[GitHub] [pulsar-manager] truong-hua opened a new issue #429: Bug: default user pulsar/pulsar does not have permission to create a new environment

GitBox Tue, 19 Oct 2021 05:27:55 -0700


truong-hua opened a new issue #429:
URL: https://github.com/apache/pulsar-manager/issues/429



   I'm using default pulsar/pulsar user with `user.management.enable=false`. 
The default pulsar user is logged in successfully but creating a new 
Environment will throw `{"error":"User does not have permission to operate"}`
   
   Below is my configrations:
   
   ```
   #
   # Licensed under the Apache License, Version 2.0 (the "License");
   # you may not use this file except in compliance with the License.
   # You may obtain a copy of the License at
   #
   #     http://www.apache.org/licenses/LICENSE-2.0
   #
   # Unless required by applicable law or agreed to in writing, software
   # distributed under the License is distributed on an "AS IS" BASIS,
   # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   # See the License for the specific language governing permissions and
   # limitations under the License.
   #
   
   spring.cloud.refresh.refreshable=none
   server.port=7750
   
   # configuration log
   logging.path=
   logging.file=pulsar-manager.log
   
   # DEBUG print execute sql
   logging.level.org.apache=INFO
   
   mybatis.type-aliases-package=org.apache.pulsar.manager
   
   # database connection
   
   # SQLLite
   #spring.datasource.driver-class-name=org.sqlite.JDBC
   #spring.datasource.url=jdbc:sqlite:pulsar_manager.db
   #spring.datasource.initialization-mode=always
   #spring.datasource.schema=classpath:/META-INF/sql/sqlite-schema.sql
   #spring.datasource.username=
   #spring.datasource.password=
   
   #HerdDB JDBC Driver
   spring.datasource.driver-class-name=herddb.jdbc.Driver
   # HerdDB - local in memory-only
   #spring.datasource.url=jdbc:herddb:local
   # HerdDB - start embedded server, data persisted on local disk (directory 
'dbdata'), listening on localhost:7000
   
spring.datasource.url=jdbc:herddb:server:localhost:7000?server.start=true&server.base.dir=dbdata
   # HerdDB - start embedded server 'diskless-cluster' mode, WAL and Data 
persisted on Bookies, Metadata on ZooKeeper in '/herd', listening on 
localhost:7000
   
#spring.datasource.url=jdbc:herddb:zookeeper:localhost:2181?server.start=true&server.base.dir=dbdata&server.mode=diskless-cluster&server.node.id=localhost
   # HerdDB - connect to standalone server at localhost:7000
   #spring.datasource.url=jdbc:herddb:server:localhost:7000
   # HerdDB - connect to cluster, uses ZooKeeper for service discovery
   #spring.datasource.url=jdbc:herddb:zookeeper:localhost:2181/herd
   
   
   spring.datasource.schema=classpath:/META-INF/sql/herddb-schema.sql
   spring.datasource.username=sa
   spring.datasource.password=hdb
   spring.datasource.initialization-mode=always
   
   # postgresql configuration
   #spring.datasource.driver-class-name=org.postgresql.Driver
   #spring.datasource.url=jdbc:postgresql://127.0.0.1:5432/pulsar_manager
   #spring.datasource.username=postgres
   #spring.datasource.password=postgres
   
   # zuul config
   # 
https://cloud.spring.io/spring-cloud-static/Dalston.SR5/multi/multi__router_and_filter_zuul.html
   # By Default Zuul adds  Authorization to be dropped headers list. Below we 
are manually setting it
   zuul.sensitive-headers=Cookie,Set-Cookie
   zuul.routes.admin.path=/admin/**
   zuul.routes.admin.url=http://localhost:8080/admin/
   zuul.routes.lookup.path=/lookup/**
   zuul.routes.lookup.url=http://localhost:8080/lookup/
   
   # pagehelper plugin
   #pagehelper.helperDialect=sqlite
   # force 'mysql' for HerdDB, comment out for postgresql
   pagehelper.helperDialect=mysql
   
   backend.directRequestBroker=true
   backend.directRequestHost=http://pulsar:8080
   backend.jwt.token=
   backend.broker.pulsarAdmin.authPlugin=
   backend.broker.pulsarAdmin.authParams=
   backend.broker.pulsarAdmin.tlsAllowInsecureConnection=false
   backend.broker.pulsarAdmin.tlsTrustCertsFilePath=
   backend.broker.pulsarAdmin.tlsEnableHostnameVerification=false
   
   jwt.secret=dab1c8ba-b01b-11e9-b384-186590e06885
   jwt.sessionTime=2592000
   # If user.management.enable is true, the following account and password will 
no longer be valid.
   pulsar-manager.account=pulsar
   pulsar-manager.password=pulsar
   # If true, the database is used for user management
   user.management.enable=false
   
   # Optional -> SECRET, PRIVATE, default -> PRIVATE, empty -> disable auth
   # SECRET mode -> bin/pulsar tokens create --secret-key 
file:///path/to/my-secret.key --subject test-user
   # PRIVATE mode -> bin/pulsar tokens create --private-key 
file:///path/to/my-private.key --subject test-user
   # Detail information: http://pulsar.apache.org/docs/en/security-token-admin/
   jwt.broker.token.mode=
   jwt.broker.secret.key=file:///path/broker-secret.key
   jwt.broker.public.key=file:///path/pulsar/broker-public.key
   jwt.broker.private.key=file:///path/broker-private.key
   
   # bookie
   bookie.host=http://bookie:8050
   bookie.enable=true
   
   redirect.scheme=http
   redirect.host=localhost
   redirect.port=9527
   
   # Stats interval
   # millisecond
   insert.stats.interval=30000
   # millisecond
   clear.stats.interval=300000
   init.delay.interval=0
   
   # cluster data reload
   cluster.cache.reload.interval.ms=60000
   
   # Third party login options
   third.party.login.option=
   
   # Github login configuration
   github.client.id=your-client-id
   github.client.secret=your-client-secret
   github.oauth.host=https://github.com/login/oauth/access_token
   github.user.info=https://api.github.com/user
   github.login.host=https://github.com/login/oauth/authorize
   github.redirect.host=http://localhost:9527
   
   user.access.token.expire=604800
   
   # thymeleaf configuration for third login.
   spring.thymeleaf.cache=false
   spring.thymeleaf.prefix=classpath:/templates/
   spring.thymeleaf.check-template-location=true
   spring.thymeleaf.suffix=.html
   spring.thymeleaf.encoding=UTF-8
   spring.thymeleaf.servlet.content-type=text/html
   spring.thymeleaf.mode=HTML5
   
   # default environment configuration
   default.environment.name=
   default.environment.service_url=
   default.environment.bookie_url=
   # enable tls encryption
   # keytool -import -alias test-keystore -keystore ca-certs -file 
certs/ca.cert.pem
   tls.enabled=false
   tls.keystore=keystore-file-path
   tls.keystore.password=keystore-password
   tls.hostname.verifier=false
   tls.pulsar.admin.ca-certs=ca-client-path
   
   # support peek message, default false
   pulsar.peek.message=true
   
   # swagger configration
   swagger.enabled=false
   ```
   
   And i'm using docker image: `apachepulsar/pulsar-manager:v0.2.0`


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [pulsar-manager] truong-hua opened a new issue #429: Bug: default user pulsar/pulsar does not have permission to create a new environment

Reply via email to