
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: templates
spec:
replicas: 1
selector:
matchLabels:
app: templates
template:
metadata:
labels:
app: templates
spec:
nodeSelector:
"beta.kubernetes.io/os": linux
containers:
- name: templates
image: containerregistry.azurecr.io/templates:13
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 250m
memory: 512Mi
ports:
- containerPort: 8200
name: templates
---
apiVersion: v1
kind: Service
metadata:
name: templates
spec:
ports:
- port: 8200
selector:
app: templates
來自 API-Gateway 的日志
2020-06-08 07:59:36.097 INFO 1700 --- [ main] s.ApiGateway.ApiGatewayApplication : No active profile set, falling back to default profiles: default
2020-06-08 07:59:37.115 INFO 1700 --- [ main] .s.d.r.c.RepositoryConfigurationDelegate : Bootstrapping Spring Data JPA repositories in DEFAULT mode.
2020-06-08 07:59:37.200 INFO 1700 --- [ main] .s.d.r.c.RepositoryConfigurationDelegate : Finished Spring Data repository scanning in 73ms. Found 1 JPA repository interfaces.
2020-06-08 07:59:37.673 WARN 1700 --- [ main] o.s.boot.actuate.endpoint.EndpointId : Endpoint ID 'hystrix.stream' contains invalid characters, please migrate to a valid format.
2020-06-08 07:59:37.924 INFO 1700 --- [ main] o.s.cloud.context.scope.GenericScope : BeanFactory id=1f96386b-fb6d-3ddd-bccb-9a4c4b64c2fd
2020-06-08 07:59:39.047 INFO 1700 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat initialized with port(s): 8800 (http)
2020-06-08 07:59:39.062 INFO 1700 --- [ main] o.apache.catalina.core.StandardService : Starting service [Tomcat]
2020-06-08 07:59:39.062 INFO 1700 --- [ main] org.apache.catalina.core.StandardEngine : Starting Servlet engine: [Apache Tomcat/9.0.35]
2020-06-08 07:59:39.338 INFO 1700 --- [ main] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext
2020-06-08 07:59:39.338 INFO 1700 --- [ main] o.s.web.context.ContextLoader : Root WebApplicationContext: initialization completed in 3192 ms
2020-06-08 07:59:39.484 WARN 1700 --- [ main] c.n.c.sources.URLConfigurationSource : No URLs will be polled as dynamic configuration sources.
2020-06-08 07:59:39.484 INFO 1700 --- [ main] c.n.c.sources.URLConfigurationSource : To enable URLs as dynamic configuration sources, define System property archaius.configurationSource.additionalUrls or make config.properties available on classpath.
2020-06-08 07:59:39.513 INFO 1700 --- [ main] c.netflix.config.DynamicPropertyFactory : DynamicPropertyFactory is initialized with configuration sources: com.netflix.config.ConcurrentCompositeConfiguration@77bc2e16
2020-06-08 07:59:39.599 WARN 1700 --- [ main] JpaBaseConfiguration$JpaWebConfiguration : spring.jpa.open-in-view is enabled by default. Therefore, database queries may be performed during view rendering. Explicitly configure spring.jpa.open-in-view to disable this warning
2020-06-08 07:59:39.939 INFO 1700 --- [ main] com.zaxxer.hikari.HikariDataSource : HikariPool-1 - Starting...
2020-06-08 07:59:40.688 INFO 1700 --- [ main] com.zaxxer.hikari.HikariDataSource : HikariPool-1 - Start completed.
2020-06-08 07:59:40.776 INFO 1700 --- [ main] o.hibernate.jpa.internal.util.LogHelper : HHH000204: Processing PersistenceUnitInfo [name: default]
2020-06-08 07:59:40.881 INFO 1700 --- [ main] org.hibernate.Version : HHH000412: Hibernate ORM core version 5.4.15.Final
2020-06-08 07:59:41.143 INFO 1700 --- [ main] o.hibernate.annotations.common.Version : HCANN000001: Hibernate Commons Annotations {5.1.0.Final}
2020-06-08 07:59:41.385 INFO 1700 --- [ main] org.hibernate.dialect.Dialect : HHH000400: Using dialect: org.hibernate.dialect.SQLServer2012Dialect
2020-06-08 07:59:42.377 INFO 1700 --- [ main] o.h.e.t.j.p.i.JtaPlatformInitiator : HHH000490: Using JtaPlatform implementation: [org.hibernate.engine.transaction.jta.platform.internal.NoJtaPlatform]
2020-06-08 07:59:42.388 INFO 1700 --- [ main] j.LocalContainerEntityManagerFactoryBean : Initialized JPA EntityManagerFactory for persistence unit 'default'
2020-06-08 07:59:43.793 INFO 1700 --- [ main] o.s.s.web.DefaultSecurityFilterChain : Creating filter chain: any request, [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@498b611e, org.springframework.security.web.context.SecurityContextPersistenceFilter@47fca3cc, org.springframework.security.web.header.HeaderWriterFilter@6c2dd88b, org.springframework.security.web.authentication.logout.LogoutFilter@3909a854, sendMessage.ApiGateway.JwtRequestFilter@1b98355f, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@6a0c7af6, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@3d7b3b18, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@6dde1bf5, org.springframework.security.web.session.SessionManagementFilter@484b5a21, org.springframework.security.web.access.ExceptionTranslationFilter@5bccaedb, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@1e000a17]
2020-06-08 07:59:43.838 WARN 1700 --- [ main] c.n.c.sources.URLConfigurationSource : No URLs will be polled as dynamic configuration sources.
2020-06-08 07:59:43.838 INFO 1700 --- [ main] c.n.c.sources.URLConfigurationSource : To enable URLs as dynamic configuration sources, define System property archaius.configurationSource.additionalUrls or make config.properties available on classpath.
2020-06-08 07:59:44.010 INFO 1700 --- [ main] o.s.s.concurrent.ThreadPoolTaskExecutor : Initializing ExecutorService 'applicationTaskExecutor'
2020-06-08 07:59:44.219 WARN 1700 --- [ main] ion$DefaultTemplateResolverConfiguration : Cannot find template location: classpath:/templates/ (please add some templates or check your Thymeleaf configuration)
2020-06-08 07:59:44.672 INFO 1700 --- [ main] o.s.c.n.zuul.ZuulFilterInitializer : Starting filter initializer
2020-06-08 07:59:44.689 INFO 1700 --- [ main] o.s.b.a.e.web.EndpointLinksResolver : Exposing 2 endpoint(s) beneath base path '/actuator'
2020-06-08 07:59:44.769 INFO 1700 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat started on port(s): 8800 (http) with context path ''
2020-06-08 07:59:44.916 INFO 1700 --- [ main] s.ApiGateway.ApiGatewayApplication : Started ApiGatewayApplication in 10.045 seconds (JVM running for 15.368)
2020-06-08 08:19:19.354 INFO 1700 --- [nio-8800-exec-2] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring DispatcherServlet 'dispatcherServlet'
2020-06-08 08:19:19.355 INFO 1700 --- [nio-8800-exec-2] o.s.web.servlet.DispatcherServlet : Initializing Servlet 'dispatcherServlet'
2020-06-08 08:19:19.395 INFO 1700 --- [nio-8800-exec-2] o.s.web.servlet.DispatcherServlet : Completed initialization in 40 ms
2020-06-08 08:19:19.450 WARN 1700 --- [nio-8800-exec-2] o.s.c.n.zuul.web.ZuulHandlerMapping : No routes found from RouteLocator
問題解決了。 我忘記在 Postman 中寫授權 header
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.