Esta página ainda não está disponível no idioma selecionado. Estamos trabalhando para adicionar mais opções de idiomas. Agradecemos sua compreensão.
- What's New
- Function Overview
- Service Overview
- Billing
- Getting Started
-
User Guide
- Before You Start
- Permissions Management
-
Exclusive ServiceComb Engine
- Creating a ServiceComb Engine
-
Managing ServiceComb Engines
- Viewing ServiceComb Engine Information
- Obtaining the Service Center Address of a ServiceComb Engine
- Obtaining the Configuration Center Address of a ServiceComb Engine
- Viewing the Instance Quota of a ServiceComb Engine
- Viewing the Configuration Item Quota of a ServiceComb Engine
- Configuring Backup and Restoration of a ServiceComb Engine
- Managing Public Network Access for a ServiceComb Engine
- Viewing ServiceComb Engine Operation Logs
- Upgrading a ServiceComb Engine Version
- Deleting a ServiceComb Engine
- Changing ServiceComb Engine Specifications
- Managing Security Authentication for a ServiceComb Engine
- Managing Tags
- Using ServiceComb Engines
- Registry/Configuration Center
- Key Operations Recorded by CTS
-
Best Practices
- CSE Best Practices
-
ServiceComb Engines
-
ServiceComb Engine Application Hosting
- Hosting Spring Cloud Applications Using Spring Cloud Huawei SDK
- Hosting a Java Chassis Application
-
ServiceComb Engine Application Hosting
- Registry/Configuration Centers
-
Developer Guide
- Overview
- Developing Microservice Applications
- Preparing the Environment
- Connecting Microservice Applications
- Deploying Microservice Applications
- Using ServiceComb Engine Functions
- Appendix
-
API Reference
- Before You Start
- API Overview
- Calling APIs
- Examples
-
CSE API
- API Calling
- Dynamic Configuration
-
Engine Management
- Querying Flavors Supported by a Microservice Engine
- Querying the Microservice Engine List
- Creating an Exclusive Microservice Engine
- Querying Details About a Microservice Engine
- Deleting a Microservice Engine
- Querying Details About a Microservice Engine Job
- Retrying an Exclusive ServiceComb Engine
- Upgrading an Exclusive ServiceComb Engine
- Changing Microservice Engine Specifications
- Updating the Configuration of an Exclusive Microservice Engine
-
Microservice Governance
- Querying the Governance Policy List
- Creating a Dark Launch Policy
- Querying a Dark Launch Rule of a Microservice
- Deleting a Dark Launch Policy
- Changing a Governance Policy
- Deleting a Governance Policy
- Querying Governance Policy Details
- Creating a Governance Policy
- Querying the Governance Policy List of a Specified Kind
- Nacos API
-
ServiceComb API
- API Calling
- Authentication
-
Microservice
- Querying Information About a Microservice
- Deleting Definition Information About a Microservice
- Querying Information About All Microservices
- Creating Static Information for a Microservice
- Deleting Static Information About Microservices in Batches
- Modifying Extended Attributes of a Microservice
- Querying the Unique Service or Schema ID of a Microservice
- Schema
-
Microservice Instance
- Registering a Microservice Instance
- Querying a Microservice Instance Based on service_id
- Deregistering a Microservice Instance
- Querying Details About a Microservice Instance
- Modifying the Extended Information About a Microservice Instance
- Modifying Status of a Microservice Instance
- Sending Heartbeat Information
- Querying a Microservice Instance by Filter Criteria
- Querying Microservice Instances in Batches
- Dependency
- Configuration Management
- Appendixes
- Change History
- SDK Reference
-
FAQs
- Precautions When Using Huawei Cloud CSE
- Nacos Engines
-
ServiceComb Engines
- How Do I Perform Local Development and Testing?
- How Can I Handle a Certificate Loading Error?
- What If the Header Name Is Invalid?
- What Is the Performance Loss of Mesher?
- Why Is "Version validate failed" Displayed When I Attempt to Connect to the Service Center?
- Why Is "Not enough quota" Displayed When I Attempt to Connect to the Service Center?
- What Should I Do If the Service Registration Fails After IPv6 Is Enabled for the Exclusive ServiceComb Engine with Security Authentication Enabled?
- What Is Service Name Duplication Check?
- Why Do I Have to Define Service Contracts?
- Why Are Microservice Development Framework and Netty Versions Unmatched?
- What Do I Need to Know Before Upgrading an Exclusive ServiceComb Engine?
- What Must I Check Before Migrating Services from the Professional to the Exclusive Microservice Engine?
- Why Is "Duplicate cluster name" Displayed?
- Error Message "the subnet could not be found" Is Displayed When the Access Address Fails to Be Processed During Engine Creation
- Why Is Error "does not match rule: {Max: 100, Regexp: ^[a-zA-Z0-9]{1,160}$|^[a-zA-Z0-9][a-zA-Z0-9_\-.]{0,158}[a-zA-Z0-9]$}"}" Reported?
- What Should I Do If SpringCloud Applications Fail to Connect to the Configuration Center of ServiceComb Engine 2.x?
- Why Could My the Global Configuration Not Be Modified?
- Obtain Configurations Failed
- Videos
- General Reference
Copied.
Managing Security Authentication for a ServiceComb Engine
A ServiceComb engine may be used by multiple users. Different users must have different ServiceComb engine access and operation permissions based on their responsibilities and permissions. If security authentication is enabled for an exclusive ServiceComb engine, grant different access and operation permissions to users based on the roles associated with the accounts used by the users to access the ServiceComb engine.
For details about security authentication, see System Management.
Currently, Java chassis and Spring Cloud support security authentication for microservices. The Java chassis version must be 2.3.5 or later, and Spring Cloud must integrate Spring Cloud Huawei 1.6.1 or later.
You can enable or disable security authentication for the exclusive ServiceComb engine based on service requirements.
- Enabling Security Authentication
If a ServiceComb engine is available with security authentication disabled, you can enable security authentication based on service requirements.
After security authentication is enabled and programming interface authentication is also enabled, if security authentication parameters are not configured for the microservice components connected to the engine, or the security authentication account and password configured for the microservice components are incorrect, the heartbeat of the microservice components fails and the service is forced to go offline. Perform the following steps:
- Spring Cloud: For details, see Connecting Spring Cloud Applications to ServiceComb Engines.
- Java Chassis: For details, see Connecting Java Chassis Applications to ServiceComb Engines.
- Disabling Security Authentication
If a ServiceComb engine is available with security authentication enabled, you can disable security authentication based on service requirements.
After security authentication is disabled for a microservice component, service functions of the microservice component are not affected no matter whether security authentication parameters are configured for the microservice component.
Enabling Security Authentication
- Log in to CSE.
- Choose Exclusive ServiceComb Engines.
- Click the target engine.
- In the Network Configuration and Security area, click Enable security authentication.
- Upgrade the engine to 1.2.0 or later.
- Click Upgrade.
- Select Target Version and view the version description. Determine whether to upgrade the software to this version. Then, click OK.
- Select the upgraded ServiceComb engine. In the Network Configuration and Security area, click Enable security authentication.
- On the System Management page, enable security authentication.
- To enable security authentication for the first time, click Enable security authentication.
You need to create user root first. Enter and confirm the password of user root. Then, click Create Now.
- Enable security authentication again and enter the name and password of the account associated with the admin role in the engine.
- To enable security authentication for the first time, click Enable security authentication.
- (Optional) Create a role based on service requirements. For details, see Roles.
- (Optional) Create an account based on service requirements. For details, see Accounts.
- On the System Management page, click Enable security authentication and configure the security settings.
- If you enable Authenticate Console, go to 11.
After Authenticate Console is enabled, you need to use an account and password to log in to the CSE console. The login user can only view and configure services on which the user has permission.
- If you enable Authenticate Programming Interface, go to 10.
After Authenticate Programming Interface is enabled, Authenticate Console is automatically enabled.
After it is enabled, you need to add the corresponding account and password to the microservice configuration file. Otherwise, the service cannot be registered with the engine.
After it is disabled, you can register the service with the engine without configuring the account and password in the microservice configuration file, which improves the efficiency. You are advised to disable this function when accessing the service in a VPC.
- If you enable Authenticate Console, go to 11.
- Configure the SDK. For microservice components that have been deployed but not configured with security authentication parameters, configure the account name and password for security authentication and then upgrade the component. For details, see Configuring the Security Authentication Account and Password for a Microservice.
- Click OK.
After the ServiceComb engine is updated and the engine status changes from Configuring to Available, security authentication is enabled successfully.
Disabling Security Authentication
- Log in to CSE.
- Choose Exclusive ServiceComb Engines.
- Click the target engine.
- In the Network Configuration and Security area, click Disable security authentication.
- Click OK. After the ServiceComb engine is updated and the engine status changes from Configuring to Available, security authentication is disabled successfully.
NOTE:
After security authentication is disabled, accounts created on the engine will not be deleted.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
