第一次下载Nacos,直接运行后出现异常错误:

Caused by: java.lang.IllegalArgumentException: The specified key byte array is 0 bits which is not secure enough for any JWT HMAC-SHA algorithm. The JWT JWA Specification (RFC 7518, Section 3.2) states that keys used with HMAC-SHA algorithms MUST have a size >= 256 bits (the key size must be greater than or equal to the hash output size). See https://tools.ietf.org/html/rfc7518#section-3.2 for more information.

at com.alibaba.nacos.plugin.auth.impl.jwt.NacosJwtParser.(NacosJwtParser.java:56)

at com.alibaba.nacos.plugin.auth.impl.token.impl.JwtTokenManager.processProperties(JwtTokenManager.java:71)

... 115 common frames omitted

2023-03-23 11:20:14,716 WARN [ThreadPoolManager] Start destroying ThreadPool

查看某度、官方才知道,Nacos官方因前期爆出的权限漏洞,把安装包内的默认参数置空了,所以把application.properties文件修改如下:

nacos.core.auth.enabled=true

nacos.core.auth.system.type=nacos #启用

nacos.core.auth.plugin.nacos.token.secret.key=SecretKey012345678901234567890123456789012345678901234567890123456789 #官方默认参数,自行修改

然后再尝试运行,出现如下异常信息:

Caused by: com.alibaba.nacos.api.exception.NacosException: Empty identity, Please set `nacos.core.auth.server.identity.key` and `nacos.core.auth.server.identity.value`, detail: https://nacos.io/zh-cn/docs/v2/guide/user/auth.html

at com.alibaba.nacos.auth.config.AuthConfigs.validate(AuthConfigs.java:100)

at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:104)

at java.base/java.lang.reflect.Method.invoke(Method.java:578)

at org.springframework.beans.factory.annotation.InitDestroyAnnotationBeanPostProcessor$LifecycleElement.invoke(InitDestroyAnnotationBeanPostProcessor.java:389)

at org.springframework.beans.factory.annotation.InitDestroyAnnotationBeanPostProcessor$LifecycleMetadata.invokeInitMethods(InitDestroyAnnotationBeanPostProcessor.java:333)

at org.springframework.beans.factory.annotation.InitDestroyAnnotationBeanPostProcessor.postProcessBeforeInitialization(InitDestroyAnnotationBeanPostProcessor.java:157)

修改参数配置文件:

### The two properties is the white list for auth and used by identity the request from other server.

nacos.core.auth.server.identity.key=test

nacos.core.auth.server.identity.value=test

修改后,运行成功!

参考文章

评论可见,请评论后查看内容,谢谢!!!
 您阅读本篇文章共花了: