Menu
Is it possible to use the predicate section of the spring cloud gateway config to check the header authorization, my goal is to have some basic auth on one or more endpoints
I'm using application.yml for route configuration
cloud:
gateway:
routes:
- id: serviceRoute
uri: http://service:8000
predicates:
- Path=/service/
**- Header= ??**
filters:
- name: CircuitBreaker
args:
name: slow
fallbackUri: forward:/fallback/service
393
The predicate is called Header. It is a built-in predicate that Spring Cloud API Gateway understands and knows what to do with it. The Header predicate accepts two values. The first value is the name of the header. Which is in our case is going to be “ Authorization “.
This way, if the HTTP request does not contain an Authorization header, Spring Cloud API Gateway will not even route this request to a destination microservice. We can achieve this by using the Header predicate. Let’s see how it works. For a step by step series of video lessons, please check this page: Spring Boot Microservices and Spring Cloud.
With this predicate added, Spring Cloud API Gateway will route HTTP requests sent to /users/status/check web service endpoint, only if this HTTP request contains an Authorization header with a value that matches Bearer (.*) regular expression. It will not validate the JWT token included in the Authorization header.
Clients make requests to Spring Cloud Gateway. If the Gateway Handler Mapping determines that a request matches a route, it is sent to the Gateway Web Handler. This handler runs the request through a filter chain that is specific to the request.
Figured out the syntax, will only route to service if both conditions are met
cloud:
gateway:
routes:
- id: serviceRoute
uri: http://service:8000
predicates:
- Path=/service/
- Header=Authorization, Basic password
filters:
- name: CircuitBreaker
args:
name: slow
fallbackUri: forward:/fallback/service
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With