Authorization header not passed by ZuulProxy starting with Brixton.RC1

Set the sensitiveHeaders globally helped me solve the issue

 zuul:
  sensitiveHeaders: Cookie,Set-Cookie

Please note that the property name is sensitiveHeaders not sensitive-headers [I use spring-cloud-starter-zuul version:1.3.1.RELEASE ]

Update: Fixed in https://github.com/spring-cloud/spring-cloud-netflix/pull/963/files

Sensitive headers can also be set globally setting zuul.sensitiveHeaders. If sensitiveHeaders is set on a route, this will override the global sensitiveHeaders setting.

So use:

# Pass Authorization header downstream
zuul:
  sensitiveHeaders: Cookie,Set-Cookie

So pending a fix for https://github.com/spring-cloud/spring-cloud-netflix/issues/944, jebeaudet was kind enough to provide a workaround:

@Component
public class RelayTokenFilter extends ZuulFilter {

    @Override
    public Object run() {
        RequestContext ctx = RequestContext.getCurrentContext();

        // Alter ignored headers as per: https://gitter.im/spring-cloud/spring-cloud?at=56fea31f11ea211749c3ed22
        Set<String> headers = (Set<String>) ctx.get("ignoredHeaders");
        // We need our JWT tokens relayed to resource servers
        headers.remove("authorization");

        return null;
    }

    @Override
    public boolean shouldFilter() {
        return true;
    }

    @Override
    public String filterType() {
        return "pre";
    }

    @Override
    public int filterOrder() {
        return 10000;
    }
}

Authorization header not passed by ZuulProxy starting with Brixton.RC1

Tags:

Java

Spring Security Oauth2

Spring Cloud

Spring Cloud Netflix

Related

Recent Posts