按指南上
在注册中心控制权限,以决定要不要下发令牌给消费者,测试发现,注册上去的服务不管有没有启用token,调用方都可以调用成功
所以想问下,这点在哪里体现出来?
yutian
All 6 comments
仔细看图:提供方将令牌告之注册中心,由注册中心决定是否告之消费方
dreambt
on 6 May 2014
👎3
我测试发现只有dubbo协议才支持token认证
chenjie901
on 8 Dec 2015
@chenjie901 确实不支持
xue8710
on 18 Aug 2016
这个就尴尬了
qrqhuang
on 20 Sep 2017
I have run a demo for testing this case.
I used zookeeper as service discovery.
- add token :
- remove token from Attachment at org.apache.dubbo.rpc.protocol.dubbo.DubboInvoker#DubboInvoker .
And then it not work, and throw :
org.apache.dubbo.rpc.RpcException: Invalid token! Forbid invoke remote service interface org.apache.dubbo.demo.DemoService method sayHello() from consumer 30.5.125.8 to provider 30.5.125.8
at org.apache.dubbo.rpc.filter.TokenFilter.invoke(TokenFilter.java:46)
at org.apache.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72)
at org.apache.dubbo.rpc.protocol.dubbo.filter.TraceFilter.invoke(TraceFilter.java:78)
at org.apache.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72)
at org.apache.dubbo.rpc.filter.ContextFilter.invoke(ContextFilter.java:73)
at org.apache.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72)
at org.apache.dubbo.rpc.filter.GenericFilter.invoke(GenericFilter.java:138)
So I think it work well. The situation that how to use token :
- The consumer invoke provider directly but not from service discovery provider list. It can forbid it.
- You service discovery should have more feature that control to send token to some consumer but not to send token to other consumer. But it depend on special service discovery.
cvictory
on 7 Nov 2018
&READY-TO-CLOSE&
cvictory
on 7 Nov 2018
Was this page helpful?
0 / 5 - 0 ratings
Related issues
JerryChin
·
3Comments
BugZuo
·
4Comments
biyuhao
·
3Comments
sunyongfengchina
·
3Comments
Lhs9323
·
3Comments