New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AuthenticationMiddleware was called already panic #10
Comments
# Conflicts: # actix-web-httpauth/src/middleware.rs
@dneuhaeuser-zalando Do you use a blocking operation in one of your handlers ? |
Yes and no. We don't use |
@dneuhaeuser-zalando can you provide us with a minimal reproduction program so we can trace the cause of the panic. To be clear, web::block is non-blocking; its purpose is to run blocking code asynchronously on a background thread pool. |
@robjtede re. web::blocking being non-blocking, that was my understanding ... but its use somehow lead to panics described in this issue. It would happen systematically if just 2 requests would arrive in //. I replaced the use of web::block by an |
It looks to be inherent in the contract between actix-extras/actix-web-httpauth/src/middleware.rs Lines 183 to 185 in 6b5215d
This doesn't seem to be true given the comments on This repo has code that reproduces the panic: https://github.com/boydjohnson/actix-example. I have a commit that uses the |
@boydjohnson Thx for further looking into this, I still have some intermittent errors in my project due to this issue. I will try out your proposed fix. |
I have had good luck with the debug-2 branch on github.com/boydjohnson/actix-extras for about a month without a panic and without a deadlock. I am going to make a PR with this branch today. @stiiifff did you try the debug-2 branch at github.com/boydjohnson/actix-extras? |
Here is the backtrace of the panic with debug symbols on. -- Edited this comment so as not to have a long back trace in the thread. |
@dneuhaeuser-zalando There is a PR active by @boydjohnson that should address your issue. Are you able to test that the PR solves your issue? |
As mentioned in the PR, it looks good on my end as well. |
We are observing that our actix-web application occasionally panics under a lot of contention with the message "AuthenticationMiddleware was called already". This seems to come from here https://github.com/actix/actix-web-httpauth/blob/v0.4.0/src/middleware.rs#L184
We have recently migrated to actix-web 2.0 and actix-web-httpauth 0.4. We haven't observed this before the migration.
As this doesn't happen for all requests, there seems to be some race condition either within actix-web or actix-web-httpauth that causes this.
We use bearer token authorization and within the validation function, to validate the token, we just perform an HTTP request with reqwest and depending on the result return Ok or Err.
The text was updated successfully, but these errors were encountered: