问题
I have a problem/question. I have a "typical" spring cloud netflix environment at aws running.
Now to my problem:
Given (working authentication): Request (https: //DOMAIN.net/) -> AWS Load balancer (adds headers X-Forwarded-For and X-Forwarded-Proto) -> Zuul
The route / for zuul is secured this means spring security correctly redirects the user to https: //DOMAIN/login and this triggers the correct redirect to our auth server with the correct redirect URI. No problem here.
Given (not working authentication): Request (https: //DOMAIN.net/service) -> AWS Load balancer (adds headers X-Forwarded-For and X-Forwarded-Proto) -> Zuul (adds headers X-Forwarded-Prefix) -> Service
The route / at our service is secured and the application redirects to https://localhost/service/login. I would expect a redirect to https:// DOMAIN/service/login.
I don't get it why this fails. The requests are correct IMO. Also all required headers are proxied to the service..
My problem is: No oauth2 authentication possible behind zuul.
I hope anyone can help me here. I'm trying already for ages but no results :/.
(Please check https://github.com/spring-cloud/spring-cloud-netflix/issues/942 for more details. I did already a lot of research and tried nearly everything..)
Edit: For simplicity we are running our service on the same machine as our zuul. This means our zuul route configuration does route /service/** to http: //localhost:10001/service and the prefix is not stripped. The routing works perfect. Just the authentication.. The routes to /service/** are not secured at zuul.
来源:https://stackoverflow.com/questions/36361181/spring-oauth2-authentication-aws-behind-zuul