Commit Graph

327 Commits

Author SHA1 Message Date
KomachiSion
77b7377826 Move Conditions to persistence module. 2023-04-23 20:06:22 +08:00
Mike
ce371be9fc
Specify the GC as the CMS when jdk version less 9. (#10343) 2023-04-21 11:35:05 +08:00
wangshengji
aff7c49ed0
remove ambiguous comments (#10301)
* remove ambiguous comments

* remove ambiguous comments
2023-04-14 14:47:45 +08:00
杨翊 SionYang
e26dc2fb23
Merge pull request #10277 from alibaba/develop#10153
Develop#10153
2023-04-06 17:25:18 +08:00
杨翊 SionYang
89685a65ed
Don't stopping startup for illegal token.secret.key when auth.enabled is false. (#10265) 2023-04-03 18:36:43 +08:00
Zhaohui Yu
dcb1017c07
[ISSUE #10206] Optimize nacos default application.properties configuration (#10207)
* Optimize nacos default application.properties configuration:
1. expose prometheus endpoint for metrics.
2. expose health endpoint for SLB healthcheck.
3. switch on mbean for tomcat, so we can collect tomcat metrics.
4. use one file per hour for tomcat access log

* comment prometheus and health endpoint

* enable rotate
2023-04-03 13:45:45 +08:00
杨翊 SionYang
5fffde5bde
[ISSUE#10153] Add auth state into /state api and add announcement api. (#10203)
* Add ModuleState and use ModuleState replace ServerStateController.

* Add AuthModuleStateBuilder

* state接口使用ModuleState.

* Add announcement api.

* skip rat scan for announcement.conf

* default plugin open login page when auth.enabled=true.
2023-03-27 19:00:22 +08:00
悟空
f7756b7841
fix: typo: 秘钥->密钥 (#10182) 2023-03-27 09:49:02 +08:00
杨翊 SionYang
cdd2be65af
Remove identity default value. (#10108) 2023-03-16 11:08:33 +08:00
mroldx
a2f17da911
Update application.properties (#10078)
Optimize datasource name configuration reading
2023-03-13 11:37:25 +08:00
LeePui
22ff97d5d8
调整startup.sh关于gc log配置问题 (#10050)
startup.sh中对jdk9之前的gc log配置为十个gc文件,每个大小为100m,jdk9之后变为十个gc文件,每个大小为102400,实际上这里将每个gc文件大小设置为了100k
2023-03-09 11:06:01 +08:00
WangLiang/王良
6ba05fa7a8
Replace flatten-maven-plugin with easyj-maven-plugin (#9985)
* Replace `flatten-maven-plugin` with `easyj-maven-plugin`

* revert indent

* apache-rat-plugin exclude `.flattened-pom.xml`

* fix style

* optimize github action

* optimize github action

* fix dependencies

* upgrade easyj-maven-plugin to 1.1.5

* optimize github action

* optimize spring-boot-maven-plugin configuration
2023-03-02 10:43:08 +08:00
杨翊 SionYang
c04b0bbb44
Remove the default token.secret.key (#9992) 2023-02-22 10:52:13 +08:00
MajorHe1
5a8c567633
[ISSUE #9906] cache token to improve performance (#9914)
* [ISSUE #9906] cache token to improve performance

* [ISSUE #9906] add cache token enable switch to application.properties

* [ISSUE #9906] update javadoc

* [ISSUE #9906] update javadoc

* [ISSUE #9906] update unit test

* [ISSUE #9906] make ci rerun
2023-02-10 10:51:05 +08:00
云野
732e7012ab
Provide more configuration items to allow users to customize their grpc services to better optimize network performance. (#9806) 2023-01-11 09:47:15 +08:00
Karson
4bd5b7c85a
support prometheus sd (#9518) 2022-11-17 11:13:51 +08:00
David-wu91
e5bbfe704d
resolve issue #9318 add ldap filter config:caseSensitive (#9444)
* resolve issue #9318 add ldap filter config:caseSensitive

* resolve issue #9318 change code style

* resolve issue #9318 add unit test
2022-11-07 17:24:53 +08:00
Weizhan Yun
c3c7e1ba1c
[ISSUE #9367] fix auth plugin's property 'token.secret.key' base64 decode error. (#9380)
* 1. 修复密钥编码问题--为了避免歧义,密钥必须为base64编码的字符串;不再支持原始明文密钥。
2. JwtParser是线程安全的,重构为成员变量。

* 配置项保持明文字符串
2022-11-03 13:40:26 +08:00
无处不在
4a305f6584
[conf]Update group_id length from 255 to 128 (#9412) 2022-10-28 10:51:45 +08:00
杨翊 SionYang
7a23c56822
[ISSUE#7930] 2.2.0 remove some deprecated codes (#9368)
* Remove double write switch and upgrade from 1.X switch.

* Remove IFilterConfig.java

* Remove some deprecated constants and methods

* Remove some deprecated classes in nacos-core

* Remove some deprecated config

* Remove some deprecated codes in naming module

* Remove some deprecated codes in sys module

* Fix unit test

* Try to make UdpConnectorTest pass more easier.
2022-10-21 17:44:26 +08:00
KomachiSion
22169055ed Merge remote-tracking branch 'upstream/develop' into 2.2.0
# Conflicts:
#	naming/src/main/java/com/alibaba/nacos/naming/core/Cluster.java
2022-10-17 19:17:31 +08:00
karsonto
f27113b3b0 add some unit test 2022-09-20 15:37:35 +08:00
karsonto
8d75c28151 resolve issue #9175 add ldap filter config 2022-09-20 11:56:44 +08:00
onewe
c505a3f1f5
set server.error.include-message to ALWAYS (#9045) 2022-08-30 10:21:29 +08:00
KomachiSion
976f8a6729 Remove some old properties. 2022-08-29 20:19:04 +08:00
yjqg6666
cb3c78b93b
[#344] rename initialization sql files (#8969) 2022-08-25 16:54:18 +08:00
Weizhan Yun
b91abb83cb
fix #8947. (#8959) 2022-08-12 16:58:39 +08:00
onewe
29d472e94a
[ISSUE #8784] fix some bugs for Console UI (#8787)
* [ISSUE #8784] fix some bugs for Console UI

- add server.error.include-message property
- add no permission tip when push config
- use addAllowedOriginPattern instead of addAllowedOrigin
- remove RAM logic in the lib.js
- fix button type error and mode value error in NewConfig.js
- fix the password reset dialog can't show

Close #8784

* [ISSUE #8784] fix translate error

* [ISSUE #8784] user ON_PARAM instead of ALWAYS

* [ISSUE #8784] fix user reset password in the Header.js
2022-07-25 09:56:20 +08:00
draco1023
1a4759e7ba
Change the length of the id column of the his_config_info table to 20 (#8631) 2022-06-28 11:20:15 +08:00
onewe
b6db08bdd4
[ISSUE #8528] update server.tomcat.basedir default value (#8529)
Close #8528
2022-06-07 15:22:16 +08:00
Karson
fa09c65a30
Fix issue #7924 (#8062)
* Fix issue#7924

* reformat code style
2022-04-11 10:29:45 +08:00
李晓双 Li Xiao Shuang
88fb26cfc6
[ISSUE #5695] Add config encrypt spi for nacos server. (#7934)
* [ISSUE#5695] Add a plugin SPI for configuration encryption and decryption for Nacos 2.0 (#6655)

* Defines the interface

* 增加aes实现

* 客户端、服务端加解密实现

* 客户端、服务端加解密实现

* fix code quality (#6727)

* [ISSUE#5695] Add a plugin SPI for configuration encryption and decryption for Nacos 2.0, EncryptedDataKey is persisted (#6740)

* Defines the interface

* 增加aes实现

* 客户端、服务端加解密实现

* 客户端、服务端加解密实现

* 秘钥持久化

* 秘钥持久化

* [ISSUE#5695] Summer2021 Cache encryptedDataKey  (#6878)

* Defines the interface

* 增加aes实现

* 客户端、服务端加解密实现

* 客户端、服务端加解密实现

* 秘钥持久化

* 秘钥持久化

* 秘钥缓存到内存中

* 解决冲突

* 修改filter继承AbstractConfigFilter (#6879)

* [ISSUE#5695] Summer2021   EncryptedDataKey is persisted to Derby (#6882)

* [ISSUE#5695] Add a plugin SPI for configuration encryption and decryption for Nacos 2.0 (#6655)

* Defines the interface

* 增加aes实现

* 客户端、服务端加解密实现

* 客户端、服务端加解密实现

* fix code quality (#6727)

* # This is a combination of 6 commits.tree cf7a399f99c4d81b8667c8de06f5ceb8c79fb6f0
parent 8024ecf31bf23a9edab416be8a3bfd1c0e48ce5e
author 李晓双 Li Xiao Shuang <644968328@qq.com> 1630028256 +0800
committer lixiaoshuang <644968328@qq.com> 1631804378 +0800

# This is a combination of 3 commits.
# This is the 1st commit message:

[ISSUE#5695] Add a plugin SPI for configuration encryption and decryption for Nacos 2.0, EncryptedDataKey is persisted (#6740)

* Defines the interface

* 增加aes实现

* 客户端、服务端加解密实现

* 客户端、服务端加解密实现

* 秘钥持久化

* 秘钥持久化
# This is the commit message #2:

[ISSUE#5695] Summer2021 Cache encryptedDataKey  (#6878)

* Defines the interface

* 增加aes实现

* 客户端、服务端加解密实现

* 客户端、服务端加解密实现

* 秘钥持久化

* 秘钥持久化

* 秘钥缓存到内存中

* 解决冲突
# This is the commit message #3:

修改filter继承AbstractConfigFilter (#6879)


# This is the commit message #6:

客户端、服务端加解密实现

* parent 8024ecf31bf23a9edab416be8a3bfd1c0e48ce5e
author 李晓双 Li Xiao Shuang <644968328@qq.com> 1630028256 +0800
committer lixiaoshuang <644968328@qq.com> 1631805204 +0800

parent 8024ecf31bf23a9edab416be8a3bfd1c0e48ce5e
author 李晓双 Li Xiao Shuang <644968328@qq.com> 1630028256 +0800
committer lixiaoshuang <644968328@qq.com> 1631804378 +0800

[ISSUE#5695] Add a plugin SPI for configuration encryption and decryption for Nacos 2.0, EncryptedDataKey is persisted (#6740)

* 配置加解密插件

* derby支持秘钥存储

* 克隆功能兼容配置加解密 (#6913)

* [ISSUE#5695] Summer2021 Import/export compatible with configuration encryption and decryption (#6956)

* 克隆功能兼容配置加解密

* 导入导出兼容配置加解密

* 秘钥base64编码、更换AES加密模式 (#6974)

* [ISSUE#5695] Summer2021 add unit test for ConfigCryptoFilter (#6991)

* add unit test for ConfigCryptoFilter

* add unit test for ConfigCryptoFilter

* [ISSUE#5695] Summer2021 add unit test for CryptoExecutor (#6990)

* add unit test for CryptoExecutor

* add Copyright

* [ISSUE#5695] Summer2021  add unit test for CryptoManager (#6989)

* add unit test for CryptoManager

* add unit test for CryptoManager

* [ISSUE#5695] Summer2021 add unit test for AesCrypto (#6988)

* add unit test for AesCrypto

* update AesCryptoTest

* Increased iv randomness

* add default Iv

* fix javadoc

* fix unit test

* defining plugin intergace

* Replace the client encryption and decryption actuator

* Replace the server encryption and decryption actuator

* add unit test

* add unit test

* remove old code

* fix NacosConfigServiceTest

* Encryption and decryption to achieve migration

Co-authored-by: 杨翊 SionYang <263976490@qq.com>
2022-03-16 10:54:11 +08:00
KomachiSion
9020bb9d6e Move plugin config to nacos-auth-plugin-impl module. 2022-01-26 11:54:52 +08:00
KomachiSion
135ab364fe Move client spi to nacos-auth-plugin module 2022-01-21 15:40:02 +08:00
KomachiSion
78de31dbdd Merge remote-tracking branch 'upstream/develop' into issue#5696-merge-develop
# Conflicts:
#	auth/src/main/java/com/alibaba/nacos/auth/common/AuthConfigs.java
#	client/src/main/java/com/alibaba/nacos/client/config/impl/ClientWorker.java
#	client/src/main/java/com/alibaba/nacos/client/naming/NacosNamingMaintainService.java
#	client/src/main/java/com/alibaba/nacos/client/naming/remote/AbstractNamingClientProxy.java
#	client/src/main/java/com/alibaba/nacos/client/naming/remote/NamingClientProxyDelegate.java
#	client/src/test/java/com/alibaba/nacos/client/naming/remote/AbstractNamingClientProxyTest.java
2022-01-12 16:52:14 +08:00
杨翊 SionYang
b7910a6219
[ISSUE#5696] revert nacos server plugin implementation moved operation (#7636)
* Revert "[ISSUE#5696] Fix auth server type (#7004)"

This reverts commit e3b7f0e7

* Revert "add derby database (#6996)"

This reverts commit fea9d727

* Revert "Add MySQL DataBase (#6968)"

This reverts commit 3c0508d2

* Revert "[ISSUE #5696] Add auth server implement (#6901)"

This reverts commit 76ac8434

* Move JwtAuthenticationTokenFilter to security package.

* refactor constants about auth.
2022-01-12 16:45:18 +08:00
Roger3581321
0aeab6229f
Updated the copyright time (#7119) 2021-10-28 10:12:05 +08:00
Wuyunfan-BUPT
e3b7f0e79f
[ISSUE#5696] Fix auth server type (#7004)
* Add MySQL DataBase

* Add Derby Database

* Replace Auth Server

* Revise: change to AuthSystemType
2021-09-28 19:30:20 +08:00
Wuyunfan-BUPT
af8d04f59b
Revise Auth server plugin (#6890) 2021-09-16 14:11:28 +08:00
brotherlu-xcq
d2267d7bf3
[ISSUE #6609] fix the startup.sh problem. (#6739)
* [ISSUE #6737] fix the shell issue.

* [ISSUE #6737] fix the shell issue.
2021-08-27 09:33:47 +08:00
brotherlu-xcq
4aadcf8333
[ISSUE #6609] fix the shell issue using jdk more than 8. (#6725) 2021-08-24 09:43:29 +08:00
brotherlu-xcq
ba6e161353
[ISSUE #6301] [TASK 2] change the UI and startup shell to support custom selector config. (#6691) 2021-08-20 09:32:31 +08:00
Wuyunfan-BUPT
ac878582e4
[ISSUE#5696] Add auth plugin interface. (#6593)
* define plugin

* add User model

* add authContext

* add SPI

* add resource, modify request, reformat code

* copyright, Serverloader, IdentityContext

* add unit test

* modify ClassLoader, and delete GrantType

* delete redundancy code

* remove authservice default name

* Change to StringUtils
2021-08-13 13:43:58 +08:00
杨翊 SionYang
a5cc7178fc
[ISSUE#6403] the expired time of naming client can be configured. (#6422)
* add AbstractDynamicConfig

* Add ClientConfig

* use ClientConfig to remove expired client.

* For checkstyle

* Update application.properties
2021-07-23 14:03:46 +08:00
Zark Zheng
ece17fb223
Fix the Algorithm HmacSHA256 not available error when login(#6382) (#6409) 2021-07-23 10:41:38 +08:00
ixx
c0958269b0
Fix the problem of startup error when the JAVA_HOME path contains spaces under Linux/Unix/Mac system (#6335) 2021-07-14 09:55:23 +08:00
杨翊 SionYang
834c173959
Fix the error merge for application.properties (#5833) 2021-05-24 20:39:01 +08:00
杨翊 SionYang
71a0037f50
Refactor Distro Config as singleton and replace GlobalConfig (#5486)
* Refactor Distro Config as singleton and replace GlobalConfig

* Use configed timeout for distro sync and verify

* Fix IT error.
2021-04-25 16:50:10 +08:00
TouchZZZ
4b4d21d54f
support ldap login (#5225) 2021-04-12 10:09:16 +08:00
杨翊 SionYang
a50d9678ae
Push support config some parameters (#5307) 2021-04-08 17:25:31 +08:00