The documentation lacks information related to the authentication of Docker Image’s 7091 port

[linghengqian]

• I have searched the issues of this repository and believe that this is not a duplicate.

Ⅰ. Issue Description

• The documentation lacks information related to the authentication of Docker Image’s 7091 port. Refer to https://seata.apache.org/docs/ops/deploy-by-docker/ .
• The authentication feature on port 7091 is barely mentioned and I could only discover it by looking at an uncommented YAML at https://seata.apache.org/docs/ops/deploy-by-docker-compose .

console:
  user:
    username: seata
    password: seata

Ⅱ. Describe what happened

• Null.

Ⅲ. Describe what you expected to happen

• I expect the Docker Image documentation to inform that the default account and password for this authentication are both seata.
• And I expect Docker Image to have an environment variable to turn off this authentication function. In scenarios like https://github.com/linghengqian/experimental-class-define-support-v2312-test using testcontainers-java, I need a http/https protocol URL to confirm that Seata Server is running properly.
• Seata是否有提供健康检查的api或提供健康检查的方式 #3087 requires the use of http://localhost:7091/health, which I did sees this URL at https://github.com/apache/incubator-seata/blob/v2.0.0/server/src/main/java/io/seata/server/controller/HealthController.java .

@Controller
@RequestMapping
public class HealthController {

    private static final String OK = "ok";
    private static final String NOT_OK = "not_ok";

    @Autowired
    private ServerRunner serverRunner;


    @RequestMapping("/health")
    @ResponseBody
    String healthCheck() {
        return serverRunner.started() ? OK : NOT_OK;
    }
}

• But it seems that this URL has irremovable authentication, so I currently use the 401 Error Code to verify whether Seata Server is normal. https://github.com/linghengqian/experimental-class-define-support-v2312-test uses logic similar to the following.

 Awaitility.await().atMost(Duration.ofMinutes(1)).ignoreExceptions()
                .until(() -> {
                    boolean flag = false;
                    HttpGet httpGet = new HttpGet("http://localhost:" + 7091 + "/health");
                    try (CloseableHttpClient httpclient = HttpClients.createDefault();
                         CloseableHttpResponse response = httpclient.execute(httpGet)) {
                        if (401 == response.getCode()) {
                            flag = true;
                        }
                        HttpEntity entity = response.getEntity();
                        EntityUtils.consume(entity);
                    }
                    return flag;
                });

• It would be better if there was an environment variable to turn off authentication. Early investigation at Add GraalVM Reachability Metadata and corresponding nativeTest for Seata integration shardingsphere#30138 .

Ⅳ. How to reproduce it (as minimally and precisely as possible)

1. Start Seata Server through the following Docker Compose file.

version: "3.8"
services:
  seata-server:
    image: seataio/seata-server:2.0.0
    ports:
      - "8091:8091"
      - "7091:7091"

2. Open http://localhost:7091/ . In fact, the Docker Image deployment document does not mention that 7091 has the authentication function turned on by default.

• 

Minimal yet complete reproducer code (or URL to code):

• Null.

Ⅴ. Anything else we need to know?

• Null.

Ⅵ. Environment:

• JDK version(e.g. java -version):

openjdk version "21.0.2" 2024-01-16
OpenJDK Runtime Environment GraalVM CE 21.0.2+13.1 (build 21.0.2+13-jvmci-23.1-b30)
OpenJDK 64-Bit Server VM GraalVM CE 21.0.2+13.1 (build 21.0.2+13-jvmci-23.1-b30, mixed mode, sharing)

• Seata client/server version: 2.0.0
• Database version: MySQL Server 8.3.0
• OS(e.g. uname -a): Linux DESKTOP-J7M76VH 5.15.133.1-microsoft-standard-WSL2 #1 SMP Thu Oct 5 21:02:42 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
• Others: Null

[slievrly]

@linghengqian Please add the URLs that should bypass authentication to seata.security.ignore.urls. The issue you have reported is important; the health check page will be excluded from authentication by default in future versions.