Session Not Found and Permission Error Despite Using KeepAlive in ImmuDB

[39george]

I’m experiencing an issue with session handling in my application using immudb. I’m encountering the following error:

2025-10-21T17:57:30.513482807+03:00 ERROR mpc::domain::session::state: failed to complete session: store group failed: protocol: status: 'The caller does not have permission to execute the specified operation', self: "session not found", metadata: {"content-type": "application/grpc", "immudb-uuid": "d3rpmbve0ms000eh64ug"}

This error seems to suggest that the session was not found, but I have configured my immudb server with keepalive and max-session-inactivity-time to avoid timeouts. The issue only occurs intermittently, and I can successfully execute operations in integration tests when the session is freshly created, but I get the error when reusing the session after some time.

ImmuDB Configuration:

Here is my immudb configuration:

dir = "./data"
network = "tcp"
address = "0.0.0.0"
port = 3322
dbname = "immudb"
auth = true
max-session-inactivity-time = 60  # Session expires after 60 minutes of inactivity
token-expiry-time = 1440 # Token expiration time in minutes
pg-ssl-server = true

In addition, max-session-age-time is set to infinity as docs says, meaning that sessions should not expire based on age.

ImmuDB Client Builder Code:

I am using the following client builder to connect to the immudb server immudb-rs:

#[tracing::instrument]
pub async fn new(config: &crate::config::ImmuDB) -> anyhow::Result<Self> {
    let immudb = ImmuDB::builder()
        .username(&config.username)
        .password(config.password.expose_secret())
        .database(&config.database)
        .connect(&config.url)
        .await?;

    let storage = Storage { immudb };
    storage.run_migrations().await?;

    Ok(storage)
}

This method uses the ImmuDB::builder() to establish a connection with keep-alive enabled by default. The connection setup includes the following Channel settings:

let endpoint = Channel::builder(uri)
    .connect_timeout(opts.connect_timeout)
    .keep_alive_while_idle(opts.keepalive_while_idle)
    .tcp_keepalive(if opts.keepalive_while_idle {
        Some(Duration::from_secs(30))
    } else {
        None
    });

Interceptor Code:

I use a SessionInterceptor to include the session ID in the metadata for each request:

impl Interceptor for SessionInterceptor {
    fn call(&mut self, mut req: tonic::Request<()>) -> tonic::Result<tonic::Request<()>> {
        req.metadata_mut().insert("sessionid", self.session_id.clone());
        Ok(req)
    }
}

Issue:

Even though I have set keepalive_while_idle = true in the ConnectOptions, I am getting the following error after some time when attempting to store group data:

failed to complete session: store group failed: protocol: status: 'The caller does not have permission to execute the specified operation', self: "session not found"

The issue occurs intermittently, typically after the session has been idle for some time. When I run the integration tests, everything works as expected without any errors. However, when I attempt to reuse the session in the application, I receive the error indicating that the session could not be found, and the permission to execute the operation is denied.

Questions:

1. Why am I receiving the "session not found" error even though the session is supposed to be kept alive by the keepalive_while_idle setting?
2. Is there a specific configuration I need to adjust in immudb to ensure that sessions are properly maintained over longer periods of time without experiencing the "session not found" error?
3. Is there a potential issue with the max-session-inactivity-time or any other session-related settings in immudb that might cause the session to expire despite the keepalive configuration?
4. What additional debugging steps can I take to understand why the session is being invalidated or expired prematurely?

Any help would be greatly appreciated!

Additional Information:

• ImmuDB version: codenotary/immudb:1.9

Thank you in advance for your time and support!