search

spring-cloud / spring-cloud-openfeign

Support for using OpenFeign in Spring Cloud apps
Apache License 2.0
1.19k stars 774 forks source link

feign client call basic auth protected POST endpoint failed. #80

Closed ymmihw closed 5 years ago

ymmihw commented 5 years ago

cloud Finchley.SR2 boot 2.0.5

i have a client and a basic auth protected service. the client can access GET endpoint, but when access POST endpoint feign throws:

feign.FeignException: status 401 reading Client#postHandlerWithoutParam()
    at feign.FeignException.errorStatus(FeignException.java:60) ~[feign-core-9.7.0.jar:na]
    at feign.codec.ErrorDecoder$Default.decode(ErrorDecoder.java:89) ~[feign-core-9.7.0.jar:na]
    at feign.SynchronousMethodHandler.executeAndDecode(SynchronousMethodHandler.java:143) ~[feign-core-9.7.0.jar:na]
    at feign.SynchronousMethodHandler.invoke(SynchronousMethodHandler.java:77) ~[feign-core-9.7.0.jar:na]
    at feign.ReflectiveFeign$FeignInvocationHandler.invoke(ReflectiveFeign.java:102) ~[feign-core-9.7.0.jar:na]
    at com.sun.proxy.$Proxy73.postHandlerWithoutParam(Unknown Source) ~[na:na]
    at com.ymmihw.ClientController.post(ClientController.java:21) ~[classes/:na]
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_181]

moreover, access the GET endpoint with param also failed with same exception.

thank you for help.

the code samples are available over on Github.

ryanjbaxter commented 5 years ago

If you just make a POST request to the service app without feign (just using curl for example) it also fails with a 401 so I dont think it has anything to do with feign. You spring security config probably needs to be adjusted

ymmihw commented 5 years ago

thanks for reply.

my client runs on 8080, and service on 9090. client use feign and basic auth interceptor call service endpoint.

if i make a GET request to client, the behavior is correct. but POST request or GET request with param is not.

maybe i missunderstand some concept of feign.

thanks

ymmihw commented 5 years ago

spring securiy enables csrf protection, i will try to disable it.

vjaybhas1 commented 5 years ago

Was that issue resolved after disabling the CSRF protection?. I am also getting the same exception while calling REST API using feign client.

ymmihw commented 5 years ago

Was that issue resolved after disabling the CSRF protection?. I am also getting the same exception while calling REST API using feign client.

yes.

CSRF protection may cause this issue

urielnat commented 5 years ago

how to disable the CSRF protection?

vjaybhas1 commented 5 years ago

how to disable the CSRF protection?

write the below line in your configuration class. http.csrf().disable();

la3rence commented 4 years ago

even I've disabled the csrf protection, this problem also happened...

pratikdandavate commented 4 years ago

Is there any yml configuration to pass headers to FeignClient so that no manual configuration is needed?

la3rence commented 4 years ago

Here's my solution. It's not safe but it worked:

@Configuration
public class WebMvcConfiguration implements WebMvcConfigurer {

    @Configuration
    public static class ApiWebSecurityConfiguration extends WebSecurityConfigurerAdapter {
        @Override
        public void configure(WebSecurity web) throws Exception {
            web.ignoring().antMatchers(
                    "/yourfeign/api",
                    "/otherfeign/noneedtoauth"
            );
        }
    }