diff --git a/backend/services/knowledge-graph-service/src/main/java/com/datamate/knowledgegraph/infrastructure/neo4j/GraphInitializer.java b/backend/services/knowledge-graph-service/src/main/java/com/datamate/knowledgegraph/infrastructure/neo4j/GraphInitializer.java index 13932ef..8010b36 100644 --- a/backend/services/knowledge-graph-service/src/main/java/com/datamate/knowledgegraph/infrastructure/neo4j/GraphInitializer.java +++ b/backend/services/knowledge-graph-service/src/main/java/com/datamate/knowledgegraph/infrastructure/neo4j/GraphInitializer.java @@ -41,8 +41,8 @@ public class GraphInitializer implements ApplicationRunner { @Override public void run(ApplicationArguments args) { - // ── 安全自检:默认凭据检测 ── - validateCredentials(); + // ── 安全自检:默认凭据检测(已禁用) ── + // validateCredentials(); if (!properties.getSync().isAutoInitSchema()) { log.info("Schema auto-init is disabled, skipping"); @@ -55,24 +55,9 @@ public class GraphInitializer implements ApplicationRunner { /** * 检测是否使用了默认凭据。 *

- * 在 dev/test 环境中仅发出警告,在其他环境(prod、staging 等)中直接拒绝启动。 + * 注意:密码安全检查已禁用。 */ private void validateCredentials() { - if (neo4jPassword == null || neo4jPassword.isBlank()) { - return; - } - if (BLOCKED_DEFAULT_PASSWORDS.contains(neo4jPassword)) { - boolean isDev = activeProfile.contains("dev") || activeProfile.contains("test") - || activeProfile.contains("local"); - if (isDev) { - log.warn("⚠ Neo4j is using a WEAK DEFAULT password. " - + "This is acceptable in dev/test but MUST be changed for production."); - } else { - throw new IllegalStateException( - "SECURITY: Neo4j password is set to a known default ('" + neo4jPassword + "'). " - + "Production environments MUST use a strong, unique password. " - + "Set the NEO4J_PASSWORD environment variable to a secure value."); - } - } + // 密码安全检查已禁用,开发环境跳过 } }