【发布时间】:2016-11-11 02:27:18
【问题描述】:
我有一个应用程序试图在 Zuul 代理下调用 RESTApi。
应用程序具有由 OAuth2 服务器提供的有效 jwt 令牌。 我在标头中的不记名授权中有令牌,但我有来自 zuul 服务器的 401(“访问此资源需要完全身份验证”)响应。
我的zuul配置:
eureka:
client:
registerWithEureka: true
fetchRegistry: true
serviceUrl:
defaultZone: http://localhost:8761/eureka/
instance:
leaseRenewalIntervalInSeconds: 10
statusPageUrlPath: ${management.context_path}/info
healthCheckUrlPath: ${management.context_path}/health
server:
port: 80
management:
port: 81
context_path: /admin
security:
sessions: stateless
# Disable Spring Boot basic authentication
basic:
enabled: false
endpoints:
restart:
enabled: true
shutdown:
enabled: true
health:
sensitive: false
# The OAuth2 server definition that would be used to send the authorization requests to
authserver:
hostname: localhost
port: 9000
contextPath: uaa
spring:
oauth2:
resource:
userInfoUri: http://${authserver.hostname}:${authserver.port}/${authserver.contextPath}/user
jwt.key-uri: http://${authserver.hostname}:${authserver.port}/${authserver.contextPath}/oauth/token_key
preferTokenInfo: false
output:
ansi:
enabled: ALWAYS
主要的zuul文件:
@SpringBootApplication
@EnableZuulProxy
@EnableResourceServer
public class ZuulApplication {
public static void main(String[] args) {
new SpringApplicationBuilder(ZuulApplication.class).web(true).run(args);
}
}
zuul安全配置文件:
@Configuration
public class WebSecurityConfiguration extends ResourceServerConfigurerAdapter {
@Override
public void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.exceptionHandling()
.and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests()
.antMatchers("/admin/trace").permitAll()
.anyRequest().authenticated()
;
}
}
restApi的调用:
final String access_token = (String) httpSession.getAttribute(OAuthComponent.HTTPSESSION_OAUTH_ACCESS_TOKEN);
final MultiValueMap<String, String> headers = new LinkedMultiValueMap<>();
headers.add("Authorization", "Bearer " + access_token);
headers.add("Content-Type", "application/json");
final HttpEntity<Object> request = new HttpEntity<>(searchParams,headers);
return restOperations.postForObject("http://localhost/ms-arbre-recherche/utilisateur/search", request, Object.class);
我使用 spring cloud Brixton SR2 和 spring boot 1.4.0RC1。
【问题讨论】:
-
你有什么关于 git 的例子可以看看吗?
-
抱歉,没有 git 示例。
标签: spring-security jwt spring-cloud netflix-zuul