我正在使用 Spring 微服务构建微服务,我有两个与此相关的问题。
1. 我在 API 网关(即 Zuul 服务器)中有 Spring 安全性,现在如果我已经从流中读取了一次请求以进行身份验证(从 POST 请求获取用户名/传递),现在 Zuul 不会转发任何请求
new ObjectMapper().readValue(request.getInputStream(), UserDto.class);
如何读取请求,然后再次将同一请求转发到下游服务?
2. Zuul 没有将 request.setAttribute() 转发到下游服务,所以解决方法是使用 ctx.addZuulRequestHeader,这使得Request Header太大,我怎样才能实现 request.setAttribute 并进入下游服务。
public Authentication getAuthentication(HttpServletRequest request) {
final String token = request.getHeader(AUTH_HEADER_NAME);
logger.info("token="+token);
if (token != null) {
logger.info("Entering getAuthentication");
final UserToken userInfo = tokenHandler.validateToken(token);
if (userInfo != null
&& token.equals(String.valueOf(redisUtility.getValue(userInfo.getUsername()+"_"+userInfo.getUniqueId())))) {
logger.info("Validating token key="+userInfo.getUsername()+"_"+userInfo.getUniqueId());
User user=userDetailsService.loadUserByUsername(userInfo.getUsername());
if(user!=null && user.getUsername().equals(userInfo.getUsername())
&& user.getLastPasswordResetTime()<userInfo.getCreatedTime()){
request.setAttribute("username",user.getUsername());//**Not able to fetch this in Downstream services**
logger.info("Token Authenticated for User "+user.getUsername());
return new UserAuthentication(user);
}
}
}
return null;
}
public class SimpleFilter extends ZuulFilter {
private static Logger log = LoggerFactory.getLogger(SimpleFilter.class);
@Override
public String filterType() {
return "pre";
}
@Override
public int filterOrder() {
return 1;
}
@Override
public boolean shouldFilter() {
return true;
}
@Override
public Object run() {
RequestContext ctx = RequestContext.getCurrentContext();
HttpServletRequest request = ctx.getRequest();
request.setAttribute("test", "test");// Not able to get this in services
log.info(String.format("%s request to %s", request.getMethod(), request.getRequestURL().toString()));
return null;
}
@Bean
public SimpleFilter simpleFilter() {
return new SimpleFilter();
}
@RequestMapping(value = "/test/avl",method=RequestMethod.POST)
public String test(HttpServletRequest request) {
System.out.println(request.getAttribute("test")+"");
return "Spring in Action";
}
我知道
晚了 1 年。但对于任何新访客。
创建筛选器。
@Component
public class AuthenticationFilter extends ZuulFilter {
@Override
public String filterType() {
return "pre";
}
@Override
public int filterOrder() {
return 1;
}
@Override
public boolean shouldFilter() {
return true;
}
@Override
public Object run() {
RequestContext ctx = RequestContext.getCurrentContext();
ctx.addZuulRequestHeader("userId", "123456789");
return null;
}
}
用@Component注释它,这样它就会自动加载。内部运行方法,使用addZuulRequestHeader