search

streamnative / pulsar-beat-output

Elastic Beats Output to Apache Pulsar
Apache License 2.0
54 stars 24 forks source link

Configuring jwt for standalone, throwing 401 Unauthorized exceptions #54

Open iMine141 opened 3 years ago

iMine141 commented 3 years ago

报错信息如下:

18:49:29.181 [pulsar-web-68-1] WARN  org.apache.pulsar.broker.web.AuthenticationFilter - [127.0.0.1] Failed to authenticate HTTP request: Failed to authentication token: Illegal base64url character: '"'
18:49:29.190 [pulsar-web-68-1] INFO  org.eclipse.jetty.server.RequestLog - 127.0.0.1 - - [17/Jun/2021:18:49:29 +0800] "PUT /admin/v2/persistent/public/functions/assignments HTTP/1.1" 401 0 "-" "Pulsar-Java-v2.7.2" 22
18:49:29.199 [AsyncHttpClient-87-1] WARN  org.apache.pulsar.client.admin.internal.BaseResource - [http://localhost:8080/admin/v2/persistent/public/functions/assignments] Failed to perform http put request: javax.ws.rs.NotAuthorizedException: HTTP 401 Unauthorized
18:49:29.204 [main] ERROR org.apache.pulsar.functions.worker.WorkerService - Error Starting up in worker
org.apache.pulsar.client.admin.PulsarAdminException$NotAuthorizedException: HTTP 401 Unauthorized
        at org.apache.pulsar.client.admin.internal.BaseResource.getApiException(BaseResource.java:218) ~[org.apache.pulsar-pulsar-client-admin-original-2.7.2.jar:2.7.2]

standalone.conf配置如下:

authenticationEnabled=true
authorizationEnabled=true
authenticationProviders=org.apache.pulsar.broker.authentication.AuthenticationProviderToken
brokerClientTlsEnabledWithKeyStore=true
brokerClientTlsEnabled=true
brokerClientAuthenticationPlugin=org.apache.pulsar.client.impl.auth.AuthenticationToken
brokerClientAuthenticationParameters={"token":"eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ0ZXN0LXVzZXIifQ.T6KZUYQfPgYCAuLDnDoqUOfowTFJmrsYwE8HopAKAWA"}
brokerClientTrustCertsFilePath=/home/wangyimin/source/apache-pulsar-2.7.2/certs/ca.cert.pem
authenticateOriginalAuthData=true
tokenSecretKey=file:///home/wangyimin/source/apache-pulsar-2.7.2/my-secret.key

proxy.conf 配置如下:

tokenSecretKey=file:///home/wangyimin/source/apache-pulsar-2.7.2/my-secret.key
authenticationEnabled=true
authorizationEnabled=true
authenticationProviders=org.apache.pulsar.broker.authentication.AuthenticationProviderToken
tokenSecretKey=file:///home/wangyimin/source/apache-pulsar-2.7.2/my-secret.key
brokerClientAuthenticationPlugin=org.apache.pulsar.client.impl.auth.AuthenticationToken
brokerClientAuthenticationParameters={"token":"eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ0ZXN0LXVzZXIifQ.T6KZUYQfPgYCAuLDnDoqUOfowTFJmrsYwE8HopAKAWA"}
forwardAuthorizationCredentials=true

client.conf 配置如下:

webServiceUrl=http://localhost:8080/
brokerServiceUrl=pulsar://localhost:6650/
authPlugin=org.apache.pulsar.client.impl.auth.AuthenticationToken
authParams=token:eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ0ZXN0LXVzZXIifQ.T6KZUYQfPgYCAuLDnDoqUOfowTFJmrsYwE8HopAKAWA

functions_worker.yml 配置如下:

authenticationProviders: org.apache.pulsar.broker.authentication.AuthenticationProviderToken
superUserRoles:
    - admin
authenticationEnabled: true
authorizationEnabled: true
tuteng commented 3 years ago

You can try update brokerClientAuthenticationParameters: 

brokerClientAuthenticationParameters='{"token":"eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ0ZXN0LXVzZXIifQ.T6KZUYQfPgYCAuLDnDoqUOfowTFJmrsYwE8HopAKAWA"}'

@iMine141

iMine141 commented 3 years ago

@tuteng it doesn's work

iMine141 commented 3 years ago

image

按照官方文档设置的,说不能使用双引号