stackoom
  简体   繁体   中英

Spring Cloud Config server authentication

 原文  2018-05-31 12:34:07       spring-security/ environment-variables/ spring-cloud/ keytool/ spring-cloud-config

Question

Is it better to store the config server username and password as an environment variable (both in the client and server), or by using a keystore? The keystore password is anyway stored as an environment variable, so why actually use a keystore? Or is there a better way to implement authentication in the Spring Cloud Config server?

1 answers

solution1
 0  2018-06-05 10:46:42

In our case, config server is ONLY for backend services, but not for clients. We have multiple clients, like iOS, Android and Web app. Each kind of client will manage their own configurations.

Furthermore, we simply use HTTP basic authentication on config server, and store the username and password as instance variables. So the username and password will be not be exposed in source code level. On the other hand, our config server is not exposed to public network.

Hope this will give you some hints.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Spring Cloud Config Server not enforcing BASIC Authentication when running main() Spring Cloud Config Client not fetching config when Spring Security is active on Spring Cloud Config Server Encryption in Spring Cloud Config how to implement spring cloud config server security with docker Bad credential with Spring Cloud Config server when security is enable Ldap authentication with spring cloud gateway Spring Cloud Config Server - Where to set encrypt.key to enable /encrypt endpoint Spring boot application with config-server not working when using JWT authentication External logging configuration with Spring Cloud Config Autowiring Spring Authentication Manager in Java Config
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM