Permit all doesnt work
Closed this issue · 1 comments
juanros13 commented
When i try the code http://localhost:8090/user/api/v1/user-bank/register just send 200 ok response but un blank, others endpoints works fine
i think the problema is in SecurityConfiguration
some configuration is missing but i dont know where.
@Bean
public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
http
.authorizeExchange()
//ALLOWING REGISTER API FOR DIRECT ACCESS
.pathMatchers("/user/api/v1/user/register").permitAll()
//ALL OTHER APIS ARE AUTHENTICATED
.anyExchange().authenticated()
.and()
.csrf().disable()
.oauth2Login()
.and()
.oauth2ResourceServer()
.jwt();
return http.build();
javatodev commented
Issue has fixed with following changes on GatewayConfiguration in api-gateway sub project
public GlobalFilter customGlobalFilter() {
return (exchange, chain) -> exchange.getPrincipal().map(Principal::getName).defaultIfEmpty(UNAUTHORIZED_USER_NAME).map(principal -> {
// adds header to proxied request
exchange.getRequest().mutate()
.header(HTTP_HEADER_AUTH_USER_ID, principal)
.build();
return exchange;
}).flatMap(chain::filter).then(Mono.fromRunnable(() -> {
}));
}```