问题:由于我的拦截器没有放在zuul里面,而是放在每个api工程中发现 客户端发送请求到zuul的时候,zuul会过滤请求头(header),把一些敏感信息过滤(比如:cookie,Authorization,Set-Cookie)
- 解决方案一:在zuul工程的配置文件(yml)中,添加
添加完了之后最好把所有工程重新启动一下,才会生效。
- 解决方案二:在代码中通过过滤器向下传递
@Component
public class WebFilter extends ZuulFilter {
@Override
public String filterType() {
return "pre";
}
@Override
public int filterOrder() {
return 0;
}
@Override
public boolean shouldFilter() {
return true;
}
@Override
public Object run() throws ZuulException {
System.out.println("zuul过滤器...");
//向header中添加鉴权令牌
RequestContext requestContext = RequestContext.getCurrentContext();
//获取header
HttpServletRequest request = requestContext.getRequest();
String authorization = request.getHeader("Authorization");
if(authorization != null) {
System.out.println("authorization: " + authorization);
requestContext.addZuulRequestHeader("Authorization", authorization);
}
return null;
}
}