• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Liutauras Vilda
  • Paul Clapham
Sheriffs:
  • paul wheaton
  • Tim Cooke
  • Henry Wong
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Piet Souris
Bartenders:
  • Mike London

Spring Boot Microservices (Spring Cloud) , 403 Forbidden among services (Controller and ControllerTe

 
Ranch Hand
Posts: 52
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have a communication problem in my spring boot microservices.

I created some services as well as eureka server, api gateway and config server.

I defined auth service connecting to api gateway for the process of authentication and authorization. I used this service as creating a user, logining and refreshing token.

After I created a user and login in auth service through the port number of api gateway, I tried to make a request to the order service like or but I got 403 forbidden issue.

I knew there can be spring security problem among api gateway, auth service and order service but I couldn't find where the issue is.

Except for that, I cannot run any test method defined in OrderControllerTest because of this reason.

How can I fix these issues?

I shared some code snippets regarding security config defined in 2 services and api gateway and gateway filter located in api gateway.

Here is **SecurityConfig** in **auth service**.



Here is **SecurityConfig** in **api gateway**.



Here is the **gatewayconfig** in **api gateway**



Here is **SecurityConfig** in **order service**.



Here is the **OrderControllerTest** shown below.



Here is the repo : [Link][1]

Here are the screenshots : [Link][2]

**To run the app,**

1 ) Run Service Registery (Eureka Server)

2 ) Run config server

3 ) Run zipkin and redis through these commands shown below on docker


4 ) Run api gateway

5 ) Run other services


 [1]: https://github.com/Rapter1990/microservicecoursedailybuffer
 [2]: https://drive.google.com/drive/folders/1BCMSj9STszd-GaHWJZE4a0IuLpUcXBxj?usp=sharing
 
Bartender
Posts: 2266
13
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
In you WebSecurityConfig class, can you change this:
.antMatchers("/order/**")
into this mvcMatchers("/orders/**") ?

Also, are you sure you have the right authority to access to order?  
 
Kevin Rapter
Ranch Hand
Posts: 52
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Have you ever looked though my order-service like showing OrderController class?
 
Himai Minh
Bartender
Posts: 2266
13
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Your OrderController looks ok. But you mentioned that your security config is preventing you to access the order service.
 
Kevin Rapter
Ranch Hand
Posts: 52
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Yeah, I mentioned it. How can I do that?
 
Himai Minh
Bartender
Posts: 2266
13
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
First of all, make sure your credentials are something authorized to log on to the service.
 
Kevin Rapter
Ranch Hand
Posts: 52
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Himai Minh wrote:First of all, make sure your credentials are something authorized to log on to the service.




I still couldn't fix it. Can you help me if you have any idea about it?
 
Himai Minh
Bartender
Posts: 2266
13
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
403 error may mean you are authenticated, but you don't have enough privilege to access to the resources.
 
Kevin Rapter
Ranch Hand
Posts: 52
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Himai Minh wrote:403 error may mean you are authenticated, but you don't have enough privilege to access to the resources.



You can clone project from Github.
I already shared project link in my first post.
 
Himai Minh
Bartender
Posts: 2266
13
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am not too familiar with JWT authentication in Spring Security. But I think you don't have the right privilege to access to order service.
Usually, people have a database table to store the users and their privilege. This table is looked up during authorization.
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic