Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
Apache RocketMQ
Rocketmq
提交
04726187
R
Rocketmq
项目概览
Apache RocketMQ
/
Rocketmq
上一次同步 大约 3 年
通知
270
Star
16139
Fork
68
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
R
Rocketmq
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
未验证
提交
04726187
编写于
12月 26, 2018
作者:
Z
Zhendong Liu
提交者:
GitHub
12月 26, 2018
浏览文件
操作
浏览文件
下载
差异文件
Merge pull request #634 from zongtanghu/feature_acl
[ISSUE#403] add the conf/plain_acl.yml file for acl_feature.
上级
1dca088a
3c3c5ef4
变更
4
显示空白变更内容
内联
并排
Showing
4 changed file
with
38 addition
and
72 deletion
+38
-72
broker/src/test/java/org/apache/rocketmq/broker/BrokerControllerTest.java
...java/org/apache/rocketmq/broker/BrokerControllerTest.java
+1
-15
distribution/conf/plain_acl.yml
distribution/conf/plain_acl.yml
+23
-17
example/pom.xml
example/pom.xml
+5
-0
example/src/main/java/org/apache/rocketmq/example/simple/AclClient.java
...in/java/org/apache/rocketmq/example/simple/AclClient.java
+9
-40
未找到文件。
broker/src/test/java/org/apache/rocketmq/broker/BrokerControllerTest.java
浏览文件 @
04726187
...
...
@@ -24,6 +24,7 @@ import org.apache.rocketmq.remoting.netty.NettyClientConfig;
import
org.apache.rocketmq.remoting.netty.NettyServerConfig
;
import
org.apache.rocketmq.store.config.MessageStoreConfig
;
import
org.junit.After
;
import
org.junit.Ignore
;
import
org.junit.Test
;
import
static
org
.
assertj
.
core
.
api
.
Assertions
.
assertThat
;
...
...
@@ -42,21 +43,6 @@ public class BrokerControllerTest {
brokerController
.
shutdown
();
}
@Test
public
void
testBrokerStartAclEnabled
()
throws
Exception
{
BrokerConfig
brokerConfigAclEnabled
=
new
BrokerConfig
();
brokerConfigAclEnabled
.
setEnableAcl
(
true
);
BrokerController
brokerController
=
new
BrokerController
(
brokerConfigAclEnabled
,
new
NettyServerConfig
(),
new
NettyClientConfig
(),
new
MessageStoreConfig
());
assertThat
(
brokerController
.
initialize
());
brokerController
.
start
();
brokerController
.
shutdown
();
}
@After
public
void
destroy
()
{
UtilAll
.
deleteFile
(
new
File
(
new
MessageStoreConfig
().
getStorePathRootDir
()));
...
...
distribution/conf/plain_acl.yml
浏览文件 @
04726187
...
...
@@ -13,22 +13,28 @@
# See the License for the specific language governing permissions and
# limitations under the License.
onlyNetAddress
:
remoteAddr
:
192.168.0.*
noPermitPullTopic
:
-
broker-a
globalWhiteRemoteAddresses
:
list
:
-
accessKey
:
RocketMQ
signature
:
1234567
remoteAddr
:
192.168.0.*
permitSendTopic
:
-
TopicTest
-
test2
-
accessKey
:
RocketMQ
signature
:
1234567
remoteAddr
:
192.168.2.1
permitSendTopic
:
-
test3
-
test4
accounts
:
-
accessKey
:
RocketMQ
secretKey
:
12345678
whiteRemoteAddress
:
admin
:
false
defaultTopicPerm
:
DENY
defaultGroupPerm
:
SUB
topicPerms
:
-
topicA=DENY
-
topicB=PUB|SUB
-
topicC=SUB
groupPerms
:
# the group should convert to retry topic
-
groupA=DENY
-
groupB=PUB|SUB
-
groupC=SUB
-
accessKey
:
aliyun.com
secretKey
:
12345678
whiteRemoteAddress
:
192.168.1.*
# if it is admin, it could access all resources
admin
:
true
example/pom.xml
浏览文件 @
04726187
...
...
@@ -53,5 +53,10 @@
<artifactId>
rocketmq-openmessaging
</artifactId>
<version>
4.4.0-SNAPSHOT
</version>
</dependency>
<dependency>
<groupId>
org.apache.rocketmq
</groupId>
<artifactId>
rocketmq-acl
</artifactId>
<version>
4.4.0-SNAPSHOT
</version>
</dependency>
</dependencies>
</project>
example/src/main/java/org/apache/rocketmq/example/simple/AclClient.java
浏览文件 @
04726187
...
...
@@ -20,6 +20,9 @@ import java.util.HashMap;
import
java.util.List
;
import
java.util.Map
;
import
java.util.Set
;
import
org.apache.rocketmq.acl.common.AclClientRPCHook
;
import
org.apache.rocketmq.acl.common.SessionCredentials
;
import
org.apache.rocketmq.client.consumer.DefaultMQPullConsumer
;
import
org.apache.rocketmq.client.consumer.DefaultMQPushConsumer
;
import
org.apache.rocketmq.client.consumer.PullResult
;
...
...
@@ -36,25 +39,22 @@ import org.apache.rocketmq.common.message.MessageExt;
import
org.apache.rocketmq.common.message.MessageQueue
;
import
org.apache.rocketmq.remoting.RPCHook
;
import
org.apache.rocketmq.remoting.common.RemotingHelper
;
import
org.apache.rocketmq.remoting.protocol.RemotingCommand
;
/**
*
* English explain
* 1. broker module src/test/resources/META-INF/service/org.apache.rocketmq.acl.AccessValidator copy to src/java/resources/META-INF/service.
*
* 2. view the /conf/transport.yml file under the distribution module, pay attention to the account password, IP.
* 1. view the /conf/plain_acl.yml file under the distribution module, pay attention to the accessKey,secretKey,
* globalWhiteRemoteAddresses and whiteRemoteAddress and some other attributes.
*
*
3. Modify ALC_RCP_HOOK_ACCOUT and ACL_RCP_HOOK_PASSWORD to the corresponding account password in transport
.yml
*
2. Modify ACL_ACCESS_KEY and ACL_SECRET_KEY to the corresponding accessKey and secretKey in plain_acl
.yml
*
*/
public
class
AclClient
{
private
static
final
Map
<
MessageQueue
,
Long
>
OFFSE_TABLE
=
new
HashMap
<
MessageQueue
,
Long
>();
private
static
final
String
ACL_
RCPHOOK_ACCOUT
=
"RocketMQ"
;
private
static
final
String
ACL_
ACCESS_KEY
=
"RocketMQ"
;
private
static
final
String
ACL_
RCPHOOK_PASSWORD
=
"1234567"
;
private
static
final
String
ACL_
SECRET_KEY
=
"1234567"
;
public
static
void
main
(
String
[]
args
)
throws
MQClientException
,
InterruptedException
{
producer
();
...
...
@@ -170,37 +170,6 @@ public class AclClient {
}
static
RPCHook
getAclRPCHook
()
{
return
new
AclRPCHook
(
ACL_RCPHOOK_ACCOUT
,
ACL_RCPHOOK_PASSWORD
);
}
static
class
AclRPCHook
implements
RPCHook
{
private
String
account
;
private
String
password
;
public
AclRPCHook
(
String
account
,
String
password
)
{
this
.
account
=
account
;
this
.
password
=
password
;
}
@Override
public
void
doBeforeRequest
(
String
remoteAddr
,
RemotingCommand
request
)
{
HashMap
<
String
,
String
>
ext
=
request
.
getExtFields
();
if
(
ext
==
null
)
{
ext
=
new
HashMap
<>();
request
.
setExtFields
(
ext
);
}
ext
.
put
(
"account"
,
this
.
account
);
ext
.
put
(
"password"
,
this
.
password
);
}
@Override
public
void
doAfterResponse
(
String
remoteAddr
,
RemotingCommand
request
,
RemotingCommand
response
)
{
//do nothing
}
return
new
AclClientRPCHook
(
new
SessionCredentials
(
ACL_ACCESS_KEY
,
ACL_SECRET_KEY
));
}
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录