From fc623f3251fb0013715a3aca4cdec9bde308f1ea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A0=81=E5=8C=A0=E5=90=9B?= Date: Tue, 28 May 2024 16:56:17 +0800 Subject: [PATCH] =?UTF-8?q?[=E4=BF=AE=E5=A4=8D]=20=E4=BF=AE=E5=A4=8D?= =?UTF-8?q?=E6=8E=88=E6=9D=83=E6=9C=8D=E5=8A=A1=E5=99=A8=20Security=20Secu?= =?UTF-8?q?rity=20=E6=B2=A1=E6=9C=89=E6=8D=95=E8=8E=B7=E4=B8=8D=E4=BC=9A?= =?UTF-8?q?=E6=8C=89=E7=85=A7=E7=BB=9F=E4=B8=80=E6=A0=BC=E5=BC=8F=E8=BE=93?= =?UTF-8?q?=E5=87=BA=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../windows/herodotus/env.base.yml | 38 ++++++++----------- .../AuthorizationServerAutoConfiguration.java | 2 + .../src/main/resources/bootstrap.yml | 2 +- .../src/main/resources/bootstrap.yml | 2 +- 4 files changed, 20 insertions(+), 24 deletions(-) diff --git a/configurations/docker/docker-compose/windows/herodotus/env.base.yml b/configurations/docker/docker-compose/windows/herodotus/env.base.yml index e6b1c96bc..ba0b8ad1a 100644 --- a/configurations/docker/docker-compose/windows/herodotus/env.base.yml +++ b/configurations/docker/docker-compose/windows/herodotus/env.base.yml @@ -29,32 +29,26 @@ services: - "9848:9848" - "9849:9849" - zookeeper: - image: debezium/zookeeper:2.6 - container_name: zookeeper - environment: - ZOOKEEPER_SERVER_ID: 1 - ports: - - "2181:2181" - - "2888:2888" - - "3888:3888" - kafka: - image: debezium/kafka:2.6 + image: apache/kafka:3.7.0 container_name: kafka + hostname: broker + environment: + KAFKA_NODE_ID: 1 + KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: 'CONTROLLER:PLAINTEXT,PLAINTEXT:PLAINTEXT,PLAINTEXT_HOST:PLAINTEXT' + KAFKA_ADVERTISED_LISTENERS: 'PLAINTEXT_HOST://192.168.101.10:9092,PLAINTEXT://broker:19092' + KAFKA_PROCESS_ROLES: 'broker,controller' + KAFKA_CONTROLLER_QUORUM_VOTERS: '1@broker:29093' + KAFKA_LISTENERS: 'CONTROLLER://:29093,PLAINTEXT_HOST://:9092,PLAINTEXT://:19092' + KAFKA_INTER_BROKER_LISTENER_NAME: 'PLAINTEXT' + KAFKA_CONTROLLER_LISTENER_NAMES: 'CONTROLLER' + KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1 + KAFKA_GROUP_INITIAL_REBALANCE_DELAY_MS: 0 + KAFKA_TRANSACTION_STATE_LOG_MIN_ISR: 1 + KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR: 1 ports: - "9092:9092" - environment: - BROKER_ID: 1 - ZOOKEEPER_CONNECT: zookeeper:2181 - KAFKA_LISTENERS: LISTENER_INNER://kafka:29092,LISTENER_OUTER://0.0.0.0:9092 - KAFKA_ADVERTISED_LISTENERS: LISTENER_INNER://kafka:29092,LISTENER_OUTER://192.168.101.10:9092 - KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: LISTENER_INNER:PLAINTEXT,LISTENER_OUTER:PLAINTEXT - KAFKA_INTER_BROKER_LISTENER_NAME: LISTENER_INNER - KAFKA_ALLOW_PLAINTEXT_LISTENER: 'yes' - KAFKA_AUTO_CREATE_TOPICS_ENABLE: 'true' - depends_on: - - zookeeper + sentinel: image: herodotus/sentinel-dashboard:1.8.7 container_name: sentinel-dashboard diff --git a/packages/authentication-spring-boot-starter/src/main/java/cn/herodotus/cloud/authentication/autoconfigure/AuthorizationServerAutoConfiguration.java b/packages/authentication-spring-boot-starter/src/main/java/cn/herodotus/cloud/authentication/autoconfigure/AuthorizationServerAutoConfiguration.java index 4a6cd268f..5de3d9a49 100644 --- a/packages/authentication-spring-boot-starter/src/main/java/cn/herodotus/cloud/authentication/autoconfigure/AuthorizationServerAutoConfiguration.java +++ b/packages/authentication-spring-boot-starter/src/main/java/cn/herodotus/cloud/authentication/autoconfigure/AuthorizationServerAutoConfiguration.java @@ -27,6 +27,7 @@ import cn.herodotus.stirrup.core.identity.service.ClientDetailsService; import cn.herodotus.stirrup.logic.identity.response.OAuth2DeviceVerificationResponseHandler; import cn.herodotus.stirrup.oauth2.authentication.autoconfigure.customizer.OAuth2AuthorizationServerConfigurerCustomizer; +import cn.herodotus.stirrup.oauth2.authentication.autoconfigure.customizer.OAuth2ExceptionHandlingConfigurerCustomizer; import cn.herodotus.stirrup.oauth2.authentication.autoconfigure.response.OidcClientRegistrationResponseHandler; import cn.herodotus.stirrup.oauth2.authentication.configurer.OAuth2AuthenticationProviderConfigurer; import cn.herodotus.stirrup.oauth2.authentication.customizer.OAuth2FormLoginConfigurerCustomizer; @@ -123,6 +124,7 @@ public SecurityFilterChain authorizationServerSecurityFilterChain( .formLogin(oauth2FormLoginConfigurerCustomizer) .sessionManagement(oauth2sessionManagementConfigurerCustomer) .addFilterBefore(new MultiTenantFilter(), AuthorizationFilter.class) + .exceptionHandling(new OAuth2ExceptionHandlingConfigurerCustomizer()) // 不配置 oauth2ResourceServer 就不会启用BearerTokenAuthenticationFilter .oauth2ResourceServer(oauth2ResourceServerConfigurerCustomer) .with(new OAuth2AuthenticationProviderConfigurer(sessionRegistry, passwordEncoder, userDetailsService, oauth2AuthenticationProperties), (configurer) -> { diff --git a/platform/herodotus-cloud-uaa/src/main/resources/bootstrap.yml b/platform/herodotus-cloud-uaa/src/main/resources/bootstrap.yml index 39d71d8c5..1c9ed468d 100644 --- a/platform/herodotus-cloud-uaa/src/main/resources/bootstrap.yml +++ b/platform/herodotus-cloud-uaa/src/main/resources/bootstrap.yml @@ -75,7 +75,7 @@ logging: com.ulisesbocchio: error # 开发、调试需要的日志 cn.herodotus: debug - org.springframework.security: info + org.springframework.security: trace org.springframework.web: info com.alicp.jetcache: trace org.springframework.cloud.bus: info diff --git a/platform/herodotus-cloud-upms/src/main/resources/bootstrap.yml b/platform/herodotus-cloud-upms/src/main/resources/bootstrap.yml index e96e36e23..254d123d1 100644 --- a/platform/herodotus-cloud-upms/src/main/resources/bootstrap.yml +++ b/platform/herodotus-cloud-upms/src/main/resources/bootstrap.yml @@ -79,7 +79,7 @@ logging: org.apache.kafka: warn grpc: server: - port: 6070 + port: 5070 --- # spring cloud tencent 基础设施配置