Help Center/ Cloud Service Engine/ Developer Guide/ Using ServiceComb Engine Functions/ Using Security Authentication/ Configuring the Security Authentication Account and Password for a Microservice
Updated on 2024-05-06 GMT+08:00

Configuring the Security Authentication Account and Password for a Microservice

After enabling programming interface security authentication of an exclusive ServiceComb engine, you need to enable the same function of microservice components connected to the engine. Programming interface security authentication is triggered by configuring the security authentication account and password. Currently, the configuration file configuration mode and environment variable injection mode are supported.

For security purposes, you are advised to encrypt the account and password before using them.

If programming interface security authentication is not enabled for the exclusive ServiceComb engine, but the security authentication account name and password are configured for the microservice component, the engine will verify the account configured for the microservice component.

Configuring the Security Authentication Account and Password for a Spring Cloud Microservice Component

  • Configure the configuration file
    Add the following configurations to the bootstrap.yml file of the microservice. If they are configured, skip this step.
    spring:
      cloud:
        servicecomb:
          credentials:
            account:
              name: test # Set this parameter based on the actual value.
              password: mima # Set this parameter based on the actual value.
              cipher: default

    By default, the user password is stored in plaintext, which cannot ensure security. You are advised to encrypt the password for storage. For details, see Custom encryption algorithms for storage.

  • Enter environment variables

    Add the environment variables listed in Table 1 to the microservice.

    Add environment variables. For details, see Managing Application Environment Variables.

    Table 1 Environment variables

    Name

    Description

    spring_cloud_servicecomb_credentials_account_name

    Set it based on the actual value.

    spring_cloud_servicecomb_credentials_account_password

    Set it based on the actual value.

    NOTE:

    By default, the user password is stored in plaintext, which cannot ensure security. You are advised to encrypt the password for storage. For details, see Custom encryption algorithms for storage.

Configuring the Security Authentication Account and Password for a Java Chassis Microservice Component

  • Configure the configuration file

    Add the following configurations to the microservice.yml file of the microservice. If they are configured, skip this step.

    servicecomb:
      credentials:
        rbac.enabled: true # Set this parameter based on the actual value.
        cipher: default
        account: 
          name: test # Set this parameter based on the actual value.
          password: mima # Set this parameter based on the actual value.
          cipher: default

    By default, the user password is stored in plaintext, which cannot ensure security. You are advised to encrypt the password for storage. For details, see Configure security authentication parameters.

  • Enter environment variables

    Add the environment variables listed in Table 2 to the microservice.

    Add environment variables. For details, see Managing Application Environment Variables.

    Table 2 Environment variables

    Name

    Description

    servicecomb_credentials_rbac_enabled

    • true: security authentication enabled.
    • false: security authentication disabled.

    servicecomb_credentials_account_name

    Set it based on the actual value.

    servicecomb_credentials_account_password

    Set it based on the actual value.

    NOTE:

    By default, the user password is stored in plaintext, which cannot ensure security. You are advised to encrypt the password for storage. For details, see Configure security authentication parameters.