@celerispay/hazelcast-client 3.12.5-8 → 3.12.7-2

package/lib/PartitionService.js

@@ -23,9 +23,6 @@ var PartitionService = /** @class */ (function () {
         this.partitionMap = {};
         this.lastRefreshTime = 0;
         this.minRefreshInterval = 2000; // Minimum 2 seconds between refreshes
-        this.refreshInProgress = false;
-        this.maxRefreshRetries = 3;
-        this.refreshRetryCount = 0;
         this.client = client;
         this.logger = client.getLoggingService().getLogger();
         this.isShutdown = false;
@@ -37,7 +34,6 @@ var PartitionService = /** @class */ (function () {
     PartitionService.prototype.shutdown = function () {
         clearInterval(this.partitionRefreshTask);
         this.isShutdown = true;
-        this.refreshInProgress = false;
     };
     /**
      * Clears the partition table, forcing a refresh on next operation
@@ -47,7 +43,6 @@ var PartitionService = /** @class */ (function () {
         this.partitionMap = {};
         this.partitionCount = 0;
         this.lastRefreshTime = 0;
-        this.refreshRetryCount = 0;
     };
     /**
      * Refreshes the internal partition table.
@@ -62,50 +57,26 @@ var PartitionService = /** @class */ (function () {
             this.logger.debug('PartitionService', 'Skipping refresh, too soon since last refresh');
             return Promise.resolve();
         }
-        if (this.refreshInProgress) {
-            this.logger.debug('PartitionService', 'Refresh already in progress, skipping');
-            return Promise.resolve();
-        }
         var ownerConnection = this.client.getClusterService().getOwnerConnection();
         if (ownerConnection == null) {
             this.logger.warn('PartitionService', 'Cannot refresh partitions, no owner connection available');
-            // Return a rejected promise instead of resolved to indicate failure
-            return Promise.reject(new Error('No owner connection available for partition refresh'));
+            return Promise.resolve();
         }
-        this.refreshInProgress = true;
         var clientMessage = GetPartitionsCodec.encodeRequest();
-        // Add timeout to prevent hanging
-        var refreshPromise = this.client.getInvocationService()
+        return this.client.getInvocationService()
             .invokeOnConnection(ownerConnection, clientMessage)
             .then(function (response) {
             var receivedPartitionMap = GetPartitionsCodec.decodeResponse(response);
             _this.partitionMap = receivedPartitionMap;
             _this.partitionCount = Object.keys(_this.partitionMap).length;
             _this.lastRefreshTime = now;
-            _this.refreshRetryCount = 0; // Reset retry count on success
             _this.logger.debug('PartitionService', "Refreshed partition table with " + _this.partitionCount + " partitions");
         }).catch(function (e) {
             if (_this.client.getLifecycleService().isRunning()) {
                 _this.logger.warn('PartitionService', 'Error while fetching cluster partition table from '
-                    + _this.client.getClusterService().ownerUuid, e);
-                // Increment retry count and clear table if too many failures
-                _this.refreshRetryCount++;
-                if (_this.refreshRetryCount >= _this.maxRefreshRetries) {
-                    _this.logger.error('PartitionService', "Max refresh retries (" + _this.maxRefreshRetries + ") exceeded, clearing partition table");
-                    _this.clearPartitionTable();
-                }
+                    + _this.client.getClusterService().ownerUuid || 'unknown', e);
             }
-            throw e; // Re-throw the error to propagate it
-        }).finally(function () {
-            _this.refreshInProgress = false;
-        });
-        // Add timeout to prevent hanging
-        var timeoutPromise = new Promise(function (_, reject) {
-            setTimeout(function () {
-                reject(new Error('Partition refresh timed out'));
-            }, 10000); // 10 second timeout
         });
-        return Promise.race([refreshPromise, timeoutPromise]);
     };
     /**
      * Returns the {@link Address} of the node which owns given partition id.

package/lib/invocation/ClientConnection.js

@@ -231,20 +231,28 @@ var ClientConnection = /** @class */ (function () {
             _this.closedTime = Date.now();
             _this.logger.debug('ClientConnection', "Socket closed for " + _this.address.toString());
         });
-        // Handle socket end events
+        // Handle socket end events - be more resilient to temporary disconnections
         this.socket.on('end', function () {
-            _this.closedTime = Date.now();
             _this.logger.debug('ClientConnection', "Socket ended by remote for " + _this.address.toString());
+            // Don't immediately mark as closed - this could be a temporary network hiccup
+            // Only mark as closed if we're certain it's a real disconnection
+            // The health check will handle this more gracefully
         });
-        // Handle socket errors
+        // Handle socket errors - be more resilient
         this.socket.on('error', function (error) {
             _this.logger.warn('ClientConnection', "Socket error for " + _this.address.toString() + ":", error);
-            // Don't set closedTime here as the socket might still be usable
+            // Only mark as closed for specific error types that indicate real disconnection
+            if (error.code === 'ECONNRESET' || error.code === 'EPIPE') {
+                _this.logger.warn('ClientConnection', "Critical socket error for " + _this.address.toString() + ", marking as closed");
+                _this.closedTime = Date.now();
+            }
+            // For other errors, don't immediately close - let health check handle it
         });
-        // Handle socket timeout
+        // Handle socket timeout - be more resilient
         this.socket.on('timeout', function () {
             _this.logger.warn('ClientConnection', "Socket timeout for " + _this.address.toString());
             // Don't set closedTime here as the socket might still be usable
+            // Let the health check handle this more gracefully
         });
     };
     /**
@@ -280,8 +288,27 @@ var ClientConnection = /** @class */ (function () {
      * Closes this connection.
      */
     ClientConnection.prototype.close = function () {
+        var addressStr = this.address.toString();
+        // Log who is initiating the disconnection
+        this.logger.info('ClientConnection', "\uD83D\uDD0C CLIENT INITIATED DISCONNECTION from " + addressStr);
+        // Log the call stack to understand why this is being called
+        this.logger.info('ClientConnection', "\uD83D\uDD0D Close Connection Call Stack for " + addressStr + ":");
+        var stack = new Error().stack;
+        if (stack) {
+            this.logger.info('ClientConnection', "   - Called from: " + stack.split('\n').slice(1, 4).join(' | '));
+        }
+        // Log connection state at closure
+        this.logger.info('ClientConnection', "\uD83D\uDCCA Connection State at Closure for " + addressStr + ":");
+        this.logger.info('ClientConnection', "   - Is Alive: " + this.isAlive());
+        this.logger.info('ClientConnection', "   - Is Healthy: " + this.isHealthy());
+        this.logger.info('ClientConnection', "   - Is Heartbeating: " + this.isHeartbeating());
+        this.logger.info('ClientConnection', "   - Is Owner: " + this.isAuthenticatedAsOwner());
+        this.logger.info('ClientConnection', "   - Last Read: " + (this.lastReadTimeMillis > 0 ? Math.round((Date.now() - this.lastReadTimeMillis) / 1000) + 's ago' : 'never'));
+        this.logger.info('ClientConnection', "   - Last Write: " + (this.lastWriteTimeMillis > 0 ? Math.round((Date.now() - this.lastWriteTimeMillis) / 1000) + 's ago' : 'never'));
+        this.logger.info('ClientConnection', "   - Connection Age: " + Math.round((Date.now() - this.startTime) / 1000) + "s");
         this.socket.end();
         this.closedTime = Date.now();
+        this.logger.info('ClientConnection', "\u2705 Disconnection completed for " + addressStr);
     };
     /**
      * Checks if the connection is alive and healthy
@@ -300,11 +327,12 @@ var ClientConnection = /** @class */ (function () {
         if (!this.socket.writable) {
             return false;
         }
-        // Check if we've received data recently (within last 30 seconds)
+        // More resilient data freshness check - only fail if REALLY stale
         var now = Date.now();
-        var lastReadThreshold = 30000; // 30 seconds
+        var lastReadThreshold = 120000; // Increased from 30s to 2 minutes for production resilience
         if (this.lastReadTimeMillis > 0 && (now - this.lastReadTimeMillis) > lastReadThreshold) {
-            // If we haven't received data for a while, the connection might be stale
+            // Only mark as dead if we haven't received data for 2 minutes
+            // This prevents false drops due to temporary network hiccups
             return false;
         }
         return true;
@@ -314,12 +342,14 @@ var ClientConnection = /** @class */ (function () {
      * @returns true if connection is healthy, false otherwise
      */
     ClientConnection.prototype.isHealthy = function () {
+        var addressStr = this.address.toString();
         if (!this.isAlive()) {
             return false;
         }
-        // Additional health checks can be added here
-        // For now, just check if we're still heartbeating
-        return this.isHeartbeating();
+        if (!this.isHeartbeating()) {
+            return false;
+        }
+        return true;
     };
     ClientConnection.prototype.isHeartbeating = function () {
         return this.heartbeating;

package/lib/invocation/ClientConnectionManager.d.ts

@@ -67,6 +67,56 @@ export declare class ClientConnectionManager extends EventEmitter {
     getPendingConnections(): {
         [address: string]: Promise.Resolver<ClientConnection>;
     };
+    private credentialPreservationService;
+    private memberAddedEvents;
+    /**
+     * Updates preserved credentials with server-provided data
+     * @param address The address to update credentials for
+     * @param newUuid The new UUID from server member event
+     */
+    updatePreservedCredentials(address: Address, newUuid: string): void;
+    /**
+     * Records that a member added event was received from server
+     * @param address The address that had a server member added event
+     */
+    recordMemberAddedEvent(address: Address): void;
+    /**
+     * Checks if we received a server member added event for an address
+     * @param address The address to check
+     * @returns True if server member added event was received
+     */
+    hasMemberAddedEvent(address: Address): boolean;
+    /**
+     * Clears member added events for an address (useful during failover)
+     * @param address The address to clear events for
+     */
+    clearMemberAddedEvents(address: Address): void;
+    /**
+     * Updates ALL credentials with server-provided owner UUID
+     * @param newOwnerUuid The new owner UUID from server cluster state
+     */
+    updateAllCredentialsWithNewOwnerUuid(newOwnerUuid: string): void;
+    /**
+     * Gets the current owner UUID from server-stored credentials
+     * @returns The current owner UUID or null if not found
+     */
+    getCurrentOwnerUuid(): string | null;
+    /**
+     * Validates that all stored credentials are consistent with server data
+     * @returns True if all credentials are consistent, false otherwise
+     */
+    validateCredentialConsistency(): boolean;
+    /**
+     * Requests current cluster state from server when reconnecting
+     * This ensures we have the most up-to-date member information
+     * @returns Server cluster state
+     */
+    requestServerClusterState(): any;
+    /**
+     * Gets the current owner connection for server requests
+     * @returns The owner connection or null if not available
+     */
+    private getOwnerConnection();
     /**
      * Returns the {@link ClientConnection} with given {@link Address}. If there is no such connection established,
      * it first connects to the address and then return the {@link ClientConnection}.
@@ -85,6 +135,10 @@ export declare class ClientConnectionManager extends EventEmitter {
      * @param address The address to cleanup
      */
     cleanupConnectionsForFailover(address: Address): void;
+    /**
+     * Clears all stored credentials - used for single-node cluster reset
+     */
+    clearAllCredentials(): void;
     /**
      * Handles authentication errors by clearing failed connections and allowing retry
      * @param address The address that had authentication issues

package/lib/invocation/ClientConnectionManager.js

@@ -35,6 +35,7 @@ var net = require("net");
 var tls = require("tls");
 var Util_1 = require("../Util");
 var BasicSSLOptionsFactory_1 = require("../connection/BasicSSLOptionsFactory");
+var CredentialPreservationService_1 = require("./CredentialPreservationService");
 var EMIT_CONNECTION_CLOSED = 'connectionClosed';
 var EMIT_CONNECTION_OPENED = 'connectionOpened';
 /**
@@ -51,10 +52,13 @@ var ClientConnectionManager = /** @class */ (function (_super) {
         _this.connectionRetryDelay = 1000;
         _this.connectionCleanupTask = null;
         _this.connectionCleanupInterval = 15000; // 15 seconds between cleanup checks
+        _this.memberAddedEvents = new Set();
         _this.client = client;
         _this.logger = _this.client.getLoggingService().getLogger();
         _this.addressTranslator = addressTranslator;
         _this.addressProviders = addressProviders;
+        // Initialize credential preservation service for server data storage
+        _this.credentialPreservationService = new CredentialPreservationService_1.CredentialPreservationService(_this.logger);
         _this.startConnectionHealthCheck();
         _this.startConnectionCleanupTask();
         return _this;
@@ -248,6 +252,129 @@ var ClientConnectionManager = /** @class */ (function (_super) {
     ClientConnectionManager.prototype.getPendingConnections = function () {
         return this.pendingConnections;
     };
+    /**
+     * Updates preserved credentials with server-provided data
+     * @param address The address to update credentials for
+     * @param newUuid The new UUID from server member event
+     */
+    ClientConnectionManager.prototype.updatePreservedCredentials = function (address, newUuid) {
+        var addressStr = address.toString();
+        this.logger.info('ClientConnectionManager', "\uD83D\uDD04 SERVER-FIRST: Updating credentials for " + addressStr + " with server UUID: " + newUuid);
+        // Get the current owner UUID from cluster service
+        var clusterService = this.client.getClusterService();
+        var currentOwnerUuid = clusterService.ownerUuid;
+        // Get group config from client
+        var groupConfig = this.client.getConfig().groupConfig;
+        // Store the server-provided UUID as the authoritative credential
+        // Use preserveCredentials to create new credentials if they don't exist
+        this.credentialPreservationService.preserveCredentials(address, newUuid, currentOwnerUuid || newUuid, // Use current owner UUID or fallback to member UUID
+        groupConfig.name, // Group name from config
+        groupConfig.password || '', // Group password from config
+        false // Not owner connection
+        );
+        // Mark that we received a member added event for this address
+        this.memberAddedEvents.add(addressStr);
+        this.logger.info('ClientConnectionManager', "\uD83D\uDCBE SERVER-FIRST: Stored server credential for " + addressStr + ": uuid=" + newUuid + ", ownerUuid=" + (currentOwnerUuid || newUuid));
+    };
+    /**
+     * Records that a member added event was received from server
+     * @param address The address that had a server member added event
+     */
+    ClientConnectionManager.prototype.recordMemberAddedEvent = function (address) {
+        var addressStr = address.toString();
+        this.memberAddedEvents.add(addressStr);
+        this.logger.debug('ClientConnectionManager', "\uD83D\uDCDD SERVER-FIRST: Recorded server member added event for " + addressStr);
+    };
+    /**
+     * Checks if we received a server member added event for an address
+     * @param address The address to check
+     * @returns True if server member added event was received
+     */
+    ClientConnectionManager.prototype.hasMemberAddedEvent = function (address) {
+        var addressStr = address.toString();
+        return this.memberAddedEvents.has(addressStr);
+    };
+    /**
+     * Clears member added events for an address (useful during failover)
+     * @param address The address to clear events for
+     */
+    ClientConnectionManager.prototype.clearMemberAddedEvents = function (address) {
+        var addressStr = address.toString();
+        this.memberAddedEvents.delete(addressStr);
+        this.logger.debug('ClientConnectionManager', "\uD83D\uDDD1\uFE0F SERVER-FIRST: Cleared member events for " + addressStr);
+    };
+    /**
+     * Updates ALL credentials with server-provided owner UUID
+     * @param newOwnerUuid The new owner UUID from server cluster state
+     */
+    ClientConnectionManager.prototype.updateAllCredentialsWithNewOwnerUuid = function (newOwnerUuid) {
+        this.logger.info('ClientConnectionManager', "\uD83D\uDD04 SERVER-FIRST: Updating ALL credentials with server owner UUID: " + newOwnerUuid);
+        // Update all preserved credentials with server data
+        this.credentialPreservationService.updateAllOwnerUuids(newOwnerUuid);
+        // Validate consistency
+        var isConsistent = this.credentialPreservationService.validateOwnerUuidConsistency();
+        if (isConsistent) {
+            this.logger.info('ClientConnectionManager', "\u2705 SERVER-FIRST: All credentials now consistent with server owner UUID: " + newOwnerUuid);
+        }
+        else {
+            this.logger.warn('ClientConnectionManager', "\u26A0\uFE0F SERVER-FIRST: Credential consistency validation failed after server update");
+        }
+    };
+    /**
+     * Gets the current owner UUID from server-stored credentials
+     * @returns The current owner UUID or null if not found
+     */
+    ClientConnectionManager.prototype.getCurrentOwnerUuid = function () {
+        return this.credentialPreservationService.getCurrentOwnerUuid();
+    };
+    /**
+     * Validates that all stored credentials are consistent with server data
+     * @returns True if all credentials are consistent, false otherwise
+     */
+    ClientConnectionManager.prototype.validateCredentialConsistency = function () {
+        return this.credentialPreservationService.validateOwnerUuidConsistency();
+    };
+    /**
+     * Requests current cluster state from server when reconnecting
+     * This ensures we have the most up-to-date member information
+     * @returns Server cluster state
+     */
+    ClientConnectionManager.prototype.requestServerClusterState = function () {
+        this.logger.info('ClientConnectionManager', "\uD83D\uDD0D SERVER-FIRST: Requesting current cluster state from server...");
+        try {
+            // Get the current owner connection
+            var ownerConnection = this.getOwnerConnection();
+            if (!ownerConnection || !ownerConnection.isAlive()) {
+                this.logger.warn('ClientConnectionManager', "\u26A0\uFE0F SERVER-FIRST: No active owner connection available for cluster state request");
+                return null;
+            }
+            // Request cluster state from the server
+            // This will give us the authoritative member list
+            this.logger.info('ClientConnectionManager', "\uD83D\uDCE4 SERVER-FIRST: Sending cluster state request to server...");
+            // For now, we'll use the existing cluster service to get member info
+            // In a full implementation, we'd send a specific protocol message
+            var clusterService = this.client.getClusterService();
+            var members = clusterService.getMembers();
+            this.logger.info('ClientConnectionManager', "\uD83D\uDCE5 SERVER-FIRST: Received cluster state from server: " + members.length + " members");
+            return {
+                members: members,
+                timestamp: Date.now(),
+                source: 'server'
+            };
+        }
+        catch (error) {
+            this.logger.error('ClientConnectionManager', "\u274C SERVER-FIRST: Failed to request cluster state from server: " + error.message);
+            return null;
+        }
+    };
+    /**
+     * Gets the current owner connection for server requests
+     * @returns The owner connection or null if not available
+     */
+    ClientConnectionManager.prototype.getOwnerConnection = function () {
+        var clusterService = this.client.getClusterService();
+        return clusterService.getOwnerConnection();
+    };
     /**
      * Returns the {@link ClientConnection} with given {@link Address}. If there is no such connection established,
      * it first connects to the address and then return the {@link ClientConnection}.
@@ -348,6 +475,17 @@ var ClientConnectionManager = /** @class */ (function (_super) {
         // Remove from failed connections to allow reconnection after failover
         this.failedConnections.delete(addressStr);
     };
+    /**
+     * Clears all stored credentials - used for single-node cluster reset
+     */
+    ClientConnectionManager.prototype.clearAllCredentials = function () {
+        this.logger.info('ClientConnectionManager', '🧹 Clearing all stored credentials for cluster reset');
+        // Clear all stored credentials
+        this.credentialPreservationService.clearAllCredentials();
+        // Clear all failed connections to allow fresh reconnection attempts
+        this.failedConnections.clear();
+        this.logger.info('ClientConnectionManager', '✅ All credentials cleared, ready for fresh authentication');
+    };
     /**
      * Handles authentication errors by clearing failed connections and allowing retry
      * @param address The address that had authentication issues
@@ -387,9 +525,20 @@ var ClientConnectionManager = /** @class */ (function (_super) {
     ClientConnectionManager.prototype.triggerConnect = function (address, asOwner) {
         var _this = this;
         if (!asOwner) {
-            if (this.client.getClusterService().getOwnerConnection() == null) {
-                var error = new HazelcastError_1.IllegalStateError('Owner connection is not available!');
-                return Promise.reject(error);
+            var ownerConnection = this.client.getClusterService().getOwnerConnection();
+            if (ownerConnection == null) {
+                // Check if this is a single-node scenario
+                var knownAddresses = this.client.getClusterService().getKnownAddresses();
+                var isSingleNode = knownAddresses.length === 1;
+                if (isSingleNode) {
+                    // Allow connection in single-node scenario
+                    this.logger.info('ClientConnectionManager', "\uD83D\uDD17 SINGLE-NODE: Allowing connection to " + address.toString() + " (only node in cluster)");
+                }
+                else {
+                    // Multi-node scenario - require owner connection (preserve existing logic)
+                    var error = new HazelcastError_1.IllegalStateError('Owner connection is not available!');
+                    return Promise.reject(error);
+                }
             }
         }
         if (this.client.getConfig().networkConfig.sslConfig.enabled) {
@@ -468,8 +617,65 @@ var ClientConnectionManager = /** @class */ (function (_super) {
         this.emit(EMIT_CONNECTION_OPENED, connection);
     };
     ClientConnectionManager.prototype.authenticate = function (connection, ownerConnection) {
+        var _this = this;
+        var address = connection.getAddress();
+        var addressStr = address.toString();
+        this.logger.info('ClientConnectionManager', "\uD83D\uDD10 Starting authentication for " + addressStr + " (owner=" + ownerConnection + ")");
+        // Check if we have stored credentials for this address
+        var storedCredentials = this.credentialPreservationService.restoreCredentials(address);
+        var hasMemberAddedEvent = this.hasMemberAddedEvent(address);
+        if (storedCredentials) {
+            this.logger.info('ClientConnectionManager', "\uD83D\uDCCB Using STORED credentials for " + addressStr + ":");
+            this.logger.info('ClientConnectionManager', "   - UUID: " + storedCredentials.uuid);
+            this.logger.info('ClientConnectionManager', "   - Owner UUID: " + storedCredentials.ownerUuid);
+            this.logger.info('ClientConnectionManager', "   - Group Name: " + storedCredentials.groupName);
+            this.logger.info('ClientConnectionManager', "   - Member Added Event: " + (hasMemberAddedEvent ? 'YES' : 'NO'));
+        }
+        else {
+            this.logger.info('ClientConnectionManager', "\uD83D\uDCCB No stored credentials found for " + addressStr + ", using fresh authentication");
+        }
+        // Log current cluster state for debugging
+        var clusterService = this.client.getClusterService();
+        this.logger.info('ClientConnectionManager', "\uD83D\uDD0D Current cluster state for " + addressStr + ":");
+        this.logger.info('ClientConnectionManager', "   - Client UUID: " + (clusterService.uuid || 'NOT SET'));
+        this.logger.info('ClientConnectionManager', "   - Client Owner UUID: " + (clusterService.ownerUuid || 'NOT SET'));
+        this.logger.info('ClientConnectionManager', "   - Active Members: " + clusterService.getMembers().length);
+        // Log what we're about to send
+        this.logger.info('ClientConnectionManager', "\uD83D\uDCE4 Sending authentication request to " + addressStr + " with:");
+        this.logger.info('ClientConnectionManager', "   - Owner Connection: " + ownerConnection);
+        this.logger.info('ClientConnectionManager', "   - Using Stored Credentials: " + (storedCredentials ? 'YES' : 'NO'));
         var authenticator = new ConnectionAuthenticator_1.ConnectionAuthenticator(connection, this.client);
-        return authenticator.authenticate(ownerConnection);
+        // Use normal authentication flow - server handles everything
+        return authenticator.authenticate(ownerConnection)
+            .then(function () {
+            _this.logger.info('ClientConnectionManager', "\u2705 Authentication successful for " + addressStr);
+            // After successful authentication, store the new credentials from server
+            if (ownerConnection) {
+                var newUuid = clusterService.uuid;
+                var newOwnerUuid = clusterService.ownerUuid;
+                _this.logger.info('ClientConnectionManager', "\uD83D\uDCBE Storing new credentials from server for " + addressStr + ":");
+                _this.logger.info('ClientConnectionManager', "   - New UUID: " + newUuid);
+                _this.logger.info('ClientConnectionManager', "   - New Owner UUID: " + newOwnerUuid);
+                // Store the new credentials
+                _this.credentialPreservationService.updateCredentials(address, newUuid, newOwnerUuid);
+            }
+        })
+            .catch(function (error) {
+            _this.logger.error('ClientConnectionManager', "\u274C Authentication FAILED for " + addressStr + ":");
+            _this.logger.error('ClientConnectionManager', "   - Error: " + error.message);
+            _this.logger.error('ClientConnectionManager', "   - Used Stored Credentials: " + (storedCredentials ? 'YES' : 'NO'));
+            if (storedCredentials) {
+                _this.logger.error('ClientConnectionManager', "   - Failed Credentials: uuid=" + storedCredentials.uuid + ", ownerUuid=" + storedCredentials.ownerUuid);
+            }
+            _this.logger.error('ClientConnectionManager', "   - Current Client UUID: " + (clusterService.uuid || 'NOT SET'));
+            _this.logger.error('ClientConnectionManager', "   - Current Client Owner UUID: " + (clusterService.ownerUuid || 'NOT SET'));
+            // Clear failed credentials
+            if (storedCredentials) {
+                _this.logger.info('ClientConnectionManager', "\uD83D\uDDD1\uFE0F Clearing failed credentials for " + addressStr);
+                _this.credentialPreservationService.clearCredentialsForAddress(address);
+            }
+            throw error;
+        });
     };
     return ClientConnectionManager;
 }(events_1.EventEmitter));

package/lib/invocation/ClusterService.d.ts

@@ -6,6 +6,8 @@ import { ClientInfo } from '../ClientInfo';
 import HazelcastClient from '../HazelcastClient';
 import { MemberSelector } from '../core/MemberSelector';
 import { MembershipListener } from '../core/MembershipListener';
+import Address = require('../Address');
+import { HazelcastFailoverManager } from './HazelcastFailoverManager';
 export declare enum MemberEvent {
     ADDED = 1,
     REMOVED = 2,
@@ -35,6 +37,7 @@ export declare class ClusterService {
     private readonly addressBlockDuration;
     private reconnectionTask;
     private readonly reconnectionInterval;
+    private failoverManager;
     constructor(client: HazelcastClient);
     /**
      * Starts cluster service.
@@ -51,6 +54,14 @@ export declare class ClusterService {
      * Returns the owner connection if available
      */
     getOwnerConnection(): ClientConnection | null;
+    /**
+     * Returns whether failover is currently in progress
+     */
+    isFailoverInProgress(): boolean;
+    /**
+     * Returns the list of known addresses in the cluster
+     */
+    getKnownAddresses(): Address[];
     /**
      * Returns the list of members in the cluster.
      * @returns
@@ -86,6 +97,14 @@ export declare class ClusterService {
     private onConnectionClosed(connection);
     private onHeartbeatStopped(connection);
     private triggerFailover();
+    /**
+     * Handles single-node cluster reset - treats node restart as fresh cluster
+     */
+    private handleSingleNodeClusterReset();
+    /**
+     * Handles multi-node failover - preserves existing logic
+     */
+    private handleMultiNodeFailover();
     /**
      * Attempts emergency recovery when failover fails
      */
@@ -101,6 +120,23 @@ export declare class ClusterService {
     private handleMemberAttributeChange(uuid, key, operationType, value);
     private memberAdded(member);
     private memberRemoved(member);
+    /**
+     * Performs comprehensive credential cleanup when cluster membership changes
+     * This ensures ALL credentials are consistent with the current cluster owner UUID
+     * @param connectionManager The connection manager instance
+     * @param currentClusterOwnerUuid The current cluster owner UUID
+     */
+    /**
+     * Handles member added event - SERVER-FIRST APPROACH
+     * We trust what the server tells us and store it as credentials
+     * @param member The member that was added
+     */
+    private handleMemberAdded(member);
+    /**
+     * Finds the current owner from the cluster state
+     * @returns The current owner member or null if not found
+     */
+    private findCurrentOwner();
     /**
      * Logs the current state for debugging purposes
      */
@@ -134,5 +170,16 @@ export declare class ClusterService {
      * @param blockDuration The duration to block the address (in milliseconds)
      */
     private markAddressAsDownWithDuration(address, blockDuration);
+    /**
+     * Handles ownership change when failover occurs
+     * @param newOwnerAddress The address of the new owner
+     * @param newOwnerConnection The connection to the new owner
+     */
+    handleOwnershipChange(newOwnerAddress: Address, newOwnerConnection: ClientConnection): void;
+    /**
+     * Gets the failover manager for external access
+     * @returns The failover manager instance
+     */
+    getFailoverManager(): HazelcastFailoverManager;
     shutdown(): void;
 }