How to use the Spring Cloud Gateway Filter for Authentication | Microservices 3

Thanks for the sharing Sergio. This content, as usually done on your channel, is more that valuable for anyone who has wished to learn programming in a professional manner

Cool! Thank you so much!❤
Do i have plans to have some examples for webflux + security+ gradle?

Why did you pass the user ID at the request (when you were adding a new header in the Gateway filter)? Like, for what reason you are going to use this user ID?

Re bonjour, j'ai également implémenté cette solution, toutefois, j'ai l'impression que mon filtre ne s'applique pas. J'utilise un service pour l'authentification , un gateway et un autre service sur lequel je souhaite appliquer le filtre. Ce dernier est censé me renvoyer un simple message cependant sans même préciser de header je reçois un message

Olá Sérgio, somente uma questão. E se caso do Gateway colocasses no yml o código abaixo, já seria compatível com o spring-boot-starter-web ?

spring:
main:
web-application-type: reactive

Hello, congratulations for the video.
I would like some help in configuring the "routes" of the gateway, how do I create a personalized redirect. Like, I have 3 instances of the same "lb://service-books" but according to some header, url parameter something like that, the requests always fall in the same instance among the 3.

Thank you! It was useful

Why did you use constructor injection here and not requiredargsconstructor like in previous videos?

Wondering how long it took for you to spot the typo on the prices predicate.

Hi Sergio,wonderful as usual tutorials but pls help me how do i implement login for this with react js front end?which api do i call to log my user in pls?am stuck on that

Thanks! but why didn't you handle the exception properly? for example, I always get an exception with code 405 or the like with the message {"timestamp":"","path":"","status":405,"error":"Method Not Allowed","requestId": ""}, but I don't know why...

Great content thank you!

What about session based Authentication? Can we get session based Authentication object from the cookie in request header ? Previously in Zuul gateway we are using via SecurityContextHolder but in Spring cloud gateway its not working

Hi this does not work on my local machine

hi .. i have a question ...
where we should configure (& how) JWT configurations ... ideally i think in API Gateway only ..
but it does not include any code other than navigating to microservice ..
so how to handle cors issues

Help Required!!!! Can you tell How to read the body -> exchange.getRequest().getBody(), as it returns Flux<DataBuffer> .. Thanks in advance :-)

I'm using spring version - 2.7.0 & cloud version - 2021.0.3 . Filter apply method code is not executed.

I like this tutorial for JWT filters in the gateway, but how can I send the 401 (not authorized) error to the client? My gateway will received an 401, but send a 500 to the client :(

Sirvió de mucho. Bien!

Hi Sergio,
If I remove spring web dependency my CORS configuration will get disturbed, I will be unable to use WebMVCConfigurer to configure the CORS. What is the alternative for WebMVCConfigurer or can we configure the CORS in application.yml using spring cloud gateway filters.

Hi Sergio,
Thanks for the tutorial!!
I have a question, can we filter the requests based on roles in JWT ? If yes where we can have that filter logic(in each microservice or in gateway service itself)?
Thanks in advance!!

Hello, thanks for the tutorial!!! I have a question, with this method, it seems that every request passing throught the API gateway filter call the validatetoken endpoint, is there any method to relay the token to all our microservice? Thanks in advance

I support you bro keep going good work!

Hi..Is there a way to use token relay functionality of spring cloud gateway with password grant?

First, thank you very much for the sequence of videos. It is an excellent learning. Once I implement the AuthFilter and make a request with the correct token, it gives me a 200 response, but the empty content, maybe any ideas?

Que buena explicación, es justo lo que estaba buscando.

Finally someone who explains how to apply a GatewayFilter in yaml configuration. Thanks!

Why did you remove web dependency after adding gateway dependency in pom.xml?

una consulta espero que me contesten. Estoy trabajando con eureka y cloud gateway .. el problema que tengo es que para producción en que servidor se puede publicar gateway.. intente con jboss y wlidfly y no funcionan..

please how can we make the register not signIn?
I really need it can you share it if you have an example

can spring cloud gateway authorized users? It's so hard to archive it

Deberiamos segurizar los servicios internos que se comunican entre ellos? O no tiene mucho sentido?

Thank you for the useful video, here you have added the authentication details as the query parameters, how we can add as a form parameters, please help

Muy buena explicación. Gracias. Aunque me pregunto ¿de que manera los microservicios internos tendrían acceso a la información de la persona autenticada (Principal)? la información contenida en el JWT para verificar roles, etc...

Eres brutal. Qué opinas de Vaadin?

To the point tutorial. Thanks a lot

For the load balancer, what if we use the new Spring Cloud LoadBalancer which is considered to be more abstractions?

Hello Man. I dont understand that flow with checking JWT in a gateway service.
Ok, u validate it. And then pass string (which u call id). Eventually u have just user id ... no claims, no information about roles etc. U can for header, but parse it on filter of service (for example book service and he will delegate it to ur JWT validate service and in response get all information about user - his claims)
Schema( gateway (filtering if header is exist) -> book service (delegate in his filter to outer service JWT parsin and get claims) and then u add it to SpringSecurityContext) thats all.
Am i missing something?

Excelente explicación. Yo estoy migrando los microservicios de un proyecto de Spring Boot a Quarkus para aprovechar mejor GraalVM y el ahorro de memoria ram ya que con SpringBoot aún no está muy "púlida" la integración con GraalVM. Pero el api gateway pienso mantenerlo con Spring Cloud/Eureka. Me subscribo al canal esperando más videos como éstos.

No entendí nada