I'm using spring cloud to manage my microservices.
For security reasons, for one specific microservice (name it ms_secure), I want to use custom route choose a specific microservice version depending on client IP.
My gateway config looks like this:
spring:
cloud:
gateway:
discovery:
locator:
enabled: true
routes:
- id: ms_secure_v1
uri: lb://ms_secure_v1
predicates:
- Path=/ms_secure/**
filters:
- RewritePath=/ms_secure/(?<segment>.*), /$\{segment}
- name: <my filter>
args:
xForwardedForHeaderName: X-Forwarded-For
hosts:
- <IP1>
- <IP2>
- id: ms_secure
uri: lb://ms_secure_v2
predicates:
- Path=/ms_secure/**
filters:
- RewritePath=/ms_secure/(?<segment>.*), /$\{segment}
- name: <my filter>
args:
xForwardedForHeaderName: X-Forwarded-For
hosts:
- <IP3>
- <IP4>
When when requesting /ms_secure:
IP1 and IP2 will be redirected to ms_secure_v1
IP3 and IP4 will be redirected to ms_secure_v2
My problem is that all my clients will also be able to access directly ms_secure_v1 or ms_secure_v2 by using the default routes:
http:///ms_secure_v1/...
http:///ms_secure_v2/...
I tried to disable these routes by using SetStatus GatewayFilter:
- id: setstatusstring_route
uri: lb://ms-gateway
predicates:
- Path=/ms_secure_v**
filters:
- SetStatus=403
But this route is not matched.
Is there a way to disable these default routes in spring gateway?
The following creates routes in gateway based on services registered:
spring:
cloud:
gateway:
discovery:
locator:
enabled: true
Set it to false (which is the default), if you don't want this.
Related
I am using the following configuration in my spring boot cloud gateway application:
spring:
cloud:
gateway:
# httpclient:
# wiretap: true
# ssl:
# use-insecure-trust-manager: true
# httpserver:
# wiretap: true
routes:
- id: humio_log
uri: ${rewrite.backend.uri:https://xxx.local}
predicates:
- Path=/api/log
filters:
- RewritePath=/api/log, /api/v1/ingest/humio-unstructured
- RemoveRequestHeader=Authorization
- AddRequestHeader=Authorization, Bearer xx
- ModifyHumioLoggingBody
- id: openapi_tasks_service
uri: ${rewrite.backend.uri:http://localhost:8082}
predicates:
- Path=/v3/api-docs/tasks-service
filters:
- RewritePath=/v3/api-docs/tasks-service, /v3/api-docs
- id: openapi_sales_org_service
uri: ${rewrite.backend.uri:http://localhost:8083}
predicates:
- Path=/v3/api-docs/sales-org-service
filters:
- RewritePath=/v3/api-docs/sales-org-service, /v3/api-docs
- id: sales_org_service
uri: ${rewrite.backend.uri:http://localhost:8083}
predicates:
- Path=/api/sos/**, /sos/**
filters:
- RewritePath=/api/sos/(?<segment>.*),/sos/$\{segment}
- id: tasks_service
uri: ${rewrite.backend.uri:http://localhost:8082}
predicates:
- Path=/api/**, /task-and-assignment/**, /task-fulfillment/**, /task-overview/**
filters:
- RewritePath=/api/(?<segment>.*),/$\{segment}
globalcors:
corsConfigurations:
'[/**]':
allowedOrigins: "*"
allowedHeaders: "*"
allowedMethods:
- GET
- POST
- DELETE
- PUT
springdoc:
webjars:
prefix: /openapi
swagger-ui:
urls:
- name: tasks-service
url: /v3/api-docs/tasks-service
- name: Sales-Org-Service
url: /v3/api-docs/sales-org-service
This results in the following overview:
Now I want to be able to manipulate the Dropdown of the Servers field. The remote OpenAPI is sending me this localhost:8080 back, but I want to change it to a completely different URL. Do you know of any possiblity?
Add List of ur Servers in spring openApi Configuration like bellow:
import io.swagger.v3.oas.models.*;
#Configuration
public class OpenApiConfig {
#Bean
public OpenAPI openAPiConfig() {
ArrayList<Server> servers = new ArrayList<>();
servers.add(new Server().url("http://localhost:8080").description("Local Server"));
servers.add(...);
return new OpenAPI()
.info(new Info().title("My Service").description("My Service Description")
.license(new License().url("http://MyDomainLicence.com").name("My info"))
.contact(new Contact().name("contactName")
.email("myemail#gmail.com")
.url("http://contactDomain.com"))
.version("1.0.0"))
.servers(servers);
}
}
How to inject a variable placeholder ${} in the spring gateway filters configuration?
foo:
bar:
uri: /coucou
spring:
cloud:
gateway:
routes:
- id: prefixpath_route
uri: https://example.org
filters:
- PrefixPath=$\\{foo.bar.uri}
NB:
I've tried $\{foo.bar.uri} and ${foo.bar.uri}
I know it's doable programmatically
As #spencergibb highlighted, it's working by using args subproperty:
filters:
- name: PrefixPath
args:
prefix: ${foo.bar.uri}
see gist.github.com/spencergibb/873f239529f79cb784d4eab3a9ddc4a6
I have a third party webapplication having websocket connections. It is expecting Upgrade, Connection header names to be case sensitive. I am using spring cloud gateway as a reverse proxy to this webapp. All the http calls are success but for websocket requests i am getting the following error
io.netty.handler.codec.http.websocketx.WebSocketClientHandshakeException:
Invalid handshake response getStatus: 404 Not Found at
io.netty.handler.codec.http.websocketx.WebSocketClientHandshaker13.verify(WebSocketClientHandshaker13.java:272)
~[netty-codec-http-4.1.65.Final.jar:4.1.65
WebSocketClientHandshaker is setting the upgrade and connection headers and it is in lower case. How do I override these header values ?
application.yml configuration is as below
spring:
main:
web-application-type: reactive
profiles:
active: dev
cloud:
gateway:
globalcors:
corsConfigurations:
'[/**]':
allowedOrigins: "*"
allowedMethods: "*"
allowedHeaders: "*"
httpclient:
pool:
max-idle-time: 10s
ssl:
useInsecureTrustManager: true
filter:
remove-non-proxy-headers:
headers:
- Keep-Alive
- TE
- Trailer
- Transfer-Encoding
routes:
- id : no_op
uri: no://op
predicates:
- Path=/falcon/tunneling/**
- id: reroute_ws
uri: ws://localhost:5555
predicates:
- Path=/websocket/**
- id: reroute_2
uri: http://localhost:5555
predicates:
- Path=/**
I am using configuration mode. Where is multiple (20) routes. But my server is accessible behind the URL PATH prefix http://prefixHere/method:port?property=value due Firewall and this can not be changed.
So when I have 20 of different methods (each ends in other service) then I must define 20 times.
I want to define the StripPrefix only once. This was working in previous Zuul gateway. How to do in cloud gateway?
Here is my config:
spring:
cloud:
gateway:
discovery:
locator:
lower-case-service-id: true
enabled: true
routes:
- id: auth-service
uri: lb://server-auth
predicates:
- Path=/prefixHere/auth/**
filters:
**- StripPrefix=1**
- id: operation-service
uri: lb://operation-service
predicates:
- Path=/prefixHere/operation/**
filters:
**- StripPrefix=1**
Yes, use "default-filters:" and it will be applied to all routes at once.
spring:
application:
name: gateway
cloud:
gateway:
default-filters:
- StripPrefix=1
E.g:
spring:
application:
name: GATEWAY-SERVICE
cloud:
gateway:
default-filters:
- StripPrefix=1
discovery:
locator:
enabled: true
lowerCaseServiceId: true
routes:
- id: department-service
uri: lb://department-service
predicates:
- Path=/api/departments/**
- id: user-service
uri: lb://USER-SERVICE
predicates:
- Path=/api/users/**
Reference: Introduction to spring cloud gateway
I'm on spring-cloud-starter-gateway (Hoxton.SR5) trying to support multiple hosts but not having luck.
I would like http://en.portal.com/common route to port 80 and http://us.portal.com/common route to port 81.
- id: host_route_en
uri: lb://127.0.0.1:80
predicates:
- Host=en.portal.com
- Path=/common/**
- id: host_route_us
uri: lb://127.0.0.1:81
predicates:
- Host=us.portal.com
- Path=/common/**
Could you guide how to achieve that.
Change it to
spring:
cloud:
gateway:
routes:
- id: host_route_en
uri: http://127.0.0.1:80
predicates:
- Host=en.portal.com
- Path=/common/**
- id: host_route_us
uri: http://127.0.0.1:81
predicates:
- Host=us.portal.com
- Path=/common/**
Reference document: https://docs.spring.io/spring-cloud-gateway/docs/2.2.5.RELEASE/reference/html/#shortcut-configuration