路由(Route):路由是构建网关的基本模块,他由ID、目标URI,一系列断言和过虑器组成,如果断言为true则匹配该路由。
断言(Predicate):开发人员可以匹配HTTP请求中的所有内容,如果请求与断言相匹配则进行路由。
过虑(Filter):使用路由可以在请求被路由前或路由后进行修改请求返回。
SecurityConfig
package com.springbootgatway.config;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.web.server.SecurityWebFilterChain;
import javax.ws.rs.HttpMethod;
@EnableWebFluxSecurity
public class SecurityConfig {
//security的鉴权排除的url列表
private static final String[] excludedAuthPages = {
"/auth/login",
"/auth/logout",
"/health",
"/api/socket/**"
,"/postFeign/**"
};
@Bean
SecurityWebFilterChain webFluxSecurityFilterChain(ServerHttpSecurity http) throws Exception {
http
.authorizeExchange()
.pathMatchers(excludedAuthPages).permitAll() //无需进行权限过滤的请求路径
.pathMatchers(HttpMethod.OPTIONS).permitAll() //option 请求默认放行
.anyExchange().authenticated()
.and()
.httpBasic()
.and()
.formLogin() //启动页面表单登陆,spring security 内置了一个登陆页面/login
.and().csrf().disable()//必须支持跨域
.logout().disable();
return http.build();
}
}
application.yaml
server:
port: 9527 #端口号
spring:
application:
name: ludb-gateway #应用名称
cloud:
gateway:
discovery:
locator:
enabled: true #开启从注册中心动态创建路由
routes:
- id: eureak-client-3
uri: lb://LUDB-CLIENT-3
predicates:
- Path=/postFeign/**
security: # security 账号密码
user:
name: ludb
password: ludb123
eureka:
instance:
prefer-ip-address: true #是否使用IP地址注册(用于eureka展示)
instance-id: ${spring.cloud.client.ip-address}:${server.port} #当前客户端IP:端口
metadata-map:
user.name: ${spring.security.user.name}
user.password: ${spring.security.user.password}
client:
service-url: #设置服务注册中心地址【向注册中心集群注册(注册两台是为了防止第一台宕机还可以挂在第2台上)】
defaultZone: http://ludb:ludb123@localhost:8761/eureka/,http://ludb:ludb123@localhost:8762/eureka/
registry-fetch-interval-seconds: 10 #表示10秒拉取一次服务注册信息,默认30秒
register-with-eureka: true #是否将自己注册到注册中心,默认true
#默认情况下大多数端点都没有通过 http 公开,我们公开了所有端点,以便SpringAdmin访问
management:
endpoint.health.show-details: always
endpoints:
web:
exposure:
include: '*'
pom
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>com.example</groupId>
<artifactId>eureka-server</artifactId>
<version>0.0.1-SNAPSHOT</version>
</parent>
<groupId>com.example</groupId>
<artifactId>springboot-gatway</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>springboot-gatway</name>
<properties>
<java.version>1.8</java.version>
</properties>
<dependencies>
<!-- <dependency>-->
<!-- <groupId>org.springframework.boot</groupId>-->
<!-- <artifactId>spring-boot-starter-web</artifactId>-->
<!-- </dependency>-->
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
</dependency>
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-starter-client</artifactId>
<version>2.4.3</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-gateway</artifactId>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>4.0.0</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
GlobalFilterGateway
package com.springbootgatway.config;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.stereotype.Component;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;
@Component
public class GlobalFilterGateway implements GlobalFilter, Ordered {
/**
* 拦截器
* @param exchange
* @param chain
* @return
*/
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
String name = exchange.getRequest().getQueryParams().getFirst("name");
return null;
}
/**
* 执行顺序
* @return
*/
@Override
public int getOrder() {
return 0;
}
}