Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

关于ProtocolSecurityWrapper过滤器里面序列化安全器的问题 #15263

Closed
3 of 4 tasks
529645354 opened this issue Mar 21, 2025 · 1 comment
Closed
3 of 4 tasks

关于ProtocolSecurityWrapper过滤器里面序列化安全器的问题 #15263

529645354 opened this issue Mar 21, 2025 · 1 comment
Labels
component/need-triage Need maintainers to triage type/need-triage Need maintainers to triage

Comments

@529645354
Copy link

Pre-check

  • I am sure that all the content I provide is in English.

Search before asking

  • I had searched in the issues and found no similar issues.

Apache Dubbo Component

Java SDK (apache/dubbo)

Dubbo Version

Dubbo3.2

Steps to reproduce this issue

public class ProtocolSecurityWrapper implements Protocol {
private final Protocol protocol;

private static final ErrorTypeAwareLogger logger =
        LoggerFactory.getErrorTypeAwareLogger(ProtocolSecurityWrapper.class);

public ProtocolSecurityWrapper(Protocol protocol) {
    if (protocol == null) {
        throw new IllegalArgumentException("protocol == null");
    }
    this.protocol = protocol;
}

@Override
public int getDefaultPort() {
    return protocol.getDefaultPort();
}

@Override
public <T> Exporter<T> export(Invoker<T> invoker) throws RpcException {
    try {
        ServiceModel serviceModel = invoker.getUrl().getServiceModel();
        ScopeModel scopeModel = invoker.getUrl().getScopeModel();
        SerializeSecurityConfigurator serializeSecurityConfigurator = ScopeModelUtil.getModuleModel(scopeModel)
                .getBeanFactory()
                .getBean(SerializeSecurityConfigurator.class);//生成SerializeSecurityConfigurator
        serializeSecurityConfigurator.refreshStatus(); //刷新安全状态和检查状态
        serializeSecurityConfigurator.refreshCheck();
        //通过 invoker.getInterface() 注册安全检查
        Optional.ofNullable(invoker.getInterface()).ifPresent(serializeSecurityConfigurator::registerInterface);
        // 如果 serviceModel 不为空,则进一步注册服务接口
        Optional.ofNullable(serviceModel)
                .map(ServiceModel::getServiceModel)
                .map(ServiceDescriptor::getServiceInterfaceClass)
                .ifPresent(serializeSecurityConfigurator::registerInterface);

        Optional.ofNullable(serviceModel)
                .map(ServiceModel::getServiceMetadata)
                .map(ServiceMetadata::getServiceType)
                .ifPresent(serializeSecurityConfigurator::registerInterface);
    } catch (Throwable t) {
        logger.error(INTERNAL_ERROR, "", "", "Failed to register interface for security check", t);
    }
    return protocol.export(invoker); //返回一个DubboExporter
}
//引用远程服务,并执行安全检查,确保调用的接口符合安全序列化策略。
@Override
public <T> Invoker<T> refer(Class<T> type, URL url) throws RpcException {
    try {
        ServiceModel serviceModel = url.getServiceModel();
        ScopeModel scopeModel = url.getScopeModel();
        SerializeSecurityConfigurator serializeSecurityConfigurator = ScopeModelUtil.getModuleModel(scopeModel)
                .getBeanFactory()
                .getBean(SerializeSecurityConfigurator.class);
        serializeSecurityConfigurator.refreshStatus();
        serializeSecurityConfigurator.refreshCheck();
        //这里因为可能是泛华服务接口
        Optional.ofNullable(serviceModel)
                .map(ServiceModel::getServiceModel)
                .map(ServiceDescriptor::getServiceInterfaceClass)
                .ifPresent(serializeSecurityConfigurator::registerInterface);
        //这里才是真正的服务接口
        Optional.ofNullable(serviceModel)
                .map(ServiceModel::getServiceMetadata)
                .map(ServiceMetadata::getServiceType)
                .ifPresent(serializeSecurityConfigurator::registerInterface);
        serializeSecurityConfigurator.registerInterface(type);
    } catch (Throwable t) {
        logger.error(INTERNAL_ERROR, "", "", "Failed to register interface for security check", t);
    }

    return protocol.refer(type, url);
}

@Override
public void destroy() {
    protocol.destroy();
}

@Override
public List<ProtocolServer> getServers() {
    return protocol.getServers();
}

}

What you expected to happen

ProtocolSecurityWrapper这个过滤器里面
` Optional.ofNullable(serviceModel)
.map(ServiceModel::getServiceModel)
.map(ServiceDescriptor::getServiceInterfaceClass)
.ifPresent(serializeSecurityConfigurator::registerInterface);

        Optional.ofNullable(serviceModel)
                .map(ServiceModel::getServiceMetadata)
                .map(ServiceMetadata::getServiceType)
                .ifPresent(serializeSecurityConfigurator::registerInterface);`

这两段代码里面ServiceDescriptor::getServiceInterfaceClass和ServiceMetadata::getServiceType获取到的类不是一样吗?个人不是很明白这么设计的原因,可否解答下出于什么样的场景下这么设计的

Anything else

No response

Are you willing to submit a pull request to fix on your own?

  • Yes I am willing to submit a pull request on my own!

Code of Conduct
@529645354 529645354 added component/need-triage Need maintainers to triage type/need-triage Need maintainers to triage labels Mar 21, 2025
@AlbumenJ
Copy link
Member

Please re-submit the issue in English only :)

@github-project-automation github-project-automation bot moved this from Todo to Done in Dubbo Board Mar 24, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
component/need-triage Need maintainers to triage type/need-triage Need maintainers to triage
Projects
Dubbo Board
Archived in project
Milestone
No milestone
Development

No branches or pull requests
2 participants
@AlbumenJ @529645354