Netflix Zuul-阻止请求路由 [英] Netflix Zuul - block request routing
问题描述
使用Zuul,我可以轻松定义自定义过滤器,这些请求在将请求转发到特定服务之前或之后被激活.
是否有办法阻止请求在预"过滤器级别转发,并立即将响应发送给客户端? 我知道可以使用静态"过滤器进行类似的操作,但是我需要根据每个请求来决定(基于请求本身中某些参数/标头的存在).
以下是我如何使用zuul-filter检查授权的API密钥的示例.如果没有,我会向客户端发送401响应.
@Override
public Object run() {
RequestContext ctx = RequestContext.getCurrentContext();
HttpServletRequest request = ctx.getRequest();
String apiKey = request.getHeader("X-API-KEY");
if (!isAuthorized(apiKey)){
// blocks the request
ctx.setSendZuulResponse(false);
// response to client
ctx.setResponseBody("API key not authorized");
ctx.getResponse().setHeader("Content-Type", "text/plain;charset=UTF-8");
ctx.setResponseStatusCode(HttpStatus.UNAUTHORIZED.value());
}
return null;
}
请注意,如果未授权客户端的API密钥,则所有其他筛选器仍将运行,但由于ctx.setSendZuulResponse(false)
,请求仍将失败.
响应失败时,默认情况下将为空-也就是说,没有诸如Content-Type
之类的标头.最好自行设置它们,以便客户端的浏览器等知道如何解析响应正文. /p>
With Zuul I can easily define custom filters that are activated before or after the request is forwarded to the specific service.
Is there a way to block requests from being forwarded at a "pre" filter level, and send immediately the response to the client? I know something similar is doable with "static" filters, but I need to decide per request (based on the presence of certain parameters/headers in the request itself).
Here is an example of how I use zuul-filter to check for an API-key being authorized. If not, I send a 401 response to the client.
@Override
public Object run() {
RequestContext ctx = RequestContext.getCurrentContext();
HttpServletRequest request = ctx.getRequest();
String apiKey = request.getHeader("X-API-KEY");
if (!isAuthorized(apiKey)){
// blocks the request
ctx.setSendZuulResponse(false);
// response to client
ctx.setResponseBody("API key not authorized");
ctx.getResponse().setHeader("Content-Type", "text/plain;charset=UTF-8");
ctx.setResponseStatusCode(HttpStatus.UNAUTHORIZED.value());
}
return null;
}
Note that if the client's API key is not authorized, all other filters will still be run, but the request will still fail due to ctx.setSendZuulResponse(false)
.
When failing a response, it will by default be empty - that is, there is no headers such as Content-Type
etc. It is a good idea to set them yourself so a client's browser etc. knows how to parse the response body.
这篇关于Netflix Zuul-阻止请求路由的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!