Stored persistent ID and migration to 3.2

Chris Phillips Chris.Phillips at
Mon Dec 7 17:07:35 EST 2015

I have this same warning in my logs as well and can't seem to eliminate it
and am looking for recommendations on how to resolve the warning

My platform & version info:
CentOS7, using Mysql 5.6.27 with mysql driver 5.1.35.
2015-12-07 15:17:25,833 - INFO
[net.shibboleth.idp.log.LogbackLoggingService:240] - Shibboleth IdP
Version 3.2.0
2015-12-07 15:17:25,843 - INFO
[net.shibboleth.idp.log.LogbackLoggingService:241] - Java
version='1.8.0_25' vendor='Oracle Corporation'
Commons jars:

What I've done:
Installed Shib3.2.0 and have implemented all the recommendations items

The schema is a cut and paste and has the primary key requirement.

In I set =

And have the this in my saml-nameid.xml
<!-- A DataSource bean suitable for use in the idp.persistentId.dataSource
property. -->
<bean id="MyDataSource" class="org.apache.commons.dbcp2.BasicDataSource"
    p:validationQuery="select 1"
    p:validationQueryTimeout="5" />
<!-- A "store" bean suitable for use in the
property. -->
<bean id="MyPersistentIdStore" parent="shibboleth.JDBCPersistentIdStore"
    p:retryableErrors="#{{'23000'}}" />


And still see the error.

My shibpid table as I do this is either empty or has one row.

I've watched the mysql general_logs table to see what's flowing and it's
not clear how the 23000 error determination is happening.
I see the dummy insertion and deletion at the end.
I've taken the same insert and then ran it via command line mysql and see
the expected duplicate error with a double insertion.

It's like retryableErrors is not being trapped/observed and would like a
recommendation on how to chase this down further.

Thoughts and recommendations welcome.


On 2015-11-24, 8:23 AM, "users on behalf of Simon Lundström"
<users-bounces at on behalf of simlu at> wrote:

>As always Scott, thank you for your response and incredible patience!
>- Simon
>On Mon, 2015-11-23 at 14:54:20 +0000, Cantor, Scott wrote:
>> On 11/23/15, 5:38 AM, "users on behalf of Simon Lundström"
>><users-bounces at on behalf of simlu at> wrote:
>> >On Fri, 2015-11-20 at 15:04:58 +0000, Cantor, Scott wrote:
>> >> On 11/20/15, 9:50 AM, "users on behalf of Simon Lundström"
>><users-bounces at on behalf of simlu at> wrote:
>> >> >Is that something you need to fix or for us deployers to configure?
>> >> 
>> >> You,
>> >
>> >Where should this be configured?
>> Sorry, I neglected to provide a reference to it in the docs. See the
>>example box labeled "Example persistent ID store beans in
>>saml-nameid.xml" in the updated PersistentNameIDGenerationConfiguration
>> It's a collection property of the JDBCPersistentIdStoreEx class you
>>wire up from the shibboleth.JDBCPersistentIdStore parent bean.
>> I'll add it to the example and adjust the docs since that's going to be
>>a common need for a bit. It's better to have control of that bean anyway
>>since you can adjust timeouts with it.
>> >>but we can collect up the codes we need to retry on and just add them
>>to future versions too.
>> >
>> >Need an Jira for it?
>> I checked in this code already.
>> -- Scott
>> -- 
>> To unsubscribe from this list send an email to
>>users-unsubscribe at
>To unsubscribe from this list send an email to
>users-unsubscribe at

More information about the users mailing list