0

I'm new to Spring Cloud and about to kick start a new project in micro-service fashion using Spring Cloud stack i.e. Eureka, Zuul, Ribbon and Hystrix.

The application will have a dumb UI which will interact with back-end services to get job done, the back-end services are rest in nature and will use token based authentication (using JWT) backed by Spring security, so following will be the flow of application

  1. Authentication service:- Authentication service will take care of authenticating user and validating access token.
  2. Rest services: Other services will have their own authorization mechanism, i.e. whether given user (identified from JWT token) has access to requested resource or not.

I've used JWT and Spring security filters to achieve same but not able to map how Zuul will fit into this picture, while going through documentation I encountered ZuulFilters, which can be used to achieve this but using this I need to have my authentication/authorization mechanism at same place i.e. Zuul, but I want my authentication piece at Zuul and have distributed authorization this will save me from configuring every rest resource to role mapping in DB and have that loaded/read at zuul for every request.

I've gone through some blogs/example but most of them talk about SSO stuff, Can someone please enlighten me with a blog post or example, any help is appreciated.

g00glen00b
  • 41,995
  • 13
  • 95
  • 133
Akhil
  • 1,184
  • 1
  • 18
  • 42

1 Answers1

0

As far as I understand you want zuul just as an api gateway. Write a zuulFilter and check the incoming request's token via authentication service and then pass the request actual microservice(if token is provided and valid). Microservice can check the token if necessary roles/permissions are in it.

Short version is; if you want authorization in each microservice zuul has not much of a role in this case(just a simple api gateway.)

barbakini
  • 3,024
  • 2
  • 19
  • 25