0

I'm trying to disable access to all microservice API in one of my gateways. This is because in this gateway I only want to publish the angular app.

I'm trying this, but it don't seems to work:

https://jhipster.github.io/microservices-architecture/#acl

Debugging the gateway, I see that de AccessControlFilter.java is working and trying to return a FORBIDDEN HttpStatus in the run() method, but I get access to the api, and a 200 code response.

apenlor
  • 87
  • 2
  • 15

2 Answers2

2

Personally, rather than disabling the zuul proxy entirely, I would change the zuul properties to setup routes manually :

zuul:    
  ignoredServices: '*'   
  routes:
    app1: 
      path: /app1/** 
      serviceId: app1

Add only the routes that you need.

Pierre Besson
  • 740
  • 3
  • 6
  • Twanks! Works perfectly. This is the solution I was looking for... I don't undestand why they didn't put this on the documentation. – apenlor Oct 31 '16 at 08:44
  • They documented it: http://cloud.spring.io/spring-cloud-netflix/spring-cloud-netflix.html#netflix-zuul-reverse-proxy – Gaël Marziou Oct 31 '16 at 12:57
0

If you want to compeltely disable API proxying for all services, the easiest and safest way is to disable Zuul completely and very likely Eureka too by removing @EnableZuulProxy and @EnableDiscoveryClient from your application.

This way your gateway is no longer a gateway, but it would be easier to just serve your angular app from a plain spring boot app or even from nginx.

Gaël Marziou
  • 16,028
  • 4
  • 38
  • 49
  • Thanks, it works! Just remark that I have also to disable all @Inject annotations of 'RouteLocator' beans in the code. – apenlor Oct 28 '16 at 10:48