Handle bad or expired XSRF token
The XSRF token might be expired after too long with no activity. This should not happen because the nsxlib cluster uses keep alive messages. in case it does happen, the keep alive will detect this incident and renew the session. Change-Id: I6c9a7af01b5b18c2a7e46cc6bf8337b7205d161f
This commit is contained in:
parent
1c5ef33e13
commit
eb0c06fa81
|
@ -36,7 +36,9 @@ def http_error_to_exception(status_code, error_code):
|
|||
'default': exceptions.ResourceNotFound},
|
||||
requests.codes.PRECONDITION_FAILED: exceptions.StaleRevision,
|
||||
requests.codes.INTERNAL_SERVER_ERROR:
|
||||
{'99': exceptions.ClientCertificateNotTrusted}}
|
||||
{'99': exceptions.ClientCertificateNotTrusted},
|
||||
requests.codes.FORBIDDEN:
|
||||
{'98': exceptions.BadXSRFToken}}
|
||||
|
||||
if status_code in errors:
|
||||
if isinstance(errors[status_code], dict):
|
||||
|
|
|
@ -468,6 +468,12 @@ class ClusteredAPI(object):
|
|||
{'ep': endpoint})
|
||||
# regenerate connection pool based on new certificate
|
||||
endpoint.regenerate_pool()
|
||||
except exceptions.BadXSRFToken:
|
||||
LOG.warning("Failed to validate API cluster endpoint "
|
||||
"'%(ep)s' due to expired XSRF token",
|
||||
{'ep': endpoint})
|
||||
# regenerate connection pool based on token
|
||||
endpoint.regenerate_pool()
|
||||
except Exception as e:
|
||||
endpoint.set_state(EndpointState.DOWN)
|
||||
LOG.warning("Failed to validate API cluster endpoint "
|
||||
|
|
|
@ -101,6 +101,10 @@ class ClientCertificateNotTrusted(ManagerError):
|
|||
message = _("Certificate not trusted")
|
||||
|
||||
|
||||
class BadXSRFToken(ManagerError):
|
||||
message = _("Bad or expired XSRF token")
|
||||
|
||||
|
||||
class ServiceClusterUnavailable(ManagerError):
|
||||
message = _("Service cluster: '%(cluster_id)s' is unavailable. Please, "
|
||||
"check NSX setup and/or configuration")
|
||||
|
|
Loading…
Reference in New Issue