惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

酷 壳 – CoolShell
酷 壳 – CoolShell
H
Hacker News: Front Page
P
Palo Alto Networks Blog
T
ThreatConnect
Apple Machine Learning Research
Apple Machine Learning Research
博客园_首页
T
True Tiger Recordings
P
Privacy & Cybersecurity Law Blog
B
Blog
IT之家
IT之家
Last Week in AI
Last Week in AI
F
Full Disclosure
Hacker News: Ask HN
Hacker News: Ask HN
C
Comments on: Blog
Microsoft Azure Blog
Microsoft Azure Blog
C
Cybersecurity and Infrastructure Security Agency CISA
Microsoft Security Blog
Microsoft Security Blog
博客园 - 【当耐特】
N
News and Events Feed by Topic
NISL@THU
NISL@THU
腾讯CDC
雷峰网
雷峰网
Security Latest
Security Latest
李成银的技术随笔
M
Microsoft Research Blog - Microsoft Research
L
LangChain Blog
L
Lohrmann on Cybersecurity
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
C
Check Point Blog
Y
Y Combinator Blog
Recent Announcements
Recent Announcements
博客园 - Franky
N
News | PayPal Newsroom
V
V2EX
A
About on SuperTechFans
The Register - Security
The Register - Security
月光博客
月光博客
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Google Online Security Blog
Google Online Security Blog
MyScale Blog
MyScale Blog
Cisco Talos Blog
Cisco Talos Blog
Vercel News
Vercel News
WordPress大学
WordPress大学
C
Cyber Attacks, Cyber Crime and Cyber Security
The Hacker News
The Hacker News
IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
爱范儿
爱范儿
A
Arctic Wolf
L
LINUX DO - 最新话题
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More

博客园 - 菜鸟乙

提示词 大模型实战 2-4 提示词聚合网站 提示词 大模型实战 1-1 提示词工程师导学 中间件 ZK分布式专题与Dubbo微服务入门 8-5 暴露商品服务 0-4min 中间件 ZK分布式专题与Dubbo微服务入门 9-4 获取分布式锁的流程 中间件 ZK分布式专题与Dubbo微服务入门 8-8 使用dubbo内置main打包jar启动 中间件 ZK分布式专题与Dubbo微服务入门 8-7 使用main主线程启动dubbo服务 中间件 ZK分布式专题与Dubbo微服务入门 8-6 使用tomcat启动dubbo服务 中间件 ZK分布式专题与Dubbo微服务入门 8-4 重构商品服务,抽取抽象工程 中间件 ZK分布式专题与Dubbo微服务入门 8-3 单体到分层模式代码演示 中间件 ZK分布式专题与Dubbo微服务入门 9-2 分布式锁的概念与数据最终不一致性的场景 中间件 ZK分布式专题与Dubbo微服务入门 7-9 zk-watcher实例 统一更新N台节点的配置文件 中间件 ZK分布式专题与Dubbo微服务入门 9-1 死锁与活锁的概念 中间件 ZK分布式专题与Dubbo微服务入门 7-8 curator之PathChildrenCache子节点监听 中间件 ZK分布式专题与Dubbo微服务入门 8-1 架构演变过程 中间件 ZK分布式专题与Dubbo微服务入门 7-7 curator之nodeCache一次注册N次监听 中间件 ZK分布式专题与Dubbo微服务入门 7-6 curator之usingWatcher 中间件 ZK分布式专题与Dubbo微服务入门 7-5 查询节点相关信息 中间件 ZK分布式专题与Dubbo微服务入门 8-2 dubbo 入门简介 中间件 ZK分布式专题与Dubbo微服务入门 7-4 修改节点以及删除节点
中间件 ZK分布式专题与Dubbo微服务入门 7-10 curator之acl权限操作与认证授权
菜鸟乙 · 2024-04-11 · via 博客园 - 菜鸟乙

0    课程地址

https://coding.imooc.com/lesson/201.html#mid=12807

1    重点关注

1.1    本节内容

curator新增节点时附带权限(递归给所有子节点权限)

curator修改节点的权限

1.2    关键代码

  • curator新增节点时附带权限
        String nodePath = "/acl/father/child/sub";
        
        List<ACL> acls = new ArrayList<ACL>();
        Id imooc1 = new Id("digest", AclUtils.getDigestUserPwd("imooc1:123456"));
        Id imooc2 = new Id("digest", AclUtils.getDigestUserPwd("imooc2:123456"));
        acls.add(new ACL(Perms.ALL, imooc1));
        acls.add(new ACL(Perms.READ, imooc2));
        acls.add(new ACL(Perms.DELETE | Perms.CREATE, imooc2));
        
        //递归创建子节点creatingParentsIfNeeded()
        //递归给子节点权限 withACL(acls, true)   
        // 创建节点
        byte[] data = "spiderman".getBytes();
        cto.client.create().creatingParentsIfNeeded()
                .withMode(CreateMode.PERSISTENT)
                .withACL(acls, true)
                .forPath(nodePath, data);
  • curator修改节点的权限
        cto.client.setACL().withACL(acls).forPath("/acl/father/child/sub");

2    课程内容



3    Coding

3.1    curator新增节点时附带权限(递归给所有子节点权限)

  • 启动服务端
    进入到
cd /usr/local/zookeeper/bin

 
    重启zookeeper服务端
./zkServer.sh restart
  • 主类
package com.imooc.curator;

import java.util.ArrayList;
import java.util.List;

import org.apache.curator.RetryPolicy;
import org.apache.curator.framework.CuratorFramework;
import org.apache.curator.framework.CuratorFrameworkFactory;
import org.apache.curator.retry.RetryNTimes;
import org.apache.zookeeper.CreateMode;
import org.apache.zookeeper.ZooDefs.Ids;
import org.apache.zookeeper.ZooDefs.Perms;
import org.apache.zookeeper.data.ACL;
import org.apache.zookeeper.data.Id;

import com.imooc.utils.AclUtils;

public class CuratorAcl {

    public CuratorFramework client = null;
    public static final String zkServerPath = "172.26.139.4:2181";

    public CuratorAcl() {
        RetryPolicy retryPolicy = new RetryNTimes(3, 5000);
        client = CuratorFrameworkFactory.builder().authorization("digest", "imooc1:123456".getBytes())
                .connectString(zkServerPath)
                .sessionTimeoutMs(10000).retryPolicy(retryPolicy)
                .namespace("workspace").build();
        client.start();
    }
    
    public void closeZKClient() {
        if (client != null) {
            this.client.close();
        }
    }
    
    public static void main(String[] args) throws Exception {
        // 实例化
        CuratorAcl cto = new CuratorAcl();
        boolean isZkCuratorStarted = cto.client.isStarted();
        System.out.println("当前客户的状态:" + (isZkCuratorStarted ? "连接中" : "已关闭"));
        
        String nodePath = "/acl/father/child/sub";
        
        List<ACL> acls = new ArrayList<ACL>();
        Id imooc1 = new Id("digest", AclUtils.getDigestUserPwd("imooc1:123456"));
        Id imooc2 = new Id("digest", AclUtils.getDigestUserPwd("imooc2:123456"));
        acls.add(new ACL(Perms.ALL, imooc1));
        acls.add(new ACL(Perms.READ, imooc2));
        acls.add(new ACL(Perms.DELETE | Perms.CREATE, imooc2));
        
        // 创建节点
        byte[] data = "spiderman".getBytes();
        cto.client.create().creatingParentsIfNeeded()
                .withMode(CreateMode.PERSISTENT)
                .withACL(acls, true)
                .forPath(nodePath, data);
        

        //cto.client.setACL().withACL(acls).forPath("/curatorNode");
        
        // 更新节点数据
//        byte[] newData = "batman".getBytes();
//        cto.client.setData().withVersion(0).forPath(nodePath, newData);
        
        // 删除节点
//        cto.client.delete().guaranteed().deletingChildrenIfNeeded().withVersion(0).forPath(nodePath);
        
        // 读取节点数据
//        Stat stat = new Stat();
//        byte[] data = cto.client.getData().storingStatIn(stat).forPath(nodePath);
//        System.out.println("节点" + nodePath + "的数据为: " + new String(data));
//        System.out.println("该节点的版本号为: " + stat.getVersion());
        
        
        cto.closeZKClient();
        boolean isZkCuratorStarted2 = cto.client.isStarted();
        System.out.println("当前客户的状态:" + (isZkCuratorStarted2 ? "连接中" : "已关闭"));
    }
    
}
  • linux客户端验证子节点权限
--启动linux客户端
zkCli.sh

[zk: localhost:2181(CONNECTED) 5] getAcl /workspace    
'world,'anyone
: cdrwa

--开始验证
[zk: localhost:2181(CONNECTED) 4] getAcl /workspace/acl
'digest,'imooc1:ee8R/pr2P4sGnQYNGyw2M5S5IMU=
: cdrwa
'digest,'imooc2:eBdFG0gQw0YArfEFDCRP3LzIp6k=
: r
'digest,'imooc2:eBdFG0gQw0YArfEFDCRP3LzIp6k=
: cd

[zk: localhost:2181(CONNECTED) 6] getAcl /workspace/acl/father
'digest,'imooc1:ee8R/pr2P4sGnQYNGyw2M5S5IMU=
: cdrwa
'digest,'imooc2:eBdFG0gQw0YArfEFDCRP3LzIp6k=
: r
'digest,'imooc2:eBdFG0gQw0YArfEFDCRP3LzIp6k=
: cd
[zk: localhost:2181(CONNECTED) 7] getAcl /workspace/acl/father/child
'digest,'imooc1:ee8R/pr2P4sGnQYNGyw2M5S5IMU=
: cdrwa
'digest,'imooc2:eBdFG0gQw0YArfEFDCRP3LzIp6k=
: r
'digest,'imooc2:eBdFG0gQw0YArfEFDCRP3LzIp6k=
: cd
[zk: localhost:2181(CONNECTED) 8] getAcl /workspace/acl/father/child/sub
'digest,'imooc1:ee8R/pr2P4sGnQYNGyw2M5S5IMU=
: cdrwa
'digest,'imooc2:eBdFG0gQw0YArfEFDCRP3LzIp6k=
: r
'digest,'imooc2:eBdFG0gQw0YArfEFDCRP3LzIp6k=
: cd
[zk: localhost:2181(CONNECTED) 9]

3.2    curator修改节点权限

  • 启动服务端
    进入到
cd /usr/local/zookeeper/bin

 
    重启zookeeper服务端
./zkServer.sh restart
  • 主类
package com.imooc.curator;

import java.util.ArrayList;
import java.util.List;

import org.apache.curator.RetryPolicy;
import org.apache.curator.framework.CuratorFramework;
import org.apache.curator.framework.CuratorFrameworkFactory;
import org.apache.curator.retry.RetryNTimes;
import org.apache.zookeeper.CreateMode;
import org.apache.zookeeper.ZooDefs.Ids;
import org.apache.zookeeper.ZooDefs.Perms;
import org.apache.zookeeper.data.ACL;
import org.apache.zookeeper.data.Id;

import com.imooc.utils.AclUtils;

public class CuratorAcl {

    public CuratorFramework client = null;
    public static final String zkServerPath = "172.26.139.4:2181";

    public CuratorAcl() {
        RetryPolicy retryPolicy = new RetryNTimes(3, 5000);
        client = CuratorFrameworkFactory.builder().authorization("digest", "imooc1:123456".getBytes())
                .connectString(zkServerPath)
                .sessionTimeoutMs(10000).retryPolicy(retryPolicy)
                .namespace("workspace").build();
        client.start();
    }
    
    public void closeZKClient() {
        if (client != null) {
            this.client.close();
        }
    }
    
    public static void main(String[] args) throws Exception {
        // 实例化
        CuratorAcl cto = new CuratorAcl();
        boolean isZkCuratorStarted = cto.client.isStarted();
        System.out.println("当前客户的状态:" + (isZkCuratorStarted ? "连接中" : "已关闭"));
        
        String nodePath = "/acl/father/child/sub";
        
        List<ACL> acls = new ArrayList<ACL>();
        Id imooc1 = new Id("digest", AclUtils.getDigestUserPwd("imooc1:123456"));
        Id imooc2 = new Id("digest", AclUtils.getDigestUserPwd("imooc2:123456"));
        acls.add(new ACL(Perms.ALL, imooc1));
        //acls.add(new ACL(Perms.READ, imooc2));
        //acls.add(new ACL(Perms.DELETE | Perms.CREATE, imooc2));
        
        // 创建节点
//        byte[] data = "spiderman".getBytes();
//        cto.client.create().creatingParentsIfNeeded()
//                .withMode(CreateMode.PERSISTENT)
//                .withACL(acls, true)
//                .forPath(nodePath, data);
        

        cto.client.setACL().withACL(acls).forPath("/acl/father/child/sub");
        
        // 更新节点数据
//        byte[] newData = "batman".getBytes();
//        cto.client.setData().withVersion(0).forPath(nodePath, newData);
        
        // 删除节点
//        cto.client.delete().guaranteed().deletingChildrenIfNeeded().withVersion(0).forPath(nodePath);
        
        // 读取节点数据
//        Stat stat = new Stat();
//        byte[] data = cto.client.getData().storingStatIn(stat).forPath(nodePath);
//        System.out.println("节点" + nodePath + "的数据为: " + new String(data));
//        System.out.println("该节点的版本号为: " + stat.getVersion());
        
        
        cto.closeZKClient();
        boolean isZkCuratorStarted2 = cto.client.isStarted();
        System.out.println("当前客户的状态:" + (isZkCuratorStarted2 ? "连接中" : "已关闭"));
    }
    
}
  • linux客户端验证子节点权限
--启动linux客户端
zkCli.sh

--开始验证
[zk: localhost:2181(CONNECTED) 9] getAcl /workspace/acl/father/child/sub
'digest,'imooc1:ee8R/pr2P4sGnQYNGyw2M5S5IMU=
: cdrwa
[zk: localhost:2181(CONNECTED) 10]



此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。