This is an automated email from the ASF dual-hosted git repository.
albumenj pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/dubbo-website.git
The following commit(s) were added to refs/heads/master by this push:
new 312fa8f5055 # 权限控制 (#1491)
312fa8f5055 is described below
commit 312fa8f5055cb7c05e3bfaa6a142d128eb624ea5
Author: JIAN ZHONG <[email protected]>
AuthorDate: Sun Sep 11 12:28:42 2022 +0800
# 权限控制 (#1491)
---
.../security/token-authorization.md | 17 +++++++++--------
1 file changed, 9 insertions(+), 8 deletions(-)
diff --git
a/content/zh/docs3-v2/java-sdk/advanced-features-and-usage/security/token-authorization.md
b/content/zh/docs3-v2/java-sdk/advanced-features-and-usage/security/token-authorization.md
index b0d0b9d82ac..5d6f25333eb 100644
---
a/content/zh/docs3-v2/java-sdk/advanced-features-and-usage/security/token-authorization.md
+++
b/content/zh/docs3-v2/java-sdk/advanced-features-and-usage/security/token-authorization.md
@@ -6,39 +6,40 @@ weight: 2
description: "了解 dubbo3 权限控制的配置和使用"
---
-## 特性说明:
+## 特性说明
通过令牌验证在注册中心控制权限,以决定要不要下发令牌给消费者,
可以防止消费者绕过注册中心访问提供者,
另外通过注册中心可灵活改变授权方式,而不需修改或升级提供者。
-#### 设置类型:
-- 全局设置
-- 服务级别设置
-
## 使用场景
在一定程度上实现客户端和服务端的可信鉴权,避免任意客户端都可以访问,降低出现安全问题的风险。
-## 使用方式:
+## 使用方式
+### 全局设置
+
+开启令牌验证
-全局设置开启令牌验证:
```xml
<!--随机token令牌,使用UUID生成-->
<dubbo:provider token="true" />
```
+
或
```xml
<!--固定token令牌,相当于密码-->
<dubbo:provider token="123456" />
```
-服务级别设置:
+### 服务级别设置
+
```xml
<!--随机token令牌,使用UUID生成-->
<dubbo:service interface="com.foo.BarService" token="true" />
```
+
或
```xml
