[servicecomb-service-center] branch master updated: Describe password requirements for root account (#682)

[tianxiaoliang]

This is an automated email from the ASF dual-hosted git repository.

tianxiaoliang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/servicecomb-service-center.git


The following commit(s) were added to refs/heads/master by this push:
     new 2a30c9f  Describe password requirements for root account (#682)
2a30c9f is described below

commit 2a30c9f24e4621f65ebcfe71372d0608407f0cfd
Author: Nikita Stupin <18281368+nikitastu...@users.noreply.github.com>
AuthorDate: Mon Aug 24 14:24:38 2020 +0300

    Describe password requirements for root account (#682)
---
 docs/user-guides/rbac.md | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/docs/user-guides/rbac.md b/docs/user-guides/rbac.md
index 19fee2c..32db9d1 100644
--- a/docs/user-guides/rbac.md
+++ b/docs/user-guides/rbac.md
@@ -21,10 +21,10 @@ auth_plugin = buildin # must set to buildin
 ```
 3.root account
 
-before you start server, you need to set env to set your root account 
password.  
+before you start server, you need to set env to set your root account 
password. Please note that password must conform to the [following set of 
rules](https://github.com/apache/servicecomb-service-center/blob/63722fadd511c26285e787eb2b4be516eab10b94/pkg/validate/matcher.go#L25):
 have more than 8 characters, have at least one upper alpha, have at least one 
lower alpha, have at least one digit and have at lease one special character.
 
 ```sh
-export SC_INIT_ROOT_PASSWORD=rootpwd
+export SC_INIT_ROOT_PASSWORD='P4$$word'
 ```
 at the first time service center cluster init, it will use this password to 
setup rbac module. 
 you can revoke password by rest API after cluster started. but you can not use 
this env to revoke password after cluster started.
@@ -39,7 +39,7 @@ token is the only credential to access rest API, before you 
access any API, you
 curl -X POST \
   http://127.0.0.1:30100/v4/token \
   -d '{"name":"root",
-"password":"rootpwd"}'
+"password":"P4$$word"}'
 ```
 will return a token, token will expired after 30m
 ```json
@@ -65,7 +65,7 @@ curl -X PUT \
   http://127.0.0.1:30100/v4/account/root/password \
   -H 'Authorization: Bearer {your_token}' \
   -d '{
-       "currentPassword":"rootpwd",
+       "currentPassword":"P4$$word",
        "password":"123"
 }'
 ```
@@ -87,4 +87,4 @@ curl -X POST \
 ### Roles 
 currently, you can not custom and manage any role and role policy. there is 
only 2 build in roles. rbac feature is in early development stage.
 - admin: able to do anything, including manage account, even change other 
account password
-- developer: able to call most of API except account management. except 
account management
\ No newline at end of file
+- developer: able to call most of API except account management. except 
account management