1.繼承類:ZuulFilter
2.丟失請求頭:Authorization
3.轉發請求頭:Authorization
4.使用場景:驗證權限
1.繼承類:ZuulFilter
package com.ligy.school.zuul.filter; import com.netflix.zuul.ZuulFilter; import com.netflix.zuul.exception.ZuulException; import org.springframework.stereotype.Component; @Component public class AuthFilter extends ZuulFilter { public String filterType() { //pre 請求前面 post請求後面 error發生錯誤時 //route 在路由請求時被調用 return "pre"; } public int filterOrder() { //執行順序 0 1 2 最先執行的是0,小的先執行 return 0; } public boolean shouldFilter() { //開關:true 打開 false:關閉 return true; } public Object run() throws ZuulException { //返回Object 就等於放行 System.out.println("過濾器,執行了"); return null; } }
2.丟失請求頭:Authorization
3.轉發請求頭:Authorization
public Object run() throws ZuulException { //返回Object 就等於放行 System.out.println("過濾器,執行了"); RequestContext context = RequestContext.getCurrentContext(); HttpServletRequest request = context.getRequest(); String authorization = request.getHeader("Authorization"); System.out.println("zuul:authorization:" + authorization); if (authorization != null && !"".equals(authorization)) { //轉發頭 context.addZuulRequestHeader("authorization", authorization); System.out.println("zuul:轉發頭:authorization:" + authorization); return "ok"; } context.setResponseStatusCode(401); context.setResponseBody("權限校驗失敗"); context.setSendZuulResponse(false);//禁止通行 context.getResponse().setContentType("text/html;charset=utf-8"); return null; }
問題:轉發後, 依然拿 不到頭。
解決方法:
#配置不過濾所有頭
zuul.sensitive-headers=""
4.使用場景:驗證權限
public Object run() throws ZuulException { //返回Object 就等於放行 System.out.println("過濾器,執行了"); RequestContext context = RequestContext.getCurrentContext(); HttpServletRequest request = context.getRequest(); String authorization = request.getHeader("Authorization"); System.out.println("zuul:authorization:" + authorization); if (authorization != null && !"".equals(authorization)) { //轉發頭 context.addZuulRequestHeader("authorization", authorization); System.out.println("zuul:轉發頭:authorization:" + authorization); return "ok"; } context.setResponseStatusCode(401); context.setResponseBody("權限校驗失敗"); context.setSendZuulResponse(false);//禁止通行 context.getResponse().setContentType("text/html;charset=utf-8"); return null; }