Nacos1.4.3开启权限验证

1、nacos配置文件修改

#原false改为true
nacos.core.auth.enabled=true
#原默认值修改为
nacos.core.auth.default.token.secret.key=SecretKeyzxcvbnmasdeyzxcvbnmasdeyzxcvbnmasdeyzxcvbnmasdqwertyuiopqwertyuiop
#原默认值改掉
nacos.core.auth.server.identity.key=xxxx
nacos.core.auth.server.identity.value=xxxx

参考

Nacos 安全使用最佳实践 - 访问控制实践 | Nacos 官网

2、连接nacos的微服务添加nacos鉴权账号密码

环境变量配置文件 pojo-common.env

###################################### NACOS ##########################################################

NACOS_DISCOVERY_NAMESPACE=xxxx-xxxx-xxxx-8446-xxxx

NACOS_DISCOVERY_SERVER_ADDR=xxx.xxx.xxx.xxx:xxxxx

NACOS_CONFIG_NAMESPACE=xxxx-xxxx-xxxx-8446-xxxx

NACOS_CONFIG_SERVER_ADDR=xxx.xxx.xxx.xxx:xxxxx



NACOS_USERNAME=xxxx

NACOS_PASSWORD=xxxxxxxx

 启动脚本 service12g.sh

#!/bin/bash
JAVA_OPT="-Xms12288m -Xmx12288m -Xmn2048m -Xss10m -Dfile.encoding=utf-8 -Djava.security.egd=file:/dev/./urandom"

if [[ ! -z "${NACOS_DISCOVERY_NAMESPACE}" ]]; then
    JAVA_OPT="${JAVA_OPT} -Dspring.cloud.nacos.discovery.namespace=${NACOS_DISCOVERY_NAMESPACE}"
fi

if [[ ! -z "${NACOS_DISCOVERY_SERVER_ADDR}" ]]; then
    JAVA_OPT="${JAVA_OPT} -Dspring.cloud.nacos.discovery.server-addr=${NACOS_DISCOVERY_SERVER_ADDR}"
fi

if [[ ! -z "${NACOS_CONFIG_NAMESPACE}" ]]; then
    JAVA_OPT="${JAVA_OPT} -Dspring.cloud.nacos.config.namespace=${NACOS_CONFIG_NAMESPACE}"
fi

if [[ ! -z "${NACOS_CONFIG_SERVER_ADDR}" ]]; then
    JAVA_OPT="${JAVA_OPT} -Dspring.cloud.nacos.config.server-addr=${NACOS_CONFIG_SERVER_ADDR}"
fi


if [[ ! -z "${NACOS_USERNAME}" ]]; then
    JAVA_OPT="${JAVA_OPT} -Dspring.cloud.nacos.username=${NACOS_USERNAME}"
fi

if [[ ! -z "${NACOS_PASSWORD}" ]]; then
    JAVA_OPT="${JAVA_OPT} -Dspring.cloud.nacos.password=${NACOS_PASSWORD}"
fi


POJO_SERVICE="${JAVA_OPT} -jar ${POJO_BASE_DIR}/${POJO_SERVICE_NAME}.jar"

echo "-----------------------service start param:${POJO_SERVICE}-------------------------------"

nohup java ${POJO_SERVICE} > /dev/null

猜你喜欢

转载自blog.csdn.net/zsj777/article/details/140869719