This is an automated email from the ASF dual-hosted git repository.
liubao pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-servicecomb-docs.git
commit d630cb8fd058a055392e994ee61241b327df1ffc
Author: DeanLee <lidi...@huawei.com>
AuthorDate: Mon Aug 20 15:08:32 2018 +0800
java-chassis-reference/en_US/references-handlers/publickey.md
---
.../en_US/references-handlers/publickey.md | 40 +++++++++++-----------
1 file changed, 20 insertions(+), 20 deletions(-)
diff --git a/java-chassis-reference/en_US/references-handlers/publickey.md
b/java-chassis-reference/en_US/references-handlers/publickey.md
index 4d540d7..7594221 100644
--- a/java-chassis-reference/en_US/references-handlers/publickey.md
+++ b/java-chassis-reference/en_US/references-handlers/publickey.md
@@ -1,14 +1,14 @@
-# 公钥认证
+# public key authentication
-## 场景描述
+## Scene Description
-公钥认证是ServiceComb提供的一种简单高效的微服务之间认证机制,它的安全性建立在微服务与服务中心之间的交互是可信的基础之上,即微服务和服务中心之间必须先启用认证机制。它的基本流程如下:
+Public key authentication is a simple and efficient authentication mechanism
between microservices provided by ServiceComb. Its security is based on the
trust between microservices and service centers, namely microservices and
service centers. The authentication mechanism must be enabled first. Its basic
process is as follows:
-1. 微服务启动的时候,生成秘钥对,并将公钥注册到服务中心。
-2. 消费者访问提供者之前,使用自己的私钥对消息进行签名。
-3. 提供者从服务中心获取消费者公钥,对签名的消息进行校验。
+1. When the microservice starts, generate a secret key pair and register the
public key to the service center.
+2. The consumer signs the message with his or her private key before accessing
the provider.
+3. The provider obtains the consumer public key from the service center and
verifies the signed message.
-公钥认证需要在消费者、提供者都启用。
+Public key authentication needs to be enabled for both consumers and providers.
```
servicecomb:
@@ -20,20 +20,20 @@ servicecomb:
default: auth-provider
```
-POM依赖:
+POM Dependency:
-* 在pom.xml中增加依赖:
+* Add dependencies in pom.xml:
```
- <dependency>
- <groupId>org.apache.servicecomb</groupId>
- <artifactId>handler-publickey-auth</artifactId>
+ <dependency>
+ <groupId>org.apache.servicecomb</groupId>
+ <artifactId>handler-publickey-auth</artifactId>
</dependency>
```
-## 配置黑白名单
+## Configuring black and white list
-基于公钥认证机制,ServiceComb提供了黑白名单功能。通过黑白名单,可以控制微服务允许其他哪些服务访问。目前支持通过配置服务属性来控制,配置项如下:
+Based on the public key authentication mechanism, ServiceComb provides a black
and white list function. Through the black and white list, you can control
which other services are allowed to be accessed by the microservice. Currently
supported by configuring service attributes, the configuration items are as
follows:
```
servicecomb:
@@ -43,10 +43,10 @@ servicecomb:
list01:
category: property ## property, fixed value
propertyName: serviceName ## property name
-# property value match expression.
-# only supports prefix match and postfix match and exactly match.
-# e.g. hacker*, *hacker, hacker
- rule: hacker
+# property value matches expression.
+# only supports prefix match and postfix match and exactly match.
+#, e.g., hacker*, *hacker, hacker
+ rule: hacker
white:
list02:
category: property
@@ -54,6 +54,6 @@ servicecomb:
rule: cust*
```
-以上规则配置了黑名单,不允许微服务名称为hacker的访问;白名单,允许微服务名称为cust前缀的服务访问。
+The above rules are configured with blacklists, which do not allow
microservice names to be accessed by hackers; whitelists allow access to
services with microservice names named cust.
-ServiceComb提供了[trust-sample](https://github.com/apache/incubator-servicecomb-java-chassis/tree/master/samples/trust-sample)来演示黑白名单功能。
\ No newline at end of file
+ServiceComb provides [trust-sample]
(https://github.com/apache/incubator-servicecomb-java-chassis/tree/master/samples/trust-sample)
to demonstrate the black and white list feature.
