Azure Table Storage query failed with authentication error (Received:Forbidden) 不时出现
[英]Azure Table Storage query failed with authentication error (Received:Forbidden) from time to time
问题描述
Environment: Azure app service.
环境:Azure app服务。
Azure storage SDK: WindowsAzure.Storage (9.3.3) Azure 存储 SDK: WindowsAzure.Storage (9.3.3)
Invocation (pseudo code):调用(伪代码):
void QueryAzureTable(){
while(true){
var tableClient = new AzureTable();
var resp = tableClient.Query('table','pk','rk');
// ...
}
}
var tasks = new List<Task>();
for (var i = 0; i < 5; i++)
{
tasks.Add(QueryAzureTable());
}
await Task.WhenAll(tasks).ConfigureAwait(false);
Authorization method for QueryAzureTable: tried with both clientId/secret and managed identity/MSI, same result for both. QueryAzureTable 的授权方法:尝试使用 clientId/secret 和托管身份/MSI,两者的结果相同。
Observation:观察:
- Around half of the requests failed due to anth issue in
QueryAzureTable()(see detailed error msg below).由于QueryAzureTable()中的 anth 问题,大约一半的请求失败(请参阅下面的详细错误消息)。 - If I restart the azure app service instance, the auth error will be gone for ~12 hours.如果我重新启动 azure 应用程序服务实例,身份验证错误将消失约 12 小时。
Error Message:错误信息:
- Server failed to authenticate the request.服务器无法验证请求。 Make sure the value of Authorization header is formed correctly including the signature.确保正确形成授权 header 的值,包括签名。
- Unexpected response code, Expected:OK or NotFound, Received:Forbidden意外的响应代码,预期:OK 或 NotFound,收到:Forbidden
I have checked and tried with almost every solutions mentioned in this stackoverflow thread , but no luck.我已经检查并尝试了此stackoverflow 线程中提到的几乎所有解决方案,但没有成功。 Guess this specific auth issue might be related with multi-tasks.猜测这个特定的身份验证问题可能与多任务有关。
1 个解决方案
解决方案1
0 2023-01-31 08:21:08
Kind of figured out the solution on my own: adding a retry logic to renew the token .我自己想出了解决方案:添加重试逻辑来更新令牌。
void query(...){
int cnt=0;
while(true){
try{
_client.queryTable(...);
}
catch(AuthException ex){
log.error(ex...);
var token=new Token(...);
_client = new AzureTableClient(token);
cnt++;
if(cnt==3) throw;
}
}
}
The first clue to this solution was whenever there was a app service release, deployment or restart of the app service, the query table function worked well for a while, and then after around 12 hours, errors started showing up.这个解决方案的第一个线索是每当有应用服务发布、部署或重启应用服务时,查询表 function 运行了一段时间,然后大约 12 小时后,错误开始出现。 But not 100% failure rate.但不是100%的失败率。
If there is any explanation or conclusion that helps to root cause this, please share your opinions.如果有任何解释或结论有助于根本原因,请分享您的意见。 Thanks in advance: My blind guess is that it has something to do with muti-tasks.在此先感谢:我的盲目猜测是它与多任务有关。 WindowsAzure.Storage (9.3.3) does not do a good job of renewing token for muti-tasks. WindowsAzure.Storage (9.3.3) 不能很好地为多任务更新令牌。
Hope this could help you.希望这可以帮助你。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.