JHipster-如何在application.yml中添加到外部微服务的路由 [英] JHipster - How to add route to external microservices in application.yml

问题描述

我正在使用Jhipster 5.5.0构建一个zuul网关，该网关能够将剩余请求路由到不同的微服务. 其中一些微服务是用不同的语言开发的，并在不同的服务器上部署和运行.每个微服务都通过OIDC在不同领域使用相同的密钥库服务器进行保护.

I'm using Jhipster 5.5.0 to build a zuul gateway capable to route rest request to different microservices. Some of this microservices are developed in different languages, deployed and running on different server. Every microservices is protected via OIDC using the same keycloak server, under different realms.

现在，我需要在网关应用程序的application.yml属性文件上配置zuul路由，以通过外部rest客户端(客户)访问此服务，并使用zuul作为oidc令牌提供者来过滤请求和密钥斗篷. 然后，我修改网关application.yml，将以下zuul路由添加到示例外部服务中(这种配置类型可以与为另一个项目开发的另一个zuul网关很好地结合使用，而无需使用jhipster):

Now I need to configure zuul route on application.yml properties file of my gateway app, to access this service by external rest client (customers) and using zuul for filtering request and keycloak as oidc token provider. Then I modify gateway application.yml adding the following zuul route to a sample external service (this type of configuration work well with another zuul gateway developed for another project without using jhipster):

    # zuul routing:
    zuul:
      ignored-services: "*"
      routes:
        # external endpoints
        myapi-v2-test:
          path: /my-api/mypackage/v2/add
          sensitiveHeaders: Cookie, Set-Cookie
          url: http://192.168.3.148:8080/server/rest/api/mypackage_2.0.0/add

当我尝试使用带有标题中的Auth Bearer令牌的soap-ui客户端测试呼叫时(由keycloak服务器使用jhipster领域(和client_id"web_app")提供)，我总是收到响应错误代码403 - Forbidden对于路径 "/my-api/mypackage/v2/add". 什么是配置网关应用程序的application.yml的正确方法?

When I try to test the call using a soap-ui client with Auth Bearer token in header, provided by the keycloak server using the jhipster realm (and client_id "web_app"), I always receive the response error code 403 - Forbidden for path "/my-api/mypackage/v2/add". What is the right way to configure the application.yml of the gateway app?

提前感谢您的帮助.

我没有使用注册表服务(例如Spring Cloud Eureka或Jhipster Registry).

推荐答案

如果有人有相同的问题，我会发布我的解决方案.为了解决我的问题，我在OAuth2SsoConfiguration.java的 configure(WebSecurity web)方法中添加了以下代码行:

I post my solution in case someone have the same question. To solve my problem I added in OAuth2SsoConfiguration.java this line of code in configure(WebSecurity web) method:

    @Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring()
            .
            .antMatchers("/my-api/**")
            .
    }

以及 configure(HttpSecurity http)中的以下内容:

@Override
protected void configure(HttpSecurity http) throws Exception {
    http
        .
        .
    .and()
        .
        .antMatchers("/my-api/**").permitAll()
        .
        .
}

这篇关于JHipster-如何在application.yml中添加到外部微服务的路由的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！