近期在整合一套springcloud架构,在整合zuul时碰到zuul在传递header过程中会默认过滤部分信息(不是全部过滤)
解决方案一:
在自定义的头部信息中添加头部信息
但是注意,该方案只能指定部分头部信息,如果把所有头部信息都添加一遍(见注释代码),服务的post请求会提示
Content-Length header already present
异常
这里要吐槽下,如果微服务项目发现错误并且未后台未提示异常记得尝试先把熔断去掉,因为熔断会覆盖异常信息,我就是因为post请求失败但是又找不到异常折腾了好几天…
public class AuthFilter extends ZuulFilter {
private static final Logger logger = LoggerFactory.getLogger(AuthFilter.class);
@Override
public boolean shouldFilter() {
// 判断是否需要进行处理
return true;
}
@Override
public Object run() {
RequestContext rc = RequestContext.getCurrentContext();
authUser(rc);
return null;
}
@Override
public String filterType() {
return "pre";
}
@Override
public int filterOrder() {
return 0;
}
//将request中Http请求头的所有信息存到一个Map<String, String>中
/* private static Map<String, String> httpRequestToMap(HttpServletRequest request) {
Enumeration<String> headerNames = request.getHeaderNames();
Map<String, String> headers = new HashMap<>();
while (headerNames.hasMoreElements()) {
String headerName = headerNames.nextElement();
headers.put(headerName, request.getHeader(headerName));
}
return headers;
}*/
//自定义的鉴权处理
public static void authUser(RequestContext ctx) {
//这里注意,不能把所有头部信息都重新添加一遍,因为zuul本身在转发时会会我们添加头部,重复添加会抛出异常而导致访问失败(post)
/* HttpServletRequest request = ctx.getRequest();
Map<String, String> header = httpRequestToMap(request);
for (Map.Entry<String, String> entry : header.entrySet()) {
ctx.addZuulRequestHeader(entry.getKey(), entry.getValue());
}*/
HttpServletRequest request = ctx.getRequest();
String authorization = request.getHeader("Authorization");
if(authorization != null) {
ctx.addZuulRequestHeader("Authorization", authorization);
}
}
}
解决方案二:
配置sensitive-headers为空,不让zuul过滤任何信息(或者指定过滤特定信息)
zuul.sensitive-headers=
也可以指定某个特定服务
zuul.routes.xxx.sensitive-headers=