Hi Justin, Thanks for the clarification! That really helps.
Best, Krzysztof On Mon, Feb 3, 2025 at 10:51 PM Justin Bertram <jbert...@apache.org> wrote: > The way it's supposed to work is that all broker services are loaded before > the network acceptors are activated so that no clients can actually connect > until the broker is fully ready/available. > > Also, any changes to runtime settings via the management API (e.g. to > security-settings) should be replicated to the backup before the broker > responds to the caller. Therefore, if the caller didn't get an error when > they made their configuration change then they are assured that the backup > has the change as well. > > > Is this behavior expected during a failover? > > No. > > > Could this be related to the broker not having fully loaded its > configuration when the client attempts to create the consumer? > > Technically speaking that's possible, but it would be considered a bug and > should be fixed. > > > One thing that you might consider is that security is only checked when a > consumer is first created which means any authorization-related changes > occurring after the consumer was created won't be reflected until the > consumer is created again (e.g. during failover). > > As always, a reproducible test-case is the best resource to assist any > investigation. If you have one please pass it along. > > > Justin > > On Tue, Jan 28, 2025 at 5:34 PM Havret <hav...@apache.org> wrote: > > > Hi, > > > > One of the users of the ArtemisNetClient library has reported an issue > > during broker failover and wanted to check if this behavior is expected > > before diving deeper into potential client-side issues. > > > > During failover, when the connection to the master node is lost and the > > client connects to the slave node, the broker sometimes rejects the > attempt > > to create a consumer with the following exception: > > AMQ119015: not authorized to create consumer. > > > > This suggests that the broker is not allowing the consumer to be created, > > possibly because the configuration (e.g., security settings or other > > parameters) has not been fully loaded or synchronized during the failover > > process. > > > > - Is this behavior expected during a failover? > > - Could this be related to the broker not having fully loaded its > > configuration when the client attempts to create the consumer? > > > > Any insights or recommendations would be greatly appreciated to help > > clarify whether this is expected behavior or something that needs further > > investigation. > > > > Thanks in advance! > > > > Krzysztof > > >
