Permit all doesnt work

Question

Permit all doesnt work

Closed this issue 2 years ago · 1 comments

When i try the code http://localhost:8090/user/api/v1/user-bank/register just send 200 ok response but un blank, others endpoints works fine

i think the problema is in SecurityConfiguration

some configuration is missing but i dont know where.

@Bean
public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
        http
                .authorizeExchange()
                //ALLOWING REGISTER API FOR DIRECT ACCESS
                .pathMatchers("/user/api/v1/user/register").permitAll()
                //ALL OTHER APIS ARE AUTHENTICATED
                .anyExchange().authenticated()
                .and()
                .csrf().disable()
                .oauth2Login()
                .and()
                .oauth2ResourceServer()
                .jwt();
    return http.build();

Answer 1 · 2022-08-15T19:43:52.000Z

Issue has fixed with following changes on GatewayConfiguration in api-gateway sub project

    public GlobalFilter customGlobalFilter() {
        return (exchange, chain) -> exchange.getPrincipal().map(Principal::getName).defaultIfEmpty(UNAUTHORIZED_USER_NAME).map(principal -> {
            // adds header to proxied request
            exchange.getRequest().mutate()
                    .header(HTTP_HEADER_AUTH_USER_ID, principal)
                    .build();
            return exchange;
        }).flatMap(chain::filter).then(Mono.fromRunnable(() -> {

        }));
    }```