I have a bunch of services that sit behind a Zuul Edge Server. The Zuul Edge Server also performs authentication. The session is shared with all services using Spring Session. I want to be able to authenticate and route the request to a service in the same flow. I looked at Dave Syer's tutorial where a Gateway Server can authenticate and route requests.
On that project, the following commands work:
curl -u admin:admin http://localhost:8080/usercurl -c cookie.txt -u admin:admin http://localhost:8080/user && curl -b cookie.txt http://localhost:8080/admin/user
I was expecting this to work as well but it doesn't:
curl -u admin:admin http://localhost:8080/admin/user
I was expecting the Gateway server to authenticate, create a redis session, route the request to admin service which would have picked the Authentication from redis session. The request is being routed to admin service, but it also attempts a Basic Authentication and fails.
This is what I see in admin service's logs:
o.s.s.w.a.www.BasicAuthenticationFilter : Basic Authentication Authorization header found for user 'admin'
o.s.s.authentication.ProviderManager : Authentication attempt using org.springframework.security.authentication.dao.DaoAuthenticationProvider
o.s.s.a.dao.DaoAuthenticationProvider : User 'admin' not found
o.s.s.w.a.www.BasicAuthenticationFilter : Authentication request for failed: org.springframework.security.authentication.BadCredentialsException: Bad credentials
I get an HTTP 401 Unauthorized response.
I also tried to disable HTTP Basic Authentication in admin service, but then I get HTTP 403 Forbidden response.
Is there some way to achieve this?
UPDATE
I think this can't work due to the way Spring Session is implemented to save session. I'm waiting for a response to my question on github.
