notes
4, to achieve a custom filter Zuul actual login authentication
profile: Custom filter implementation Zuul login authentication combat
1, a new filter bag
2, a new class that implements ZuulFilter, which method rewriting
3, plus top class Notes, @ Component, let Spring scan
Start
For example, single interface, the user must log in. To pass a token over to determine whether the landing, go access interface corresponding
landing filter certainly processed first in the whole process is certainly there. Here's pre Filters here first intercept. If you do not return a 403 landing. If you have logged in, the interface continues to request access
only needs to be done to limit and filter need to login interface.
New Filter. Zuul in the project.
To build a filter bag
custom LoginFilter
first need to inherit ZuulFilter,
then realize there's a method
to this class plus @Component comment to let spring to scan this class
FilterType is a type of filter, the landing is needed is a pre-filter
so set as PRE_TYPE
the Order smaller the first execution.
order is set to 4
is set to true the entry into force of this filter is
where we get to the context object, output url address. First test
restart the application. Access test. Url output URI and
the constants on the front, because the constants can not be empty. request.getRequestURI may be empty
change here / order / save
nothing print
access under a single interface to
access product interfaces
have not been intercepted
Intercepted operation
Unauthorized is 401 Unauthorized
can go search application under jwt springboot the
restart application testing, when the request must come with a token.
Here is a test without a token
to break here. token is the null value
eventually return null
page 401 status code returned
value plus the token after the parameter
token may be acquired not empty.
Release final data is returned to the
The token is placed header inside
The final release of
the final data is returned.
These are the gateway which make user login authentication
review
Address matching can be placed inside a local cache.
Big project to do with the way the ACL. Small projects directly determine if else in the code written inside. Analyzing several multi-address
then we validation logic which defines the zuulException