kingmouse-yx opened a new issue #6564:
URL: https://github.com/apache/apisix/issues/6564
### Issue description
When I authenticated with jwt-auth, I found that there will be problems when
using the same token to make multiple requests at the same time.
My jwt-auth configuration is as follows:
```json
{
"username": "consumer_test",
"plugins": {
"jwt-auth": {
"base64_secret": true,
"disable": false,
"exp": 86400,
"key": "consumer_test_key"
}
}
}
```
My routing configuration is as follows:
```json
{
"uri": "/get04",
"name": "测试jwt",
"methods": [
"GET",
"POST",
"PUT",
"DELETE",
"PATCH",
"HEAD",
"OPTIONS",
"CONNECT",
"TRACE"
],
"plugins": {
"jwt-auth": {
"disable": false
},
"proxy-rewrite": {
"uri": "/get"
}
},
"upstream_id": "396931816625275591",
"status": 1
}
```
After I asked http://127.0.0.1:9080/apisix/plugin/jwt/sign?key=consumer_test
and got a token, I did concurrency testing by using jmter. I set up two
concurrent, which lasted 10 seconds.However I found that most of the requests
were in failure status. The result of the response is 401. Then I checked the
log and found a lot of information about authentication failure.
```text
run_plugin(): jwt-auth exits with http status code 401
```
But it's normal when I click manually through postman.
### Environment
- apisix version (cmd: `apisix version`): `2.9`
- OS (cmd: `uname -a`): `Darwin kingmouse.lan 21.3.0 Darwin Kernel Version
21.3.0: Wed Jan 5 21:37:58 PST 2022;
root:xnu-8019.80.24~20/RELEASE_ARM64_T8101 arm64`
- OpenResty / Nginx version (cmd: `nginx -V` or `openresty -V`):
`openresty/1.19.3.1`
- etcd version, if have (cmd: run `curl
http://127.0.0.1:9090/v1/server_info` to get the info from server-info API):
`3.4.0`
- apisix-dashboard version, if have: ` 2.10.1`
- the plugin runner version, if the issue is about a plugin runner (cmd:
depended on the kind of runner):
- luarocks version, if the issue is about installation (cmd: `luarocks
--version`):
### Steps to reproduce
1.add upstream
2.add consumer
3.add route, enable jwt-auth plugin
4.use jmeter test
### Actual result
There will be problems when using the same token to make multiple requests
at the same time.
### Error log
```log
2022/03/09 13:43:14 [warn] 42#42: *53410 [lua] plugin.lua:658: run_plugin():
jwt-auth exits with http status code 401, client: 172.18.0.1, server: _,
request: "POST /get04 HTTP/1.1", host: "192.168.18.215:9080"
```
### Expected result
The same token can initiate multiple requests at the same time
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
