Redis supports password authentication by default. Generally, Redis can be accessed on the intranet, and IP can be restricted. It does not matter if you do not need a password. However, the information security level protection evaluation requires Redis to configure password access.
Single node Redis configuration password
redis.conf configure the password, find requirepass project, and remove the comment
# requirepass foobared requirepass 12345678
Restart after modification.
If you are just testing, you can set a temporary password in redis-cli, it will be invalid next time you restart, and the connected client will not be affected :
redis-cli -h 10.181.3.25 -p 6379 10.181.3.25:6379>CONFIG SET requirepass 1234567890
Client connection
redis-cli -h 10.181.3.25 -p 6379 10.181.3.25:6379> get key (error) NOAUTH Authentication required.
Authenticate using the AUTH command with the password: AUTH 12345678 :
10.181.3.25:6379> AUTH 12345678 OK
You can also bring a password when connecting to redis-cli :
redis-cli -h 10.181.3.25 -p 6379 -a 12345678 10.181.3.25:6379> get key
SpringBoot connection
If the SpringBoot client does not configure a password, an error will be reported. The following is the Redisson error:
org.redisson.client.RedisAuthRequiredException: NOAUTH Authentication required.. channel: [id: 0x253ac582, L:/10.181.3.97:49802 – R:/10.181.3.25:6379] data: CommandData [promise=RedissonPromise [promise=ImmediateEventExecutor$ ImmediatePromise@52cbca32(incomplete)], command=(EVAL), params=[local value = redis.call(‘hget’, KEYS[1], ARGV[2]); if value == false then return nil; end; local t,…, 5, appws:dev:ws.account.nonce, redisson timeout set:{appws:dev:ws.account.nonce}, redisson idle set:{appws:dev:ws.account.nonce}, redisson map_cache__last_access set:{appws:dev:ws.account.nonce}, {appws:dev:ws.account.nonce}:redisson_options, 1662365670189, PooledUnsafeDirectByteBuf(ridx: 0, widx: 26, cap: 256)], codec=org .redisson.codec.FstCodec]
springboot then connects to the configuration and configures the password:
spring: redis: host: 10.181.3.25 port: 6379 password: 12345678
Cluster configuration password
The cluster configuration is similar to that of a single machine. The master Redis configuration is the same as that of a single machine. The slave server needs to configure the password of the master server.
Replace the content of the redis.conf configuration file on the main Redis :
sed -i 's/# requirepass foobared/requirepass 12345678/g' redis7000.conf sed -i 's/# requirepass foobared/requirepass 12345678/g' redis7001.conf sed -i 's/# requirepass foobared/requirepass 12345678/g' redis7002.conf
Replace the content from the redis.conf configuration file on Redis
Main configuration: requirepass 12345678 and masterauth 12345678
sed -i 's/# requirepass foobared/requirepass 12345678/g' redis7000.conf sed -i 's/# requirepass foobared/requirepass 12345678/g' redis7001.conf sed -i 's/# requirepass foobared/requirepass 12345678/g' redis7002.conf sed -i 's/# masterauth <master-password>/masterauth 12345678/g' redis7000.conf sed -i 's/# masterauth <master-password>/masterauth 12345678/g' redis7001.conf sed -i 's/# masterauth <master-password>/masterauth 12345678/g' redis7002.conf
Just restart the server.
Client connection
Similar to the stand-alone version, the connection method is the same
redis-cli -h 10.181.3.25 -p 7000 10.181.3.25:7000> cluster nodes NOAUTH Authentication required. 10.181.3.25:7000> auth 12345678
SpringBoot connection
Configure yml connection:
spring: redis: cluster: nodes: xxxx password: 12345678
Configuration is complete.
This article is reprinted from https://fugary.com/?p=402
This site is for inclusion only, and the copyright belongs to the original author.