truong-hua opened a new issue #429:
URL: https://github.com/apache/pulsar-manager/issues/429
I'm using default pulsar/pulsar user with `user.management.enable=false`.
The default pulsar user is logged in successfully but creating a new
Environment will throw `{"error":"User does not have permission to operate"}`
Below is my configrations:
```
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
spring.cloud.refresh.refreshable=none
server.port=7750
# configuration log
logging.path=
logging.file=pulsar-manager.log
# DEBUG print execute sql
logging.level.org.apache=INFO
mybatis.type-aliases-package=org.apache.pulsar.manager
# database connection
# SQLLite
#spring.datasource.driver-class-name=org.sqlite.JDBC
#spring.datasource.url=jdbc:sqlite:pulsar_manager.db
#spring.datasource.initialization-mode=always
#spring.datasource.schema=classpath:/META-INF/sql/sqlite-schema.sql
#spring.datasource.username=
#spring.datasource.password=
#HerdDB JDBC Driver
spring.datasource.driver-class-name=herddb.jdbc.Driver
# HerdDB - local in memory-only
#spring.datasource.url=jdbc:herddb:local
# HerdDB - start embedded server, data persisted on local disk (directory
'dbdata'), listening on localhost:7000
spring.datasource.url=jdbc:herddb:server:localhost:7000?server.start=true&server.base.dir=dbdata
# HerdDB - start embedded server 'diskless-cluster' mode, WAL and Data
persisted on Bookies, Metadata on ZooKeeper in '/herd', listening on
localhost:7000
#spring.datasource.url=jdbc:herddb:zookeeper:localhost:2181?server.start=true&server.base.dir=dbdata&server.mode=diskless-cluster&server.node.id=localhost
# HerdDB - connect to standalone server at localhost:7000
#spring.datasource.url=jdbc:herddb:server:localhost:7000
# HerdDB - connect to cluster, uses ZooKeeper for service discovery
#spring.datasource.url=jdbc:herddb:zookeeper:localhost:2181/herd
spring.datasource.schema=classpath:/META-INF/sql/herddb-schema.sql
spring.datasource.username=sa
spring.datasource.password=hdb
spring.datasource.initialization-mode=always
# postgresql configuration
#spring.datasource.driver-class-name=org.postgresql.Driver
#spring.datasource.url=jdbc:postgresql://127.0.0.1:5432/pulsar_manager
#spring.datasource.username=postgres
#spring.datasource.password=postgres
# zuul config
#
https://cloud.spring.io/spring-cloud-static/Dalston.SR5/multi/multi__router_and_filter_zuul.html
# By Default Zuul adds Authorization to be dropped headers list. Below we
are manually setting it
zuul.sensitive-headers=Cookie,Set-Cookie
zuul.routes.admin.path=/admin/**
zuul.routes.admin.url=http://localhost:8080/admin/
zuul.routes.lookup.path=/lookup/**
zuul.routes.lookup.url=http://localhost:8080/lookup/
# pagehelper plugin
#pagehelper.helperDialect=sqlite
# force 'mysql' for HerdDB, comment out for postgresql
pagehelper.helperDialect=mysql
backend.directRequestBroker=true
backend.directRequestHost=http://pulsar:8080
backend.jwt.token=
backend.broker.pulsarAdmin.authPlugin=
backend.broker.pulsarAdmin.authParams=
backend.broker.pulsarAdmin.tlsAllowInsecureConnection=false
backend.broker.pulsarAdmin.tlsTrustCertsFilePath=
backend.broker.pulsarAdmin.tlsEnableHostnameVerification=false
jwt.secret=dab1c8ba-b01b-11e9-b384-186590e06885
jwt.sessionTime=2592000
# If user.management.enable is true, the following account and password will
no longer be valid.
pulsar-manager.account=pulsar
pulsar-manager.password=pulsar
# If true, the database is used for user management
user.management.enable=false
# Optional -> SECRET, PRIVATE, default -> PRIVATE, empty -> disable auth
# SECRET mode -> bin/pulsar tokens create --secret-key
file:///path/to/my-secret.key --subject test-user
# PRIVATE mode -> bin/pulsar tokens create --private-key
file:///path/to/my-private.key --subject test-user
# Detail information: http://pulsar.apache.org/docs/en/security-token-admin/
jwt.broker.token.mode=
jwt.broker.secret.key=file:///path/broker-secret.key
jwt.broker.public.key=file:///path/pulsar/broker-public.key
jwt.broker.private.key=file:///path/broker-private.key
# bookie
bookie.host=http://bookie:8050
bookie.enable=true
redirect.scheme=http
redirect.host=localhost
redirect.port=9527
# Stats interval
# millisecond
insert.stats.interval=30000
# millisecond
clear.stats.interval=300000
init.delay.interval=0
# cluster data reload
cluster.cache.reload.interval.ms=60000
# Third party login options
third.party.login.option=
# Github login configuration
github.client.id=your-client-id
github.client.secret=your-client-secret
github.oauth.host=https://github.com/login/oauth/access_token
github.user.info=https://api.github.com/user
github.login.host=https://github.com/login/oauth/authorize
github.redirect.host=http://localhost:9527
user.access.token.expire=604800
# thymeleaf configuration for third login.
spring.thymeleaf.cache=false
spring.thymeleaf.prefix=classpath:/templates/
spring.thymeleaf.check-template-location=true
spring.thymeleaf.suffix=.html
spring.thymeleaf.encoding=UTF-8
spring.thymeleaf.servlet.content-type=text/html
spring.thymeleaf.mode=HTML5
# default environment configuration
default.environment.name=
default.environment.service_url=
default.environment.bookie_url=
# enable tls encryption
# keytool -import -alias test-keystore -keystore ca-certs -file
certs/ca.cert.pem
tls.enabled=false
tls.keystore=keystore-file-path
tls.keystore.password=keystore-password
tls.hostname.verifier=false
tls.pulsar.admin.ca-certs=ca-client-path
# support peek message, default false
pulsar.peek.message=true
# swagger configration
swagger.enabled=false
```
And i'm using docker image: `apachepulsar/pulsar-manager:v0.2.0`
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
