CODEWITHSUNDEEP
azureazure-blob-storage
Sleepyhead.
Sleepyhead.

Reputation: 71

After 24 hours all container and blob operations fail with Authorization error

Using azure-storage 8.4.0 java library I am accessing a container and listing/uploading blobs from/to it, but after 24 hours all operations start to fail with below exception...

NOTE: This all happens from a scheduled job.

Caused by: com.microsoft.azure.storage.StorageException: Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
    at com.microsoft.azure.storage.StorageException.translateException(StorageException.java:87)
    at com.microsoft.azure.storage.core.StorageRequest.materializeException(StorageRequest.java:305)
    at com.microsoft.azure.storage.core.ExecutionEngine.executeWithRetry(ExecutionEngine.java:196)
    at com.microsoft.azure.storage.core.LazySegmentedIterator.hasNext(LazySegmentedIterator.java:109)
    ... 14 common frames omitted

My Linux VM is in WestUS 2 where the storage account is in EastUS. We retrieve a token from https://storage.azure.com/. Anyone have any ideas why this exception would come exactly after 24 hours?

Upvotes: 0

Views: 273

Answers (2)

Hury Shen
Hury Shen

Reputation: 15744

You can check if there is a policy which limit the life time of the access token by below command in powershell:

Connect-AzureAD

Get-AzureADPolicy

After running the command, it will show the list of the policy. Find the policy name like OrganizationDefaultPolicyScenario, get it by its id:

Get-AzureADPolicy -Id {id} | fl

It will show the details of the policy, like below screenshot: enter image description here

And as far as I know, the maximum token life time is 1 day. So it may be not allowed for us to reuse the token indefinitely.

Upvotes: 1

Sleepyhead.
Sleepyhead.

Reputation: 71

I was not refreshing the client. I would create the client once and just try to reuse it indefinitely. I guess that is a no-no.

Upvotes: 0

Related Questions