我有一個測試應用程序已完成並且在Hyperledger Fabric下工作。它運行在安全模式下,並使用admin/Xurw3yU9zI0l憑證......這些憑證似乎是默認的,並在某處進行了硬編碼。一切正常。我使用fabric-peer和fabric-membersrvc docker(v.0.6)。Hyperledger Fabric:如何編輯成員服務(fabric-membersrvc)用戶和密碼
存儲管理員用戶名和密碼的位置(這樣我可以在將Fabric端口打開到世界之前更改它們並添加新用戶)?我無法將其作爲用於調出網絡結構的任何docker-compose文件和基礎子文件中的參數。任何文檔解釋這和成員(角色,權限)如何工作?感謝任何方向。
編輯:
讓我在這裏添加此作爲參考。這是目前可用的v0.6 docker中示例membersrvc.yaml文件的內容。雖然不是一個完整的文檔,它允許理解這些概念。如果我理解正確,則將這些數據複製到用戶註冊表中,然後根據註釋中說明的規則進行編輯(添加用戶,...)。有關這方面的更多信息肯定會有很大幫助! :-):
# Default users to be registered with the CA on first launch. The role is a binary OR
# of the different roles a user can have:
#
# - simple client such as a wallet: CLIENT
# - non-validating peer: PEER
# - validating client: VALIDATOR
# - auditing client: AUDITOR
#
eca:
# This hierarchy is used to create the Pre-key tree, affiliations is the top of this hierarchy, 'banks_and_institutions' is used to create the key associated to auditors of both banks and
# institutions, 'banks' is used to create a key associated to auditors of banks, 'bank_a' is used to create a key associated to auditors of bank_a, etc.
affiliations:
banks_and_institutions:
banks:
- bank_a
- bank_b
- bank_c
institutions:
- institution_a
users:
#
# The fields of each user are as follows:
# <EnrollmentID>: <system_role (1:client, 2: peer, 4: validator, 8: auditor)> <EnrollmentPWD> <Affiliation> <Affiliation_Role> <JSON_Metadata>
#
# The optional JSON_Metadata field is of the following format:
# { "registrar": { "roles": <array-of-role-names>, "delegateRoles": <array-of-role-names> } }
# The 'registrar' section is used to control access to registration of new users directly via the ECAA.RegisterUser GRPC call.
# (See the 'fabric/membersrvc/protos/ca.proto' file for the definition of ECAA.RegisterUser.)
# Note that this also controls who can register users via the client SDK.
#
# Only users with a 'registrar' section may be a registrar to register other users. In particular,
# 1) the "roles" field specifies which member roles may be registered by this user, and
# 2) the "delegateRoles" field specifies which member roles may become the "roles" field of registered users.
# The valid role names are "client", "peer", "validator", and "auditor".
#
# Example1:
# The 'admin' user below can register clients, peers, validators, or auditors; furthermore, the 'admin' user can register other
# users who can then register clients only.
#
# Example2:
# The 'WebAppAdmin' user below can register clients only, but none of the users registered by this user can register other users.
#
admin: 1 Xurw3yU9zI0l institution_a '{"registrar":{"roles":["client","peer","validator","auditor"],"delegateRoles":["client"]}}'
WebAppAdmin: 1 DJY27pEnl16d institution_a '{"registrar":{"roles":["client"]}}'
lukas: 1 NPKYL39uKbkj bank_a
system_chaincode_invoker: 1 DRJ20pEql15a institution_a
diego: 1 DRJ23pEQl16a institution_a
jim: 1 6avZQLwcUe9b bank_a
binhn: 1 7avZQLwcUe9q institution_a
# Users for asset transfer with roles test located at
# sdk/node/test/unit/asset-mgmt-with-roles.js
alice: 1 CMS10pEQlB16 bank_a
bob: 1 NOE63pEQbL25 bank_a
assigner: 1 Tc43PeqBl11 bank_a
vp: 4 f3489fy98ghf
test_vp0: 4 MwYpmSRjupbT
test_vp1: 4 5wgHK9qqYaPy
test_vp2: 4 vQelbRvja7cJ
test_vp3: 4 9LKqKH5peurL
test_vp4: 4 Pqh90CEW5juZ
test_vp5: 4 FfdvDkAdY81P
test_vp6: 4 QiXJgHyV4t7A
test_vp7: 4 twoKZouEyLyB
test_vp8: 4 BxP7QNh778gI
test_vp9: 4 wu3F1EwJWHvQ
# Uncomment this section to activate devnet setup as specficied in
# devnet-setup.md
#
# vp0: 4 vp0_secret
# vp1: 4 vp1_secret
test_user0: 1 MS9qrN8hFjlE bank_a
test_user1: 1 jGlNl6ImkuDo institution_a
test_user2: 1 zMflqOKezFiA bank_c
test_user3: 1 vWdLCE00vJy0 bank_a
test_user4: 1 4nXSrfoYGFCP institution_a
test_user5: 1 yg5DVhm0er1z bank_b
test_user6: 1 b7pmSxzKNFiw bank_a
test_user7: 1 YsWZD4qQmYxo institution_a
test_user8: 1 W8G0usrU7jRk bank_a
test_user9: 1 H80SiB5ODKKQ institution_a
test_nvp0: 2 iywrPBDEPl0K bank_a
test_nvp1: 2 DcYXuRSocuqd institution_a
test_nvp2: 2 flpChShlY7xt bank_c
test_nvp3: 2 jeruawMomclo bank_a
test_nvp4: 2 RMYVxSZCk370 institution_a
test_nvp5: 2 XHYVCIJGZGK7 bank_b
test_nvp6: 2 4cIn63j8ahYp bank_a
test_nvp7: 2 E7FAJUtWVn2h institution_a
test_nvp8: 2 LJu8DkUilBEH bank_a
test_nvp9: 2 VlEsBsiyXSjw institution_a
我會首先檢查這個位置'的https:// github.com/hyperledger/fabric/blob/v0.6/membersrvc/membersrvc.yaml'如果不存在,我會嘗試在您的文件系統上使用'find'命令。 – gvlax
謝謝。我使用泊塢窗圖像,所以本地不能grep爲此......我已經看到,碼頭裏面的文件在/opt/gopath/src/github.com/hyperledger/fabric/membersrvc/membersrvc.yaml,似乎在評論中自我解釋。 – icordoba
也許你在'membersrvc.yaml'看到的只是你用於管理員用戶的密碼(_Xurw3yU9zI0l_)的哈希值。只是猜測.. – gvlax