add filters in configServer

Question

With this architecture, i created a configServer that point to git repository where all my configurations are stored

Now, i want to secure this configurations because it contains a critic information (as servers, passwords, ...etc.)

So, to do that i fount this

By adding the dependency spring-boot-starter-security to the configServer, then defining user, password in the application.properties my configuration's files are now protected by Basic Authentication

Now, i must share my user/password to every client bootstrap.yml so they can fetch configurations from configServer

spring.cloud.config.uri: http://localhost:8888
spring.application.name: ws-config
spring.profiles.active: default
spring.cloud.config.label: local_dev
spring.cloud.config.username: user
spring.cloud.config.password: password

This work perfectly for me, now every micro-service can fetch it's own configuration by the authentication user, password

Now, i want to do this in an other way (if possible)

Defining a security in configServer (only in configServer) by filters or cross-origins, so the goal is to not sharing any user, password with clients

So, something like this

config.setAllowedOrigins(Arrays.asList("http://localhost:8085", "http://localhost:8081", "http://localhost:8080")); //mean only this links can fetch configurations from configServer

CORS is strictly a browser protection feature. It is entirely circumvented by any service-to-service communication. — Strelok, Apr 17 '19 at 14:31
ok, i understand, so is there any other way to protect my configServer without sharing any user password ? — mugiwaradz, Apr 17 '19 at 14:41
You could add an authentication filter in the security config and just check ip’s/hostnames of the request — 123, Apr 17 '19 at 16:25

add filters in configServer

0 Answers0

Linked