I have been trying to build an application with Zuul, Eureka and Spring boot and recently I decided to attempt the login. As a reminder, I have already configured the authentication service (using OAuth 2.0) and I can successfully authenticate using CURL. I can also make get petitions to other microservices that have protected resources (again only with CURL because I can inject the token in the authentication header). My concern is that I want to do this with Zuul as a gateway. [![enter image description here][1]][1]
Zuul runs on port 8080 and Auth Service runs on port 1992 when I call authentication service directly on http://localhost:19992/oauth/token endpoint, it is generating token as following. [![enter image description here][2]][2] But, When I try to access authentication service through zuul server it is showing unAuthorized http://localhost:8080/auth-service/oauth/token [![enter image description here][3]][3]
My Zuul Server application.yml configuration
eureka:
client:
register-with-eureka: true
fetch-registry: true
instance:
hostname: zuul-service
instance-id: ${eureka.instance.hostname}:${random.int}
prefer-ip-address: true
zuul:
sensitive-headers: Cookie,Set-Cookie,Authorization```
My Question is
1. why token is not generated through zuul server?
2. How token propagate through multiple microservices?
Any help is much appreciated.
Thanks in advance.
[1]: https://i.stack.imgur.com/bQUvE.png
[2]: https://i.stack.imgur.com/Spsqf.png
[3]: https://i.stack.imgur.com/yp84x.png
Advertisement
Answer
I have been adding Authorization in sensativeHeaders. This won’t allow Authorization header to propagate downstream services. I removed Authorization from sensitive header then it worked like charm.