-
Notifications
You must be signed in to change notification settings - Fork 12.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
docker2.1.1 设置NACOS_AUTH_ENABLE=true 后,修改密码返回session expired! 无法修改成功 #9109
Comments
用ng代理之类的? |
docker pull nacos/nacos-server:v2.1.1 直接用的这个 |
@zhangxun-lime 我这边没复现, |
清理一下浏览器缓存再试试呢 |
非常抱歉,重新进行了测试,docker run 启动确实是正常的。 实际是在k8s部署的情况下发生的,
如果不配置NACOS_AUTH_ENABLE,则可以正常修改用户密码 |
@zhangxun-lime @KomachiSion 我在K8S环境下部署,也是碰到了同样的情况 请问如何解决? |
request中未获取到session |
这个问题怎么解决得???? |
private boolean hasPermission(String username, HttpServletRequest request) throws HttpSessionRequiredException {
if (!authConfigs.isAuthEnabled()) {
return true;
}
NacosUser user = (NacosUser) request.getSession().getAttribute(AuthConstants.NACOS_USER_KEY);
// k8s中集群中获取不到
if (user == null) {
throw new HttpSessionRequiredException("session expired!");
}
// admin
if (user.isGlobalAdmin()) {
return true;
}
// same user
return user.getUserName().equals(username);
} private NacosUser getNacosUser(String token) {
Authentication authentication = tokenManager.getAuthentication(token);
SecurityContextHolder.getContext().setAuthentication(authentication);
String username = authentication.getName();
NacosUser user = new NacosUser();
user.setUserName(username);
user.setToken(token);
List<RoleInfo> roleInfoList = roleService.getRoles(username);
if (roleInfoList != null) {
for (RoleInfo roleInfo : roleInfoList) {
if (roleInfo.getRole().equals(AuthConstants.GLOBAL_ADMIN_ROLE)) {
user.setGlobalAdmin(true);
break;
}
}
}
return user;
} Session中获取用户 改为了token获取用户 |
docker2.1.1
设置NACOS_AUTH_ENABLE=true 后,无法修改密码
修改密码返回session expired! ,跳回到登陆页
接口返回:
{
"timestamp": "2022-09-07T15:28:01.867+08:00",
"status": 401,
"error": "Unauthorized",
"message": "session expired!",
"path": "/nacos/v1/auth/users"
}
不设置NACOS_AUTH_ENABLE=true ,可以成功修改密码
同样,管理员也无法修改其他用户的密码,同样的报错
The text was updated successfully, but these errors were encountered: