search

fanliang11 / surging

Surging is a micro-service engine that provides a lightweight, high-performance, modular RPC request pipeline. support Event-based Asynchronous Pattern and reactive programming ,The service engine supports http, TCP, WS,Grpc, Thrift,Mqtt, UDP, and DNS protocols. It uses ZooKeeper and Consul as a registry, and integrates it. Hash, random, polling, Fair Polling as a load balancing algorithm, built-in service governance to ensure reliable RPC communication, the engine contains Diagnostic, link tracking for protocol and middleware calls, and integration SkyWalking Distributed APM
MIT License
3.24k stars 922 forks source link

重写AuthorizationFilterAttribute的OnAuthorization方法造成会执行四次 #81

Open ming2882 opened 6 years ago

ming2882 commented 6 years ago

public class RsaAuthorizationAttribute : AuthorizationFilterAttribute { public override bool OnAuthorization(ServiceRouteContext context) { var parameters = context.InvokeMessage.Parameters; var ok = RSAFromPkcs.verify(parameters); if (!ok) throw new ServerErrorException("签名不正确"); return ok; } }

ming2882 commented 6 years ago

而且熔断的也不正确,就执行一次错误就熔断了;只能把"BreakeSleepWindowInMilliseconds": 0,不然没办法使用了

ming2882 commented 6 years ago

是不是FailoverCluster=3,所有 while (message == null && ++time < command.FailoverCluster);就再执行了三次

fanliang11 commented 6 years ago

默认的容错策略是Failover,这个策略会针对于服务进行重试,重试的次数是根据FailoverCluster进行设置

fanliang11 commented 6 years ago

建议使用Injection 或者 FallBack 容错策略

ming2882 commented 6 years ago

将AuthorizationAttribute中的 public AuthorizationType AuthType { get; set; }属性转到父类AuthorizationFilterAttribute上面,再修改DefaultServiceExecutor类中,if (entry.Descriptor.EnableAuthorization() && entry.Descriptor.AuthType() ==AuthorizationType.AppSecret.ToString()) 此判断改为if (entry.Descriptor.EnableAuthorization()) 以上修改是为了满足可以起到权限的过滤和扩展作用,因为现在的权限只能AppSecret有效,JWT只能是路由中有效,而且 enum AuthorizationType不支持扩展,建议可以,如Rsa

fanliang11 commented 6 years ago

授权请用网关