Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Configuring jwt for standalone, throwing 401 Unauthorized exceptions #54

Open
iMine141 opened this issue Jun 17, 2021 · 3 comments
Open

Configuring jwt for standalone, throwing 401 Unauthorized exceptions #54

iMine141 opened this issue Jun 17, 2021 · 3 comments

Comments

@iMine141
Copy link

报错信息如下:

18:49:29.181 [pulsar-web-68-1] WARN  org.apache.pulsar.broker.web.AuthenticationFilter - [127.0.0.1] Failed to authenticate HTTP request: Failed to authentication token: Illegal base64url character: '"'
18:49:29.190 [pulsar-web-68-1] INFO  org.eclipse.jetty.server.RequestLog - 127.0.0.1 - - [17/Jun/2021:18:49:29 +0800] "PUT /admin/v2/persistent/public/functions/assignments HTTP/1.1" 401 0 "-" "Pulsar-Java-v2.7.2" 22
18:49:29.199 [AsyncHttpClient-87-1] WARN  org.apache.pulsar.client.admin.internal.BaseResource - [http://localhost:8080/admin/v2/persistent/public/functions/assignments] Failed to perform http put request: javax.ws.rs.NotAuthorizedException: HTTP 401 Unauthorized
18:49:29.204 [main] ERROR org.apache.pulsar.functions.worker.WorkerService - Error Starting up in worker
org.apache.pulsar.client.admin.PulsarAdminException$NotAuthorizedException: HTTP 401 Unauthorized
        at org.apache.pulsar.client.admin.internal.BaseResource.getApiException(BaseResource.java:218) ~[org.apache.pulsar-pulsar-client-admin-original-2.7.2.jar:2.7.2]

standalone.conf配置如下:

authenticationEnabled=true
authorizationEnabled=true
authenticationProviders=org.apache.pulsar.broker.authentication.AuthenticationProviderToken
brokerClientTlsEnabledWithKeyStore=true
brokerClientTlsEnabled=true
brokerClientAuthenticationPlugin=org.apache.pulsar.client.impl.auth.AuthenticationToken
brokerClientAuthenticationParameters={"token":"eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ0ZXN0LXVzZXIifQ.T6KZUYQfPgYCAuLDnDoqUOfowTFJmrsYwE8HopAKAWA"}
brokerClientTrustCertsFilePath=/home/wangyimin/source/apache-pulsar-2.7.2/certs/ca.cert.pem
authenticateOriginalAuthData=true
tokenSecretKey=file:///home/wangyimin/source/apache-pulsar-2.7.2/my-secret.key

proxy.conf 配置如下:

tokenSecretKey=file:///home/wangyimin/source/apache-pulsar-2.7.2/my-secret.key
authenticationEnabled=true
authorizationEnabled=true
authenticationProviders=org.apache.pulsar.broker.authentication.AuthenticationProviderToken
tokenSecretKey=file:///home/wangyimin/source/apache-pulsar-2.7.2/my-secret.key
brokerClientAuthenticationPlugin=org.apache.pulsar.client.impl.auth.AuthenticationToken
brokerClientAuthenticationParameters={"token":"eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ0ZXN0LXVzZXIifQ.T6KZUYQfPgYCAuLDnDoqUOfowTFJmrsYwE8HopAKAWA"}
forwardAuthorizationCredentials=true

client.conf 配置如下:

webServiceUrl=http://localhost:8080/
brokerServiceUrl=pulsar://localhost:6650/
authPlugin=org.apache.pulsar.client.impl.auth.AuthenticationToken
authParams=token:eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ0ZXN0LXVzZXIifQ.T6KZUYQfPgYCAuLDnDoqUOfowTFJmrsYwE8HopAKAWA

functions_worker.yml 配置如下:

authenticationProviders: org.apache.pulsar.broker.authentication.AuthenticationProviderToken
superUserRoles:
    - admin
authenticationEnabled: true
authorizationEnabled: true
@tuteng
Copy link
Member

tuteng commented Jun 17, 2021

You can try update brokerClientAuthenticationParameters:

brokerClientAuthenticationParameters='{"token":"eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ0ZXN0LXVzZXIifQ.T6KZUYQfPgYCAuLDnDoqUOfowTFJmrsYwE8HopAKAWA"}'

@iMine141

@tuteng tuteng changed the title 使用 JTW,进行配置,启动standalone ,报错HTTP 401 Unauthorized Configuring jwt for standalone, throwing 401 Unauthorized exceptions Jun 17, 2021
@iMine141
Copy link
Author

@tuteng it doesn's work

@iMine141
Copy link
Author

image

按照官方文档设置的,说不能使用双引号

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tuteng @iMine141