当在8080端口上运行moqui时,并通过api直接访问它
curl -X GET -H "api_key: {apiKey}" http://localhost:8080/rest/s1/example/examples/TEST2
它返回示例 TEST2 的 json 结果。
但是当nginx放在mqoui应用程序前面时。代理到http://localhost:8080,则 api 访问失败,返回 403
{
"errorCode": 403,
"errors": "User null is not authorized for View on REST Path /example/examples/{exampleId}\nCurrent artifact info: [name:'/example/examples/{exampleId}', type:'AT_REST_PATH', action:'AUTHZA_VIEW', required: true, granted:false, user:'null', authz:'null', authAction:'null', inheritable:false, runningTime:0]\nCurrent artifact stack:\n[name:'/example/examples', type:'AT_REST_PATH', action:'AUTHZA_VIEW', required: false, granted:null, user:'null', authz:'null', authAction:'null', inheritable:false, runningTime:0]\n[name:'/example', type:'AT_REST_PATH', action:'AUTHZA_VIEW', required: false, granted:null, user:'null', authz:'null', authAction:'null', inheritable:false, runningTime:0]\n[name:'component://webroot/screen/webroot/rest.xml/s1', type:'AT_XML_SCREEN_TRANS', action:'AUTHZA_VIEW', required: false, granted:null, user:'null', authz:'null', authAction:'null', inheritable:false, runningTime:0]\n[name:'component://webroot/screen/webroot/rest.xml', type:'AT_XML_SCREEN', action:'AUTHZA_VIEW', required: false, granted:null, user:'null', authz:'null', authAction:'null', inheritable:false, runningTime:0]\n[name:'component://webroot/screen/webroot.xml', type:'AT_XML_SCREEN', action:'AUTHZA_VIEW', required: false, granted:null, user:'null', authz:'null', authAction:'null', inheritable:false, runningTime:0]"
}
看来 webFacade 没有通过 api_key 成功初始化 userFacade,因为错误中 user 为 null。
默认情况下,Nginx 不允许在标头名称中使用下划线 _。Moqui api使用包含下划线的api_key或login_key,因此api_key或login_key标头不会传递到后端moqui应用程序。
在 nginx 中启用标头名称中的下划线很简单,添加
underscores_in_headers on;
在 nginx 配置中的 http 或 server 指令中。
| 归档时间: |
|
| 查看次数: |
1808 次 |
| 最近记录: |