异常信息
2018-05-21 18:38:05.851 ERROR 18796 --- [nio-8082-exec-4] i.r.common.exception.RRExceptionHandler : org.apache.zookeeper.KeeperException$NoAuthException: KeeperErrorCode = NoAuth for /nb-conf/ent5/datasource
org.I0Itec.zkclient.exception.ZkException: org.apache.zookeeper.KeeperException$NoAuthException: KeeperErrorCode = NoAuth for /nb-conf/ent5/datasource
at org.I0Itec.zkclient.exception.ZkException.create(ZkException.java:68)
at org.I0Itec.zkclient.ZkClient.retryUntilConnected(ZkClient.java:1001)
at org.I0Itec.zkclient.ZkClient.writeDataReturnStat(ZkClient.java:1148)
at org.I0Itec.zkclient.ZkClient.writeData(ZkClient.java:1143)
at org.I0Itec.zkclient.ZkClient.writeData(ZkClient.java:1111)
at io.newbanker.xxlconf.XxlConfManager.set(XxlConfManager.java:81)
at io.newbanker.xxlconf.SyncConfiguartionToZkAspect.around(SyncConfiguartionToZkAspect.java:77)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:629)
at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:618)
at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:70)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:168)
at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:673)
at io.newbanker.modules.sys.service.impl.WbsJdbcServiceImpl$$EnhancerBySpringCGLIB$$4240382a.syncConfiguartionToZk(<generated>)
at io.newbanker.modules.sys.service.impl.WbsJdbcServiceImpl$$FastClassBySpringCGLIB$$391fa112.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:669)
at io.newbanker.modules.sys.service.impl.WbsJdbcServiceImpl$$EnhancerBySpringCGLIB$$51cbc5d1.syncConfiguartionToZk(<generated>)
at io.newbanker.modules.sys.controller.WbsJdbcController.update(WbsJdbcController.java:120)
at io.newbanker.modules.sys.controller.WbsJdbcController$$FastClassBySpringCGLIB$$80fb59c2.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:738)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99)
at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:282)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at org.apache.shiro.spring.security.interceptor.AopAllianceAnnotationsAuthorizingMethodInterceptor$1.proceed(AopAllianceAnnotationsAuthorizingMethodInterceptor.java:82)
at org.apache.shiro.authz.aop.AuthorizingMethodInterceptor.invoke(AuthorizingMethodInterceptor.java:39)
at org.apache.shiro.spring.security.interceptor.AopAllianceAnnotationsAuthorizingMethodInterceptor.invoke(AopAllianceAnnotationsAuthorizingMethodInterceptor.java:115)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:673)
at io.newbanker.modules.sys.controller.WbsJdbcController$$EnhancerBySpringCGLIB$$ff1d5a94.update(<generated>)
at io.newbanker.modules.sys.controller.WbsJdbcController$$FastClassBySpringCGLIB$$80fb59c2.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:738)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99)
at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:282)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at org.apache.shiro.spring.security.interceptor.AopAllianceAnnotationsAuthorizingMethodInterceptor$1.proceed(AopAllianceAnnotationsAuthorizingMethodInterceptor.java:82)
at org.apache.shiro.authz.aop.AuthorizingMethodInterceptor.invoke(AuthorizingMethodInterceptor.java:39)
at org.apache.shiro.spring.security.interceptor.AopAllianceAnnotationsAuthorizingMethodInterceptor.invoke(AopAllianceAnnotationsAuthorizingMethodInterceptor.java:115)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:673)
at io.newbanker.modules.sys.controller.WbsJdbcController$$EnhancerBySpringCGLIB$$e8d9c69e.update(<generated>)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:133)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:97)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:827)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:738)
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970)
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:872)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:661)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:112)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at com.alibaba.druid.support.http.WebStatFilter.doFilter(WebStatFilter.java:123)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at io.renren.common.xss.XssFilter.doFilter(XssFilter.java:23)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:61)
at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108)
at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)
at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)
at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)
at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)
at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:263)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:108)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:81)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:478)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1459)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
Caused by: org.apache.zookeeper.KeeperException$NoAuthException: KeeperErrorCode = NoAuth for /nb-conf/ent5/datasource
at org.apache.zookeeper.KeeperException.create(KeeperException.java:113)
at org.apache.zookeeper.KeeperException.create(KeeperException.java:51)
at org.apache.zookeeper.ZooKeeper.setData(ZooKeeper.java:1327)
at org.I0Itec.zkclient.ZkConnection.writeDataReturnStat(ZkConnection.java:139)
at org.I0Itec.zkclient.ZkClient$13.call(ZkClient.java:1152)
at org.I0Itec.zkclient.ZkClient.retryUntilConnected(ZkClient.java:991)
... 129 common frames omitted
场景说明
接着前一篇《zk Acl权限:只有一个账号有所有权限,其他匿名用户只有读权限》,实现了这个之后,存在一个bug:
当zkClient与zk服务断了链接并且重试时间超过(org.I0Itec.zkclient.ZkClient#_operationRetryTimeoutInMillis)之后,就会重新reconnect,重新reconnect操作,会重新new一个`_zk`,导致之前addAuthInfo的acl权限信息,被覆盖掉。从而导致了reconnect之后,对节点进行cdwa操作,都会报错:org.apache.zookeeper.KeeperException$NoAuthException: KeeperErrorCode = NoAuth for /nb-conf/ent5/datasource
1、首先,是自己定义的工具类:
@Component
public class XxlConfManager implements InitializingBean, DisposableBean {
@Value("${xxl.conf.admin.zkaddress}")
private String zkaddress;
@Value("${xxl.conf.admin.zkpath}")
private String zkpath;
@Value("${xxl.conf.admin.zkUserName}")
private String zkUserName;
@Value("${xxl.conf.admin.zkPassword}")
private String zkPassword;
private String idPassword;
private static final String digest = "digest";
private static ZkClient zkClient = null;
@Override
public void afterPropertiesSet() throws Exception {
// 创建zkClient,并设置权限信息
zkClient = new ZkClient(zkaddress);
idPassword = zkUserName + ":" + zkPassword;
zkClient.setZkSerializer(new JsonZkSerializer());
zkClient.addAuthInfo(digest, idPassword.getBytes());
}
}2、org.I0Itec.zkclient.ZkClient#addAuthInfo
/**
* Add authentication information to the connection. This will be used to identify the user and check access to
* nodes protected by ACLs
*
* @param scheme
* @param auth
*/
public void addAuthInfo(final String scheme, final byte[] auth) {
retryUntilConnected(new Callable<Object>() {
@Override
public Object call() throws Exception {
_connection.addAuthInfo(scheme, auth);
return null;
}
});
}3、org.I0Itec.zkclient.ZkConnection#addAuthInfo——这个方法相当于是登录zk的账号、密码
private ZooKeeper _zk = null;
@Override
public void addAuthInfo(String scheme, byte[] auth) {
_zk.addAuthInfo(scheme, auth);
}
再来看看zkClient断开连接后reconnect的方法:
1、org.I0Itec.zkclient.ZkClient#reconnect
private void reconnect() {
getEventLock().lock();
try {
_connection.close();
_connection.connect(this); // 注1
} catch (InterruptedException e) {
throw new ZkInterruptedException(e);
} finally {
getEventLock().unlock();
}
}2、点进去看‘注1’方法:org.I0Itec.zkclient.ZkConnection#connect
@Override
public void connect(Watcher watcher) {
_zookeeperLock.lock();
try {
if (_zk != null) {
throw new IllegalStateException("zk client has already been started");
}
try {
LOG.debug("Creating new ZookKeeper instance to connect to " + _servers + ".");
_zk = new ZooKeeper(_servers, _sessionTimeOut, watcher); // 注2
} catch (IOException e) {
throw new ZkException("Unable to connect to " + _servers, e);
}
} finally {
_zookeeperLock.unlock();
}
}可以发现,注2的位置,新new了一个ZooKeeper。
简述一下上面源码的意思:
addAuthInfo是给org.I0Itec.zkclient.ZkConnection#_zk对象设置权限信息,然后重新连接时,先废除了之前的org.I0Itec.zkclient.ZkConnection#_zk对象:
// org.I0Itec.zkclient.ZkConnection#close方法,代码片段
if (_zk != null) {
_zk.close();
_zk = null;
}然后再new一个新的zk对象
_zk = new ZooKeeper(_servers, _sessionTimeOut, watcher);所以_zk的权限信息,就被覆盖掉了。重新对znode进行cdea操作,就会报错:org.apache.zookeeper.KeeperException$NoAuthException: KeeperErrorCode = NoAuth for /nb-conf/ent5/datasource
异常重现
先正常连接上zk(在另外一台机器上的zk),然后断掉网(拔网线,关wifi等),然后重试时间超过org.I0Itec.zkclient.ZkClient#_operationRetryTimeoutInMillis(其实就是connectionTimeout),就会reconnect。此时再触发一次对znode的写操作,就报错了。
解决方案
思路:既然报错,那就try-catch,然后判断异常是否是org.apache.zookeeper.KeeperException$NoAuthException,如果是的话,说明就是reconnect之后,权限信息被清空导致的,那就在catch中,给在addAuthInfo一下,不就完了。
代码如下:
private static ZkClient zkClient = null;
// 在afterPropertiesSet()方法中,创建zkClient的代码上面有,这里略。
public void set(String path, String data) {
try {
_set(path, data);
} catch (Exception e) {
// 主要这里不是e instanceof KeeperException.NoAuthException。原因看:org.I0Itec.zkclient.exception.ZkException#create
if (e.getCause() instanceof KeeperException.NoAuthException) {
zkClient.addAuthInfo(digest, idPassword.getBytes());
}
_set(path, data);
}
}
private void _set(String path, String data) {
createPathIfNotExists(path);
zkClient.writeData(path, data);
}思路就是这个思路。另外在delete方法也要加,因为zkClient重连接后,调用了delete方法,也可能会出现NoAuthException。
(实现功能即可、没有代码洁癖的同学,下面就不用看了。)
使用aop对解决方案优化
直接按照上面方式加上也行。但是这里模板方法抽取使用aop,还是比较好的于是:(先要实现功能的同学,下面就不用看了。)
使用aop方式去掉重复代码方式实现思路:
1、先定义个注解,我们给加了此注解的方法使用aop
import java.lang.annotation.*;
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
@Documented
public @interface ResetAclIfNoauth {
}2、aop
package io.newbanker.xxlconf;
import org.apache.zookeeper.KeeperException;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
@Component
@Aspect
public class ZkNoAuthExceptionAspect {
@Autowired
private XxlConfManager xxlConfManager;
@Pointcut("@annotation(io.newbanker.xxlconf.ResetAclIfNoauth)")
public void pointcut() {
}
@Around("pointcut()")
public Object around(ProceedingJoinPoint point) throws Throwable {
try {
return point.proceed();
} catch (Throwable e) {
if (e.getCause() instanceof KeeperException.NoAuthException) {
xxlConfManager.addAuthInfo();
}
return point.proceed();
}
}
}
3、对原有自己封装的zk工具类进行修改:
已为社区贡献276条内容
所有评论(0)