How to ensure that micro cookie sharing service

Because of the security services and micro-micro level between services
inside Zuul have a default filter, will request and response headers to restructure, head to filter out sensitive information:
we do not want to lose sensitive information, we have to join a preparation allowed to skip initialization of the head of sensitive information.
we only need to add the following configuration zuul gateway configuration file in its yml

zuul:
  prefix: /api
  routes:
    demo-service: /demo/** 
  sensitive-headers: #覆盖敏感信息  允许cookie 通过网关   加入这句 

Look Source: PreDecorationFilter.java

 public Object run() {
 		//获取上下文对象
        RequestContext ctx = RequestContext.getCurrentContext();
        String requestURI = this.urlPathHelper.getPathWithinApplication(ctx.getRequest());
        Route route = this.routeLocator.getMatchingRoute(requestURI);
        String location;
        if (route != null) {
            location = route.getLocation();
            if (location != null) {
                ctx.put("requestURI", route.getPath());
                ctx.put("proxy", route.getId());

				//关注点  如果配置走第一条  不初始化头部信息
				//  会调用 private ZuulProperties properties; 其中 里面封装了 
				//private Set<String> sensitiveHeaders = 
				//                   new LinkedHashSet(Arrays.asList("Cookie", "Set-Cookie", "Authorization"));
				//就能获取到 cookie 中的属性
                if (!route.isCustomSensitiveHeaders()) {
                    this.proxyRequestHelper.addIgnoredHeaders((String[])this.properties.getSensitiveHeaders().toArray(new String[0]));
                } else {
                //不配置 走这一条  相当于 初始化头部信息
                //会调用  Route route = this.routeLocator.getMatchingRoute(requestURI);
                //其中里面有一个 private Set<String> sensitiveHeaders;  通过构造new 了一个 空集合 获取不到  上下文中的cookie
                    this.proxyRequestHelper.addIgnoredHeaders((String[])route.getSensitiveHeaders().toArray(new String[0]));
                }

                if (route.getRetryable() != null) {
                    ctx.put("retryable", route.getRetryable());
                }

                if (!location.startsWith("http:") && !location.startsWith("https:")) {
                    if (location.startsWith("forward:")) {
                        ctx.set("forward.to", StringUtils.cleanPath(location.substring("forward:".length()) + route.getPath()));
                        ctx.setRouteHost((URL)null);
                        return null;
                    }

                    ctx.set("serviceId", location);
                    ctx.setRouteHost((URL)null);
                    ctx.addOriginResponseHeader("X-Zuul-ServiceId", location);
                } else {
                    ctx.setRouteHost(this.getUrl(location));
                    ctx.addOriginResponseHeader("X-Zuul-Service", location);
                }

                if (this.properties.isAddProxyHeaders()) {
                    this.addProxyHeaders(ctx, route);
                    String xforwardedfor = ctx.getRequest().getHeader("X-Forwarded-For");
                    String remoteAddr = ctx.getRequest().getRemoteAddr();
                    if (xforwardedfor == null) {
                        xforwardedfor = remoteAddr;
                    } else if (!xforwardedfor.contains(remoteAddr)) {
                        xforwardedfor = xforwardedfor + ", " + remoteAddr;
                    }

                    ctx.addZuulRequestHeader("X-Forwarded-For", xforwardedfor);
                }

                if (this.properties.isAddHostHeader()) {
                    ctx.addZuulRequestHeader("Host", this.toHostHeader(ctx.getRequest()));
                }
            }
        } else {
            log.warn("No route found for uri: " + requestURI);
            location = this.getForwardUri(requestURI);
            ctx.set("forward.to", location);
        }

        return null;
    }

This is the setting of this source code, interested students can read on their own