Truica Sorin
Reputation: 539
Eureka,Zuul,Microservices and Spring Security concern
I've used eureka and zuul proxy to implement jwt validation for a few microservices.Basically, the frontend now sends it's requests to the proxy where the token will get validated and if it's ok then it will forward the request to the specific microservice.My concern is that all of those microservices don't have any type of security so anyone could easily call their endpoints without any problems. What would be the best solution here? are there ways to accept requests only coming from the proxy?
Upvotes: 1
Views: 136
Answers (1)
Rohit Krishnan
Reputation: 844
Proper setup of CORS does the job
Link to the Spring boot CORS setup guide
Upvotes: 1
Related Questions
- Securing each microservices
- How to implement Microservices with Authentication Server(OAuth2,0 and JWT), Zuul and Eureka services?
- Spring Cloud Eureka Server self preservation and renew threshold
- Spring Cloud Eureka with Spring security
- Security in Zuul Gateway
- Securing Microservices that use Spring Cloud & Netflix's Eureka and Feign
- Access to Microservices via Eureka Server
- Spring Cloud: Microservice authentication works through Eureka Discovery, but not through Zuul
- Seeking advice on proper approach to development on Netflix Eureka discoverable Spring Boot services with minimal overheads
- Spring Cloud: Canary Deployments with Zuul