0

I have an AUTH_SERVICE which authenticates the user credentials and sends JWT token in response header. I also have GATEWAY_SERVICE which intercepts the request and validates the token and forwards the request to the controller of other microservices.

Now, in this process, I can't seem to figure out how to implement JPA Auditing just in case if any table data of targeted microservices is changed.

Any suggesstions?

Here's a Github link to my project

Below is a list of microservices in the project

- zuul-server (Port:8762)
- auth-server (Port: 9100)
- gallery-service (Port: 8100)
- image-service (Port: 8200)

✖ - Now, I need to send username/token or say user_id from zuul-server to gallery-service for JPA audit purpose. Any recommendation on how do i do that?

Community
  • 1
  • 1
bijayshrestha
  • 149
  • 1
  • 14
  • You could pass through the `Authorization` header to the gallery-service, or you could add some kind of header that only sends the username to the gallery-service [by using a route filter](https://stackoverflow.com/q/50040703/1915448) and [use header-based pre-authentication](https://stackoverflow.com/questions/26070286/how-to-setup-pre-authentication-header-based-authentication-in-spring-boot) within your gallery-service to obtain the current user. – g00glen00b Sep 06 '19 at 07:12
  • @g00glen00b Can you please guide me through an example (anything of specific sorts) – bijayshrestha Sep 07 '19 at 06:49

1 Answers1

1

As per spring docs you can send Headers from zuul to other services with the help of zuul configuration.

Spring Docs:

The sensitiveHeaders are a blacklist, and the default is not empty. Consequently, to make Zuul send all headers (except the ignored ones), you must explicitly set it to the empty list. Doing so is necessary if you want to pass cookie or authorization headers to your back end.

Example:

zuul:
  routes:
    users:
      path: /myusers/**
      sensitiveHeaders:
GnanaJeyam
  • 2,780
  • 16
  • 27
  • Well despite adding `sensitive-header` as `zuul.routes.auth-service.sensitive-headers=Cookie, Set-Cookie` in my **api-gateway** configuration file, the header is still empty when i forwarded the reques from `zuul service i.e. my api-gateway` to `gallery-service`. Am i missing something? @gnana-jeyam95 – bijayshrestha Sep 12 '19 at 03:52