如果流程不包含基本授权,那么我可以使用该服务。
如果我使用基本授权,则会引发“消息”:“访问此资源需要完整身份验证”
以下是我的观察:
但是一旦到达微服务,我将获得“ null”值,request.getHeader(“ Authorization”)-> null
使用Spring Boot版本:1.4.0.RELEASE
This is my flow: ------------------ Zuul -> Service Discovery (Eureka Server) -> Service
请帮忙,不确定Authorization标头在哪里消失。
Eureka Server yml file: ------------------------- server.port:4001 eureka.instance.hostname=localhost eureka.client.fetch-registry:false eureka.client.register-with-eureka:false eureka.client.serviceUrl.defaultZone: http://${eureka.instance.hostname}:${server.port}/eureka/ eureka.client.healthcheck.enabled=true Zuul yml file: ----------------- server: port: 8765 info: component: Edge Server eureka: instance: leaseRenewalIntervalInSeconds: 3 metadataMap: instanceId: ${spring.application.name}:${random.value} client: # Default values comes from org.springframework.cloud.netflix.eurek.EurekaClientConfigBean registryFetchIntervalSeconds: 5 instanceInfoReplicationIntervalSeconds: 5 initialInstanceInfoReplicationIntervalSeconds: 5 endpoints: restart: enabled: true shutdown: enabled: true health: sensitive: false zuul.sensitive-headers: Cookie,Set-Cookie,Authorization logging: level: ROOT: WARN se.callista: INFO # Get info regarding connection to the cofig server and retries if required org.springframework.cloud.config.client.ConfigServicePropertySourceLocator: INFO org.springframework.retry.support.RetryTemplate: DEBUG # Set INFO to see the allocated port org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer: INFO --- eureka: instance: preferIpAddress: true client: serviceUrl: defaultZone: http://localhost:4001/eureka,http://localhost:4002/eureka
默认情况下,授权是敏感的标头,这意味着Zuul不会转发它们。如果您将其保留在敏感标头之外,Zuul将转发标头。
zuul.sensitiveHeaders: Cookie,Set-Cookie
它也应该是驼峰大写而不是连字符。
额外信息:https : //github.com/spring-cloud/spring-cloud- netflix/blob/master/docs/src/main/asciidoc/spring-cloud-netflix.adoc#cookies- and-sensitive-headers
