spring-cloud-alibaba [Solution] How to configure Nacos auth based on Spring Cloud Alibaba 2.2.0.RELEASE

t1qtbnec  于 2023-02-04  发布在  Spring
关注(0)|答案(8)|浏览(314)

Introduction

This issue will help you how to configure Spring Cloud Alibaba application(s) working on Nacos Server 1.2.0+ with authentication.

Prerequisites

  • Nacos Server 1.2.0+ enabing authentication feature [ Guide ]

  • Spring Cloud Alibaba 2.2.0.RELEASE using artifcats

  • com.alibaba.cloud:spring-cloud-starter-alibaba-nacos-discovery

  • com.alibaba.cloud:spring-cloud-starter-alibaba-nacos-config

How to configure

Upgrading the nacos-client API

Upgrading the com.alibaba.nacos:nacos-client API into the dependencies of pom.xml

<dependency>
            <groupId>com.alibaba.nacos</groupId>
            <artifactId>nacos-client</artifactId>
            <version>1.2.1</version>
        </dependency>

Adding the externalized properties

  • For Spring Cloud Alibaba Nacos Discovery

Adding folloing properties into application.properties or application.yaml

spring.cloud.nacos.discovery.username = nacos
spring.cloud.nacos.discovery.password = nacos
  • For Spring Cloud Alibaba Nacos Config

Adding folloing properties into bootstrap.properties or bootstrap.yaml

spring.cloud.nacos.config.username=nacos
spring.cloud.nacos.config.password=nacos
spring.cloud.nacos.config.contextPath=/nacos
gv8xihay

gv8xihay1#

我按照指示全做了并不起作用

om.alibaba.nacos.api.exception.NacosException: failed to req API:/api//nacos/v1/ns/instance after all servers([127.0.0.1:8848]) tried: <html><body><h1>Whitelabel Error Page</h1><p>This application has no explicit mapping for /error, so you are seeing this as a fallback.</p><div id='created'>Tue Mar 31 22:47:34 CST 2020</div><div>There was an unexpected error (type=Forbidden, status=403).</div><div>unknown user!</div></body></html>
	at com.alibaba.nacos.client.naming.net.NamingProxy.reqAPI(NamingProxy.java:496) ~[nacos-client-1.2.1.jar:na]
	at com.alibaba.nacos.client.naming.net.NamingProxy.reqAPI(NamingProxy.java:401) ~[nacos-client-1.2.1.jar:na]
	at com.alibaba.nacos.client.naming.net.NamingProxy.reqAPI(NamingProxy.java:397) ~[nacos-client-1.2.1.jar:na]
	at com.alibaba.nacos.client.naming.net.NamingProxy.registerService(NamingProxy.java:212) ~[nacos-client-1.2.1.jar:na]
	at com.alibaba.nacos.client.naming.NacosNamingService.registerInstance(NacosNamingService.java:207) ~[nacos-client-1.2.1.jar:na]
	at com.alibaba.cloud.nacos.registry.NacosServiceRegistry.register(NacosServiceRegistry.java:63) ~[spring-cloud-alibaba-nacos-discovery-2.0.1.RELEASE.jar:2.0.1.RELEASE]
	at org.springframework.cloud.client.serviceregistry.AbstractAutoServiceRegistration.register(AbstractAutoServiceRegistration.java:211) [spring-cloud-commons-2.0.4.RELEASE.jar:2.0.4.RELEASE]
	at com.alibaba.cloud.nacos.registry.NacosAutoServiceRegistration.register(NacosAutoServiceRegistration.java:75) [spring-cloud-alibaba-nacos-discovery-2.0.1.RELEASE.jar:2.0.1.RELEASE]
	at org.springframework.cloud.client.serviceregistry.AbstractAutoServiceRegistration.start(AbstractAutoServiceRegistration.java:110) [spring-cloud-commons-2.0.4.RELEASE.jar:2.0.4.RELEASE]
	at org.springframework.cloud.client.serviceregistry.AbstractAutoServiceRegistration.bind(AbstractAutoServiceRegistration.java:74) [spring-cloud-commons-2.0.4.RELEASE.jar:2.0.4.RELEASE]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_232]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_232]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_232]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_232]
	at org.springframework.context.event.ApplicationListenerMethodAdapter.doInvoke(ApplicationListenerMethodAdapter.java:262) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
	at org.springframework.context.event.ApplicationListenerMethodAdapter.processEvent(ApplicationListenerMethodAdapter.java:180) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
	at org.springframework.context.event.ApplicationListenerMethodAdapter.onApplicationEvent(ApplicationListenerMethodAdapter.java:142) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
	at org.springframework.context.event.SimpleApplicationEventMulticaster.doInvokeListener(SimpleApplicationEventMulticaster.java:172) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
	at org.springframework.context.event.SimpleApplicationEventMulticaster.invokeListener(SimpleApplicationEventMulticaster.java:165) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
	at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:139) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
	at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:404) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
	at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:358) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
	at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.finishRefresh(ServletWebServerApplicationContext.java:166) [spring-boot-2.0.9.RELEASE.jar:2.0.9.RELEASE]
	at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:554) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
	at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:142) [spring-boot-2.0.9.RELEASE.jar:2.0.9.RELEASE]
	at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:754) [spring-boot-2.0.9.RELEASE.jar:2.0.9.RELEASE]
	at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:386) [spring-boot-2.0.9.RELEASE.jar:2.0.9.RELEASE]
	at org.springframework.boot.SpringApplication.run(SpringApplication.java:307) [spring-boot-2.0.9.RELEASE.jar:2.0.9.RELEASE]
	at org.springframework.boot.SpringApplication.run(SpringApplication.java:1242) [spring-boot-2.0.9.RELEASE.jar:2.0.9.RELEASE]
	at org.springframework.boot.SpringApplication.run(SpringApplication.java:1230) [spring-boot-2.0.9.RELEASE.jar:2.0.9.RELEASE]
	at cn.izrh.client.AlibabaNacosDiscoveryClientCommonApplication.main(AlibabaNacosDiscoveryClientCommonApplication.java:24) [classes/:na]

升级之后,nacos配置文件nacos.core.auth.enable=false依然会有登录密码并且固定为nacos/nacos,并且会有上述报错,如果设置成false,按照上文给出的配置做,就可以,但是账号密码固定死是nacos/nacos,数据库自定义的账号密码并没有发挥作用。

iklwldmw

iklwldmw2#

我按照指示全做了并不起作用
om.alibaba.nacos.api.exception.NacosException: failed to req API:/api//nacos/v1/ns/instance after all servers([127.0.0.1:8848]) tried:

Whitelabel Error Page

This application has no explicit mapping for /error, so you are seeing this as a fallback.

Tue Mar 31 22:47:34 CST 2020
There was an unexpected error (type=Forbidden, status=403).
unknown user!

at com.alibaba.nacos.client.naming.net.NamingProxy.reqAPI(NamingProxy.java:496) ~[nacos-client-1.2.1.jar:na]
at com.alibaba.nacos.client.naming.net.NamingProxy.reqAPI(NamingProxy.java:401) ~[nacos-client-1.2.1.jar:na]
at com.alibaba.nacos.client.naming.net.NamingProxy.reqAPI(NamingProxy.java:397) ~[nacos-client-1.2.1.jar:na]
at com.alibaba.nacos.client.naming.net.NamingProxy.registerService(NamingProxy.java:212) ~[nacos-client-1.2.1.jar:na]
at com.alibaba.nacos.client.naming.NacosNamingService.registerInstance(NacosNamingService.java:207) ~[nacos-client-1.2.1.jar:na]
at com.alibaba.cloud.nacos.registry.NacosServiceRegistry.register(NacosServiceRegistry.java:63) ~[spring-cloud-alibaba-nacos-discovery-2.0.1.RELEASE.jar:2.0.1.RELEASE]
at org.springframework.cloud.client.serviceregistry.AbstractAutoServiceRegistration.register(AbstractAutoServiceRegistration.java:211) [spring-cloud-commons-2.0.4.RELEASE.jar:2.0.4.RELEASE]
at com.alibaba.cloud.nacos.registry.NacosAutoServiceRegistration.register(NacosAutoServiceRegistration.java:75) [spring-cloud-alibaba-nacos-discovery-2.0.1.RELEASE.jar:2.0.1.RELEASE]
at org.springframework.cloud.client.serviceregistry.AbstractAutoServiceRegistration.start(AbstractAutoServiceRegistration.java:110) [spring-cloud-commons-2.0.4.RELEASE.jar:2.0.4.RELEASE]
at org.springframework.cloud.client.serviceregistry.AbstractAutoServiceRegistration.bind(AbstractAutoServiceRegistration.java:74) [spring-cloud-commons-2.0.4.RELEASE.jar:2.0.4.RELEASE]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_232]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_232]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_232]
at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_232]
at org.springframework.context.event.ApplicationListenerMethodAdapter.doInvoke(ApplicationListenerMethodAdapter.java:262) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
at org.springframework.context.event.ApplicationListenerMethodAdapter.processEvent(ApplicationListenerMethodAdapter.java:180) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
at org.springframework.context.event.ApplicationListenerMethodAdapter.onApplicationEvent(ApplicationListenerMethodAdapter.java:142) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
at org.springframework.context.event.SimpleApplicationEventMulticaster.doInvokeListener(SimpleApplicationEventMulticaster.java:172) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
at org.springframework.context.event.SimpleApplicationEventMulticaster.invokeListener(SimpleApplicationEventMulticaster.java:165) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:139) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:404) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:358) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.finishRefresh(ServletWebServerApplicationContext.java:166) [spring-boot-2.0.9.RELEASE.jar:2.0.9.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:554) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:142) [spring-boot-2.0.9.RELEASE.jar:2.0.9.RELEASE]
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:754) [spring-boot-2.0.9.RELEASE.jar:2.0.9.RELEASE]
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:386) [spring-boot-2.0.9.RELEASE.jar:2.0.9.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:307) [spring-boot-2.0.9.RELEASE.jar:2.0.9.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1242) [spring-boot-2.0.9.RELEASE.jar:2.0.9.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1230) [spring-boot-2.0.9.RELEASE.jar:2.0.9.RELEASE]
at cn.izrh.client.AlibabaNacosDiscoveryClientCommonApplication.main(AlibabaNacosDiscoveryClientCommonApplication.java:24) [classes/:na]
升级之后,nacos配置文件nacos.core.auth.enable=false依然会有登录密码并且固定为nacos/nacos,并且会有上述报错,如果设置成false,按照上文给出的配置做,就可以,但是账号密码固定死是nacos/nacos,数据库自定义的账号密码并没有发挥作用。

It's just working on 2.2.0.RELEASE

yzuktlbb

yzuktlbb3#

我按照指示全做了并不起作用
om.alibaba.nacos.api.exception.NacosException: failed to req API:/api//nacos/v1/ns/instance after all servers([127.0.0.1:8848]) tried:

Whitelabel Error Page

This application has no explicit mapping for /error, so you are seeing this as a fallback.
Tue Mar 31 22:47:34 CST 2020
There was an unexpected error (type=Forbidden, status=403).
unknown user!
at com.alibaba.nacos.client.naming.net.NamingProxy.reqAPI(NamingProxy.java:496) ~[nacos-client-1.2.1.jar:na]
at com.alibaba.nacos.client.naming.net.NamingProxy.reqAPI(NamingProxy.java:401) ~[nacos-client-1.2.1.jar:na]
at com.alibaba.nacos.client.naming.net.NamingProxy.reqAPI(NamingProxy.java:397) ~[nacos-client-1.2.1.jar:na]
at com.alibaba.nacos.client.naming.net.NamingProxy.registerService(NamingProxy.java:212) ~[nacos-client-1.2.1.jar:na]
at com.alibaba.nacos.client.naming.NacosNamingService.registerInstance(NacosNamingService.java:207) ~[nacos-client-1.2.1.jar:na]
at com.alibaba.cloud.nacos.registry.NacosServiceRegistry.register(NacosServiceRegistry.java:63) ~[spring-cloud-alibaba-nacos-discovery-2.0.1.RELEASE.jar:2.0.1.RELEASE]
at org.springframework.cloud.client.serviceregistry.AbstractAutoServiceRegistration.register(AbstractAutoServiceRegistration.java:211) [spring-cloud-commons-2.0.4.RELEASE.jar:2.0.4.RELEASE]
at com.alibaba.cloud.nacos.registry.NacosAutoServiceRegistration.register(NacosAutoServiceRegistration.java:75) [spring-cloud-alibaba-nacos-discovery-2.0.1.RELEASE.jar:2.0.1.RELEASE]
at org.springframework.cloud.client.serviceregistry.AbstractAutoServiceRegistration.start(AbstractAutoServiceRegistration.java:110) [spring-cloud-commons-2.0.4.RELEASE.jar:2.0.4.RELEASE]
at org.springframework.cloud.client.serviceregistry.AbstractAutoServiceRegistration.bind(AbstractAutoServiceRegistration.java:74) [spring-cloud-commons-2.0.4.RELEASE.jar:2.0.4.RELEASE]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_232]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_232]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_232]
at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_232]
at org.springframework.context.event.ApplicationListenerMethodAdapter.doInvoke(ApplicationListenerMethodAdapter.java:262) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
at org.springframework.context.event.ApplicationListenerMethodAdapter.processEvent(ApplicationListenerMethodAdapter.java:180) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
at org.springframework.context.event.ApplicationListenerMethodAdapter.onApplicationEvent(ApplicationListenerMethodAdapter.java:142) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
at org.springframework.context.event.SimpleApplicationEventMulticaster.doInvokeListener(SimpleApplicationEventMulticaster.java:172) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
at org.springframework.context.event.SimpleApplicationEventMulticaster.invokeListener(SimpleApplicationEventMulticaster.java:165) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:139) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:404) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:358) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.finishRefresh(ServletWebServerApplicationContext.java:166) [spring-boot-2.0.9.RELEASE.jar:2.0.9.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:554) [spring-context-5.0.13.RELEASE.jar:5.0.13.RELEASE]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:142) [spring-boot-2.0.9.RELEASE.jar:2.0.9.RELEASE]
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:754) [spring-boot-2.0.9.RELEASE.jar:2.0.9.RELEASE]
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:386) [spring-boot-2.0.9.RELEASE.jar:2.0.9.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:307) [spring-boot-2.0.9.RELEASE.jar:2.0.9.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1242) [spring-boot-2.0.9.RELEASE.jar:2.0.9.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1230) [spring-boot-2.0.9.RELEASE.jar:2.0.9.RELEASE]
at cn.izrh.client.AlibabaNacosDiscoveryClientCommonApplication.main(AlibabaNacosDiscoveryClientCommonApplication.java:24) [classes/:na]
升级之后,nacos配置文件nacos.core.auth.enable=false依然会有登录密码并且固定为nacos/nacos,并且会有上述报错,如果设置成false,按照上文给出的配置做,就可以,但是账号密码固定死是nacos/nacos,数据库自定义的账号密码并没有发挥作用。

It's just working on 2.2.0.RELEASE

我用的就是2.2.0.RELEASE

fwzugrvs

fwzugrvs4#

Reference this dependency:

<dependencyManagement>
        <dependencies>
            <!--Spring Cloud-->
            <dependency>
                <groupId>org.springframework.cloud</groupId>
                <artifactId>spring-cloud-dependencies</artifactId>
                <version>Hoxton.RELEASE</version>
                <type>pom</type>
                <scope>import</scope>
            </dependency>
            <!--Spring Cloud Alibaba-->
            <dependency>
                <groupId>com.alibaba.cloud</groupId>
                <artifactId>spring-cloud-alibaba-dependencies</artifactId>
                <version>2.2.0.RELEASE</version>
                <type>pom</type>
                <scope>import</scope>
            </dependency>
        </dependencies>
    </dependencyManagement>
   <dependencies>
        <dependency>
            <groupId>com.alibaba.nacos</groupId>
            <artifactId>nacos-client</artifactId>
            <version>1.2.1</version>
        </dependency>

        <!-- Nacos Discovery -->
        <dependency>
            <groupId>com.alibaba.cloud</groupId>
            <artifactId>spring-cloud-starter-alibaba-nacos-discovery</artifactId>
            <exclusions>
                <exclusion>
                    <groupId>com.alibaba.nacos</groupId>
                    <artifactId>nacos-client</artifactId>
                </exclusion>
            </exclusions>
        </dependency>

        <!-- Nacos Config -->
        <dependency>
            <groupId>com.alibaba.cloud</groupId>
            <artifactId>spring-cloud-starter-alibaba-nacos-config</artifactId>
            <exclusions>
                <exclusion>
                    <groupId>com.alibaba.nacos</groupId>
                    <artifactId>nacos-client</artifactId>
                </exclusion>
            </exclusions>
        </dependency>
   </dependencies>
7cjasjjr

7cjasjjr5#

This is different from the sample project initialized by https://start.aliyun.com/ . The sample project downloaded from this website contains only the configuration of spring.cloud.nacos.username and spring.cloud.nacos.password.

Understand from what angle you need to refine the discovery and config passwords, shouldn't they be the same?

In fact, this increases the cost of building the skeleton of the project.The developer needs to manually change the pom file in the example project, and the configuration you specify will only take effect in bootstrap, not application.properties, which is very troublesome.
Looking forward to a better solution?

ttisahbt

ttisahbt6#

This is different from the sample project initialized by https://start.aliyun.com/ . The sample project downloaded from this website contains only the configuration of spring.cloud.nacos.username and spring.cloud.nacos.password.

Understand from what angle you need to refine the discovery and config passwords, shouldn't they be the same?

In fact, this increases the cost of building the skeleton of the project.The developer needs to manually change the pom file in the example project, and the configuration you specify will only take effect in bootstrap, not application.properties, which is very troublesome.
Looking forward to a better solution?

yes, we are a temporary solution, the configuration items you mentioned will be supported in the next version.

xzv2uavs

xzv2uavs7#

This is different from the sample project initialized by https://start.aliyun.com/ . The sample project downloaded from this website contains only the configuration of spring.cloud.nacos.username and spring.cloud.nacos.password.
Understand from what angle you need to refine the discovery and config passwords, shouldn't they be the same?
In fact, this increases the cost of building the skeleton of the project.The developer needs to manually change the pom file in the example project, and the configuration you specify will only take effect in bootstrap, not application.properties, which is very troublesome.
Looking forward to a better solution?

yes, we are a temporary solution, the configuration items you mentioned will be supported in the next version.

thanks

5sxhfpxr

5sxhfpxr8#

我这边可以用用户名和密码连接nacos服务器,需要注意以下几点:
1、nacos-client的版本要与服务器版本匹配
2、使用的用户需要有读写权限,因为获取配置文件需要读的权限,服务注册需要写的权限

相关问题