Project

General

Profile

tigase.db.TigaseDBException: Problem accessing repository

Corey Wilson
Added over 5 years ago

Tigase seems to intermittently kick me out of the current session.

Something that may or may not be related - I am not receiving any PONG requests from the server, although I do have it added in Tigase: Loading plugin: urn:xmpp:ping=16 ...

I am able to PING the server and receive a correct response. I also set up a PING interval from the Client to Server in hopes it would keep the connection alive, but I still am disconnected.

This is the LOG in regards to the error:

2013-09-25 19:12:49.283 [pool-15-thread-50]  XMPPIOService.processSocketData()  WARNING: bosh@server/ip_5280_ip_53123, type: accept, Socket: bosh@server/ip_5280_ip_53123 Socket[addr=/ip,port=53123,localport=5280], jid: null, checkData says disconnect

I noticed the log also states jid: null - I am not sure if it is related, but I have logged in and am sending out stanzas as the correct JID.

Noticed that there was an error in an init.properties function, I removed the related error from the pasted log


Replies (13)

Added by Wojciech Kapcia TigaseTeam over 5 years ago

Could you provide a bigger excerpt of the log from the session that kicks you out?

Added by Corey Wilson over 5 years ago

I have attached a bottom portion of the tigase.log.0 file.

A few things I have noticed s canning through it:

1. authState=NOT_AUTHORIZED - This brings me to another issue, that even tho I appear to be binding and connected, I can't read the roster, send messages, etc due to an error that states Session is not yet authorized. I wonder if this is related to being kicked out. Possibly there is something wrong with the authentication script, I have also attached my php script to connect to XMPP, maybe there is something wrong with it? I remember looking multiple times at exactly what stanza's need to be sent?

_2._ @no waitTimer for the Bosh connection!@ - Not sure why this is appearing, thre is both @inactivity="100"@ and @wait="60"@

<pre>
2013-09-26 09:25:38.967 [pool-15-thread-65]  BoshConnectionManager.processSocketData()  FINEST: Processing socket data: from=null, to=null, DATA=<body wait="60" xmlns:xmpp="urn:xmpp:xbosh" content="text/xml charset=utf-8" xml:lang="en" to="mysite.com" hold="1" xmlns="http://jabber.org/protocol/httpbind" inactivity="100"/>, SIZE=180, XMLNS=http://jabber.org/protocol/httpbind, PRIORITY=NORMAL, PERMISSION=NONE, TYPE=null

2013-09-26 09:25:38.967 [pool-15-thread-65]  BoshSession.sendBody()           INFO:     No waitTimer for the Bosh connection! bosh@server/127.0.0.1_5280_127.0.0.1_47293, type: accept, Socket: bosh@server/127.0.0.1_5280_127.0.0.1_47293 Socket[addr=/127.0.0.1,port=47293,localport=5280], jid: null
<pre>
Avatar?id=6023&size=32x32

Added by Artur Hefczyc TigaseTeam over 5 years ago

Thank you for submitting all the data and taking the effort to analyze log files. A few initial comments:

  1. The jid: null is OK, and normal, especially for Bosh connection. Even for standard XMPP connection the jid is initially null until the user successful authenticates.

  2. Session is not yet authorized is also OK at this phase. The user has just opened a new connection but did not authenticate yet, so the connection is not yet authorized

And finally what I think answers your question and problem:

  1. First of all you do not follow the protocol, after you open a Bosh session you have to wait for stream features before you can send anything to the server.

  2. And actually the most important - you do not send authentication data at all. You open Bosh session and send session bind right away. This will be rejected by the server. Every user connection or session must be authenticated before it can do anything or send anything.

  3. I looked at your code and you have something like this: If Anonymous, We just Bind. This is incorrect. You have to authenticate even for anonymous. There is a protocol for anonymous authentication. You have to follow it to be accepted by the server.

Added by Corey Wilson over 5 years ago

So I spent a few hours working through this tonight - the step-by-step http-binding I followed to create the script is identical to Strophe.js - (Although I did notice an error with my session authentication, (forgot to wrap the IQ in a element))

//Initial Request (Session Creation Request)
<body xmlns="http://jabber.org/protocol/httpbind" xmlns:xmpp="urn:xmpp:xbosh" content="text/xml charset=utf-8" xml:lang="en" hold="1" to="clanster.net" wait="60" inactivity="100"/>


//Initial Request Response (Session Creation Response)
<body xmpp:version="1.0" xmlns:xmpp="urn:xmpp:xbosh" wait="30" xmlns:stream="http://etherx.jabber.org/streams" ver="1.6" polling="10" hold="1" authid="e50c9317-8a2c-4e91-bea9-7986aa8cf106" maxpause="10" sid="91638415-c0ce-469a-9b81-b3e9a326b41d" inactivity="10" requests="2" secure="true" xmlns="http://jabber.org/protocol/httpbind" from="clanster.net"/>


//Sending Authentication
<body xmlns="http://jabber.org/protocol/httpbind" content="text/xml charset=utf-8" xml:lang="en" sid="0c7078e7-ebf9-4392-8af4-70f60d8d3237" rid="149072266308">
  <auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="PLAIN">*PASSWORD*</auth>
</body>


//Authentication Result
<body xmpp:version="1.0" ack="149072266308" xmlns:xmpp="urn:xmpp:xbosh" secure="true" xmlns="http://jabber.org/protocol/httpbind" from="localhost" xmlns:stream="http://etherx.jabber.org/streams">
    <success xmlns="urn:ietf:params:xml:ns:xmpp-sasl"/>
</body>


//Sending Restart
<body xmpp:version="1.0" ack="149072266309" xmlns:xmpp="urn:xmpp:xbosh" secure="true" xmlns="http://jabber.org/protocol/httpbind" from="localhost" xmlns:stream="http://etherx.jabber.org/streams">
    <stream:features xmlns="jabber:client">
        <ver xmlns="urn:xmpp:features:rosterver"/>
        <starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
        <session xmlns="urn:ietf:params:xml:ns:xmpp-session"/>
        <register xmlns="http://jabber.org/features/iq-register"/>
        <bind xmlns="urn:ietf:params:xml:ns:xmpp-bind"/>
    </stream:features>
</body>


//Sending Bind Connection
<body xmlns="http://jabber.org/protocol/httpbind" rid="149072266310" sid="0c7078e7-ebf9-4392-8af4-70f60d8d3237">
  <iq xmlns="jabber:client" type="set">
    <bind xmlns="urn:ietf:params:xml:ns:xmpp-bind">
      <resource>1380858825783247607</resource>
    </bind>
  </iq>
</body>


//Bind Connection Result:
<body xmpp:version="1.0" ack="149072266310" xmlns:xmpp="urn:xmpp:xbosh" secure="true" xmlns="http://jabber.org/protocol/httpbind" from="localhost" xmlns:stream="http://etherx.jabber.org/streams">
    <iq to="account@localhost/1380858825783247607" type="result" xmlns="jabber:client">
        <bind xmlns="urn:ietf:params:xml:ns:xmpp-bind">
            <jid>account@localhost/1380858825783247607</jid>
        </bind>
    </iq>
</body>


//Sending Session
<body xmlns="http://jabber.org/protocol/httpbind" rid="149072266311" sid="0c7078e7-ebf9-4392-8af4-70f60d8d3237">
    <iq xmlns="jabber:client" type="set" id="session_auth_2111073618" to="localhost">
      <session xmlns="urn:ietf:params:xml:ns:xmpp-session"/>
    </iq>
</body>


//Session Result
<body xmpp:version="1.0" ack="149072266310" xmlns="http://jabber.org/protocol/httpbind" xmlns:stream="http://etherx.jabber.org/streams" xmlns:xmpp="urn:xmpp:xbosh" secure="true" from="localhost">
    <iq xmlns="jabber:client" id="session_auth_2111073618" type="result" to="me@localhost" />
</body>

I also decided to give Strophe a try, and see if It would work - but I still receive the error <not-authorized> ... <text xmlns=":urn:ietf:params:xml:ns:xmpp-stanzas" xml:lang="en">You must authorize session first.</text>

Looking through the logs I noticed this:

2013-10-04 01:24:09.934 [ConnectionOpenThread]  SocketThread.<clinit>()       WARNING:  65 socketWriteThreads started.
tigase.xmpp.NotAuthorizedException: Can not access user repository.
        at tigase.xmpp.RepositoryAccess.getData(RepositoryAccess.java:288)
        at tigase.xmpp.impl.roster.RosterFlat.loadUserRoster(RosterFlat.java:761)
        at tigase.xmpp.impl.roster.RosterFlat.getUserRoster(RosterFlat.java:714)
        at tigase.xmpp.impl.roster.RosterFlat.isModified(RosterFlat.java:873)
        at tigase.xmpp.impl.roster.RosterFlat.logout(RosterFlat.java:849)
        at tigase.xmpp.impl.Presence.stopped(Presence.java:1160)
        at tigase.server.xmppsession.SessionManager.closeSession(SessionManager.java:1221)
        at tigase.cluster.SessionManagerClustered.closeSession(SessionManagerClustered.java:625)
        at tigase.server.xmppsession.SessionManager.closeConnection(SessionManager.java:1149)
        at tigase.server.xmppsession.SessionManager$SessionCloseProc.process(SessionManager.java:2632)
        at tigase.server.xmppsession.SessionManager$ProcessorWorkerThread.process(SessionManager.java:2550)
        at tigase.util.WorkerThread.run(WorkerThread.java:132)
Caused by: tigase.db.UserNotFoundException: User does not exist: me@localhost
        at tigase.db.jdbc.JDBCRepository.getUserUID(JDBCRepository.java:1558)
        at tigase.db.jdbc.JDBCRepository.getNodeNID(JDBCRepository.java:1534)
        at tigase.db.jdbc.JDBCRepository.getData(JDBCRepository.java:335)
        at tigase.db.UserRepositoryMDImpl.getData(UserRepositoryMDImpl.java:138)
        at tigase.xmpp.RepositoryAccess.getData(RepositoryAccess.java:284)
        ... 11 more

Since I am using a separate Authentication DB, maybe some of my queries that I loaded up need to be changed as well? Currently I only have modified a few small queries (that were particular to the task I was accomplishing - i.e. TigUserLogin(?,?) )

Avatar?id=6023&size=32x32

Added by Artur Hefczyc TigaseTeam over 5 years ago

Please follow instructions on the website: http://www.tigase.org/content/tigase-custom-auth-connector

Added by Corey Wilson over 5 years ago

I made a few changes to the init.properties and the previous error went away (maybe it had something to do with @users-count-query@? Everything else was already set up).

I am still receiving the same "session is not authorized" error thought:

2013-10-04 21:10:00.569 [jabber:iq:roster Queue Worker 7]  JabberIqRoster.process()  WARNING: Received roster request but user session is not authorized yet: from=bosh@server/113572aa-9164-40a6-a1d3-09781fa6ae4c, to=sess-man@server, DATA=
<iq xmlns="jabber:client" type="set" from="me@server" id="7249:sendIQ">
  <query xmlns="jabber:iq:roster">
    <item jid="person@server" name="Person">
        <group>people</group>
     </item>
  </query>
</iq>, SIZE=215, XMLNS=jabber:client, PRIORITY=NORMAL, PERMISSION=NONE, TYPE=set

I have tried this with the the standard Strophe.js Login ( http://strophe.im/strophejs/ ) and I still get the "session not authorized" error. This is all unmodified code from a common Javascript XMPP Library - so I am not sure what is wrong here.

Here is my Init.properties file:

--comp-class-1 = tigase.muc.MUCComponent
--virt-hosts = localhost,mysite
--auth-db-uri = AUTHDB
--user-db-uri = USERDB
--user-db = mysql
--admins = admin@localhost,admin@clanster.net
--comp-name-4 = message-archive
--auth-db = tigase-custom
--comp-name-3 = proxy
config-type = --gen-config-def
--comp-name-2 = pubsub
--comp-name-1 = muc
--cluster-mode = true
--sm-plugins = +message-archive-xep-0136,+jabber:iq:auth,+urn:ietf:params:xml:ns:xmpp-sasl,+urn:ietf:params:xml:ns:xmpp-bind,+urn:ietf:params:xml:ns:xmpp-session,+jabber:iq:register,+jabber:iq:roster,+presence,+jabber:iq:privacy,+jabber:iq:version,+http://jabber.org/protocol/stats,+starttls,+msgoffline,+vcard-temp,+http://jabber.org/protocol/commands,+jabber:iq:private,+urn:xmpp:ping,+basic-filter,+domain-filter,+pep,-zlib
--debug = server
--comp-class-4 = tigase.archive.MessageArchiveComponent
--comp-class-3 = tigase.socks5.Socks5ProxyComponent
--comp-class-2 = tigase.pubsub.PubSubComponent


basic-conf/auth-repo-params/conn-valid-query=SELECT 1

basic-conf/auth-repo-params/init-db-query=UPDATE users SET xmpp_status = 0

basic-conf/auth-repo-params/user-login-query={ call TigUserLogin(?,?) }
#create procedure TigUserLogin(_user_id varchar(2049) CHARSET utf8, _user_pw varchar(255) CHARSET utf8)
#begin
#   IF EXISTS( SELECT jid AS user_id FROM users WHERE jid=_user_id AND password=*PASSWORD*
#   THEN
#       UPDATE users SET xmpp_status = xmpp_status+1 WHERE jid=_user_id;
#       SELECT _user_id AS user_id;
#   ELSE
#       SELECT NULL AS user_id;
#   END IF;
#end //


basic-conf/auth-repo-params/users-count-query=SELECT COUNT(userid) FROM users

# Below query is used to add a new user account to the database
#//This is Handelled by the website
#basic-conf/auth-repo-params/add-user-query={ call TigAddUserPlainPw(?, ?) }

# Below query is used to remove existing account with all user's data from the database
#//This is Handelled by the website
#basic-conf/auth-repo-params/del-user-query={ call TigRemoveUser(?) }

# This query is used for the user authentication if "user-login-query" is not defined,
# that is if there is no database level user authentication algorithm available. In such
# a case the Tigase server loads user's password from the database and compares it
# with data received from the client.
basic-conf/auth-repo-params/get-password-query=SELECT password from users where jid = ?

# Below query is used for user password update in case user decides to change his password
#//This is Handelled by the website
#basic-conf/auth-repo-params/update-password-query=update tig_users set user_pw = ? where user_id = ?

# Below query is called on user logout event. Usually we use a stored procedure which
# records user logout time and marks user as offline in the database
basic-conf/auth-repo-params/user-logout-query=UPDATE users SET xmpp_status = xmpp_status-1 WHERE jid = ?
# update tig_users, set online_status = online_status - 1 where user_id = ?

# This is configuration setting to specify what non-sasl authentication mechanisms
# expose to the client
basic-conf/auth-repo-params/non-sasl-mechs=password,digest

# This is configuration setting to specify what sasl authentication mechanisms expose to the client
basic-conf/auth-repo-params/sasl-mechs=PLAIN,DIGEST-MD5

The only thing I can think of is maybe I need to modify other queries in the mysql-schema-4-sp.sql file?

P.S. I upgraded to a new nightly last night thinking that would help, I am now working with 5.2.0-SNAPSHOT-b3312/d1149826

Avatar?id=6023&size=32x32

Added by Artur Hefczyc TigaseTeam over 5 years ago

I think that if you have a default installation of the Tigase server passwords in your system are most likely encrypted. Therefore you should use TigUserLoginPlainPw stored procedure rather than the one you use. Generally, to make sure the password is correctly processed you should use the same type of procedures for creating a user account and authenticating user. Therefore, is you use procedure with name ending with PlainPw you have to use corresponding procedure for user authentication.

basic-conf/auth-repo-params/user-login-query={ call TigUserLoginPlainPw(?,?) }

Added by Corey Wilson over 5 years ago

I don't really have a second to try the PlainPw Password out, but your reply has made me think I don't understand the point of the Authentication DB.

Essentially what I have been (trying) to do is use the AuthDB for my user list that already exists in the DB (i.e. I add a user to my "users" table, and then tell Tigase to authenticate based on that table). This means I never run @add-user-query@, or @del-user-query@, etc. since all the user management is handled directly through my current website scripts.

When I do try to log in the user through:

create procedure TigUserLogin(_user_id varchar(2049) CHARSET utf8, _user_pw varchar(255) CHARSET utf8)
begin
    IF EXISTS( SELECT jid AS user_id FROM users WHERE jid=_user_id AND password=*PASSWORD*
    THEN
        UPDATE users SET xmpp_status = xmpp_status+1 WHERE jid=_user_id;
        SELECT _user_id AS user_id;
    ELSE
        SELECT NULL AS user_id;
    END IF;
end //

The script will go through the authentication process, and say it has successfully connected to the server (with the right password). After I have logged in, whenever I try to complete a task i.e. Add a user to my roster I receive an error saying that I must complete the session.

Assuming that you are really meant to connect Tigase using the built-in user management system (i.e. utilizing add-user-query), I am guessing I need to modify some of the other mysql procedures, or need to insert information into the Tigase DB? Or maybe I have to abandon this idea completely?

After a quick glance through the schema, I noticed:

  1. TigAddUser - this adds something to the tig_nodes, maybe I need to add a row to this table as well when creating a user?

  2. TigEnableAccount - Maybe I need to modify a DB call so the system knows if a user is verified or not?

I hope this makes more sense - I don't have any more time, thanks!

Avatar?id=6023&size=32x32

Added by Artur Hefczyc TigaseTeam over 5 years ago

OK, everything sounds reasonable. You the custom authentication connector is just for this use case, that is connecting Tigase to an external database with user accounts maintained by some other application. I mentioned other stored procedures because it was not clear to me that you are maintaining users accounts outside of the Tigase server.

You say that the authentication process completes successfully, so you have an account in authentication repository and Tigase knows how to use it to login user. However, most likely you do not have users metadata in the Tigase own database, that is user repository. You can make Tigase to automatically populate own database with missing metadata using parameter: autoCreateUser=true. Have a look at the end of the document: http://www.tigase.org/content/custom-authentication-connectors for example configuration.

Added by Corey Wilson over 5 years ago

That seemed to work!! Thanks!!!!! :)

Added by Abhinav Gupta about 3 years ago

Hi Everyone,

I am also facing the same issue,

Whenever I invoke the command below,

sudo sh bin/tclmt.sh -u admin@blackbuck remote pubsub@blackbuck create-node Operations admin@blackbuck leaf

I got the error below,

tigase.db.TigaseDBException: Problem accessing repository.

at tigase.db.jdbc.TigaseCustomAuth.logout(TigaseCustomAuth.java:570)

at tigase.db.AuthRepositoryMDImpl.logout(AuthRepositoryMDImpl.java:159)

at tigase.server.xmppsession.SessionManager.closeSession(SessionManager.java:1129)

at tigase.cluster.SessionManagerClustered.closeSession(SessionManagerClustered.java:503)

at tigase.server.xmppsession.SessionManager.closeConnection(SessionManager.java:1006)

at tigase.server.xmppsession.SessionManager$SessionCloseProc.process(SessionManager.java:2489)

at tigase.server.xmppsession.SessionManager$ProcessorWorkerThread.process(SessionManager.java:2440)

at tigase.util.WorkerThread.run(WorkerThread.java:128)

Caused by: java.sql.SQLException: Parameter index out of range (1 > number of parameters, which is 0).

at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:1055)

at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:956)

at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:926)

at com.mysql.jdbc.PreparedStatement.checkBounds(PreparedStatement.java:3288)

at com.mysql.jdbc.PreparedStatement.setInternal(PreparedStatement.java:3272)

at com.mysql.jdbc.PreparedStatement.setString(PreparedStatement.java:4108)

at tigase.db.jdbc.TigaseCustomAuth.logout(TigaseCustomAuth.java:565)

at tigase.db.AuthRepositoryMDImpl.logout(AuthRepositoryMDImpl.java:159)

at tigase.server.xmppsession.SessionManager.closeSession(SessionManager.java:1129)

at tigase.cluster.SessionManagerClustered.closeSession(SessionManagerClustered.java:503)

at tigase.server.xmppsession.SessionManager.closeConnection(SessionManager.java:1006)

at tigase.server.xmppsession.SessionManager$SessionCloseProc.process(SessionManager.java:2489)

at tigase.server.xmppsession.SessionManager$ProcessorWorkerThread.process(SessionManager.java:2440)

at tigase.util.WorkerThread.run(WorkerThread.java:128)

Attaching the file(Logs,init).

Please let me know if I am doing anything wrong.

Any Help and suggestions are appreciated.

Added by Wojciech Kapcia TigaseTeam about 3 years ago

How have you installed Tigase and created repository?

Added by Abhinav Gupta about 3 years ago

Hi,

Thanks for taking time to review the files.

I got it to work.

Appreciate your efforts.

    (1-13/13)