API-Gateway

问题 We are currently analyzing the API gateway for our microservices and Kong is one of the possible candidate. We discovered that Kong support several plugins for authentication but the all based on users stored in Kong database itself. We need to delegate this responsibility to our custom auth HTTP service and don't want to add these users in API gateway database. 回答1: It's possible to do this with some code around, instead of using the OpenID connect plugin; in effect you need to implement an

问题 I'm a bit confused by how API Gateway and CloudFront work together. Ultimately, I want to be able to have a custom header and value be considered part of my cache key. I know this can be done by whitelisting (if I'm using CloudFront). So when I make the following request: GET /pagesRead/4 Some-Header: fizz This returns, for instance, '29 pages' Then there's a post that updates id 4 to '45 pages' If I make this request GET /pagesRead/4 Some-Header: buzz It will now return '45 pages' But I'm

问题 I see many people talk about using mapping templates in the form of json object to make user agents and ip addresses available to Lambda functions? Where are these json objects configured in the many control panels? 回答1: Api gateway -> your api -> your endpoint/resource method -> integration request -> body mapping templates Create one with a valid Content-type header such as application/json You can then pick a template or roll your own map. For example the template which maps everything

问题 I am trying out JHipster based on the supported Microservice architecture. I have created a Registry, Gateway, and a Microservice (based on JWT authentication) as described in documentation and everything works. However I am not sure why a Gateway in JHispter need to have a database. Questions that are still unanswered for me: 1- Why does a Gateway need a database? In which scenarios would you create a Gateway with/without a database? 2- Do the Gateway and Microservice use the same database?

问题 I am exploring the istio service mesh on my k8s cluster hosted on EKS(Amazon). I tried deploying istio-1.2.2 on a new k8s cluster with the demo.yml file used for bookapp demonstration and most of the use cases I understand properly. Then, I deployed istio using helm default profile(recommended for production) on my existing dev cluster with 100s of microservices running and what I noticed is my services can can call http endpoints but not able to call external secure endpoints(https://www

问题 Let's say there are two (or more) RESTful microservices serving JSON. Service (A) stores user information (name, login, password, etc) and service (B) stores messages to/from that user (e.g. sender_id, subject, body, rcpt_ids). Service (A) on /profile/{user_id} may respond with: {id: 1, name:'Bob'} {id: 2, name:'Alice'} {id: 3, name:'Sue'} and so on Service (B) responding at /user/{user_id}/messages returns a list of messages destined for that {user_id} like so: {id: 1, subj:'Hey', body:

问题 I have been trying to build a spring distributed application that works on JWT. Github repo - https://github.com/dhananjay12/spring-microservice-demo Service Description product-service : A simple downstream service having protected routes jwt-resoure-server : A jar that when included in downstream services make it a resourceserver that extract jwt token and set it in security contex. eureka-service : Discovery service zuul-server : Edge server Okta is my auth server I have set oauth grant

问题 I have been struggling to send a response to connected clients through aws provided callback url(https://******.execute-api.us-east-1.amazonaws.com/test/@connections). Have the below code in my backend to send the response which is one way communication. AwsClientBuilder.EndpointConfiguration config = new AwsClientBuilder.EndpointConfiguration("https://*********.execute-api.us-east-1.amazonaws.com/test", "us-east-1"); AmazonApiGatewayManagementApi client =

问题 Currently I have a monolith application with Java/Spring Boot the following endpoints: /login /logout /some-resource To access some-resource , the flow is following: The user makes a POST request to /login endpoint. If the credentials are correct, a JWT token is returned in header, otherwise a 401. The users sends the JWT token along with the request to /some-resource . If the token is valid, the resource is returned, otherwise 403. Now I want to split the monolith into 2 services:

问题 I already went Why does springfox-swagger2 UI tell me "Unable to infer base url." and Getting an unexpected result while configuring Swagger with Spring Boot and not using Spring Security at all and for each service, I am using @EnableSwagger2 annotations. I'm following tutorial from link: https://dzone.com/articles/quick-guide-to-microservices-with-spring-boot-20-e and using gateway-service for the project to run instead of proxy-service . gateway-service.yml server: port: 8060 eureka: