无法启动 RestHeart Security
Unable to start RestHeart Security
我无法启动 Restheart Security。任何人都知道什么可能是错的?我在黑暗中。我收到以下错误
[main] [1;31mERROR[0;39m org.restheart.security.Bootstrapper - Error starting RESTHeart Security. Exiting...
com.google.common.util.concurrent.UncheckedExecutionException: java.lang.IllegalStateException: Error configuring Authentication Mechanism basicAuthMechanism
at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2050)
at com.google.common.cache.LocalCache.get(LocalCache.java:3952)
at com.google.common.cache.LocalCache.getOrLoad(LocalCache.java:3974)
at com.google.common.cache.LocalCache$LocalLoadingCache.get(LocalCache.java:4958)
at com.google.common.cache.LocalCache$LocalLoadingCache.getUnchecked(LocalCache.java:4964)
at org.restheart.security.cache.impl.GuavaLoadingCache.getLoading(GuavaLoadingCache.java:63)
at org.restheart.security.plugins.PluginsRegistry.getAuthenticationMechanism(PluginsRegistry.java:320)
at org.restheart.security.Bootstrapper.lambda$authMechanisms(Bootstrapper.java:760)
at java.base/java.util.stream.ForEachOps$ForEachOp$OfRef.accept(ForEachOps.java:183)
at java.base/java.util.stream.ReferencePipeline.accept(ReferencePipeline.java:195)
at java.base/java.util.stream.ReferencePipeline.accept(ReferencePipeline.java:177)
at java.base/java.util.stream.ReferencePipeline.accept(ReferencePipeline.java:195)
at java.base/java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1654)
at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484)
at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474)
at java.base/java.util.stream.ForEachOps$ForEachOp.evaluateSequential(ForEachOps.java:150)
at java.base/java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(ForEachOps.java:173)
at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
at java.base/java.util.stream.ReferencePipeline.forEachOrdered(ReferencePipeline.java:502)
at org.restheart.security.Bootstrapper.authMechanisms(Bootstrapper.java:756)
at org.restheart.security.Bootstrapper.startCoreSystem(Bootstrapper.java:615)
at org.restheart.security.Bootstrapper.startServer(Bootstrapper.java:478)
at org.restheart.security.Bootstrapper.run(Bootstrapper.java:220)
at org.restheart.security.Bootstrapper.main(Bootstrapper.java:188)
Caused by: java.lang.IllegalStateException: Error configuring Authentication Mechanism basicAuthMechanism
at org.restheart.security.plugins.PluginsRegistry.lambda$static(PluginsRegistry.java:103)
at org.restheart.security.cache.impl.GuavaLoadingCache.load(GuavaLoadingCache.java:51)
at org.restheart.security.cache.impl.GuavaLoadingCache.load(GuavaLoadingCache.java:48)
at com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3528)
at com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2277)
at com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2154)
at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2044)
... 23 common frames omitted
Caused by: org.restheart.security.ConfigurationException: Error configuring Authentication Mechanism basicAuthMechanism
at org.restheart.security.plugins.PluginsFactory.createAutenticationMechanism(PluginsFactory.java:99)
at org.restheart.security.plugins.PluginsRegistry.lambda$static(PluginsRegistry.java:100)
... 29 common frames omitted
Caused by: java.lang.reflect.InvocationTargetException: null
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:490)
at org.restheart.security.plugins.PluginsFactory.createAutenticationMechanism(PluginsFactory.java:87)
... 30 common frames omitted
Caused by: com.google.common.util.concurrent.UncheckedExecutionException: java.lang.IllegalStateException: Error configuring Authenticator simpleFileAuthenticator
at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2050)
at com.google.common.cache.LocalCache.get(LocalCache.java:3952)
at com.google.common.cache.LocalCache.getOrLoad(LocalCache.java:3974)
at com.google.common.cache.LocalCache$LocalLoadingCache.get(LocalCache.java:4958)
at com.google.common.cache.LocalCache$LocalLoadingCache.getUnchecked(LocalCache.java:4964)
at org.restheart.security.cache.impl.GuavaLoadingCache.getLoading(GuavaLoadingCache.java:63)
at org.restheart.security.plugins.PluginsRegistry.getAuthenticator(PluginsRegistry.java:302)
at org.restheart.security.plugins.mechanisms.BasicAuthMechanism.<init>(BasicAuthMechanism.java:46)
... 35 common frames omitted
Caused by: java.lang.IllegalStateException: Error configuring Authenticator simpleFileAuthenticator
at org.restheart.security.plugins.PluginsRegistry.lambda$static(PluginsRegistry.java:75)
at org.restheart.security.cache.impl.GuavaLoadingCache.load(GuavaLoadingCache.java:51)
at org.restheart.security.cache.impl.GuavaLoadingCache.load(GuavaLoadingCache.java:48)
at com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3528)
at com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2277)
at com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2154)
at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2044)
... 42 common frames omitted
Caused by: org.restheart.security.ConfigurationException: Error configuring Authenticator simpleFileAuthenticator
at org.restheart.security.plugins.PluginsFactory.createAuthenticator(PluginsFactory.java:168)
at org.restheart.security.plugins.PluginsRegistry.lambda$static(PluginsRegistry.java:72)
... 48 common frames omitted
Caused by: java.lang.reflect.InvocationTargetException: null
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:490)
at org.restheart.security.plugins.PluginsFactory.createAuthenticator(PluginsFactory.java:156)
... 49 common frames omitted
Caused by: org.yaml.snakeyaml.error.YAMLException: java.nio.charset.MalformedInputException: Input length = 1
at org.yaml.snakeyaml.reader.StreamReader.update(StreamReader.java:218)
at org.yaml.snakeyaml.reader.StreamReader.ensureEnoughData(StreamReader.java:176)
at org.yaml.snakeyaml.reader.StreamReader.ensureEnoughData(StreamReader.java:171)
at org.yaml.snakeyaml.reader.StreamReader.peek(StreamReader.java:126)
at org.yaml.snakeyaml.scanner.ScannerImpl.scanToNextToken(ScannerImpl.java:1177)
at org.yaml.snakeyaml.scanner.ScannerImpl.fetchMoreTokens(ScannerImpl.java:287)
at org.yaml.snakeyaml.scanner.ScannerImpl.checkToken(ScannerImpl.java:227)
at org.yaml.snakeyaml.parser.ParserImpl$ParseImplicitDocumentStart.produce(ParserImpl.java:195)
at org.yaml.snakeyaml.parser.ParserImpl.peekEvent(ParserImpl.java:158)
at org.yaml.snakeyaml.parser.ParserImpl.checkEvent(ParserImpl.java:148)
at org.yaml.snakeyaml.composer.Composer.getSingleNode(Composer.java:107)
at org.yaml.snakeyaml.constructor.BaseConstructor.getSingleData(BaseConstructor.java:139)
at org.yaml.snakeyaml.Yaml.loadFromReader(Yaml.java:524)
at org.yaml.snakeyaml.Yaml.load(Yaml.java:452)
at org.restheart.security.plugins.FileConfigurablePlugin.init(FileConfigurablePlugin.java:65)
at org.restheart.security.plugins.authenticators.SimpleFileAuthenticator.<init>(SimpleFileAuthenticator.java:65)
... 54 common frames omitted
Caused by: java.nio.charset.MalformedInputException: Input length = 1
at java.base/java.nio.charset.CoderResult.throwException(CoderResult.java:274)
at java.base/sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:339)
at java.base/sun.nio.cs.StreamDecoder.read(StreamDecoder.java:178)
at java.base/java.io.InputStreamReader.read(InputStreamReader.java:185)
at org.yaml.snakeyaml.reader.UnicodeReader.read(UnicodeReader.java:125)
at org.yaml.snakeyaml.reader.StreamReader.update(StreamReader.java:183)
... 69 common frames omitted
16:56:46.445 [main] [34mINFO [0;39m org.restheart.security.Bootstrapper - Stopping RESTHeart Security...
16:56:46.446 [main] [34mINFO [0;39m org.restheart.security.Bootstrapper - Cleaning up temporary directories...
16:56:46.448 [main] [34mINFO [0;39m org.restheart.security.Bootstrapper - [32;1mRESTHeart Security stopped[m
启动命令是
"D:\apps\MongoDB\jdk-11.0.5_windows-x64_bin\jdk-11.0.5\bin\java.exe" -Dfile.encoding=UTF-8 -server -Djavax.net.ssl.trustStore=.\etc\rhTrustStore -Djavax.net.ssl.trustStorePassword=hidden -Djavax.security.auth.useSubjectCredsOnly=false -jar restheart-security.jar .\etc\restheart-security.yml -e .\etc\default.properties
我的主配置文件中的相关块是
auth-mechanisms:
# - name: tokenBasicAuthMechanism
# class: org.restheart.security.plugins.mechanisms.TokenBasicAuthMechanism
# args:
# realm: RESTHeart Realm
- name: basicAuthMechanism
class: org.restheart.security.plugins.mechanisms.BasicAuthMechanism
args:
realm: RESTHeart Realm
authenticator: simpleFileAuthenticator
# - name: digestAuthMechanism
# class: org.restheart.security.plugins.mechanisms.DigestAuthMechanism
# args:
# realm: RESTHeart Realm
# domain: localhost
# authenticator: simpleFileAuthenticator
# - name: identityAuthenticationMechanism
# class: org.restheart.security.plugins.mechanisms.IdentityAuthMechanism
# args:
# username: admin
# roles:
# - admin
# - user
## Authenticators
# An Authenticator verify user credential and are used by one or more
# AuthMachanisms
# See README.md for the list of available Authenticators
authenticators:
- name: simpleFileAuthenticator
class: org.restheart.security.plugins.authenticators.SimpleFileAuthenticator
args:
conf-file: .\etc\users.yml
## Authorizers
# Authorizers verify if a request is allowed.
# As an in-bound request is received and authenticated the isAllowed() method is
# called on each authenticator in turn until one of the following occurs:
# an authenticator allows the incoming request or the list of authenticators is
# exhausted. In the latter case, the request ends and 403 Forbidden is returned.
# See README.md for the list of available Authorizers
authorizers:
- name: requestPredicatesAuthorizer
class: org.restheart.security.plugins.authorizers.RequestPredicatesAuthorizer
args:
conf-file: .\etc\acl.yml
并且用户和 acl 文件是
simpleFileAuthenticator 的配置文件
users:
- userid: hidden
password: hidden
roles: [users]
- userid: hidden
password: hidden
roles: [users]
## configuration file for requestPredicatesAuthorizer
permissions:
# OPTIONS is always allowed
- role: $unauthenticated
predicate: path-prefix[path="/echo"] and method[value="GET"]
- role: admin
predicate: path-prefix[path="/"]
# Users with role 'users' can GET any collection or document resource (excluding dbs and _logic )
- role: users
predicate: regex[pattern="/.*/.*", value="%R", full-match=true] and method[value="GET"] and not path-prefix[path="/_logic"]
# Users with role 'users' can request URI /_logic/csv
- role: users
predicate: path["/_logic/csv"]
# Users with role 'users' can do anything on the collection /publicdb/{username}
- role: users
predicate: path-template[value="/publicdb/{username}"] and equals[%u, "${username}"]
# Users with role 'users' can do anything on documents of the collection /publicdb/{username}
- role: users
predicate: path-template[value="/publicdb/{username}/{doc}"] and equals[%u, "${username}"]
使用的是 4.1.3 版本,我不知道哪里出了问题。
相关留言好像是:"Error configuring Authenticator simpleFileAuthenticator"
您的 simpleFileAuthenticator 配置文件看起来有缩进问题。
您可以使用在线 yaml 验证器作为 https://codebeautify.org/yaml-validator 检查您的 conf 文件
正确的users.yml文件是
users:
- userid: hidden
password: hidden
roles: [users]
- userid: hidden
password: hidden
roles: [users]
## configuration file for requestPredicatesAuthorizer
permissions:
# OPTIONS is always allowed
- role: $unauthenticated
predicate: path-prefix[path="/echo"] and method[value="GET"]
- role: admin
predicate: path-prefix[path="/"]
# Users with role 'users' can GET any collection or document resource (excluding dbs and _logic )
- role: users
predicate: regex[pattern="/.*/.*", value="%R", full-match=true] and method[value="GET"] and not path-prefix[path="/_logic"]
# Users with role 'users' can request URI /_logic/csv
- role: users
predicate: path["/_logic/csv"]
# Users with role 'users' can do anything on the collection /publicdb/{username}
- role: users
predicate: path-template[value="/publicdb/{username}"] and equals[%u, "${username}"]
# Users with role 'users' can do anything on documents of the collection /publicdb/{username}
- role: users
predicate: path-template[value="/publicdb/{username}/{doc}"] and equals[%u, "${username}"]
已解决,本周提示不要在密码中使用 €:-)
我无法启动 Restheart Security。任何人都知道什么可能是错的?我在黑暗中。我收到以下错误
[main] [1;31mERROR[0;39m org.restheart.security.Bootstrapper - Error starting RESTHeart Security. Exiting...
com.google.common.util.concurrent.UncheckedExecutionException: java.lang.IllegalStateException: Error configuring Authentication Mechanism basicAuthMechanism
at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2050)
at com.google.common.cache.LocalCache.get(LocalCache.java:3952)
at com.google.common.cache.LocalCache.getOrLoad(LocalCache.java:3974)
at com.google.common.cache.LocalCache$LocalLoadingCache.get(LocalCache.java:4958)
at com.google.common.cache.LocalCache$LocalLoadingCache.getUnchecked(LocalCache.java:4964)
at org.restheart.security.cache.impl.GuavaLoadingCache.getLoading(GuavaLoadingCache.java:63)
at org.restheart.security.plugins.PluginsRegistry.getAuthenticationMechanism(PluginsRegistry.java:320)
at org.restheart.security.Bootstrapper.lambda$authMechanisms(Bootstrapper.java:760)
at java.base/java.util.stream.ForEachOps$ForEachOp$OfRef.accept(ForEachOps.java:183)
at java.base/java.util.stream.ReferencePipeline.accept(ReferencePipeline.java:195)
at java.base/java.util.stream.ReferencePipeline.accept(ReferencePipeline.java:177)
at java.base/java.util.stream.ReferencePipeline.accept(ReferencePipeline.java:195)
at java.base/java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1654)
at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484)
at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474)
at java.base/java.util.stream.ForEachOps$ForEachOp.evaluateSequential(ForEachOps.java:150)
at java.base/java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(ForEachOps.java:173)
at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
at java.base/java.util.stream.ReferencePipeline.forEachOrdered(ReferencePipeline.java:502)
at org.restheart.security.Bootstrapper.authMechanisms(Bootstrapper.java:756)
at org.restheart.security.Bootstrapper.startCoreSystem(Bootstrapper.java:615)
at org.restheart.security.Bootstrapper.startServer(Bootstrapper.java:478)
at org.restheart.security.Bootstrapper.run(Bootstrapper.java:220)
at org.restheart.security.Bootstrapper.main(Bootstrapper.java:188)
Caused by: java.lang.IllegalStateException: Error configuring Authentication Mechanism basicAuthMechanism
at org.restheart.security.plugins.PluginsRegistry.lambda$static(PluginsRegistry.java:103)
at org.restheart.security.cache.impl.GuavaLoadingCache.load(GuavaLoadingCache.java:51)
at org.restheart.security.cache.impl.GuavaLoadingCache.load(GuavaLoadingCache.java:48)
at com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3528)
at com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2277)
at com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2154)
at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2044)
... 23 common frames omitted
Caused by: org.restheart.security.ConfigurationException: Error configuring Authentication Mechanism basicAuthMechanism
at org.restheart.security.plugins.PluginsFactory.createAutenticationMechanism(PluginsFactory.java:99)
at org.restheart.security.plugins.PluginsRegistry.lambda$static(PluginsRegistry.java:100)
... 29 common frames omitted
Caused by: java.lang.reflect.InvocationTargetException: null
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:490)
at org.restheart.security.plugins.PluginsFactory.createAutenticationMechanism(PluginsFactory.java:87)
... 30 common frames omitted
Caused by: com.google.common.util.concurrent.UncheckedExecutionException: java.lang.IllegalStateException: Error configuring Authenticator simpleFileAuthenticator
at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2050)
at com.google.common.cache.LocalCache.get(LocalCache.java:3952)
at com.google.common.cache.LocalCache.getOrLoad(LocalCache.java:3974)
at com.google.common.cache.LocalCache$LocalLoadingCache.get(LocalCache.java:4958)
at com.google.common.cache.LocalCache$LocalLoadingCache.getUnchecked(LocalCache.java:4964)
at org.restheart.security.cache.impl.GuavaLoadingCache.getLoading(GuavaLoadingCache.java:63)
at org.restheart.security.plugins.PluginsRegistry.getAuthenticator(PluginsRegistry.java:302)
at org.restheart.security.plugins.mechanisms.BasicAuthMechanism.<init>(BasicAuthMechanism.java:46)
... 35 common frames omitted
Caused by: java.lang.IllegalStateException: Error configuring Authenticator simpleFileAuthenticator
at org.restheart.security.plugins.PluginsRegistry.lambda$static(PluginsRegistry.java:75)
at org.restheart.security.cache.impl.GuavaLoadingCache.load(GuavaLoadingCache.java:51)
at org.restheart.security.cache.impl.GuavaLoadingCache.load(GuavaLoadingCache.java:48)
at com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3528)
at com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2277)
at com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2154)
at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2044)
... 42 common frames omitted
Caused by: org.restheart.security.ConfigurationException: Error configuring Authenticator simpleFileAuthenticator
at org.restheart.security.plugins.PluginsFactory.createAuthenticator(PluginsFactory.java:168)
at org.restheart.security.plugins.PluginsRegistry.lambda$static(PluginsRegistry.java:72)
... 48 common frames omitted
Caused by: java.lang.reflect.InvocationTargetException: null
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:490)
at org.restheart.security.plugins.PluginsFactory.createAuthenticator(PluginsFactory.java:156)
... 49 common frames omitted
Caused by: org.yaml.snakeyaml.error.YAMLException: java.nio.charset.MalformedInputException: Input length = 1
at org.yaml.snakeyaml.reader.StreamReader.update(StreamReader.java:218)
at org.yaml.snakeyaml.reader.StreamReader.ensureEnoughData(StreamReader.java:176)
at org.yaml.snakeyaml.reader.StreamReader.ensureEnoughData(StreamReader.java:171)
at org.yaml.snakeyaml.reader.StreamReader.peek(StreamReader.java:126)
at org.yaml.snakeyaml.scanner.ScannerImpl.scanToNextToken(ScannerImpl.java:1177)
at org.yaml.snakeyaml.scanner.ScannerImpl.fetchMoreTokens(ScannerImpl.java:287)
at org.yaml.snakeyaml.scanner.ScannerImpl.checkToken(ScannerImpl.java:227)
at org.yaml.snakeyaml.parser.ParserImpl$ParseImplicitDocumentStart.produce(ParserImpl.java:195)
at org.yaml.snakeyaml.parser.ParserImpl.peekEvent(ParserImpl.java:158)
at org.yaml.snakeyaml.parser.ParserImpl.checkEvent(ParserImpl.java:148)
at org.yaml.snakeyaml.composer.Composer.getSingleNode(Composer.java:107)
at org.yaml.snakeyaml.constructor.BaseConstructor.getSingleData(BaseConstructor.java:139)
at org.yaml.snakeyaml.Yaml.loadFromReader(Yaml.java:524)
at org.yaml.snakeyaml.Yaml.load(Yaml.java:452)
at org.restheart.security.plugins.FileConfigurablePlugin.init(FileConfigurablePlugin.java:65)
at org.restheart.security.plugins.authenticators.SimpleFileAuthenticator.<init>(SimpleFileAuthenticator.java:65)
... 54 common frames omitted
Caused by: java.nio.charset.MalformedInputException: Input length = 1
at java.base/java.nio.charset.CoderResult.throwException(CoderResult.java:274)
at java.base/sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:339)
at java.base/sun.nio.cs.StreamDecoder.read(StreamDecoder.java:178)
at java.base/java.io.InputStreamReader.read(InputStreamReader.java:185)
at org.yaml.snakeyaml.reader.UnicodeReader.read(UnicodeReader.java:125)
at org.yaml.snakeyaml.reader.StreamReader.update(StreamReader.java:183)
... 69 common frames omitted
16:56:46.445 [main] [34mINFO [0;39m org.restheart.security.Bootstrapper - Stopping RESTHeart Security...
16:56:46.446 [main] [34mINFO [0;39m org.restheart.security.Bootstrapper - Cleaning up temporary directories...
16:56:46.448 [main] [34mINFO [0;39m org.restheart.security.Bootstrapper - [32;1mRESTHeart Security stopped[m
启动命令是
"D:\apps\MongoDB\jdk-11.0.5_windows-x64_bin\jdk-11.0.5\bin\java.exe" -Dfile.encoding=UTF-8 -server -Djavax.net.ssl.trustStore=.\etc\rhTrustStore -Djavax.net.ssl.trustStorePassword=hidden -Djavax.security.auth.useSubjectCredsOnly=false -jar restheart-security.jar .\etc\restheart-security.yml -e .\etc\default.properties
我的主配置文件中的相关块是
auth-mechanisms:
# - name: tokenBasicAuthMechanism
# class: org.restheart.security.plugins.mechanisms.TokenBasicAuthMechanism
# args:
# realm: RESTHeart Realm
- name: basicAuthMechanism
class: org.restheart.security.plugins.mechanisms.BasicAuthMechanism
args:
realm: RESTHeart Realm
authenticator: simpleFileAuthenticator
# - name: digestAuthMechanism
# class: org.restheart.security.plugins.mechanisms.DigestAuthMechanism
# args:
# realm: RESTHeart Realm
# domain: localhost
# authenticator: simpleFileAuthenticator
# - name: identityAuthenticationMechanism
# class: org.restheart.security.plugins.mechanisms.IdentityAuthMechanism
# args:
# username: admin
# roles:
# - admin
# - user
## Authenticators
# An Authenticator verify user credential and are used by one or more
# AuthMachanisms
# See README.md for the list of available Authenticators
authenticators:
- name: simpleFileAuthenticator
class: org.restheart.security.plugins.authenticators.SimpleFileAuthenticator
args:
conf-file: .\etc\users.yml
## Authorizers
# Authorizers verify if a request is allowed.
# As an in-bound request is received and authenticated the isAllowed() method is
# called on each authenticator in turn until one of the following occurs:
# an authenticator allows the incoming request or the list of authenticators is
# exhausted. In the latter case, the request ends and 403 Forbidden is returned.
# See README.md for the list of available Authorizers
authorizers:
- name: requestPredicatesAuthorizer
class: org.restheart.security.plugins.authorizers.RequestPredicatesAuthorizer
args:
conf-file: .\etc\acl.yml
并且用户和 acl 文件是
simpleFileAuthenticator 的配置文件
users:
- userid: hidden
password: hidden
roles: [users]
- userid: hidden
password: hidden
roles: [users]
## configuration file for requestPredicatesAuthorizer
permissions:
# OPTIONS is always allowed
- role: $unauthenticated
predicate: path-prefix[path="/echo"] and method[value="GET"]
- role: admin
predicate: path-prefix[path="/"]
# Users with role 'users' can GET any collection or document resource (excluding dbs and _logic )
- role: users
predicate: regex[pattern="/.*/.*", value="%R", full-match=true] and method[value="GET"] and not path-prefix[path="/_logic"]
# Users with role 'users' can request URI /_logic/csv
- role: users
predicate: path["/_logic/csv"]
# Users with role 'users' can do anything on the collection /publicdb/{username}
- role: users
predicate: path-template[value="/publicdb/{username}"] and equals[%u, "${username}"]
# Users with role 'users' can do anything on documents of the collection /publicdb/{username}
- role: users
predicate: path-template[value="/publicdb/{username}/{doc}"] and equals[%u, "${username}"]
使用的是 4.1.3 版本,我不知道哪里出了问题。
相关留言好像是:"Error configuring Authenticator simpleFileAuthenticator"
您的 simpleFileAuthenticator 配置文件看起来有缩进问题。
您可以使用在线 yaml 验证器作为 https://codebeautify.org/yaml-validator 检查您的 conf 文件
正确的users.yml文件是
users:
- userid: hidden
password: hidden
roles: [users]
- userid: hidden
password: hidden
roles: [users]
## configuration file for requestPredicatesAuthorizer
permissions:
# OPTIONS is always allowed
- role: $unauthenticated
predicate: path-prefix[path="/echo"] and method[value="GET"]
- role: admin
predicate: path-prefix[path="/"]
# Users with role 'users' can GET any collection or document resource (excluding dbs and _logic )
- role: users
predicate: regex[pattern="/.*/.*", value="%R", full-match=true] and method[value="GET"] and not path-prefix[path="/_logic"]
# Users with role 'users' can request URI /_logic/csv
- role: users
predicate: path["/_logic/csv"]
# Users with role 'users' can do anything on the collection /publicdb/{username}
- role: users
predicate: path-template[value="/publicdb/{username}"] and equals[%u, "${username}"]
# Users with role 'users' can do anything on documents of the collection /publicdb/{username}
- role: users
predicate: path-template[value="/publicdb/{username}/{doc}"] and equals[%u, "${username}"]
已解决,本周提示不要在密码中使用 €:-)