These are chat archives for spring-cloud/spring-cloud

22nd
Mar 2019
Chris Overgaauw
@chrisovergaauw
Mar 22 09:34
@fengwenyi seems like it is resolved now
冯文议
@fengwenyi
Mar 22 09:35
i known
i see spring twitter describe
Chris Overgaauw
@chrisovergaauw
Mar 22 20:59
@ryanjbaxter I was able to reference The TokenRelayGatewayFilter in the yaml simply by listing -TokenRelay underneath the filters
Thank you for your help
Chris Overgaauw
@chrisovergaauw
Mar 22 21:04

Based on Spencer's example I've decided to look into using Cloudfoundry's uaa and later I stumbled upon Keycloak, which I'm trying to combine with the gateway now.

Does anyone has tips when it comes to filtering security for an @EnableResourceServer annotated server?
Currently I cannot even access actuator endpoints despite a config class like this:

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    public void configure(final WebSecurity web) throws Exception {
        web.ignoring().antMatchers("/actuator/**");
    }

    @Override
    protected void configure(final HttpSecurity http) throws Exception {
        http.anonymous()
                .and().csrf().disable()
                .authorizeRequests()
                .antMatchers("/**").permitAll();
    }
}
(redirecting to keycloak and logging in already works in the gateway. It's just when passing on the requests to underlying API's that I do not see any @AuthenticationPrincipal OAuth2User oauth2User, its null)
Getting actuator endpoints to work might help me look at actual headers being passed
Chris Overgaauw
@chrisovergaauw
Mar 22 21:19
nvm, fixed it with an @Order(x) where x is below 3