是否有一个AWS入站策略会干扰“授权:承载{token}"?数据? [英] Is there an AWS inbound policy that interferes with "Authorization: Bearer {token}" data?

问题描述

上面的问题是与这些链接关联的线程. 链接1 ，

The question above is the thread associated with these links. Link 1, Link 2

当我了解我目前的情况时就是这样.

It's like this when I understand my current situation.

Request.user.原因是在数据通信期间提供的Authorization: Bearer {token}没有传递到EC2实例.

Request.user cannot be identified from EC2 instance created via AWS EB. The reason is that the Authorization: Bearer {token} provided during data communication is not being delivered to the EC2 instance.

但是，此问题仅在AWS实例内发生.使用相同的代码，可以在本地正确传递授权数据，也可以在GCP Compute实例中正确传递授权数据.

However, this issue only occurs within AWS instances. With the same code, Authorization data is correctly passed in local, and it is also correctly passed in GCP Compute instance.

我认为这是AWS中的一个环境问题，但是我应该注意些什么吗?

I think it's an environmental issue in AWS, but is there something I should look at?

推荐答案

所以我在AWS论坛中进行了一些挖掘，这似乎确实是一个已知的问题".看起来有个解决方法:

So I did some digging in the AWS forums and this does seem to be a known "issue". Looks like there is a a fix:

在.ebextensions/wsgihacks.config中:

in .ebextensions/wsgihacks.config:

files:
  "/etc/httpd/conf.d/wsgihacks.conf":
    mode: "000644"
    owner: root
    group: root
    content: |
      WSGIPassAuthorization on

原始线程: https://forums.aws.amazon.com/message.jspa?messageID = 376244

这篇关于是否有一个AWS入站策略会干扰“授权:承载{token}"?数据?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！