[英]Spring Cloud Config server authentication
Is it better to store the config server username and password as an environment variable (both in the client and server), or by using a keystore? 将配置服务器的用户名和密码存储为环境变量(在客户端和服务器中)还是通过使用密钥库,是否更好? The keystore password is anyway stored as an environment variable, so why actually use a keystore?
无论如何,密钥库密码都存储为环境变量,那么为什么要实际使用密钥库? Or is there a better way to implement authentication in the Spring Cloud Config server?
还是有更好的方法在Spring Cloud Config服务器中实现身份验证?
In our case, config server is ONLY for backend services, but not for clients. 在我们的情况下,配置服务器仅用于后端服务,而不用于客户端。 We have multiple clients, like iOS, Android and Web app.
我们有多个客户端,例如iOS,Android和Web应用程序。 Each kind of client will manage their own configurations.
每种客户端将管理自己的配置。
Furthermore, we simply use HTTP basic authentication on config server, and store the username and password as instance variables. 此外,我们仅在配置服务器上使用HTTP基本身份验证,并将用户名和密码存储为实例变量。 So the username and password will be not be exposed in source code level.
因此,用户名和密码不会在源代码级别公开。 On the other hand, our config server is not exposed to public network.
另一方面,我们的配置服务器未公开到公共网络。
Hope this will give you some hints. 希望这会给您一些提示。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.