Zuul & # 8594; Eureka Server, Basic Authentication Issue

Question

Zuul & # 8594; Eureka Server, Basic Authentication Issue

I can use the service if the stream does not contain the main authorization.

If I use Basic Authorization, it displays a "message": "Full authentication is required to access this resource"

Below are my observations:

In the ZuulFilter, run () method, I get the value for request.getHeader ("Login") -> Main c29tOnNvbzz ==

but as soon as it reaches Micro Service, I get the value as "null", request.getHeader ("Login") -> null

Using Spring Boot Version: 1.4.0.RELEASE

This is my flow: ------------------ Zuul -> Service Discovery (Eureka Server) -> Service

Please help without knowing where the authorization header disappears.

 Eureka Server yml file: ------------------------- server.port:4001 eureka.instance.hostname=localhost eureka.client.fetch-registry:false eureka.client.register-with-eureka:false eureka.client.serviceUrl.defaultZone: http://${eureka.instance.hostname}:${server.port}/eureka/ eureka.client.healthcheck.enabled=true Zuul yml file: ----------------- server: port: 8765 info: component: Edge Server eureka: instance: leaseRenewalIntervalInSeconds: 3 metadataMap: instanceId: ${spring.application.name}:${random.value} client: # Default values comes from org.springframework.cloud.netflix.eurek.EurekaClientConfigBean registryFetchIntervalSeconds: 5 instanceInfoReplicationIntervalSeconds: 5 initialInstanceInfoReplicationIntervalSeconds: 5 endpoints: restart: enabled: true shutdown: enabled: true health: sensitive: false zuul.sensitive-headers: Cookie,Set-Cookie,Authorization logging: level: ROOT: WARN se.callista: INFO # Get info regarding connection to the cofig server and retries if required org.springframework.cloud.config.client.ConfigServicePropertySourceLocator: INFO org.springframework.retry.support.RetryTemplate: DEBUG # Set INFO to see the allocated port org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer: INFO --- eureka: instance: preferIpAddress: true client: serviceUrl: defaultZone: http://localhost:4001/eureka,http://localhost:4002/eureka

+5

spring-boot spring-cloud netflix-eureka netflix-zuul

Kumar Aug 23 '16 at 13:45

source share

3 answers

This solved my problem, but is this the only solution we have?

ctx.addZuulRequestHeader ("Authorization", request.getHeader ("Authorization"))

0

Kumar Aug 24 '16 at 4:19

source share

Your property for zuul.sensitiveHeaders is incorrect. This camel case is not tolerated.

https://github.com/spring-cloud/spring-cloud-netflix/blob/master/docs/src/main/asciidoc/spring-cloud-netflix.adoc#cookies-and-sensitive-headers

0

Shawn clark Aug 24 '16 at 7:36

source share

Jeff · Accepted Answer · 2016-08-24T09:25:55+0000

Default authorization is a sensitive header, which means that Zuul will not send them. If you leave it out of sensitive headers, Zuul will send the header.

 zuul.sensitiveHeaders: Cookie,Set-Cookie

It should also be camelCase instead of a hyphen.

Additional information: https://github.com/spring-cloud/spring-cloud-netflix/blob/master/docs/src/main/asciidoc/spring-cloud-netflix.adoc#cookies-and-sensitive-headers

Zuul & # 8594; Eureka Server, Basic Authentication Issue

More articles: