At present, when the project uses consul for service registration and discovery, and does the authorization_code mode of Spring Security OAuth2 authorization authentication, it finds an abnormal problem.
This is the starting service registration code block bootstrap.yml:
spring:
cloud:
consul:
port: 8500
host: localhost
discovery:
serviceName: auth
locator:
lower-case-service-id: true
enabled: true
register: true
This is the health check after registration
He will register your host address. There may be no problem in normal use, but when the authorization_code mode of OAuth2 is used for authentication, there will be cross-domain exceptions as follows:
Here is the request path:
Jump to the default login interface after visiting:
Looking closely, the url location access address has become the previously registered host name, and as a result, click the login interface and the following image will appear:
No permission returns 401. The problem is that jumping back to the hostname causes cross-domain issues.
The solution to this problem is to modify the starting bootstrap.yml file:
spring:
cloud:
consul:
port: 8500
host: localhost
discovery:
serviceName: auth
locator:
lower-case-service-id: true
enabled: true
register: true
prefer-ip-address: true #这个必须配
tags: version=1.0
instance-id: ${spring.application.name}:${spring.cloud.client.ip-address}
healthCheckInterval: 15s
health-check-url: http://${spring.cloud.client.ip-address}:${server.port}/actuator/health
Consul registration increases the mandatory limit prefer-ip-address: true to force the way to obtain ip to register to consul.
2019.07.09
Since there is no configuration
spring.cloud.consul.discovery.prefer-ip-address=true
The microservice will register the host name of the host/container where it is registered to consul. However, we will find that sometimes the registered IP to consul host name is obtained by calling the Java API. Sometimes the Java API cannot obtain the host name, so it will be The IP address is sent to consul + as long as you configure the environment variable HOST_NAME, you can register the environment variable you configured
spring.cloud.gateway.discovery.instance.hostname=${HOST_NAME}
Relevant code to get the hostname:
Related Issues
https://github.com/spring-cloud/spring-cloud-netflix/issues/2084
Jumping from ip back to hostname causes cross-domain permission exception.