Hello, I don’t know if is the best place to put this question. My application is getting the following error while trying to interact with the axon server.
This axon-server v4.4.8.1 is installed in a Kubernetes cluster. They all seem healthy. My application uses Spring Boot and when it starts I got the following output. The error keeps repeating.
2023-03-29 15:04:08.404 INFO AxonServerManagedChannel - Requesting connection details from axonserver-svc.axonserver-ee.svc.cluster.local:8124 [main]
2023-03-29 15:04:11.928 INFO AxonServerManagedChannel - Successfully connected to axonserver-svc.axonserver-ee.svc.cluster.local:8124 [main]
2023-03-29 15:04:12.051 INFO ControlChannelImpl - Connected instruction stream for context 'qa'. Sending client identification [main]
2023-03-29 15:04:12.141 INFO CommandChannelImpl - CommandChannel for context 'qa' connected, 0 command handlers registered [main]
2023-03-29 15:04:12.208 INFO CommandChannelImpl - Registered handler for command 'com.company.liverpool.api.commands$ReplayAdminEventStream' in context 'qa' [main]
2023-03-29 15:04:12.446 INFO QueryChannelImpl - QueryChannel for context 'qa' connected, 0 registrations resubscribed [main]
2023-03-29 15:04:12.507 INFO QueryChannelImpl - Registered handler for query 'com.company.liverpool.api.DrugProductLookupQuery$ByDIN : com.company.liverpool.api.DrugProduct' in context 'qa' [main]
2023-03-29 15:04:12.516 INFO QueryChannelImpl - Error on QueryChannel for context qa [grpc-default-executor-0]
io.grpc.StatusRuntimeException: PERMISSION_DENIED: Invalid token for io.axoniq.axonserver.grpc.query.QueryService/OpenStream
at io.grpc.Status.asRuntimeException(Status.java:535)
at io.grpc.stub.ClientCalls$StreamObserverToCallListenerAdapter.onClose(ClientCalls.java:479)
at io.grpc.internal.ClientCallImpl.closeObserver(ClientCallImpl.java:562)
at io.grpc.internal.ClientCallImpl.access$300(ClientCallImpl.java:70)
at io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl$1StreamClosed.runInternal(ClientCallImpl.java:743)
at io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl$1StreamClosed.runInContext(ClientCallImpl.java:722)
at io.grpc.internal.ContextRunnable.run(ContextRunnable.java:37)
at io.grpc.internal.SerializingExecutor.run(SerializingExecutor.java:133)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1130)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:630)
at java.base/java.lang.Thread.run(Thread.java:832)
2023-03-29 15:04:12.526 WARN QueryChannelImpl - An error occurred while registering query handlers [main]
io.grpc.StatusRuntimeException: PERMISSION_DENIED: Invalid token for io.axoniq.axonserver.grpc.query.QueryService/OpenStream
From the axon-server side, I can see the following log:
axonserver-1 axonserver 2023-03-29 15:40:11.250 INFO 1 --- [ster-executor-1] i.a.a.logging.TopologyEventsLogger : Application connected via axonserver-0: admin, clientId = 1@admin-685954cdb-9gbpr, clientStreamId = 1@admin-685954cdb-9gbpr.0221b1c7-9fcd-46b7-b0d0-94733d8551b1, context = qa
axonserver-2 axonserver 2023-03-29 15:40:26.331 INFO 1 --- [ster-executor-1] i.a.a.logging.TopologyEventsLogger : Application connected via axonserver-1: admin, clientId = 1@admin-685954cdb-l4tlt, clientStreamId = 1@admin-685954cdb-l4tlt.4d7e3009-89b3-4252-9827-0c7dec749515, context = qa
axonserver-0 axonserver 2023-03-29 15:40:26.331 INFO 1 --- [ster-executor-4] i.a.a.logging.TopologyEventsLogger : Application connected via axonserver-1: admin, clientId = 1@admin-685954cdb-l4tlt, clientStreamId = 1@admin-685954cdb-l4tlt.4d7e3009-89b3-4252-9827-0c7dec749515, context = qa
axonserver-1 axonserver 2023-03-29 15:40:26.345 INFO 1 --- [grpc-executor-4] i.a.a.logging.TopologyEventsLogger : Application connected: admin, clientId = 1@admin-685954cdb-l4tlt, clientStreamId = 1@admin-685954cdb-l4tlt.4d7e3009-89b3-4252-9827-0c7dec749515, context = qa
I’ve found this other question related to this and I went to Axon Web GUI > apps > select my application and added the roles mentioned in the question. Unfortunately, it didn’t fix the issue.
Similar question: