You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have a working cluster that is actively supporting normal connections to and from the system. Recently started working with the Websocket API on the system and having recurring errors when utilizing the Pulsar Proxy. If I send these same messages directly to the broker, they succeed. Currently running 4.0.2 incase that is applicable.
Logs when sent through Proxy:
Broker:
WARN org.apache.pulsar.broker.authorization.AuthorizationService - [/10.129.212.248:45228] Illegal combination of role [proxy_role] and originalPrincipal [null]: originalPrincipal must be provided when connecting with a proxy role.
Proxy:
15:42:04.556 [pulsar-client-io-23-12] WARN org.apache.pulsar.client.impl.PulsarClientImpl - [persistent://public/default/ws-pubsub-latency-test] Failed to get partitioned topic metadata: org.apache.pulsar.client.api.PulsarClientException: Connection already closed
15:42:04.556 [pulsar-external-web-5-2] ERROR org.apache.pulsar.websocket.ProducerHandler - [10.128.8.2:46470] Failed in creating producer on topic persistent://public/default/ws-pubsub-latency-test: java.util.concurrent.ExecutionException: org.apache.pulsar.client.api.PulsarClientException: Connection already closed
org.apache.pulsar.client.api.PulsarClientException: java.util.concurrent.ExecutionException: org.apache.pulsar.client.api.PulsarClientException: Connection already closed
I am expecting the originalPrinical to be super_role which is a super user account on the system.
It succeeds when sent directly to broker. I can send the logs if necessary but it looks like any other producer/consumer connection.
The broker is configured with AuthenticationProviderToken, MultiRolesTokenAuthorizationProvider, authenticateOriginalAuthData=true, webSocketServiceEnabled=true.
The proxy is configured with the same AuthenticationProviderToken, forwardAuthorizationCredentials=true, and webSocketServiceEnabled=true. (can provide more configs if necessary but I do believe this should be all that is applicable)
Again, this cluster has been configured like this for years now and working properly for python, java, go, etc client connections but finding that system errors out upon use of the Websocket client.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
I have a working cluster that is actively supporting normal connections to and from the system. Recently started working with the Websocket API on the system and having recurring errors when utilizing the Pulsar Proxy. If I send these same messages directly to the broker, they succeed. Currently running 4.0.2 incase that is applicable.
Logs when sent through Proxy:
Broker:
Proxy:
I am expecting the originalPrinical to be super_role which is a super user account on the system.
It succeeds when sent directly to broker. I can send the logs if necessary but it looks like any other producer/consumer connection.
The broker is configured with AuthenticationProviderToken, MultiRolesTokenAuthorizationProvider, authenticateOriginalAuthData=true, webSocketServiceEnabled=true.
The proxy is configured with the same AuthenticationProviderToken, forwardAuthorizationCredentials=true, and webSocketServiceEnabled=true. (can provide more configs if necessary but I do believe this should be all that is applicable)
Again, this cluster has been configured like this for years now and working properly for python, java, go, etc client connections but finding that system errors out upon use of the Websocket client.
Beta Was this translation helpful? Give feedback.
All reactions