skip to Main Content

I have a problem about sending any request to the relevant service through api gateway.

I have an issue after adding auth service.

What I really want to do is to send any request to other service after authentication.

I think there can be problem in api gateway but I couldn’t solve it?

Before starting to run all services, run zipkin and redis on docker.
Here are their commands as shown belowed.

docker run -d -p 9411:9411 openzipkin/zipkin 
docker run -d --name redis -p 6379:6379 redis

Here is the error message shown below.

An expected CSRF token cannot be found (403 Forbidden)

How can I do that?

Here is the link of example : Link

Here is the screenshots : Link

2

Answers


  1. see the error imageerrors
    where do you call other services from? is it your apigateway controller?
    I didn’t see any method to call other services, you need to implement methods to call other services, either using feign or spring api gateway (add the relative dependency).
    further more, this is from your apigate config, its not complete and you are permitting all requests as well.

        public class SecurityConfig {
        
            @Bean
            public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity serverHttpSecurity){
        
                serverHttpSecurity.cors().and().csrf().disable()
                        .authorizeExchange(exchange -> exchange
                                .anyExchange()
                                .permitAll());
                return serverHttpSecurity.build();
            }
        }
    
    Login or Signup to reply.
  2. I couldn’t look into your code, cause there are a lot of errors like this one below:

    private final UserService userService;
    

    I don’t know how it’s working for you!!

    Declaring final variable without initialization If you declare a final
    variable later on you cannot modify or, assign values to it. Moreover,
    like instance variables, final variables will not be initialized with
    default values.

    Therefore, it is mandatory to initialize final variables once you
    declare them.

    Still, if you try to declare final variables without initialization
    that will generate a compilation error saying "variable variable_name
    not initialized in the default constructor"

    for csrf error try to add this one to your security config.

    http.csrf().disable();
    
    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search