New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

`uniqueIdentifier` removal in replicated server / clustered Gluu Server #734

Open
mzico opened this Issue Jan 23, 2018 · 0 comments

Comments

Projects
None yet
1 participant
@mzico
Contributor

mzico commented Jan 23, 2018

In cluster; sometime we get error message in oxauth.log like below:

2018-01-22 23:02:59,961 ERROR [xdi.oxauth.authorize.ws.rs.AuthorizeRestWebServiceImpl] Failed to persist entry: uniqueIdentifier=2952b770-4478-4f3c-89d1-74ad18daef75,oxAuthGrantId=1b8c9f00-dbcb-421c-b1e7-3b8a7b3e7a3c,inum=@!270D.2F71.07C0.8008!0001!376D.E063!0008!67C1.ABFA,ou=clients,o=@!270D.2F71.07C0.8008!0001!376D.E063,o=gluu
org.gluu.site.ldap.persistence.exception.EntryPersistenceException: Failed to persist entry: uniqueIdentifier=2952b770-4478-4f3c-89d1-74ad18daef75,oxAuthGrantId=1b8c9f00-dbcb-421c-b1e7-3b8a7b3e7a3c,inum=@!270D.2F71.07C0.8008!0001!376D.E063!0008!67C1.ABFA,ou=clients,o=@!270D.2F71.07C0.8008!0001!376D.E063,o=gluu
        at org.gluu.site.ldap.persistence.LdapEntryManager.persist(LdapEntryManager.java:106)
        at org.gluu.site.ldap.persistence.AbstractEntryManager.persist(AbstractEntryManager.java:90)
        at org.xdi.oxauth.service.GrantService.persist(GrantService.java:73)
        at sun.reflect.GeneratedMethodAccessor296.invoke(Unknown Source)

....
....
Caused by: Connection exception (Error adding object to directory. LDAP error number 32: Entry uniqueIdentifier=2952b770-4478-4f3c-89d1-74ad18daef75,oxAuthGrantId=1b8c9f00-dbcb-421c-b1e7-3b8a7b3e7a3c,inum=@!270D.2F71.07C0.8008!0001!376D.E063!0008!67C1.ABFA,ou=clients,o=@!270D.2F71.07C0.8008!0001!376D.E063,o=gluu cannot be added because its parent entry oxAuthGrantId=1b8c9f00-dbcb-421c-b1e7-3b8a7b3e7a3c,inum=@!270D.2F71.07C0.8008!0001!376D.E063!0008!67C1.ABFA,ou=clients,o=@!270D.2F71.07C0.8008!0001!376D.E063,o=gluu does not exist in the server)
        at org.gluu.site.ldap.OperationsFacade.addEntry(OperationsFacade.java:385)
        at org.gluu.site.ldap.persistence.LdapEntryManager.persist(LdapEntryManager.java:101)
        ... 111 more

It might happen due to below reason:

  1. both cluster read list of expired sessions from LDAP
  2. One start to do this quicker by few seconds / ms
  3. As result second throws error when it attempt to clean up session

We need to check LDAP exception error code. If it returns entry not exists error code we need to not log this exception

@mzico mzico added the enhancement label Jan 23, 2018

@mzico mzico added this to the 3.2.0 milestone Jan 23, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment