Skip to content

[#5013] Fixing the issue where microservices cannot be registered when enabling RBAC authentication in a dual-engine disaster recovery scenario. #5014

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
chengyouling merged 14 commits into from
Nov 24, 2025
Merged

[#5013] Fixing the issue where microservices cannot be registered when enabling RBAC authentication in a dual-engine disaster recovery scenario. #5014

chengyouling merged 14 commits into from
Nov 24, 2025

Conversation

@chengyouling
Copy link
Contributor

@chengyouling chengyouling commented Nov 11, 2025

No description provided.

@chengyouling
Fixing the issue where microservices cannot be registered when enabli…
4450abc 
…ng RBAC authentication in a dual-engine disaster recovery scenario.
@chengyouling chengyouling self-assigned this Nov 11, 2025
humingcheng
humingcheng requested changes Nov 12, 2025
View reviewed changes
...lient/src/main/java/org/apache/servicecomb/service/center/client/ServiceCenterRawClient.java
}

private void recordAndSendUnAuthorizedEvent(HttpResponse response, String address) {
if (this.eventBus != null && response.getStatusCode() == HttpStatus.SC_UNAUTHORIZED) {
Copy link

@humingcheng humingcheng Nov 12, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

401的错误有多种,只有token解析失败才能视为地址管理的异常(即一个地址的token发到了另一个地址),而token超期之类的错误不能算。

Copy link
Contributor Author

@chengyouling chengyouling Nov 13, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

发布UnAuthorizedOperationEvent事件主要是为了触发token重新刷新,如果是超期了,也可以提前刷新token,更友好

mojieshui
mojieshui reviewed Nov 24, 2025
View reviewed changes
.../main/java/org/apache/servicecomb/serviceregistry/refresh/ServiceRegistryAddressManager.java Outdated
if (!isAffinityAddress || (StringUtils.isEmpty(ownRegion) && StringUtils.isEmpty(ownAvailableZone))) {
return;
}
String regionAndZone = "region=" + ownRegion + "&availableZone=" + ownAvailableZone;
Copy link

@mojieshui mojieshui Nov 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

region和az按照url的标准应该是无序的,建议通过url param解析后对比

Copy link
Contributor Author

@chengyouling chengyouling Nov 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed

@chengyouling chengyouling merged commit c8b77b3 into apache:2.8.x Nov 24, 2025
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@humingcheng humingcheng humingcheng requested changes

+1 more reviewer

@mojieshui mojieshui mojieshui approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@chengyouling chengyouling

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@chengyouling @humingcheng @mojieshui