k-wasilewski
Reputation: 4653
Zuul gateway not redirecting to given URL after security authentication
My setup is a Zuul gateway server redirecting to a books handling API (Spring). The problem is it redirects fine when route is not authenticated, but when I try to access authenticated route - it fails. I'll add that accessing the API directly works fine.
This is my SecurityConfiguration at Gateway:
@EnableWebSecurity
@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("user").password("{noop}password").roles("USER")
.and()
.withUser("admin").password("{noop}admin").roles("ADMIN");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/book-service/books").permitAll()
.antMatchers("/eureka/**").hasRole("ADMIN")
.anyRequest().authenticated().and()
.formLogin().usernameParameter("username").passwordParameter("password")
.defaultSuccessUrl("/success").and()
.logout().permitAll().and()
.csrf().disable();
}
}
My Zuul properties at Gateway:
zuul.routes.book-service.path=/book-service/**
zuul.routes.book-service.sensitive-headers=Set-Cookie,Authorization
zuul.routes.book-service.url=http://localhost:8085
hystrix.command.book-service.execution.isolation.thread.timeoutInMilliseconds=600000
And this is my Zuul Filter at Gateway:
@Component
public class SessionSavingZuulPreFilter
extends ZuulFilter {
@Autowired
private SessionRepository repository;
@Override
public boolean shouldFilter() {
return true;
}
@Override
public Object run() {
RequestContext context = RequestContext.getCurrentContext();
HttpSession httpSession = context.getRequest().getSession();
Session session = repository.findById(httpSession.getId());
context.addZuulRequestHeader(
"Cookie", "SESSION=" + httpSession.getId());
return null;
}
@Override
public String filterType() {
return "pre";
}
@Override
public int filterOrder() {
return 0;
}
}
Now, at the client API I have this security configuration:
http.httpBasic()
.disable()
.authorizeRequests()
.antMatchers(HttpMethod.GET, "/books").permitAll()
.antMatchers(HttpMethod.GET, "/books/*").hasRole("ADMIN")
.antMatchers(HttpMethod.POST, "/books").hasRole("ADMIN")
.antMatchers(HttpMethod.PATCH, "/books/*").hasRole("ADMIN")
.antMatchers(HttpMethod.DELETE, "/books/*").hasRole("ADMIN")
//.antMatchers("/encrypt/**").permitAll()
//.antMatchers("/decrypt/**").permitAll()
.anyRequest().authenticated()
.and()
.csrf()
.disable();
I can access http://localhost:8085/books/1 after authentication (so the filter seems to work fine), but http://localhost:[gateway]/book-service/books/1 gives me error. Anyone can help?
Upvotes: 1
Views: 745
Answers (1)
Vicky Bhuva
Reputation: 11
use this stuff in your application.properties file,
#zuul.routes.admin.stripPrefix=false
server.use-forward-headers=true
management.security.enabled=true
zuul.sensitive-headers=Cookie,Set-Cookie
zuul.add-host-header=true
Upvotes: 1
Related Questions
- Using Zuul as an authentication gateway
- Zuul after login post submit redirecting to legacy original url
- Zuul route to secured microservice results to 401 response
- Spring boot zuul wrong redirection of request
- Spring Zuul Oauth2 Gateway/Resource Server
- Zuul proxy and Spring OAuth redirection issue
- How to revert to /login on zuul proxied url if not authenticated
- Spring Cloud Zuul gateway 401 basic authentication
- NoHttpResponseException : server failed to respond - with Zuul Proxy and AuthServer
- Zuul - Api Gateway Authentication