因为微服务 与 微服务 之间 有安全级别
Zuul内部有默认的过滤器,会对请求和响应头信息进行重组,过滤掉敏感的头信息:
那么我们现在 不想丢失这些敏感信息,我们必须加入一个配制,让其跳过对头部敏感信息的初始化.
我们只需要在其yml配置文件中 zuul网关下加入以下配置
zuul:
prefix: /api
routes:
demo-service: /demo/**
sensitive-headers: #覆盖敏感信息 允许cookie 通过网关 加入这句
看下源码: PreDecorationFilter.java
public Object run() {
//获取上下文对象
RequestContext ctx = RequestContext.getCurrentContext();
String requestURI = this.urlPathHelper.getPathWithinApplication(ctx.getRequest());
Route route = this.routeLocator.getMatchingRoute(requestURI);
String location;
if (route != null) {
location = route.getLocation();
if (location != null) {
ctx.put("requestURI", route.getPath());
ctx.put("proxy", route.getId());
//关注点 如果配置走第一条 不初始化头部信息
// 会调用 private ZuulProperties properties; 其中 里面封装了
//private Set<String> sensitiveHeaders =
// new LinkedHashSet(Arrays.asList("Cookie", "Set-Cookie", "Authorization"));
//就能获取到 cookie 中的属性
if (!route.isCustomSensitiveHeaders()) {
this.proxyRequestHelper.addIgnoredHeaders((String[])this.properties.getSensitiveHeaders().toArray(new String[0]));
} else {
//不配置 走这一条 相当于 初始化头部信息
//会调用 Route route = this.routeLocator.getMatchingRoute(requestURI);
//其中里面有一个 private Set<String> sensitiveHeaders; 通过构造new 了一个 空集合 获取不到 上下文中的cookie
this.proxyRequestHelper.addIgnoredHeaders((String[])route.getSensitiveHeaders().toArray(new String[0]));
}
if (route.getRetryable() != null) {
ctx.put("retryable", route.getRetryable());
}
if (!location.startsWith("http:") && !location.startsWith("https:")) {
if (location.startsWith("forward:")) {
ctx.set("forward.to", StringUtils.cleanPath(location.substring("forward:".length()) + route.getPath()));
ctx.setRouteHost((URL)null);
return null;
}
ctx.set("serviceId", location);
ctx.setRouteHost((URL)null);
ctx.addOriginResponseHeader("X-Zuul-ServiceId", location);
} else {
ctx.setRouteHost(this.getUrl(location));
ctx.addOriginResponseHeader("X-Zuul-Service", location);
}
if (this.properties.isAddProxyHeaders()) {
this.addProxyHeaders(ctx, route);
String xforwardedfor = ctx.getRequest().getHeader("X-Forwarded-For");
String remoteAddr = ctx.getRequest().getRemoteAddr();
if (xforwardedfor == null) {
xforwardedfor = remoteAddr;
} else if (!xforwardedfor.contains(remoteAddr)) {
xforwardedfor = xforwardedfor + ", " + remoteAddr;
}
ctx.addZuulRequestHeader("X-Forwarded-For", xforwardedfor);
}
if (this.properties.isAddHostHeader()) {
ctx.addZuulRequestHeader("Host", this.toHostHeader(ctx.getRequest()));
}
}
} else {
log.warn("No route found for uri: " + requestURI);
location = this.getForwardUri(requestURI);
ctx.set("forward.to", location);
}
return null;
}
这就是设置 这个的源码 有兴趣的同学 可以自行翻阅