当前位置: 首页 > 知识库问答 >
问题:

Spring云网关 使用谓词检查标头授权

仇正豪
2023-03-14

是否可以使用spring云网关配置的谓词部分检查标头授权,我的目标是在一个或多个endpoint上进行一些基本授权

我正在使用应用程序.yml 进行路由配置

cloud:
gateway:
  routes:
    - id: serviceRoute
      uri: http://service:8000
      predicates:
        - Path=/service/
        **- Header= ??** 
      filters:
        - name: CircuitBreaker
          args:
            name: slow
            fallbackUri: forward:/fallback/service

共有2个答案

上官凯泽
2023-03-14

下面是我基于spring gateway的示例。如果没有头授权,访问http://localhost:20000/,响应代码是404。如果添加授权,响应代码为405,表示访问正常。请根据需要更改路径。

主要类别定义

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.core.userdetails.MapReactiveUserDetailsService;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.server.SecurityWebFilterChain;

@SpringBootApplication
public class DemogatewayApplication {

    @Bean
    SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http) throws Exception {
        return http.httpBasic().and()
                .csrf().disable()
                .authorizeExchange()
                .pathMatchers("/anything/**").authenticated()
                .anyExchange().permitAll()
                .and()
                .build();
    }

    @Bean
    public MapReactiveUserDetailsService reactiveUserDetailsService() {
        UserDetails user = User.withDefaultPasswordEncoder().username("user").password("password").roles("USER").build();
        return new MapReactiveUserDetailsService(user);
    }

    public static void main(String[] args) {
        SpringApplication.run(DemogatewayApplication.class, args);
    }
}

pom.xml

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>

    <groupId>com.example</groupId>
    <artifactId>spring-cloud-gateway-sample</artifactId>
    <version>0.0.1-SNAPSHOT</version>
    <packaging>jar</packaging>

    <name>spring-cloud-gateway-sample</name>
    <description>Demo project for Spring Cloud Gateway</description>

    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>2.0.2.RELEASE</version>
        <relativePath/> <!-- lookup parent from repository -->
    </parent>

    <properties>
        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
        <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
        <java.version>1.8</java.version>
        <spring-cloud.version>Finchley.RC2</spring-cloud.version>
    </properties>

    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-actuator</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-starter</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-webflux</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-starter-gateway</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-starter-netflix-hystrix</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-data-redis</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
        <dependency>
            <groupId>io.projectreactor</groupId>
            <artifactId>reactor-test</artifactId>
            <scope>test</scope>
        </dependency>
    </dependencies>

    <dependencyManagement>
        <dependencies>
            <dependency>
                <groupId>org.springframework.cloud</groupId>
                <artifactId>spring-cloud-dependencies</artifactId>
                <version>${spring-cloud.version}</version>
                <type>pom</type>
                <scope>import</scope>
            </dependency>
        </dependencies>
    </dependencyManagement>

    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
            </plugin>
        </plugins>
    </build>

application.yml定义


server:
  port: 20000

spring:
  cloud:
    gateway:
      routes:
      - id: serviceRoute
        uri: http://www.sohu.com
        predicates:
        - Path=/
        - Header=Authorization, Bearer [0-9a-zA-Z-.]*
洪德寿
2023-03-14

弄清了语法,只有满足这两个条件才能路由到服务

cloud:
gateway:
  routes:
    - id: serviceRoute
      uri: http://service:8000
      predicates:
        - Path=/service/
        - Header=Authorization, Basic password
      filters:
        - name: CircuitBreaker
          args:
            name: slow
            fallbackUri: forward:/fallback/service
 类似资料:
  • 我在Spring Cloud Gateway上工作,我想用查询谓词定义一个路由,当任何查询参数值匹配时,这个路由应该匹配。 例如:我正在寻找一个场景,其中单个查询谓词可以获取多个匹配值。这可能吗? Spring Cloud 文档仅讨论如何匹配查询谓词的单个值 - https://cloud.spring.io/spring-cloud-gateway/multi/multi_gateway-req

  • 在下面的spring cloud gateway配置中,我试图用匹配路径结束,但它不能匹配路径: spring cloud gateway打印以下日志:

  • 我正在使用3.1.0版本的Spring Cloud Gateway,我需要帮助来检查和修复我的路由配置的路径谓词过滤器。 我试图在路径之间使用正则表达式,路由在我的配置中看起来像这样: 虽然这是一个有效的正则表达式,但我收到了路径请求的404错误代码: /random/path/12/update 因此,我需要帮助来找出这个usecase的正确配置。

  • 我不熟悉spring微服务世界。由于我处于学习阶段,我尝试并实施了以下内容。 > 路由(能够使用Spring云网关进行路由) 负载平衡(Netflix Eureka) 限速和断路器 我只需要一些澄清和建议,说明在这些情况下该怎么做: 因为我已经创建了身份验证/授权作为一个单独的微服务集中。现在我如何实现这样的每个请求必须包含jwt令牌和通过API网关调用其他微服务也应该检查哪个用户有权限访问其他微

  • 当我使用spring cloud gateway集成spring cloud sleuth时,我发现性能比单独使用spring cloud gateway慢得多。是否有优化方案? 机器配置:6芯,16g Spring云网关:5331.9 tps Spring云网关Spring云侦探:4119.47 tps “Spring云网关”比“Spring云网关Spring云侦探”慢约1000-2000tps

  • 我想自定义发现定位器行为。例如,我的例子之一是从路由到名为的服务。为此,我使用以下配置: