我有一個場景,我有一些微服務、云網關和尤里卡服務器。在 eureka 服務器上注冊的所有微服務和云網關。云網關將保護所有下游服務。當任何用戶想要首先訪問該服務時,它將填寫用戶名和密碼以在云網關上進行身份驗證。如果用戶是真實的,那么它將通過已在 application.properties 檔案中設定的網關路由訪問該服務,但我希望用戶何時能夠驗證并訪問該服務,那么我還可以在下游服務或微服務中獲取用戶真實的憑據在云網關后面。換句話說,我想獲得在下游服務的網關上設定的原則值。所以,搜索了很多天后,我得到了一個全域過濾器實作鏈接但是Kotlin中的這個過濾器代碼我對Kotlin并不熟悉,所以無法理解這一點。我想用Java實作這個。基本上這個過濾器用于將用戶名和用戶角色添加到下游服務請求的標頭中。如何將此過濾器轉換為java。
這是作業流程
這是云網關配置
@Configuration
@EnableWebFluxSecurity
public class GatewaySecurityConfig{
@Bean
public MapReactiveUserDetailsService userDetailsService() {
UserDetails user = User.builder()
.username("user")
.password(passwordEncoder().encode("password"))
.roles("USER")
.build();
UserDetails admin = User.builder()
.username("admin")
.password(passwordEncoder().encode("password"))
.roles("USER","ADMIN")
.build();
return new MapReactiveUserDetailsService(user, admin);
}
@Bean
public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http
.authorizeExchange()
.anyExchange().authenticated()
.and()
.httpBasic(withDefaults())
.formLogin();
return http.build();
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder(8);
}
}
Kotlin 中的全域過濾器實作,我想要 Java8 中的代碼
@Component
class AddCredentialsGlobalFilter : GlobalFilter {
private val usernameHeader = "logged-in-user"
private val rolesHeader = "logged-in-user-roles"
override fun filter(exchange: ServerWebExchange, chain: GatewayFilterChain) = exchange.getPrincipal<Principal>()
.flatMap { p ->
val request = exchange.request.mutate()
.header(usernameHeader, p.name)
.header(rolesHeader, (p as Authentication).authorities?.joinToString(";") ?: "")
.build()
chain.filter(exchange.mutate().request(request).build())
}
}
Application.properties 配置
server:
port: 8080
eureka:
client:
serviceUrl:
defaultZone: http://localhost:8083/eureka
spring:
main:
allow-bean-definition-overriding: true
application:
name: gateway
cloud:
gateway:
routes:
- id: userModule
uri: lb://user
predicates:
- Path=/user/**
uj5u.com熱心網友回復:
我相信這類似于以下
@Component
public class AddCredentialsGlobalFilter implements GlobalFilter {
private final String usernameHeader = "logged-in-user";
private final String rolesHeader = "logged-in-user-roles";
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
return exchange.getPrincipal().flatMap(p -> {
List<GrantedAuthority> authorities = (List<GrantedAuthority>) ((Authentication)p).getAuthorities();
String rolesString = authorities != null
? authorities.stream().map(Object::toString).collect(Collectors.joining(";"))
: "";
ServerHttpRequest request = exchange.getRequest().mutate()
.header(usernameHeader, p.getName())
.header(rolesHeader, rolesString)
.build();
return chain.filter(exchange.mutate().request(request).build());
});
}
}
轉載請註明出處,本文鏈接:https://www.uj5u.com/qiye/437441.html
上一篇:CSS檔案未在不同的網址上加載
下一篇:如何在java中迭代陣列索引?