Hello Nicolai,
thanks a lot for the response about user authorization - i hope i may add to this topic regarding gateway and you can point in the correct direction:
By now our Microservice is ready to be hosted in our yuuvis instance (it actually already is) - but i am facing difficulties securing it via the gateway.
First of all i want to go with authentication via the gateway only and maybe add the checks on user permissions later as you pointed out a possible solution.
However, although i added it to the gateway-prod.yml file, the behaviour is not as expected:
1) I can still make direct calls to the microservice hosted within yuuvis from local postman without providing any credentials. I am not getting rejected with a 401 - unauthorized, just like an unauthorized call to the rest-ws service.
This is the address i am able to call the custom microservice at
http://<ouryuuvisinstance>:<port>/<myendpoint>
2) I can not use this microservice in BPM Scripts via the name <mymicroservice> as defined in gateway-prod.yml. This approach is explained in the documentation (in this case it is not finding the microservice within yuuvis)
https://help.optimal-systems.com/yuuvis_develop/display/onpremise/BPM+Server-Side+Scripting#BPMServer-SideScripting-HTTPBody Documentation:var response = $.http
.get()
.service('vacation')
.path('/status/{year}/{month}')
.param('year', '2017')
.param('month', '10')
.query('includeIllness', false)
.query('remainingHoliday', true)
.execute();
This is how i tried to add the custom microservice to our gateway-prod.yml config.
- name: 'mymicroservice'
url: 'http://localhost:3333'
Any ideas what topic i should check in order to reach intended behaviour of the gateway with custom microservices?
Thanks a lot
Best,Clemens