fenixsoft / microservice_arch_springcloud Goto Github PK

View Code? Open in Web Editor NEW

359.0 359.0 248.0 6.43 MB

基于SpringCloud实现的微服务架构示例工程。《凤凰架构》的配套组件。

Home Page: https://icyfenix.cn

License: Apache License 2.0

Java 96.81% HTML 0.58% Dockerfile 1.42% Shell 1.19%

microservice_arch_springcloud's Introduction

程序员
华为七级专家，兼职一些管理与研究工作的程序员。主要从事大型企业级软件的架构与研发工作，参与过 MetaERP、MetaCRM 等重要变革项目，分别担任首席技术规划与总架构师。业余里对计算机科学相关的多个领域都有持续跟进。
研究员
理学博士，华为企业应用教研室主任。曾任远光软件研究院院长，澳门科大-远光人工智能联合实验室主任，研究方向为机器学习自动化特征选择。
计算机技术作家
出版过八部计算机技术书籍，撰写过两部开源文档，口碑和销量均得到业内认可。其中五本书在豆瓣上获得了 9.0 分或以上的评价，“深入理解 Java 虚拟机”系列重印超过 45 次，总销量逾 40 万册。
- 2021年《凤凰架构：构建可靠的大型分布式系统》（豆瓣 9.4）
- 2020年《软件架构探索：The Fenix Project》（开源文档）
- 2019年《深入理解 Java 虚拟机：JVM 高级特性与最佳实践（第三版）》（豆瓣 9.5）
- 2018年《智慧的疆界：从图灵机到人工智能》（豆瓣 9.4）
- 2016年《深入理解 Java 虚拟机：JVM 高级特性与最佳实践（第二版）》（豆瓣 9.1）
- 2015年《Java虚拟机规范（Java SE 8中文版）》（官方授权翻译，豆瓣 8.4）
- 2014年《Java虚拟机规范（Java SE 7中文版）》（官方授权翻译，豆瓣 9.0）
- 2013年《深入理解 OSGi：Equinox 原理、应用与最佳实践》（豆瓣 7.7）
- 2011年《深入理解 Java 虚拟机：JVM 高级特性与最佳实践（第一版）》（豆瓣 8.6）
- 2011年《Java虚拟机规范（Java SE 7中文版）》（开源文档）
技术布道师
开源技术的积极倡导者和推动者，国内主流云计算厂商的最有价值技术专家，媒体撰稿人，会议讲师。

microservice_arch_springcloud's People

Contributors

Stargazers

Watchers

Forkers

re-burning rayzer terryjiang2011 upowerman wxj1988 kyleforks jonclema monthandeclipse zhoubb0230 fangguanya ky2009888 liyi139 venhow tjhorizon leoalasiga workcheng william-zzw wpt191 eulerformula caihua209 leixw0102 mz157589766 qilei rjgchw yiksam leeloveit peineliang kangel17 chengyang225 ekoatgithub akazc milo-cell cooldevin guoamocker oh-blade xw215461272 askformore soupal happyfreeangel ijunjie chenguomingx 1024kbfree freedomandfinally monsterhxw erzhiqianyi 5yuelei oliverniu2008 valiant-sun ceidion danlxc fredisfighting suuuperlyb pesong toyr angangxuxu hyyspy desireall tothegalaxy gaogushenling fxd10001 liukay mffeng youtiao143 penhaijun liuchao1016 mabh529 algernoonliu wangruigithub welbinbin iyangming abhaha gspandy panda00hi chaogege takiya562 codebyteme chentianming11 springcloud-springboot tw0629 zhangsg1234 huang-weifu 201206030 dgrgfj drunkcattt msnetc lingfengcoder soho-smarthome svnlab websky219 peiht kpaxer yunquanxu rwindwh kamiingithub maddonkey ziqiao-newbie chipsk austinmeng liumangmang1024 dajunge

microservice_arch_springcloud's Issues

An error occured when running: docker-compose -f docker-compose.dev.yml up

 2021-12-20 12:06:39.604 ERROR 1 --- [nfoReplicator-0] c.n.d.s.t.d.RedirectingEurekaHttpClient  : Request execution error. endpoint=DefaultEndpoint{ serviceUrl='http://platform-registry:8761/eureka/}
platform-gateway_1        |
platform-gateway_1        | com.sun.jersey.api.client.ClientHandlerException: java.net.ConnectException: Connection refused (Connection refused)
platform-gateway_1        |     at com.sun.jersey.client.apache4.ApacheHttpClient4Handler.handle(ApacheHttpClient4Handler.java:187) ~[jersey-apache-client4-1.19.1.jar!/:1.19.1]
platform-gateway_1        |     at com.sun.jersey.api.client.filter.GZIPContentEncodingFilter.handle(GZIPContentEncodingFilter.java:123) ~[jersey-client-1.19.1.jar!/:1.19.1]
platform-gateway_1        |     at com.netflix.discovery.EurekaIdentityHeaderFilter.handle(EurekaIdentityHeaderFilter.java:27) ~[eureka-client-1.9.17.jar!/:1.9.17]
platform-gateway_1        |     at com.sun.jersey.api.client.Client.handle(Client.java:652) ~[jersey-client-1.19.1.jar!/:1.19.1]
platform-gateway_1        |     at com.sun.jersey.api.client.WebResource.handle(WebResource.java:682) ~[jersey-client-1.19.1.jar!/:1.19.1]
platform-gateway_1        |     at com.sun.jersey.api.client.WebResource.access$200(WebResource.java:74) ~[jersey-client-1.19.1.jar!/:1.19.1]
platform-gateway_1        |     at com.sun.jersey.api.client.WebResource$Builder.post(WebResource.java:570) ~[jersey-client-1.19.1.jar!/:1.19.1]

Every docker container works fine and the front web can get all data functionally. Why this log seems eureka server didn't run properly.

A certificate verification issue when get the public key used to verify JWT.

Hi, we are a research group to help developers build secure applications. We designed a cryptographic misuse detector on Java language(Our main concern is the secure implementation and use of Json Web Token). We found your great public repository (i.e., microservice_arch_springcloud from Github, and a security issue detected by our detector are shown in the following. The specific security issues we found are as follows:
(1) Location: Package: com.github.fenixsoft.bookstore.infrasturcture.security; Class: RSA256PublicJWTAccessToken.class
Security issue: not verify the public key certificate used to validate JWT signature.

We detected that the RSA256PublicJWTAccessToken method get public key from the certificate without any verification. An attacker may use the private key corresponding to a revoked or expired or self-signed public key certificate to forge a JWT. We recommend to verify the validity of certificates and certificate chains to improve system security.

We wish the above security issues cloud truly help you to build a secure application. If you have any concern or suggestion, please feel free to contact us, we are looking forwart to your reply. Thanks.

fenixsoft / microservice_arch_springcloud Goto Github PK

microservice_arch_springcloud's Introduction

microservice_arch_springcloud's People

Contributors

Stargazers

Watchers

Forkers

microservice_arch_springcloud's Issues

An error occured when running: docker-compose -f docker-compose.dev.yml up

A certificate verification issue when get the public key used to verify JWT.

有个问题请教：在k8s环境中，服务注册和发现已经不需要了，那么网关要实现什么功能比较好呢？

文档中说服务治理使用了Hystrix，但是项目中没有引入Hystrix库，是漏掉了吗？

如何捕获并处理 security 相关异常

接收到未处理的异常： HTTP Code:401, 信息:[invalid_token] Cannot convert access token to JSON

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent