So the problem is that the Proxy is not requesting a refresh ? Enrico
Il giorno mer 17 ago 2022 alle ore 16:26 Zixuan Liu <node...@gmail.com> ha scritto: > > Thank @Qiang! > > Update the diagram: > https://drive.google.com/file/d/1E6z0dzXzvW5ZxG6d6YUghL9OikA8j4UC/view?usp=sharing > > Thanks, > Zixuan > > Qiang Huang <qiang.huang1...@gmail.com> 于2022年8月17日周三 19:13写道: > > > It makes sense to me. BTW, the image is broken. > > > > Zixuan Liu <node...@gmail.com> 于2022年8月17日周三 11:10写道: > > > > > Note that there are two clients, the user client, and the proxy client. > > > When the original authenticate data expires, the user client cannot send > > a > > > request to the proxy to find the broker URL. We haven't tests to cover > > this. > > > > > > A simple diagram represents workflow: > > > [image: image.png] > > > Both connections pass the proxy client and the user client authentication > > > data. > > > > > > Thanks, > > > Zixuan > > > > > > Zixuan Liu <node...@gmail.com> 于2022年8月16日周二 23:02写道: > > > > > >> Hi all, > > >> > > >> Refreshing the authentication data comes from the client is important. > > We > > >> have two types of authentication data, directly authentication data, and > > >> original authentication data: > > >> > > >> 1. Directly authentication data > > >> The client/proxy brings the authentication data directly connected to > > the > > >> broker, which is directly authentication data. > > >> > > >> When the directly authentication data is expired, the broker sends the > > >> `newAuthChallenge` command with `AuthData.REFRESH_AUTH_DATA` data to the > > >> client to refresh the authentication data. > > >> > > >> 2. Original authentication data > > >> We add a proxy between the client and the broker, both the proxy and the > > >> client bring the authentication data to request the broker, the > > >> authentication data from the proxy is directly authentication data, and > > the > > >> authentication data from the client is original authentication data. > > >> > > >> The broker can refresh the directly authentication data, but when we are > > >> using the proxy, the broker could not refresh the original > > >> authentication data, because we haven't any action to request to refresh > > >> the original authentication data, so we need to add an auth data const > > to > > >> request to refresh the original authentication data, so like > > >> `AuthData.REFRESH_AUTH_DATA`. > > >> > > >> Once most people agree with this, I'll make a PIP. > > >> > > >> References: > > >> > > >> - https://github.com/apache/pulsar/pull/13339 > > >> - https://github.com/apache/pulsar/issues/10816 > > >> > > >> Thanks, > > >> Zixuan > > >> > > >> > > > > -- > > BR, > > Qiang Huang > >
