How to let the zuul proxy handle the cors?

Question

I have several microservices behind a microservice acting as zuul proxy.

When called from outside the domain the microservices return a "403- Invalid Cors".

This is solved by adding the following to each microservice:

@Configuration
public class CorsConfig extends WebMvcConfigurerAdapter {

@Override
public void addCorsMappings(CorsRegistry registry) {
    registry.addMapping("/**"); //just for the sake of explaination i'm allowing everything
}
}

Anyway this is a bad design: I have a zuul api gateway after all! This should be done by that and the microservices should actually return that error when directly called.

So, I moved that same configuration only to my zuul microservice, here it is by the way:

@SpringBootApplication
@EnableSwagger2
@EnableZuulProxy
@ComponentScan(basePackages = "my.base.package")
public class MyApiGateway extends SpringBootServletInitializer {

@Override
protected SpringApplicationBuilder configure(SpringApplicationBuilder builder) {
    return configureApplication(builder);
}
  ....

The props:

zuul:
 prefix: /api
 routes:
   my-api:
     path: /myApi/**
     url: 'http: ...'
     stripPrefix: true

Problem is that the microservice still returns "403 - Invalid Cors"! What am I doing wrong? I guess this happens because the zuul proxy actually does nothing except to forward the request...but how to configure it so to make the destination MS notice that the request comes from zuul, on the same network and so allowing it?

How to let the zuul proxy handle the cors?

Answers (1)

Related Questions