search

spring-projects / spring-vault

Provides familiar Spring abstractions for HashiCorp Vault
https://spring.io/projects/spring-vault
Apache License 2.0
283 stars 186 forks source link

Token is not getting renewed after end of TTL while using AbstractReactiveVaultConfiguration #622

Closed saptarshidebnath closed 3 years ago

saptarshidebnath commented 3 years ago

Current behavior

Token is getting renewed only 1 time after end of TTL while using AbstractReactiveVaultConfiguration

Expectation

Token should get auto renewed multiple times.

Details

I am using approle secret id to authenticate to vault and the reactive spring vault implementation. I observed that token is generated first time, however when the generated token TTL (in my case its 30 min) expires, the same is not getting renewed. more than 1 time. Any call to vault is failing after the initial 30 + 30 mins in our case. If I change the vault policy to have tokens with unlimited ttl it keeps working.

Lib Used

spring-vault-core: 2.3.0-M1, spring-boot-starter-parent: 2.4.1 [ I am not using spring cloud config ]

Error received from vault after initial 60 mins.

org.springframework.vault.VaultException: Status 403 FORBIDDEN

Issues reported in stack overflow :

mp911de commented 3 years ago

Can you enable debug logging to retrieve information over the actual renewals? The reactive arrangement uses by default ReactiveLifecycleAwareSessionManager that logs renewals.

mp911de commented 3 years ago

Closing due to lack of requested feedback. If you would like us to look at this issue, please provide the requested information and we will re-open the issue.