Trying to connect consumer to the pre-defined queue, getting error as Permission mismatch.

Monica Gavali · October 2021

Hi,

I am trying to connect pre-defined queue named GMMO.UCTRADE.DSLT01 it has ALL OTHER POERMISSIONS: No Access(0000) .

When i try to consume frm the queue , application throws below error :
org.springframework.cloud.stream.provisioning.ProvisioningException: Failed to provision durable queue GMMO.UCTRADE.DSLT01; nested exception is com.solacesystems.jcsmp.PropertyMismatchException: Permission mismatch. (ALL_OTHERS_PERMISSIONS mismatch, expected=0)

Caused by: com.solacesystems.jcsmp.PropertyMismatchException: Permission mismatch. (ALL_OTHERS_PERMISSIONS mismatch, expected=0)

I am sharing the property file and pom.xml ::

spring:
cloud:
stream:
function:
definition: functionUsingTargetDestHeader
bindings:
functionUsingTargetDestHeader-in-0:
destination: GMMO.UCTRADE.DSLT01
group: SINK
functionUsingTargetDestHeader-out-0:
destination: default
binders:
local-solace:
type: solace
environment:
solace:
java:
host: hostName
msgVpn: vpnName
clientUsername: clientName
clientPassword: pwd
solace:
bindings:
functionUsingTargetDestHeader-in-0:
consumer:
provisionDurableQueue: true
queueNamePrefix: ""
useFamiliarityInQueueName: false
useDestinationEncodingInQueueName: false
useGroupNameInQueueName: false

pom.xml : :----

<?xml version="1.0" encoding="UTF-8"?>

4.0.0

org.springframework.boot
spring-boot-starter-parent
2.5.3

com.poc
consumer
0.0.3-SNAPSHOT
consumer
Demo project for Spring Boot

<java.version>1.8</java.version>
<spring-cloud.version>2020.0.4</spring-cloud.version>
<solace-spring-cloud-bom.version>2.1.0</solace-spring-cloud-bom.version>

org.springframework.cloud
spring-cloud-dependencies
${spring-cloud.version}
pom
import

com.solace.spring.cloud
solace-spring-cloud-bom
2.1.0
pom

<dependencies>
    <dependency>
      <groupId>com.solace.spring.cloud</groupId>
      <artifactId>spring-cloud-starter-stream-solace</artifactId>
      <version>3.1.0</version>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-web</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-test</artifactId>
        <scope>test</scope>
        <exclusions>
            <!-- Excluding logback dependencies to use l4j2 -->
            <exclusion>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-starter-logging</artifactId>
            </exclusion>
        </exclusions>
    </dependency>
    <dependency>
        <groupId>com.github.ulisesbocchio</groupId>
        <artifactId>jasypt-spring-boot-starter</artifactId>
        <version>2.1.1</version>
    </dependency>
    <dependency>
        <groupId>org.projectlombok</groupId>
        <artifactId>lombok</artifactId>
    </dependency>       
</dependencies>
<build>
    <plugins>
        <plugin>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-maven-plugin</artifactId>
        </plugin>
    </plugins>
</build>

nram · October 2021

Hi @Monica Gavali , Whats the Queue owner and whats the client-user you are trying to connect to?

As the error suggests, you are attempting to connect to as non-owner and the the queue is not provisioned to allow that. You have two options.
1. Find out the queue owner and connect as that client-user.
2. Change the other permissions on the queue to "Consume"

Monica Gavali · October 2021

Hi @nram

I tried 2nd solution ie Change the other permissions on the queue to "Consume"
My observation for Consume permission is - Once we give consume permission to the queue and connected from application, application is able to read the messages from queue .... but later if we restart the application, then after restart application throwa same error
logs -

2021-10-04 16:55:33.085 WARN 22236 --- [ main] c.s.s.c.s.b.p.SolaceQueueProvisioner : Failed to provision durable queue GMMO.UCTRADE.DSLT01

com.solacesystems.jcsmp.PropertyMismatchException: Permission mismatch. (ALL_OTHERS_PERMISSIONS mismatch, expected=0)

nram · October 2021

Thats strange .. Do you see the other-permission on the queue reset to 0000 after your application connects?

amackenzie · October 2021

How did you set the queue permissions? Manager? CLI?

Monica Gavali · October 2021

Below way i am using to set permissions to from SolaceAdmin UI .

on solace Admin , shut down queue then -> right click on queue (GMMO.UCTRADE.DSLT01) -> Edit Queue -> select permission for ALL OTHER PERMISSIONS -> click on OK
then start the queue by right click->Change Admin status ->Enable

Monica Gavali · October 2021

@marc - could you help in above issue

nram · October 2021

@Monica Gavali can you check the queue permissions (Queue|Settings) between two runs of your application?

marc · October 2021

@Monica Gavali
Definitely interesting that it works the first time and fails the second time. If this is a pre-existing queue I would also try to set provisionDurableQueue to false and see if that helps. When that is set to true the solace cloud stream binder might be trying to do some provisioning which doesn't fall under the consume permissions. Besides if it's pre-existing there is no need to provision it

Monica Gavali · October 2021

@nram - yes, i checked queue permissions between two run . it didn't change same as CONSUME

Monica Gavali · October 2021

@marc -
Tried provisionDurableQueue **to false** below is observation :-

CASE I : provisionDurableQueue : false and queue ALL OTHER PERMISSIONS : No permission(default permission)

Got below error on applictaion start -
2021-10-05 11:02:25.542 INFO 2104 --- [ main] c.s.s.c.s.b.p.SolaceQueueProvisioner : Durable queue provisioning is disabled, GMMO.UCTRADE.DSLT01 will not be provisioned nor will its configuration be validated
2021-10-05 11:02:25.543 INFO 2104 --- [ main] c.s.s.c.s.b.p.SolaceQueueProvisioner : Testing consumer flow connection to queue GMMO.UCTRADE.DSLT01 (will not start it)
2021-10-05 11:02:25.744 ERROR 2104 --- [ main] o.s.cloud.stream.binding.BindingService : Failed to create consumer binding; retrying in 30 seconds

org.springframework.cloud.stream.binder.BinderException: Exception thrown while starting consumer:
at org.springframework.cloud.stream.binder.AbstractMessageChannelBinder.doBindConsumer(AbstractMessageChannelBinder.java:462) ~[spring-cloud-stream-3.1.4.jar:3.1.4]
Caused by: com.solacesystems.jcsmp.AccessDeniedException: Permission Not Allowed

CASE II : provisionDurableQueue: false and queue ALL OTHER PERMISSIONS : consume

on first run application reads msg from queue
after application restart throwing exception as -

org.springframework.cloud.stream.binder.BinderException: Exception thrown while starting consumer:
at org.springframework.cloud.stream.binder.AbstractMessageChannelBinder.doBindConsumer(AbstractMessageChannelBinder.java:462) ~[spring-cloud-stream-3.1.4.jar:3.1.4]

Caused by: com.solacesystems.jcsmp.AccessDeniedException: Permission Not Allowed - Queue 'GMMO.UCTRADE.DSLT01' - Topic 'GMMO.UCTRADE.DSLT01'
at com.solacesystems.jcsmp.impl.SessionModeSupportClient.performSmpReq(SessionModeSupportClient.java:278) ~[sol-jcsmp-10.10.0.jar:na]

Monica Gavali · October 2021

application.yml

spring:
cloud:
stream:
function:
definition: functionUsingTargetDestHeader
bindings:
functionUsingTargetDestHeader-in-0:
destination: GMMO.UCTRADE.DSLT01
group: SINK
functionUsingTargetDestHeader-out-0:
destination: default
binders:
local-solace:
type: solace
environment:
solace:
java:
host: host01
msgVpn: msgVpn01
clientUsername: clientUsername01
clientPassword: clientPassword01
solace:
bindings:
functionUsingTargetDestHeader-in-0:
consumer:
provisionDurableQueue: false
queueNamePrefix: ""
useFamiliarityInQueueName: false
useDestinationEncodingInQueueName: false
useGroupNameInQueueName: false
server:
port: 8082

Monica Gavali · October 2021

<?xml version="1.0" encoding="UTF-8"?>

4.0.0

org.springframework.boot
spring-boot-starter-parent
2.5.5

com.poc
consumer
0.0.3-SNAPSHOT
consumer
Demo project for Spring Boot

<java.version>1.8</java.version>
<spring-cloud.version>2020.0.4</spring-cloud.version>
<solace-spring-cloud-bom.version>2.1.0</solace-spring-cloud-bom.version>

org.springframework.cloud
spring-cloud-dependencies
${spring-cloud.version}
pom
import

com.solace.spring.cloud
solace-spring-cloud-bom
2.1.0
pom

<dependencies>
    <dependency>
      <groupId>com.solace.spring.cloud</groupId>
      <artifactId>spring-cloud-starter-stream-solace</artifactId>
      <version>3.1.0</version>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-web</artifactId>
    </dependency>
    <dependency>
        <groupId>org.projectlombok</groupId>
        <artifactId>lombok</artifactId>
    </dependency>       
</dependencies>
<build>
    <plugins>
        <plugin>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-maven-plugin</artifactId>
        </plugin>
    </plugins>
</build>

marc · October 2021

Hi @Monica Gavali,

This is the config that I believe you want

CASE II : provisionDurableQueue: false and queue ALL OTHER PERMISSIONS : consume

I'm not sure why the permissions seem to be changing. It shouldn't matter how many times you start/stop the app. Does your organization happen to have Solace support? If so I think it would best if you open a support ticket as they'll be quicker to get back with you and can spend more time troubleshooting in detail.

Also as a heads up you can include all your code snippets with in between triple tics ``` that will make them easier to read

Trying to connect consumer to the pre-defined queue, getting error as Permission mismatch.

Answers

Categories

This Month's Leaders

This Week's Leaders