Api Gateway Part 2: Handling Authentication with Spring Boot, Zuul, Spring Session and Spring Security

TL;DR Here’s the source code

Api Gateway

Architecture Design

Multi-Project development: Sharing common code in modules for applications to use

So, lets create Security Module: Shared Module

API Gateway

Modify bootstrap.yml file

zuul:
routes:
product:
path: /product/**
url: http://localhost:8080
stripPrefix: true

account:
path: /**
url: http://localhost:8091
stripPrefix: false
sensitiveHeaders:

Modify the Post ZuulFilter

API Gateway is designed to delegate the login to its port under Location Header. We overide the value using Post Zuul Filter

Lets prepare for test

SecurityConfig

Controller

Configure application.properties

spring.application.name=whoAmI-service
server.port
=8092

Lets run test

mvn spring-boot:run

Can we improve it more?

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store