ldap和nexus3.75版本相结合之后admin默认走ladp了没有设置权限了
ldap和nexus3.75版本相结合之后admin默认走ladp了没有设置权限了
Sonatype Nexus RepositoryOSS 3.75.1-0
顺序很重要,就是先走哪个队用户校验,我一开始设置ldap是第一顺位,导致admin用户在ldap存在但是没有设置role权限,解决办法,修改数据库H2
进到容器中,
cd /opt/sonatype/sonatype-work/nexus3/db
[root@localhost db]# ls -al
total 378276
drwxr-xr-x. 3 nexus nexus 60 Mar 7 08:58 .
drwxrwxrwx. 15 root root 4096 Mar 7 08:58 ..
-rw-r--r--. 1 nexus nexus 129540096 Mar 7 09:14 nexus.mv.db
nexus.mv.db 这个是数据库 nexus的数据库用的是H2数据库
创建一个目录 操作之后做好数据的备份
[root@localhost db]# mkdir aaa
[root@localhost db]# cd aaa/
[root@localhost aaa]# cp ../nexus.mv.db .
[root@localhost aaa]# cp /opt/sonatype/nexus/system/com/h2database/h2/2.3.232/h2-2.3.232.jar .
[root@localhost aaa]# ls
h2-2.3.232.jar nexus.mv.db
链接数据库 默认没有用户名和密码,数据库的名字就是nexus
[root@localhost aaa]# java -cp h2-2.3.232.jar org.h2.tools.Shell
Welcome to H2 Shell 2.3.232 (2024-08-11)
Exit with Ctrl+C
[Enter] jdbc:h2:~/test
URL jdbc:h2:/opt/sonatype/sonatype-work/nexus3/db/aaa/nexus
[Enter] org.h2.Driver
Driver
[Enter]
User
Password
Connected
Commands are case insensitive; SQL statements end with ';'
help or ? Display this help
list Toggle result list / stack trace mode
maxwidth Set maximum column width (default is 100)
autocommit Enable or disable autocommit
history Show the last 20 statements
quit or exit Close the connection and exit
sql> show tables;
TABLE_NAME | TABLE_SCHEMA
AGGREGATED_METRICS | PUBLIC
ANONYMOUS_CONFIGURATION | PUBLIC
API_KEY | PUBLIC
API_KEY_V2 | PUBLIC
APT_ASSET | PUBLIC
APT_ASSET_BLOB | PUBLIC
APT_BROWSE_NODE | PUBLIC
APT_COMPONENT | PUBLIC
APT_CONTENT_REPOSITORY | PUBLIC
APT_KEY_VALUE | PUBLIC
AZURE_DELETED_BLOB | PUBLIC
BLOB_STORE_CONFIGURATION | PUBLIC
BLOB_STORE_METRICS | PUBLIC
CAPABILITY_STORAGE_ITEM | PUBLIC
CLEANUP_POLICY | PUBLIC
COCOAPODS_ASSET | PUBLIC
COCOAPODS_ASSET_BLOB | PUBLIC
COCOAPODS_BROWSE_NODE | PUBLIC
COCOAPODS_COMPONENT | PUBLIC
COCOAPODS_CONTENT_REPOSITORY | PUBLIC
COMPONENT_APPLICATION_SCAN | PUBLIC
COMPONENT_APPLICATION_SCAN_SCHEDULE | PUBLIC
CONAN_ASSET | PUBLIC
CONAN_ASSET_BLOB | PUBLIC
CONAN_BROWSE_NODE | PUBLIC
CONAN_COMPONENT | PUBLIC
CONAN_CONTENT_REPOSITORY | PUBLIC
CONDA_ASSET | PUBLIC
CONDA_ASSET_BLOB | PUBLIC
CONDA_BROWSE_NODE | PUBLIC
CONDA_COMPONENT | PUBLIC
CONDA_CONTENT_REPOSITORY | PUBLIC
DEPLOYMENT_ID | PUBLIC
DOCKER_ASSET | PUBLIC
DOCKER_ASSET_BLOB | PUBLIC
DOCKER_BROWSE_NODE | PUBLIC
DOCKER_COMPONENT | PUBLIC
DOCKER_CONTENT_REPOSITORY | PUBLIC
DOCKER_FOREIGN_LAYERS | PUBLIC
DOWNLOAD_COUNT | PUBLIC
EMAIL_CONFIGURATION | PUBLIC
FIREWALL_IGNORE_PATTERNS | PUBLIC
GITLFS_ASSET | PUBLIC
GITLFS_ASSET_BLOB | PUBLIC
GITLFS_BROWSE_NODE | PUBLIC
GITLFS_COMPONENT | PUBLIC
GITLFS_CONTENT_REPOSITORY | PUBLIC
GO_ASSET | PUBLIC
GO_ASSET_BLOB | PUBLIC
GO_BROWSE_NODE | PUBLIC
GO_COMPONENT | PUBLIC
GO_CONTENT_REPOSITORY | PUBLIC
HELM_ASSET | PUBLIC
HELM_ASSET_BLOB | PUBLIC
HELM_BROWSE_NODE | PUBLIC
HELM_COMPONENT | PUBLIC
HELM_CONTENT_REPOSITORY | PUBLIC
HELM_KEY_VALUE | PUBLIC
HISTORICAL_LOGIN_INFO | PUBLIC
HTTP_CLIENT_CONFIGURATION | PUBLIC
JWT_SECRET | PUBLIC
KEY_STORE_DATA | PUBLIC
LDAP_CONFIGURATION | PUBLIC
LOG4J_VISUALIZER | PUBLIC
LOGGING_OVERRIDES | PUBLIC
MAVEN2_ASSET | PUBLIC
MAVEN2_ASSET_BLOB | PUBLIC
MAVEN2_BROWSE_NODE | PUBLIC
MAVEN2_COMPONENT | PUBLIC
MAVEN2_CONTENT_REPOSITORY | PUBLIC
METRICS_LOG | PUBLIC
NEXUS_KEY_VALUE | PUBLIC
NODE_ID | PUBLIC
NPM_ASSET | PUBLIC
NPM_ASSET_BLOB | PUBLIC
NPM_BROWSE_NODE | PUBLIC
NPM_COMPONENT | PUBLIC
NPM_CONTENT_REPOSITORY | PUBLIC
NUGET_ASSET | PUBLIC
NUGET_ASSET_BLOB | PUBLIC
NUGET_BROWSE_NODE | PUBLIC
NUGET_COMPONENT | PUBLIC
NUGET_CONTENT_REPOSITORY | PUBLIC
P2_ASSET | PUBLIC
P2_ASSET_BLOB | PUBLIC
P2_BROWSE_NODE | PUBLIC
P2_COMPONENT | PUBLIC
P2_CONTENT_REPOSITORY | PUBLIC
PRIVILEGE | PUBLIC
PYPI_ASSET | PUBLIC
PYPI_ASSET_BLOB | PUBLIC
PYPI_BROWSE_NODE | PUBLIC
PYPI_COMPONENT | PUBLIC
PYPI_CONTENT_REPOSITORY | PUBLIC
QRTZ_BLOB_TRIGGERS | PUBLIC
QRTZ_CALENDARS | PUBLIC
QRTZ_CRON_TRIGGERS | PUBLIC
QRTZ_FIRED_TRIGGERS | PUBLIC
QRTZ_JOB_DETAILS | PUBLIC
QRTZ_LOCKS | PUBLIC
QRTZ_PAUSED_TRIGGER_GRPS | PUBLIC
QRTZ_SCHEDULER_STATE | PUBLIC
QRTZ_SIMPLE_TRIGGERS | PUBLIC
QRTZ_SIMPROP_TRIGGERS | PUBLIC
QRTZ_TRIGGERS | PUBLIC
RAW_ASSET | PUBLIC
RAW_ASSET_BLOB | PUBLIC
RAW_BROWSE_NODE | PUBLIC
RAW_COMPONENT | PUBLIC
RAW_CONTENT_REPOSITORY | PUBLIC
REALM_CONFIGURATION | PUBLIC
REPOSITORY | PUBLIC
REPOSITORY_ROUTING_RULE | PUBLIC
RHC_CONFIGURATION | PUBLIC
ROLE | PUBLIC
RUBYGEMS_ASSET | PUBLIC
RUBYGEMS_ASSET_BLOB | PUBLIC
RUBYGEMS_BROWSE_NODE | PUBLIC
RUBYGEMS_COMPONENT | PUBLIC
RUBYGEMS_CONTENT_REPOSITORY | PUBLIC
R_ASSET | PUBLIC
R_ASSET_BLOB | PUBLIC
R_BROWSE_NODE | PUBLIC
R_COMPONENT | PUBLIC
R_CONTENT_REPOSITORY | PUBLIC
SCRIPT | PUBLIC
SECRETS | PUBLIC
SECURITY_USER | PUBLIC
SELECTOR_CONFIGURATION | PUBLIC
SOFT_DELETED_BLOBS | PUBLIC
UPGRADE_TASKS | PUBLIC
USER_ROLE_MAPPING | PUBLIC
YUM_ASSET | PUBLIC
YUM_ASSET_BLOB | PUBLIC
YUM_BROWSE_NODE | PUBLIC
YUM_COMPONENT | PUBLIC
YUM_CONTENT_REPOSITORY | PUBLIC
YUM_KEY_VALUE | PUBLIC
flyway_schema_history | PUBLIC
查询之后发现LdapRealm排在第一位,update一下注意REALM_NAMES是json类型
sql> select * from REALM_CONFIGURATION;
ID | REALM_NAMES
1 | ["LdapRealm","NexusAuthenticatingRealm","NexusAuthorizingRealm"]
(1 row, 0 ms)
UPDATE REALM_CONFIGURATION SET REALM_NAMES = JSON_ARRAY('NexusAuthenticatingRealm', 'LdapRealm', 'NexusAuthorizingRealm');
sql> select * from REALM_CONFIGURATION;
ID | REALM_NAMES
1 | ["NexusAuthenticatingRealm","LdapRealm","NexusAuthorizingRealm"]
(1 row, 0 ms)
此时问题就解决了,重启服务