From e3aab8911e41eb5bdf7a39d3a1839c5d8fc48335 Mon Sep 17 00:00:00 2001 From: liuyuanmu Date: Tue, 26 Apr 2022 18:34:37 +0800 Subject: [PATCH] security for explorer --- core | 2 +- .../config/application-gw.properties | 20 +++++++------------ 2 files changed, 8 insertions(+), 14 deletions(-) diff --git a/core b/core index 0aa4a7d5..2a94f276 160000 --- a/core +++ b/core @@ -1 +1 @@ -Subproject commit 0aa4a7d5d4a6653c237c422be03abb0d2a42104c +Subproject commit 2a94f2761eb6a52bd5ca85b80c9fe875c1e1f765 diff --git a/deploy/deploy-gateway/src/main/resources/config/application-gw.properties b/deploy/deploy-gateway/src/main/resources/config/application-gw.properties index 5a2e78f7..b67a9caa 100644 --- a/deploy/deploy-gateway/src/main/resources/config/application-gw.properties +++ b/deploy/deploy-gateway/src/main/resources/config/application-gw.properties @@ -10,21 +10,15 @@ server.ssl.key-store= server.ssl.key-store-type=PKCS12 server.ssl.key-alias= server.ssl.key-store-password= -server.ssl.protocol= -server.ssl.enabled-protocols= -server.ssl.ciphers= server.ssl.trust-store= server.ssl.trust-store-password= server.ssl.trust-store-type=JKS server.ssl.hostNameVerifier=NO-OP -#GM TLS配置 -#示例: -#server.ssl.key-store=cert/sm2.node0.both.pfx -#server.ssl.key-store-type=PKCS12 -#server.ssl.key-alias= -#server.ssl.key-store-password=12345678 -#server.ssl.protocol=GMTLS -#server.ssl.hostNameVerifier=NO-OP -#server.ssl.enabled-protocols=TLSv1.2,GMSSLv1.1 -#server.ssl.ciphers=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,ECC_SM4_CBC_SM3,ECDHE_SM4_GCM_SM3,ECDHE_SM4_CBC_SM3 +# 浏览器鉴权,设置用户名/密码,若没有配置则区块链浏览器完全开放 +spring.security.user.name=jdchain +spring.security.user.password=jdchain +# 针对SDK和命令行工具,以下是提交交易必须开放的接口:账本列表+秘钥算法配置+提交交易接口 +spring.security.ignored=/ledgers,/ledgers/*/settings/crypto,/rpc/tx +# 针对SDK和命令行工具,以下是查询必须开放的接口: +#spring.security.ignored=/ledgers/**