问题:
从Dockerized SpringBoot到外部MariaDB的JDBC身份验证失败
时向文
-
null
@Autowired
public void setDataSource(DataSource dataSource) {
// pull environment variables being used and log them for debugging
String dbhost = System.getenv("DOCKENV_MYSQL_HOST");
String dbport = System.getenv("DOCKENV_MYSQL_PORT");
String dbuser = System.getenv("DOCKENV_MYSQL_USERID");
String dbpw = System.getenv("DOCKENV_MYSQL_PASSWORD");
thisLog.info("DOCKENV_MYSQL_HOST=" + dbhost + " DOCKENV_MYSQL_PORT=" + dbport + " DOCKENV_MYSQL_USERID=" + dbuser
+ " DOCKENV_MYSQL_PASSWORD=" + dbpw);
jdbcTemplate = new JdbcTemplate(dataSource);
}
下面是在Linux提示层用curl命令执行和调用SpringBoot服务时记录的内容。
[mdh@fedora1 ~/gitwork/kuberdepends]$ printenv | grep DOCK
DOCKENV_MYSQL_PORT=3306
DOCKENV_MYSQL_PASSWORD=badpassword
DOCKENV_MYSQL_HOST=192.168.99.10
DOCKENV_MYSQL_USERID=dependsapp
[mdh@fedora1 ~/gitwork/kuberdepends]$ java -jar target/depends.jar 1>/dev/null 2>/dev/null&
[1] 7814
[mdh@fedora1 ~/gitwork/kuberdepends]$
[mdh@fedora1 ~/gitwork/kuberdepends]$ curl -H "Content-type: application/json" -X GET http://127.0.0.1:8080//depends/api/projects/34
{"project_id":34,"projectstatus_id":0,"clientbusunit_id":2,"clientbusdept_id":2,"factorybusunit_id":11,"factorybusdept_id":23,"projectname":"Ent Portal Unification","shortdescription":"Merge enterprise portals into spectrum.net","longdescription":"Longer desc here","hascapitalspend":"Y","hasexpensespend":"Y","capitalledger":"","expenseledger":"","clientpriority":1,"deliverypriority":1,"restricttodept":"N","restricttomembers":"N","createdatetime":"2018-05-20 20:51:22.0","updatedatetime":null}[mdh@fedora1 ~/gitwork/kuberdepends]$
[mdh@fedora1 ~/gitwork/kuberdepends]$
[mdh@fedora1 ~/gitwork/kuberdepends]$
[mdh@fedora1 ~/gitwork/kuberdepends]$ cat /logs/springboot/dependsLog.txt | grep dependsapp
2019-08-24 13:33:45.077 INFO 7814 --- [main] com.charter.depends.dao.ProjectsDAO : DOCKENV_MYSQL_HOST=192.168.99.10 DOCKENV_MYSQL_PORT=3306 DOCKENV_MYSQL_USERID=dependsapp DOCKENV_MYSQL_PASSWORD=badpassword
[mdh@fedora1 ~/gitwork/kuberdepends]$
JAR的工作版本被包装为带有以下DockerFile的Docker容器:
[mdh@fedora1 ~/gitwork/kuberdepends]$ cat Dockerfile.openjdk13alpine
# Docker file -- use as micro-sized test image with basic Linux commands
# 1) use alpine image as starting slice
# 2) add packages: iputils, busybox-extras (for telnet), mariadb-client (testing MariaDB access)
# 3) starts the SpringBoot app in depends.jar as java -jar /opt/mdhlabs/depends.jar
FROM openjdk:13-alpine
RUN mkdir /opt/mdhlabs
COPY ./target/depends.jar /opt/mdhlabs/depends.jar
WORKDIR /opt/mdhlabs
RUN apk update && apk add iputils && apk add busybox-extras && apk add mariadb-client
CMD ["java", "-jar","/opt/mdhlabs/depends.jar"]
[mdh@fedora1 ~/gitwork/kuberdepends]$
[mdh@fedora1 ~/gitwork/kuberdepends]$ docker build -t kuberdepends-alp13 -f Dockerfile.openjdk13alpine .
(stuff omitted here for brevity...)
Successfully tagged kuberdepends-alp13:latest
[mdh@fedora1 ~/gitwork/kuberdepends]$
在停止Springboot进程并运行从主Linux环境将内部8080映射到外部7777的Dockerized版本端口之后,下面是日志。
[mdh@fedora1 ~/gitwork/kuberdepends]$ docker run --network=host -p 7777:8080 -d -e DOCKENV_MYSQL_HOST='192.168.99.10' -e DOCKENV_MYSQL_PORT='3306' -e DOCKENV_MYSQL_USERID='dependsapp' -e DOCKENV_MYSQL_PASSWORD='badpassword' --name kuberdepends-container kuberdepends-alp13
WARNING: Published ports are discarded when using host network mode
293d36ed488ca076d050f9579bb54979ff9e469a9d4429ad58204f069dbfd358
[mdh@fedora1 ~/gitwork/kuberdepends]$
[mdh@fedora1 ~/gitwork/kuberdepends]$ curl -H "Content-type: application/json" -X GET http://127.0.0.1:7777//depends/api/projects/34
curl: (7) Failed to connect to 127.0.0.1 port 7777: Connection refused
[mdh@fedora1 ~/gitwork/kuberdepends]$
[mdh@fedora1 ~/gitwork/kuberdepends]$ docker exec -it kuberdepends-container sh
/opt/mdhlabs # wget --header "Content-type: application/json" http://127.0.0.1:8080//depends/api/projects/34
Connecting to 127.0.0.1:8080 (127.0.0.1:8080)
wget: server returned error: HTTP/1.1 500
/opt/mdhlabs #
/opt/mdhlabs # cat /logs/springboot/dependsLog.txt | grep dependsapp
2019-08-24 18:52:08.956 INFO 1 --- [main] com.charter.depends.dao.ProjectsDAO : DOCKENV_MYSQL_HOST=192.168.99.10 DOCKENV_MYSQL_PORT=3306 DOCKENV_MYSQL_USERID=dependsapp DOCKENV_MYSQL_PASSWORD=badpassword
java.sql.SQLException: Access denied for user 'dependsapp'@'127.0.0.1' (using password: YES)
2019-08-24 18:56:14.796 ERROR 1 --- [http-nio-8080-exec-1] o.a.c.c.C.[.[.[.[dispatcherServlet] : Servlet.service() for servlet [dispatcherServlet] in context with path [/depends/api] threw exception [Request processing failed; nested exception is org.springframework.jdbc.CannotGetJdbcConnectionException: Could not get JDBC Connection; nested exception is java.sql.SQLException: Access denied for user 'dependsapp'@'127.0.0.1' (using password: YES)] with root cause
java.sql.SQLException: Access denied for user 'dependsapp'@'127.0.0.1' (using password: YES)
/opt/mdhlabs #
/opt/mdhlabs # mysql --user=dependsapp --password=badpassword --host=192.168.99.10 depends
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 45
Server version: 10.3.8-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [depends]> select project_id, projectname from projects where project_id=34;
+------------+------------------------+
| project_id | projectname |
+------------+------------------------+
| 34 | Ent Portal Unification |
+------------+------------------------+
1 row in set (0.000 sec)
MariaDB [depends]>
2019-08-24 18:56:14.605 INFO 1 --- [http-nio-8080-exec-1] c.c.depends.services.ProjectController : QUERY action=projectRe
2019-08-24 18:56:14.788 ERROR 1 --- [http-nio-8080-exec-1] o.a.tomcat.jdbc.pool.ConnectionPool : Unable to create initi
java.sql.SQLException: Access denied for user 'dependsapp'@'127.0.0.1' (using password: YES)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:964) ~[mysql-connector-java-5.1.41.jar!/:5.1.41]
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3973) ~[mysql-connector-java-5.1.41.jar!/:5.1.41]
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3909) ~[mysql-connector-java-5.1.41.jar!/:5.1.41]
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:873) ~[mysql-connector-java-5.1.41.jar!/:5.1.41]
at com.mysql.jdbc.MysqlIO.proceedHandshakeWithPluggableAuthentication(MysqlIO.java:1710) ~[mysql-connector-java-5.1.
at com.mysql.jdbc.MysqlIO.doHandshake(MysqlIO.java:1226) ~[mysql-connector-java-5.1.41.jar!/:5.1.41]
at com.mysql.jdbc.ConnectionImpl.coreConnect(ConnectionImpl.java:2205) ~[mysql-connector-java-5.1.41.jar!/:5.1.41]
at com.mysql.jdbc.ConnectionImpl.connectOneTryOnly(ConnectionImpl.java:2236) ~[mysql-connector-java-5.1.41.jar!/:5.1
at com.mysql.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:2035) ~[mysql-connector-java-5.1.41.jar!/:5.1.41]
如有任何帮助,不胜感激。
共有1个答案
罗俭
找到了根本原因...飞行员失误。
我的项目树在类路径中有两个独立的application.properties文件:
$project/application.properties
$project/src/main/resources/application.
类似资料:
-
我有一个REST服务,它依赖于外部系统来验证令牌,但需要自己进行授权(使用like@Secured进行API级访问)。 要求: UI使用外部系统生成令牌 一种可能的解决方案是使用过滤器: > UI使用外部系统生成令牌 UI使用令牌对我的服务进行REST调用 我的服务有一个过滤器,它使用令牌调用外部系统 有效令牌的外部系统发回用户详细信息 我对成功呼叫集的服务与SecurityContextHold
-
我们的项目包括一个JavaFX应用程序,它通过RMI协议调用JEE服务器。我们使用Payara应用服务器,一个Glassfish分叉。我们想使用带有数据库的JAAS来管理授权给用户的身份验证和权限。 我们不了解如何将创建的JDBC领域与我们的应用程序绑定以与数据库交互。 我们可以像这里一样以编程方式调用领域或直接查询数据库吗? 启动LoginContext的服务: 登录模块: CallBackHa
-
使用这个例子,我的连接几乎可以工作 http://blogs.nologin.es/rickyepoderi/index.php?/archives/105-oracle-driver-and-kerberos.html 我使用的是Java7,但使用另一个没有问题。有没有一种方法可以用jvm正确读取票证(参见jdk中的kinit不要创建正确的票证)
-
Tweepy API请求twitter return me Twitter错误响应:状态代码=401。 这是我的实际代码: 我曾试图用tweepy软件包删除推文,并获得了所有必需的密钥。镊子包装不起作用吗?有人能帮我解决这个问题吗。
-
我的keytab由以下命令生成: SPN信息 看起来我的keytab没问题。
-
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.3.xsd“>