调后端接口返回403 Forbidden

Blade 未结 1 683
大白菜
大白菜 剑圣 2022-10-04 16:46

一、该问题的重现步骤是什么?

我给前端加了个域名,走域控里过了一遍,再调用后端登录接口时报

403 Forbidden ( The server denied the specified Uniform Resource Locator (URL). Contact the server administrator. )

下图是我postman的调用结果,走前端过了一遍再通过Nginx反向代理到的后端

image.png

后端gateway的控制台信息如下:

================ Gateway Request Start  ================

===> POST: /blade-auth/oauth/token?tenantId=000000&code=1111121&grant_type=sso&scope=all

===Headers===  Host: weixintest.dbc.com.cn

===Headers===  X-Real-IP: 192.168.11.248

===Headers===  X-Forwarded-For: 192.168.11.248

===Headers===  Connection: close

===Headers===  Reverse-Via: FOREFRONT

===Headers===  User-Agent: PostmanRuntime/7.6.0

===Headers===  tenant-Id: 000000

===Headers===  cache-control: no-cache

===Headers===  Postman-Token: b9475819-23bf-4db7-9b1e-35cf130bf4af

===Headers===  Accept: */*

===Headers===  content-length: 0

================  Gateway Request End  =================


2022-10-04 16:29:11.514  INFO 14264 --- [ctor-http-nio-5] o.s.g.filter.GlobalResponseLogFilter     : 


================ Gateway Response Start  ================

<=== 401 POST: /blade-auth/oauth/token?tenantId=000000&code=1111121&grant_type=sso&scope=all

===Headers===  transfer-encoding: chunked

===Headers===  Expires: 0

===Headers===  Cache-Control: no-cache, no-store, max-age=0, must-revalidate

===Headers===  X-XSS-Protection: 1; mode=block

===Headers===  Pragma: no-cache

===Headers===  X-Frame-Options: DENY

===Headers===  Date: Tue, 04 Oct 2022 08:29:11 GMT

===Headers===  WWW-Authenticate: Basic realm="oauth2/client"

===Headers===  X-Content-Type-Options: nosniff

===Headers===  Content-Type: application/json;charset=UTF-8

===Headers===  connection: close

================  Gateway Response End  =================


我将域名换成了前端的ip+端口的形式,再通过Nginx反向代理调后端接口时就又没问题了

image.png

此时的gateway控制台信息如下:

================ Gateway Request Start  ================

===> POST: /blade-auth/oauth/token?tenantId=000000&code=1111121&grant_type=sso&scope=all

===Headers===  Host: 10.81.48.114

===Headers===  X-Real-IP: 10.81.48.8

===Headers===  X-Forwarded-For: 10.81.48.8

===Headers===  Connection: close

===Headers===  Authorization: Basic c3dvcmQ6c3dvcmRfc2VjcmV0

===Headers===  tenant-Id: 000000

===Headers===  cache-control: no-cache

===Headers===  Postman-Token: 0054ca21-d19e-405b-b8fe-79822d284b74

===Headers===  User-Agent: PostmanRuntime/7.6.0

===Headers===  Accept: */*

===Headers===  accept-encoding: gzip, deflate

===Headers===  content-length: 0

================  Gateway Request End  =================


2022-10-04 16:28:42.051  INFO 14264 --- [ctor-http-nio-3] o.s.g.filter.GlobalResponseLogFilter     : 


================ Gateway Response Start  ================

<=== 200 POST: /blade-auth/oauth/token?tenantId=000000&code=1111121&grant_type=sso&scope=all

===Headers===  transfer-encoding: chunked

===Headers===  Cache-Control: no-store

===Headers===  X-XSS-Protection: 1; mode=block

===Headers===  Pragma: no-cache

===Headers===  X-Frame-Options: DENY

===Headers===  Date: Tue, 04 Oct 2022 08:28:42 GMT

===Headers===  X-Content-Type-Options: nosniff

===Headers===  Content-Type: application/json;charset=UTF-8

===Headers===  connection: close

================  Gateway Response End  =================


我后端放在10.81.48.58,前端Nginx服务器的ip是10.81.48.114,而走域名访问之后后端gateway控制台信息显示来源地址为192.168.11.248,这个应该是域控的地址


请问大佬,这个是不是走了域控之后调用ip和gateway的ip不在同一网段导致的呀,这个该怎么解决呢?


二、你期待的结果是什么?实际看到的又是什么?


三、你正在使用的是什么产品,什么版本?在什么操作系统上?


四、请提供详细的错误堆栈信息,这很重要。


五、若有更多详细信息,请在下面提供。

1条回答
  • 看你的介绍,代码服务部署运行是没问题的。就是域名配置这块出的问题,检查一下域名映射和nginx的配置吧。

    0 讨论(0)
提交回复