[工具] Ice注册中心账号密码 - AdminCryptPasswords

Ice是个好东西，希望国内能普及

此文介绍如何实现Ice注册中心的账号密码登录。

使用的是 IceGrid.Registry.AdminCryptPasswords 配置项；在icegridregistry对应的配置文件中进行配置。

1、如何配置 AdminCryptPasswords[ice官方文档]

==================================================================

原文：

IceGrid.Registry.AdminCryptPasswords

Synopsis

IceGrid.Registry.AdminCryptPasswords=file

Description

Specifies the file name of an IceGrid registry access control list for administrative clients. Each line of the file must contain a user name and

a password, separated by white space. The password must a MCF encoded string as described here. If this property is not defined, the

default value is admin-passwords. This property is ignored if IceGrid.Registry.AdminPermissionsVerifier is defined.

==================================================================

2、如何生产账号密码

密码是经过hash加密，把密文配置到密码文件中。相同的密码，每次hash得到的密文都不一样。

CentOS版本：2.6.32-754.el6.x86_64

python版本：Python 2.6.6

用户权限：root

安装：pip install zeroc-icehashpassword

生成密文工具：icehashpassword

如何生成加密账号密码：WritingaPasswordFile[ice官方文档]

==================================================================

原文：

On Linux:

CryptusingSHA-256, orSHA-512as the digest algorithm.

The propertyGlacier2.CryptPasswordsspecifies the name of the password file:

Glacier2.CryptPasswords=passwords

The format of the password file is very simple. Each user name-password pair must reside on a separate line, with whitespace separating the user name from the password. For example, the following password file contains an entry for the user nametest:

test $5$rounds=110000$5rM9XIDChkgEu.S3$ov7yip4NOi1wymAZmamEv1uKPQRB0WzasoJsWMpRT19

icehashpasswordHelper Script

You can use theicehashpasswordhelper script to generate these username-password pairs. This script requiresPythonandpipto be installed. To install this script run:

> pip install zeroc-icehashpassword

You can now use the commandicehashpassword:

> icehashpassword

Password:

$5$rounds=110000$5rM9XIDChkgEu.S3$ov7yip4NOi1wymAZmamEv1uKPQRB0WzasoJsWMpRT19

==================================================================

3、配置好password文件，然后重启注册中心，即可实现账号密码登录限制。

注册中心配置文件：

#NullPermissionsVerifier 必须
#IceGridAdmin.Username=foo

#IceGridAdmin.Password=bar

#IceGrid.Registry.AdminPermissionsVerifier=DemoIceGrid/NullPermissionsVerifier

IceGrid.Registry.AdminCryptPasswords=passwords.txt

密码文件 passwords.txt：

名称 + 空格 + 密文

test $6$rounds=656000$lsuADSb779/0eU3L$T4oYilkHZ9LWB2OO4mhp9aeGYgqn2dLY/7HNHFxLJZpjR/ylhLuBI4HfihciYnQ/qd5v.P7ZtW3dOFEYia3AD1

登录时输入账号密码：

失败：

成功：进入！

如果觉得我的文章对您有用，请随意打赏。您的支持将鼓励我继续创作！