使用Feign RequestInterceptor无法访问的安全上下文

时间:2016-01-11 11:00:22

标签: spring-cloud netflix-feign

目标是使用RequestInterceptor从安全上下文附加一些数据,但问题是调用SecurityContextHolder.getContext().getAuthentication()总是返回null,即使它不为null(我肯定是100%)。

据我所知,这是因为Interceptor已经创建并正在其他线程中运行。

我如何解决此问题并从安全上下文中获取实际数据?

我的服务:

@FeignClient(value = "api", configuration = { FeignConfig.class })
public interface DocumentService {

    @RequestMapping(value = "/list", method = RequestMethod.GET)
     DocumentListOperation list();
 }

我的FeignConfig课程:

@Bean
public RequestInterceptor requestInterceptor() {
    return new HeaderInterceptor(userService);
}

public class HeaderInterceptor implements RequestInterceptor {

    private UserService userService;

    public HeaderInterceptor(UserService userService) {
        this.userService = userService;
    }

    @Override
    public void apply(RequestTemplate requestTemplate) {
        Authentication a = SecurityContextHolder.getContext().getAuthentication()

        requestTemplate.header("authentication", a.toString());
    }
}

1 个答案:

答案 0 :(得分:4)

由于我找到here

的文章,我设法弄明白了

首先,您需要初始化HystrixRequestContext HystrixRequestContext.initializeContext();

您必须创建自己的Context,在其中存储传递给Hystrix子线程所需的信息。

以下是示例:

public class UserHystrixRequestContext {

    private static final HystrixRequestVariableDefault<User> userContextVariable = new HystrixRequestVariableDefault<>();

    private UserHystrixRequestContext() {}

    public static HystrixRequestVariableDefault<User> getInstance() {
        return userContextVariable;
    }
}

您必须注册新的并发策略来包装Callable接口

@Component
public class CustomHystrixConcurrencyStrategy extends HystrixConcurrencyStrategy {

    public CustomHystrixConcurrencyStrategy() {
        HystrixPlugins.getInstance().registerConcurrencyStrategy(this);
    }

    @Override
    public <T> Callable<T> wrapCallable(Callable<T> callable) {
        return new HystrixContextWrapper<T>(callable);
    }

    public static class HystrixContextWrapper<V> implements Callable<V> {

        private HystrixRequestContext hystrixRequestContext;
        private Callable<V> delegate;

        public HystrixContextWrapper(Callable<V> delegate) {
        this.hystrixRequestContext = HystrixRequestContext.getContextForCurrentThread();
            this.delegate = delegate;
        }

        @Override
        public V call() throws Exception {
            HystrixRequestContext existingState = HystrixRequestContext.getContextForCurrentThread();
            try {
                HystrixRequestContext.setContextOnCurrentThread(this.hystrixRequestContext);
                return this.delegate.call();
            } finally {
                HystrixRequestContext.setContextOnCurrentThread(existingState);
            }
        }
    }
}

因此,在调用Callable对象之前,我们将新线程的Context设置为父级的上下文。

完成此操作后,您应该能够访问Hystrix子线程中新定义的上下文

User = UserHystrixRequestContext.getInstance().get();

希望能帮助别人。

相关问题
最新问题