spring-cloud
Docs for adding authentication are wrong
The code snippets provided in the docs for adding authentication to the CuratorFramework suggest methods that don't exist i.e.
@BoostrapConfiguration
public class CustomCuratorFrameworkConfig {
@Bean
public CuratorFramework curatorFramework() {
CuratorFramework curator = new CuratorFramework();
curator.addAuthInfo("digest", "user:password".getBytes());
return curator;
}
}
And
@BoostrapConfiguration
public class DefaultCuratorFrameworkConfig {
public ZookeeperConfig(CuratorFramework curator) {
curator.addAuthInfo("digest", "user:password".getBytes());
}
The CuratorFramework interface doesn't have a method called addAuthInfo, and the code snippet also has @BootstrapConfiguration spelled incorrectly.
Furthermore I think the initial code snippet wouldn't work as it would override the standard implementation in spring cloud zookeeper rather than extending it.
What is the currently suggested way for adding authentication information? I can see the CuratorFrameworkImpl and CuratorFrameworkFactory now have variables called authInfos that's set through the builder by calling authorization(List<AuthInfo> authInfos).
Is the suggested/correct way to add authentication now to override the curatorFramework bean from the ZookeeperAutoConfiguration and add that option within the builder? Does this still have to happen at the Bootstrapping phase?
The functionality will be available after #244 adds a CuratorFrameworkFactory.Builder customizer has been added. There are then authorization() methods on the build. The docs will need to be updated when #244 is done.
Sounds good. Looking at how the proposed changes could solve our problems, thanks
I still don't see the updated doc, can anybody share how to set ACL in new way?
@berngp can you explain how to use CuratorFrameworkCustomizer please? In my case, CuratorFramework always created before CuratorFrameworkCustomizer.
Define the following configuration in the code.
@Data
@ConfigurationProperties("spring.cloud.zookeeper")
public class SpringCloudZookeeperProperties {
private String username;
private String password;
}
@Slf4j
@Configuration
@EnableConfigurationProperties(SpringCloudZookeeperProperties.class)
public class DefaultSpringCloudZookeeperConfig {
@Resource
private SpringCloudZookeeperProperties springCloudZookeeperProperties;
@Bean(destroyMethod = "close")
public CuratorFramework curatorFramework(RetryPolicy retryPolicy, org.springframework.cloud.zookeeper.ZookeeperProperties properties) throws Exception {
CuratorFrameworkFactory.Builder builder = CuratorFrameworkFactory.builder();
builder.connectString(properties.getConnectString());
if (StringUtils.isNotEmpty(springCloudZookeeperProperties.getUsername())
&& StringUtils.isNotEmpty(springCloudZookeeperProperties.getPassword())) {
builder.authorization("digest", (springCloudZookeeperProperties.getUsername() + ":" + springCloudZookeeperProperties.getPassword()).getBytes());
}
CuratorFramework curator = builder.retryPolicy(retryPolicy).build();
curator.start();
curator.blockUntilConnected(properties.getBlockUntilConnectedWait(), properties.getBlockUntilConnectedUnit());
log.trace("connected to zookeeper");
return curator;
}
}
The StringUtils class from the commons-lang3 package, you can import from maven. The current final version is 3.12.0 now
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>${commons-lang3.version}</version>
</dependency>
And defined in application.yml, if ACL authentication is not required, just keep the username and password empty.
spring:
cloud:
zookeeper:
connect-string: localhost:2181
username: username
password: password
I solved it by the following codes,the docs missed a 't' at @BootstrapConfiguration,maybe need to update the docs or pr? I don't no why the codes can not display properly when using Add code option. ` @BootstrapConfiguration public class CustomCuratorFrameworkConfig {
@Autowired(required = false)
private EnsembleProvider ensembleProvider;
@Bean
public ZookeeperProperties zookeeperProperties() {
return new ZookeeperProperties();
}
@Bean
public CuratorFramework curatorFramework(RetryPolicy retryPolicy, ZookeeperProperties properties) throws Exception{
CuratorFrameworkFactory.Builder builder = CuratorFrameworkFactory.builder();
if (this.ensembleProvider != null) {
builder.ensembleProvider(this.ensembleProvider);
} else {
builder.connectString(properties.getConnectString());
}
builder.retryPolicy(retryPolicy);
String digestString = "user:password";
List<ACL> list = new ArrayList<>();
String digest = DigestAuthenticationProvider.generateDigest(digestString);
ACL acl = new ACL(ZooDefs.Perms.ALL, new Id("digest", digest));
list.add(acl);
builder.authorization("digest", digestString.getBytes())
.aclProvider(new ACLProvider() {
@Override
public List<ACL> getDefaultAcl() {
return list;
}
@Override
public List<ACL> getAclForPath(String path) {
return list;
}
});
CuratorFramework curator = builder.build();
curator.start();
curator.blockUntilConnected(properties.getBlockUntilConnectedWait(), properties.getBlockUntilConnectedUnit());
return curator;
}
@Bean
public RetryPolicy exponentialBackoffRetry(ZookeeperProperties properties) {
return new ExponentialBackoffRetry(properties.getBaseSleepTimeMs(), properties.getMaxRetries(), properties.getMaxSleepMs());
}
}`
spring.factories
org.springframework.cloud.bootstrap.BootstrapConfiguration=\ com.example.registration.config.CustomCuratorFrameworkConfig
bootstrap.yml
spring: cloud: zookeeper: connect-string: 127.0.0.1:2181 enabled: true
