Sharing Security Context between Spring Security and Feign Interceptor
My Current project using microsrvices architecture with Spring Boot Framework. I make custom lib (Spring Security) for each services like this
Flow
- Clients Send request with Token Bearer
- Gateway get the token and call Auth Service and break the token into custom http Header
- Gateway Forward the request with http Header filled User Login to User Service
- and UserService call Book Service to get book datas it has.
In this case when user service call book service Im using Feign, but problem is security lib do not share the authentication user to feign. So Im cannot get the datas.
Solution
update hystrix configuration of user service
hystrix:
command:
default:
execution:
isolation:
thread:
timeoutInMilliseconds: 60000
shareSecurityContext: true
in Feign Config make a bean for intercept the request template
so with this configuration, Spring Security will share Authentication object with Feign when you wanna use Request Interceptor.
If it was interesting or helpful to you, please do press the 👏 clap button and help others find this story too.