第一次下载Nacos,直接运行后出现异常错误:
Caused by: java.lang.IllegalArgumentException: The specified key byte array is 0 bits which is not secure enough for any JWT HMAC-SHA algorithm. The JWT JWA Specification (RFC 7518, Section 3.2) states that keys used with HMAC-SHA algorithms MUST have a size >= 256 bits (the key size must be greater than or equal to the hash output size). See https://tools.ietf.org/html/rfc7518#section-3.2 for more information.
at com.alibaba.nacos.plugin.auth.impl.jwt.NacosJwtParser.<init>(NacosJwtParser.java:56)
at com.alibaba.nacos.plugin.auth.impl.token.impl.JwtTokenManager.processProperties(JwtTokenManager.java:71)
... 115 common frames omitted
2023-03-23 11:20:14,716 WARN [ThreadPoolManager] Start destroying ThreadPool
查看某度、官方才知道,Nacos官方因前期爆出的权限漏洞,把安装包内的默认参数置空了,所以把application.properties文件修改如下:
nacos.core.auth.enabled=true
nacos.core.auth.system.type=nacos #启用
nacos.core.auth.plugin.nacos.token.secret.key=SecretKey012345678901234567890123456789012345678901234567890123456789 #官方默认参数,自行修改
然后再尝试运行,出现如下异常信息:
Caused by: com.alibaba.nacos.api.exception.NacosException: Empty identity, Please set `nacos.core.auth.server.identity.key` and `nacos.core.auth.server.identity.value`, detail: https://nacos.io/zh-cn/docs/v2/guide/user/auth.html
at com.alibaba.nacos.auth.config.AuthConfigs.validate(AuthConfigs.java:100)
at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:104)
at java.base/java.lang.reflect.Method.invoke(Method.java:578)
at org.springframework.beans.factory.annotation.InitDestroyAnnotationBeanPostProcessor$LifecycleElement.invoke(InitDestroyAnnotationBeanPostProcessor.java:389)
at org.springframework.beans.factory.annotation.InitDestroyAnnotationBeanPostProcessor$LifecycleMetadata.invokeInitMethods(InitDestroyAnnotationBeanPostProcessor.java:333)
at org.springframework.beans.factory.annotation.InitDestroyAnnotationBeanPostProcessor.postProcessBeforeInitialization(InitDestroyAnnotationBeanPostProcessor.java:157)
修改参数配置文件:
### The two properties is the white list for auth and used by identity the request from other server.
nacos.core.auth.server.identity.key=test
nacos.core.auth.server.identity.value=test
修改后,运行成功!
标签:
spring cloud
本文转载自: https://blog.csdn.net/guyan999/article/details/129727150
版权归原作者 96Code 所有, 如有侵权,请联系我们删除。
版权归原作者 96Code 所有, 如有侵权,请联系我们删除。