Closed HelenLorenzo closed 3 weeks ago
What is a Vault-PR instance? Care to elaborate on the scenario regarding what you're trying to achieve and what isn't working?
Generally, Spring Vault drops the login (session) token and re-logins when the session token expires. All authentication happens typically against the same server/cluster.
Vault-PR instance = Performance Replication. (Enterprice lincense Hashicorp Vault)
In this scenario, the token has not expired, it is simply not valid for the vault performance replication instance. Therefore, we must force it to re-authenticate
Thanks for the detail. Spring Cloud Vault has no information on cluster changes; hence, we don't know about expiry by promoting a secondary to a primary.
Sorry, de PR instance don't need promote. You always hace a PR intances and primary Intances. It's not a DR intances. In any case, Is it possible to force re-authentication with vault through spring-cloud-vault?
You can call LifecycleAwareSessionManager.revoke
to revoke the current session token. After that call, Spring Vault will re-authenticate. However, revoking the token will also revoke all leases.
Thank you. But it is not possible to directly access the LifecycleAwareSessionManager object of the vultTemplate, right? I wouldn't want to lose the automatic session management that Spring provides. Is there no way to force re-authentication without having to lose spring management of sessions?
I have it. Thank you for your help.
Good morning. Since the token obtained in a principal vault through authentication is not valid for a Vault-PR instance. I would like to know if there is currently any mechanism in the framework that allows you to force re-authentication. Thank you