前因:政府项目被扫出nacos未授权访问漏洞
nacos开启权限认证配置:
项目配置(nacos测试项目):
maven依赖:
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-nacos-config</artifactId>
<version>2.1.1.RELEASE</version>
</dependency>
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-nacos-discovery</artifactId>
<version>2.1.1.RELEASE</version>
</dependency>
启动错误:
postman请求:
http://localhost:8848/nacos/v1/cs/configs?dataId=nacos-config-client-dev.yaml&group=DEFAULT_GROUP&tenant=&username=nacos&password=nacos
可以请求到配置文件:
=========================================================================
问题:版本没有对应上
版本对应地址:版本说明 · alibaba/spring-cloud-alibaba Wiki · GitHub
解决办法:
配置修改:
maven依赖修改:
<ali-nacos.version>2.2.7.RELEASE</ali-nacos.version>
<!-- nacos -->
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-nacos-config</artifactId>
<version>${ali-nacos.version}</version>
<exclusions>
<exclusion>
<groupId>com.alibaba.nacos</groupId>
<artifactId>nacos-client</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-nacos-discovery</artifactId>
<version>${ali-nacos.version}</version>
<exclusions>
<exclusion>
<groupId>com.alibaba.nacos</groupId>
<artifactId>nacos-client</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.alibaba.nacos</groupId>
<artifactId>nacos-client</artifactId>
<version>1.4.1</version>
</dependency>
问题解决: