This message is regarding the pingPongReactive app (docs, git).

Looks like this sample app which planned to proof the gRPC observer concept doesn’t fit for a real Ledger

Changes i’ve made:
In order to run it i had to add client support for SSL Context, AccessToken and use a Netty native client to provide maxInboundMessageSize.
I then “daml build” the ping-pong.yaml, uploaded the created DAR file to my Ledger and created manually two parties (Alice and Bob)

The error i encounter:
In the PingPongProcessor.runIndefinitely() the app queries the transactions first via the TransactionsClient of the DamlLedgerClient. Then, for each transaction, it produces Commands that will be sent to the Ledger via the CommandSubmissionClient of the DamlLedgerClient

The transaction fetch is failing with: io.reactivex.exceptions.OnErrorNotImplementedException: PERMISSION_DENIED: An error occurred. Please contact the operator and inquire about the request

I assume something is missing either on my Ledger Alice/Bob identities or on my Java client setup (client code below)

DamlLedgerClient client = DamlLedgerClient.newBuilder(NettyChannelBuilder.forAddress(host, port).maxInboundMessageSize(90000000)).withSslContext(GrpcSslContexts.forClient().build())

From the code you shared it looks like you are adding a token, but PERMISSION_DENIED points at the fact that the one you provide does not grant you the rights to issue the specific commands you want to issue. More details on the error can be found on the documentation about error codes. In practical terms, I believe this boils down to the fact that you must have a token which contains the actAs and readAs claims which allow you to perform actions for the parties that you are using in your workflow.

Thanks Stefan,
Where in the DAMLhub Ledger can i generate such advanced token that allows me to actAs and readAs?
Is it globally set to the Ledger account or is it bound to a specific identity (e.g Alice)?

Also, according to the doc you refered i can gain more info from the participant log. Where can i find it on the Ledger?

From what I understand Hub doesn’t support generic multi-party tokens. The example you are building upon is mostly meant for local consumption to give a sense of how to use the bindings. If you want to use it against Daml Hub you would need to restructure it so that the application itself doesn’t do the full round of ping ponging for both parties but does it for a single party. By having two running processes of this application, each authorized for a single party, you can run this.