问题描述
如何防止HTTP客户端不通过网关向微服务发出请求
但微服务之间可以不通过网关进行通信?
请帮忙
我在我的微服务中添加了这个过滤器,以防止客户端直接向微服务发送请求,但它也阻止了微服务之间的通信
public class CustomGatewayFilter extends GenericFilterBean {
private static final Logger LOG = LoggerFactory.getLogger(CustomGatewayFilter.class);
public void doFilter(ServletRequest req,ServletResponse resp,FilterChain chain) throws IOException,servletexception {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
String proxyForwardedHostHeader = request.getHeader("X-Forwarded-Host");
if (proxyForwardedHostHeader == null || !proxyForwardedHostHeader.equals("localhost:8090")) {
UnauthorisedException unauthorisedException =
new UnauthorisedException("Unauthorized Access,you should pass through the API gateway","Unauthorized Access");
LOG.info("Unauthorized Access,you should pass through the API gateway");
byte[] responsetoSend = restResponseBytes(unauthorisedException.getErrorResponse());
((HttpServletResponse) response).setHeader("Content-Type","application/json");
((HttpServletResponse) response).setStatus(401);
response.getoutputStream().write(responsetoSend);
return;
}
chain.doFilter(request,response);
}
private byte[] restResponseBytes(ErrorResponse errorResponse) throws IOException {
String serialized = new ObjectMapper().writeValueAsstring(errorResponse);
return serialized.getBytes();
}
}
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)