cloudbeaver icon indicating copy to clipboard operation
cloudbeaver copied to clipboard

Published 20 hours ago verified publisher icon dbeaver

recurring authentication issue

Open MatthiasSchnoeke opened this issue 1 year ago • 16 comments

Very often, the first logons in the morning run into an error. The authentication is then only successful after 5 attempts. We run CB in connection to a Maria configuration DB.

08-08-2023 05:43:32.156 [Test datasource connection] DEBUG i.c.s.session.WebSessionManager - New web session 'ozo6xqotrfz71g9g9ionb33jf1126' 08-08-2023 05:43:32.627 [Test datasource connection] DEBUG i.c.server.graphql.GraphQLEndpoint - API > getAuthProviders 08-08-2023 05:43:32.633 [qtp765329253-30] DEBUG i.c.server.graphql.GraphQLEndpoint - API > sessionPermissions 08-08-2023 05:43:35.494 [Test datasource connection] DEBUG i.c.server.graphql.GraphQLEndpoint - API > authLogin 08-08-2023 05:43:35.505 [Test datasource connection] DEBUG i.c.server.graphql.GraphQLEndpoint - GraphQL call failed at '/authInfo' io.cloudbeaver.DBWebException: User authentication failed: (conn=58) Connection reset by peer at io.cloudbeaver.service.auth.impl.WebServiceAuthImpl.authLogin(WebServiceAuthImpl.java:100) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.base/java.lang.reflect.Method.invoke(Unknown Source) at io.cloudbeaver.service.WebServiceBindingBase$ServiceInvocationHandler.invoke(WebServiceBindingBase.java:169) at jdk.proxy6/jdk.proxy6.$Proxy10.authLogin(Unknown Source) at io.cloudbeaver.service.auth.WebServiceBindingAuth.lambda$0(WebServiceBindingAuth.java:39) at graphql.execution.ExecutionStrategy.invokeDataFetcher(ExecutionStrategy.java:309) at graphql.execution.ExecutionStrategy.fetchField(ExecutionStrategy.java:286) at graphql.execution.ExecutionStrategy.resolveFieldWithInfo(ExecutionStrategy.java:212) at graphql.execution.AsyncExecutionStrategy.execute(AsyncExecutionStrategy.java:55) at graphql.execution.Execution.executeOperation(Execution.java:161) at graphql.execution.Execution.execute(Execution.java:104) at graphql.GraphQL.execute(GraphQL.java:557) at graphql.GraphQL.lambda$parseValidateAndExecute$11(GraphQL.java:476) at java.base/java.util.concurrent.CompletableFuture.uniComposeStage(Unknown Source) at java.base/java.util.concurrent.CompletableFuture.thenCompose(Unknown Source) at graphql.GraphQL.parseValidateAndExecute(GraphQL.java:471) at graphql.GraphQL.executeAsync(GraphQL.java:439) at graphql.GraphQL.execute(GraphQL.java:365) at io.cloudbeaver.server.graphql.GraphQLEndpoint.executeQuery(GraphQLEndpoint.java:249) at io.cloudbeaver.server.graphql.GraphQLEndpoint.executeSingleQuery(GraphQLEndpoint.java:195) at io.cloudbeaver.server.graphql.GraphQLEndpoint.doPost(GraphQLEndpoint.java:178) at javax.servlet.http.HttpServlet.service(HttpServlet.java:517) at javax.servlet.http.HttpServlet.service(HttpServlet.java:584) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:764) at org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1665) at org.eclipse.jetty.websocket.servlet.WebSocketUpgradeFilter.doFilter(WebSocketUpgradeFilter.java:170) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:527) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:221) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1571) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:221) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1383) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:176) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:484) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1544) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:174) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1305) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:129) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122) at org.eclipse.jetty.server.Server.handle(Server.java:563) at org.eclipse.jetty.server.HttpChannel.lambda$handle$0(HttpChannel.java:505) at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:762) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:497) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:282) at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:314) at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100) at org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53) at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.runTask(AdaptiveExecutionStrategy.java:421) at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.consumeTask(AdaptiveExecutionStrategy.java:390) at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.tryProduce(AdaptiveExecutionStrategy.java:277) at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.lambda$new$0(AdaptiveExecutionStrategy.java:139) at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:411) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:933) at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1077) at java.base/java.lang.Thread.run(Unknown Source) Caused by: org.jkiss.dbeaver.DBException: (conn=58) Connection reset by peer at io.cloudbeaver.service.security.CBEmbeddedSecurityController.createNewAuthAttempt(CBEmbeddedSecurityController.java:1267) at io.cloudbeaver.service.security.CBEmbeddedSecurityController.authenticate(CBEmbeddedSecurityController.java:1167) at io.cloudbeaver.service.auth.impl.WebServiceAuthImpl.authLogin(WebServiceAuthImpl.java:80) ... 58 common frames omitted Caused by: java.sql.SQLNonTransientConnectionException: (conn=58) Connection reset by peer at org.mariadb.jdbc.internal.util.exceptions.ExceptionMapper.get(ExceptionMapper.java:240) at org.mariadb.jdbc.internal.util.exceptions.ExceptionMapper.getException(ExceptionMapper.java:171) at org.mariadb.jdbc.MariaDbStatement.executeExceptionEpilogue(MariaDbStatement.java:248) at org.mariadb.jdbc.MariaDbStatement.executeInternal(MariaDbStatement.java:338) at org.mariadb.jdbc.MariaDbStatement.executeUpdate(MariaDbStatement.java:527) at org.mariadb.jdbc.MariaDbConnection.setAutoCommit(MariaDbConnection.java:741) at org.apache.commons.dbcp2.DelegatingConnection.setAutoCommit(DelegatingConnection.java:537) at org.apache.commons.dbcp2.DelegatingConnection.setAutoCommit(DelegatingConnection.java:537) at org.jkiss.dbeaver.model.impl.jdbc.exec.JDBCTransaction.<init>(JDBCTransaction.java:38) at io.cloudbeaver.service.security.CBEmbeddedSecurityController.createNewAuthAttempt(CBEmbeddedSecurityController.java:1229) ... 60 common frames omitted Caused by: java.sql.SQLNonTransientConnectionException: Connection reset by peer at org.mariadb.jdbc.internal.protocol.AbstractQueryProtocol.handleIoException(AbstractQueryProtocol.java:1925) at org.mariadb.jdbc.internal.protocol.AbstractQueryProtocol.executeQuery(AbstractQueryProtocol.java:236) at org.mariadb.jdbc.MariaDbStatement.executeInternal(MariaDbStatement.java:332) ... 66 common frames omitted Caused by: java.net.SocketException: Connection reset by peer at java.base/sun.nio.ch.NioSocketImpl.implWrite(Unknown Source) at java.base/sun.nio.ch.NioSocketImpl.write(Unknown Source) at java.base/sun.nio.ch.NioSocketImpl$2.write(Unknown Source) at java.base/java.net.Socket$SocketOutputStream.write(Unknown Source) at org.mariadb.jdbc.internal.io.output.StandardPacketOutputStream.flushBuffer(StandardPacketOutputStream.java:111) at org.mariadb.jdbc.internal.io.output.AbstractPacketOutputStream.flush(AbstractPacketOutputStream.java:185) at org.mariadb.jdbc.internal.protocol.AbstractQueryProtocol.executeQuery(AbstractQueryProtocol.java:227) ... 67 common frames omitted

MatthiasSchnoeke avatar Aug 08 '23 06:08 MatthiasSchnoeke

@MatthiasSchnoeke please, try to set autoReconnect=true for mariaDB, the connector will simply try to reconnect to its host after a failure.

TatyanaSsau avatar Aug 16 '23 09:08 TatyanaSsau

Where is this option defined in cloudbeaver.conf?

{ server: { serverPort: 8978,

    workspaceLocation: "workspace",
    contentRoot: "web",
    driversLocation: "drivers",

    rootURI: "/",
    serviceURI: "/api/",

    productConfiguration: "conf/product.conf",

    expireSessionAfterPeriod: 21600000,

    develMode: false,

    enableSecurityManager: false,

    database: {
        driver="mariadb",
        url: "jdbc:mariadb://dbeaver-mariadb-service.cloud-beaver.svc.cluster.local:3306/cb",
        user: xxx",
        password: "xxx",

        createDatabase: true,

        initialDataConfiguration: "conf/initial-data.conf",

        pool: {
            minIdleConnections: 4,
            maxIdleConnections: 10,
            maxConnections: 100,
            validationQuery: "SELECT 1"
        }
    }

},
app: {
    anonymousAccessEnabled: false,
    anonymousUserRole: "user",
    supportsCustomConnections: false,

    forwardProxy: false,

    publicCredentialsSaveEnabled: false,
    adminCredentialsSaveEnabled: false,

    resourceManagerEnabled: true,

    resourceQuotas: {
        dataExportFileSizeLimit: 10000000,
        resourceManagerFileSizeLimit: 500000,
        sqlMaxRunningQueries: 100,
        sqlResultSetRowsLimit: 100000,
        sqlResultSetMemoryLimit: 2000000,
        sqlTextPreviewMaxLength: 4096,
        sqlBinaryPreviewMaxLength: 261120
    },
    enabledAuthProviders: [
        "local"
    ],

    disabledDrivers: [
        "sqlite:sqlite_jdbc",
        "h2:h2_embedded",
        "clickhouse:yandex_clickhouse"
    ]

}

}

MatthiasSchnoeke avatar Aug 16 '23 09:08 MatthiasSchnoeke

Hi @MatthiasSchnoeke Sorry for that delay Try to add parametr to cloudbeaver.conf / .cloudbeaver.runtime.conf url: "jdbc:mariadb://dbeaver-mariadb-service.cloud-beaver.svc.cluster.local:3306/cb?autoreconnect=true"

EvgeniaBzzz avatar Oct 13 '23 10:10 EvgeniaBzzz

It's been some time since last update on this issue. Please let us know if you have any further questions.

EvgeniaBzzz avatar Nov 14 '23 09:11 EvgeniaBzzz

Hello, sorry delay. The problem still exists despite the parameters.

MatthiasSchnoeke avatar Nov 14 '23 10:11 MatthiasSchnoeke

Here the stacktrace:

java.net.SocketException: Connection reset by peer at java.base/sun.nio.ch.NioSocketImpl.implWrite(Unknown Source) at java.base/sun.nio.ch.NioSocketImpl.write(Unknown Source) at java.base/sun.nio.ch.NioSocketImpl$2.write(Unknown Source) at java.base/java.net.Socket$SocketOutputStream.write(Unknown Source) at org.mariadb.jdbc.internal.io.output.StandardPacketOutputStream.flushBuffer(StandardPacketOutputStream.java:111) at org.mariadb.jdbc.internal.io.output.AbstractPacketOutputStream.flush(AbstractPacketOutputStream.java:185) at org.mariadb.jdbc.internal.protocol.AbstractQueryProtocol.executeQuery(AbstractQueryProtocol.java:227) at org.mariadb.jdbc.MariaDbStatement.executeInternal(MariaDbStatement.java:332) at org.mariadb.jdbc.MariaDbStatement.executeUpdate(MariaDbStatement.java:527) at org.mariadb.jdbc.MariaDbConnection.setAutoCommit(MariaDbConnection.java:741) at org.apache.commons.dbcp2.DelegatingConnection.setAutoCommit(DelegatingConnection.java:537) at org.apache.commons.dbcp2.DelegatingConnection.setAutoCommit(DelegatingConnection.java:537) at org.jkiss.dbeaver.model.impl.jdbc.exec.JDBCTransaction.(JDBCTransaction.java:38) at io.cloudbeaver.service.security.CBEmbeddedSecurityController.createNewAuthAttempt(CBEmbeddedSecurityController.java:1329) at io.cloudbeaver.service.security.CBEmbeddedSecurityController.authenticate(CBEmbeddedSecurityController.java:1264) at io.cloudbeaver.service.auth.impl.WebServiceAuthImpl.authLogin(WebServiceAuthImpl.java:80) at jdk.internal.reflect.GeneratedMethodAccessor214.invoke(Unknown Source) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.base/java.lang.reflect.Method.invoke(Unknown Source)

MatthiasSchnoeke avatar Nov 14 '23 10:11 MatthiasSchnoeke

Hi @MatthiasSchnoeke Sorry for that delay. We will need some more time to find a solutioin, as it works as expected on our test servers. Thank you for the report!

EvgeniaBzzz avatar Nov 28 '23 13:11 EvgeniaBzzz

Hi @MatthiasSchnoeke! We have improved internal database reconnection. Please, check it out in 23.3.3

EvgeniaBzzz avatar Jan 22 '24 11:01 EvgeniaBzzz

Hi, it seems your improvement has solved this issue. Thanks so far!

MatthiasSchnoeke avatar Feb 02 '24 08:02 MatthiasSchnoeke

unfortunately it took 4 logins again today to successfully log in

java.net.SocketException: Connection reset by peer at java.base/sun.nio.ch.NioSocketImpl.implWrite(NioSocketImpl.java:425) at java.base/sun.nio.ch.NioSocketImpl.write(NioSocketImpl.java:445) at java.base/sun.nio.ch.NioSocketImpl$2.write(NioSocketImpl.java:831) at java.base/java.net.Socket$SocketOutputStream.write(Socket.java:1035) at org.mariadb.jdbc.internal.io.output.StandardPacketOutputStream.flushBuffer(StandardPacketOutputStream.java:111) at org.mariadb.jdbc.internal.io.output.AbstractPacketOutputStream.flush(AbstractPacketOutputStream.java:185) at org.mariadb.jdbc.internal.protocol.AbstractQueryProtocol.executeQuery(AbstractQueryProtocol.java:227) at org.mariadb.jdbc.MariaDbStatement.executeInternal(MariaDbStatement.java:332) at org.mariadb.jdbc.MariaDbStatement.executeUpdate(MariaDbStatement.java:527) at org.mariadb.jdbc.MariaDbConnection.setAutoCommit(MariaDbConnection.java:741) at org.apache.commons.dbcp2.DelegatingConnection.setAutoCommit(DelegatingConnection.java:537) at org.apache.commons.dbcp2.DelegatingConnection.setAutoCommit(DelegatingConnection.java:537) at org.jkiss.dbeaver.model.impl.jdbc.exec.JDBCTransaction.(JDBCTransaction.java:38) at io.cloudbeaver.service.security.CBEmbeddedSecurityController.createNewAuthAttempt(CBEmbeddedSecurityController.java:1403) at io.cloudbeaver.service.security.CBEmbeddedSecurityController.authenticate(CBEmbeddedSecurityController.java:1334) at io.cloudbeaver.service.auth.impl.WebServiceAuthImpl.authLogin(WebServiceAuthImpl.java:88) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:568)

MatthiasSchnoeke avatar Feb 05 '24 09:02 MatthiasSchnoeke

It seems like your MariaDB is configured to kill connections, but close it only on the DB side.

Please, try to change .cloudbeaver.runtime.conf in the server.database.pool section:

minIdleConnections=0
maxIdleConnections=0

or

minIdleConnections=0

EvgeniaBzzz avatar Feb 06 '24 17:02 EvgeniaBzzz

It’s been a while since an update here. Please contact us if you have any further questions.

EvgeniaBzzz avatar Feb 27 '24 21:02 EvgeniaBzzz

sorry but the issue still exists. despite the configurations.

here my current config map:

{ server: { serverPort: 8978,

    workspaceLocation: "workspace",
    contentRoot: "web",
    driversLocation: "drivers",

    rootURI: "/",
    serviceURI: "/api/",

    productConfiguration: "conf/product.conf",

    expireSessionAfterPeriod: 21600000,

    develMode: false,

    enableSecurityManager: false,

    database: {
        driver="mariadb",
        url: "jdbc:mariadb://dbeaver-mariadb-service.cloud-beaver.svc.cluster.local:3306/cb?autoreconnect=true",
        user: "root",
        password: "xxx",

        createDatabase: true,

        initialDataConfiguration: "conf/initial-data.conf",

        pool: {
            minIdleConnections: 0,
            maxIdleConnections: 0,
            maxConnections: 100,
            validationQuery: "SELECT 1"
        }
    }

},
app: {
    anonymousAccessEnabled: false,
    anonymousUserRole: "user",
    supportsCustomConnections: false,

    forwardProxy: false,

    publicCredentialsSaveEnabled: false,
    adminCredentialsSaveEnabled: false,

    resourceManagerEnabled: true,

    resourceQuotas: {
        dataExportFileSizeLimit: 10000000,
        resourceManagerFileSizeLimit: 500000,
        sqlMaxRunningQueries: 100,
        sqlResultSetRowsLimit: 100000,
        sqlResultSetMemoryLimit: 2000000,
        sqlTextPreviewMaxLength: 4096,
        sqlBinaryPreviewMaxLength: 261120
    },
    enabledAuthProviders: [
        "local"
    ],

    disabledDrivers: [
        "sqlite:sqlite_jdbc",
        "h2:h2_embedded",
        "clickhouse:yandex_clickhouse"
    ]

}

}

MatthiasSchnoeke avatar Feb 28 '24 07:02 MatthiasSchnoeke

@MatthiasSchnoeke Have you tried to add minIdleConnections?

EvgeniaBzzz avatar Feb 29 '24 13:02 EvgeniaBzzz

Yes as you can see above.

pool: { minIdleConnections: 0, maxIdleConnections: 0, maxConnections: 100, validationQuery: "SELECT 1" }

MatthiasSchnoeke avatar Mar 04 '24 07:03 MatthiasSchnoeke

Hello @MatthiasSchnoeke Thanks for the report. We will look at it in one of our feature releases.

LonwoLonwo avatar May 29 '24 05:05 LonwoLonwo