对外暴露虚假的地址,真实地址限制为内部调用。当对外地址转发到内部服务器,可做拦截、验证等等,校验通过后,再做静态转发。代码如下:
#nginx 配置 #对外暴露的地址 location /public/api { proxy_pass http://192.168.0.100:10086; index index.html index.htm; } #真实服务地址 location /private/api { # 限制为内部调用 internal; proxy_pass http://192.168.0.200:10010; index index.html index.htm; }
// 192.168.0.100:10086端口后台服务 import lombok.extern.slf4j.Slf4j; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @Slf4j @RestController public class TestController { @RequestMapping(value = "/**") public void auth (@RequestBody String body, HttpServletRequest request, HttpServletResponse response) { String requestURI = request.getRequestURI(); // TODO 完善自己的验证规则 if(requestURI.startsWith("/public/")){ response.setStatus(500); return; } // TODO 完善自己的路由规则 String interForwardURL = requestURI.replaceAll("/public/", "/private/"); response.addHeader("X-Accel-Redirect",interForwardURL); response.setStatus(200); } }
// 192.168.0.200:10010 后台服务 @RestController @RequestMapping("/private") public class TestController { @RequestMapping(value ="/api",method = {RequestMethod.GET,RequestMethod.POST}) public void testMethod(@RequestBody TestDTO testDTO){ System.out.println("success"); } }
http://192.168.0.200:10010/private/api 请求失败(404 Not Found)
http://192.168.0.100:10086/public/api 请求成功(200 OK)
欢迎分享,转载请注明来源:内存溢出
评论列表(0条)