我使用Jhipster使用基于JWT令牌的身份验证生成了微服务堆栈;
foo
微服务我在bar
微服务和网关中都生成了foo
实体(重用现有的微服务实体)。我可以从Gateway UI添加/删除bar
实体-一切都很好。
但是,我的实际用例是能够使用URL bar
访问https://gateway.com/api/bar
,就像我能够管理account
和user
资源一样-如何我实现了?当我尝试通过https://gateway.com/services/bar
访问服务时,我的网关日志中出现以下错误;
Access Control: filtered unauthorized access on endpoint /services/bar
下面是https://gateway.com/gateway/routes
的输出,并且可以很好地识别服务。
[
{
"path": "/services/bar/**",
"serviceId": "bar",
"serviceInstances": [
{
"port": 8083,
"host": "1.1.1.1",
"uri": "http://1.1.1.1:8083",
"serviceId": "BAR",
"secure": false,
"instanceId": "bar:16913f331d6f6489adba78d107cf7a2e",
"instanceInfo": {
"instanceId": "bar:16913f331d6f6489adba78d107cf7a2e",
"app": "bar",
"appGroupName": null,
"ipAddr": "1.1.1.1",
"sid": "na",
"homePageUrl": "http://1.1.1.1:8083/",
"statusPageUrl": "http://1.1.1.1:8083/management/info",
"healthCheckUrl": "http://1.1.1.1:8083/management/health",
"secureHealthCheckUrl": null,
"vipAddress": "bar",
"secureVipAddress": "bar",
"countryId": 1,
"dataCenterInfo": {
"@class": "com.netflix.appinfo.InstanceInfo$DefaultDataCenterInfo",
"name": "MyOwn"
},
"hostName": "1.1.1.1",
"status": "UP",
"overriddenStatus": "UNKNOWN",
"leaseInfo": {
"renewalIntervalInSecs": 5,
"durationInSecs": 10,
"registrationTimestamp": 1572420926773,
"lastRenewalTimestamp": 1572459999227,
"evictionTimestamp": 0,
"serviceUpTimestamp": 1572420926137
},
"isCoordinatingDiscoveryServer": false,
"metadata": {
"git-branch": "xxx",
"git-version": "xxx",
"zone": "primary",
"profile": "prod",
"management.port": "8083",
"version": "0.0.1-SNAPSHOT",
"git-commit": "xxx"
},
"lastUpdatedTimestamp": 1572420926773,
"lastDirtyTimestamp": 1572420925996,
"actionType": "ADDED",
"asgName": null
},
"metadata": {
"git-branch": "xxx",
"git-version": "xxx",
"zone": "primary",
"profile": "prod",
"management.port": "8083",
"version": "0.0.1-SNAPSHOT",
"git-commit": "xxx"
},
"scheme": null
}
]
}
]
我也无法在网关swagger文档中看到微服务的API文档-从swagger下拉列表中选择时,我会看到以下消息;
Can't read swagger JSON from https://gateway.com/services/bar/v2/api-docs
在网关日志中,我看到了;
Access Control: allowing access for /services/bar/v2/api-docs, as no access control policy has been set up for service: bar
JHipster 6.4.1
编辑
问题的第一部分得到解决,即API访问-问题出在API UR上:
通过https://gateway.com/services/bar
可以访问{p>而不是https://gateway.com/services/bar/api/bars
仍然无法在网关上访问微服务综合性文档!