Basic Authentication Service called Zuul

Question

Basic Authentication Service called Zuul

I am Zuul as an edge server. therefore, all requests go through this edge server. I have microservice A. All web services A are protected by basic authentication. How can we name the A b services passing through the Zuul proxy? Should I add a header for posts?

+2

spring-cloud spring-security netflix-zuul

youssef Liouene Feb 18 '16 at 20:16

source share

3 answers

This is my Zuul filter:

 public class BasicAuthorizationHeaderFilter extends ZuulFilter { @Override public String filterType() { return "pre"; } @Override public int filterOrder() { return 10; } @Override public boolean shouldFilter() { return true; } @Override public Object run() { RequestContext ctx = RequestContext.getCurrentContext(); ctx.getRequest().getRequestURL(); ctx.addZuulRequestHeader("Authorization", "Basic " + Utils.getBase64Credentials("user", "Token")); return null; } }

+7

youssef Liouene Feb 19 '16 at 16:23

source share

 @Component public class PreFilter extends ZuulFilter { private static final Logger LOG = LoggerFactory.getLogger(PreFilter.class); @Override public String filterType() { return "pre"; } @Override public int filterOrder() { return 1; } @Override public boolean shouldFilter() { return true; } @Override public Object run() { RequestContext ctx = RequestContext.getCurrentContext(); HttpServletRequest request = ctx.getRequest(); ctx.addZuulRequestHeader("Authorization", request.getHeader("Authorization")); LOG.info("Parametres : {}", request.getParameterMap() .entrySet() .stream() .map(e -> e.getKey() + "=" + Stream.of(e.getValue()).collect(Collectors.toList())) .collect(Collectors.toList())); LOG.info("Headers : {}", "Authorization" + "=" + request.getHeader("Authorization")); LOG.info(String.format("%s request to %s", request.getMethod(), request.getRequestURL().toString())); return null; } }

+1

Sidaty Apr 26 '17 at 12:59

source share

ianc · Accepted Answer · 2016-02-19T15:59:48+0000

Ideally, the requester will have a token in the request.
If you want Zuul to add an authentication token, you can create a ZuulFilter and use:

context.addZuulRequestHeader("Authorization", "base64encodedTokenHere");

Doing this will give open access to services, which may be unreasonable.

Basic Authentication Service called Zuul

More articles: