Stored persistent ID and migration to 3.2
Chris Phillips
Chris.Phillips at canarie.ca
Mon Dec 7 17:07:35 EST 2015
I have this same warning in my logs as well and can't seem to eliminate it
and am looking for recommendations on how to resolve the warning
My platform & version info:
CentOS7, using Mysql 5.6.27 with mysql driver 5.1.35.
2015-12-07 15:17:25,833 - INFO
[net.shibboleth.idp.log.LogbackLoggingService:240] - Shibboleth IdP
Version 3.2.0
2015-12-07 15:17:25,843 - INFO
[net.shibboleth.idp.log.LogbackLoggingService:241] - Java
version='1.8.0_25' vendor='Oracle Corporation'
Commons jars:
commons-pool2-2.4.2.jar
commons-dbcp2-2.1.1.jar
What I've done:
Installed Shib3.2.0 and have implemented all the recommendations items
from:
https://wiki.shibboleth.net/confluence/display/IDP30/PersistentNameIDGenera
tionConfiguration
The schema is a cut and paste and has the primary key requirement.
In saml-nameid.properties I set idp.persistentId.store =
MyPersistentIdStore
And have the this in my saml-nameid.xml
--begin--
<!-- A DataSource bean suitable for use in the idp.persistentId.dataSource
property. -->
<bean id="MyDataSource" class="org.apache.commons.dbcp2.BasicDataSource"
p:driverClassName="com.mysql.jdbc.Driver"
p:url="jdbc:mysql://127.0.0.1:3306/shibboleth"
p:username="shibboleth"
p:password="suppressed"
p:maxIdle="5"
p:maxWaitMillis="15000"
p:testOnBorrow="true"
p:validationQuery="select 1"
p:validationQueryTimeout="5" />
<!-- A "store" bean suitable for use in the idp.persistentId.store
property. -->
<bean id="MyPersistentIdStore" parent="shibboleth.JDBCPersistentIdStore"
p:dataSource-ref="MyDataSource"
p:queryTimeout="PT2S"
p:retryableErrors="#{{'23000'}}" />
</beans>
--end--
And still see the error.
My shibpid table as I do this is either empty or has one row.
I've watched the mysql general_logs table to see what's flowing and it's
not clear how the 23000 error determination is happening.
I see the dummy insertion and deletion at the end.
I've taken the same insert and then ran it via command line mysql and see
the expected duplicate error with a double insertion.
It's like retryableErrors is not being trapped/observed and would like a
recommendation on how to chase this down further.
Thoughts and recommendations welcome.
C
On 2015-11-24, 8:23 AM, "users on behalf of Simon Lundström"
<users-bounces at shibboleth.net on behalf of simlu at su.se> wrote:
>As always Scott, thank you for your response and incredible patience!
>
>BR,
>- Simon
>
>On Mon, 2015-11-23 at 14:54:20 +0000, Cantor, Scott wrote:
>> On 11/23/15, 5:38 AM, "users on behalf of Simon Lundström"
>><users-bounces at shibboleth.net on behalf of simlu at su.se> wrote:
>>
>>
>>
>> >On Fri, 2015-11-20 at 15:04:58 +0000, Cantor, Scott wrote:
>> >> On 11/20/15, 9:50 AM, "users on behalf of Simon Lundström"
>><users-bounces at shibboleth.net on behalf of simlu at su.se> wrote:
>> >> >Is that something you need to fix or for us deployers to configure?
>> >>
>> >> You,
>> >
>> >Where should this be configured?
>>
>> Sorry, I neglected to provide a reference to it in the docs. See the
>>example box labeled "Example persistent ID store beans in
>>saml-nameid.xml" in the updated PersistentNameIDGenerationConfiguration
>>topic.
>>
>> It's a collection property of the JDBCPersistentIdStoreEx class you
>>wire up from the shibboleth.JDBCPersistentIdStore parent bean.
>>
>> I'll add it to the example and adjust the docs since that's going to be
>>a common need for a bit. It's better to have control of that bean anyway
>>since you can adjust timeouts with it.
>>
>> >>but we can collect up the codes we need to retry on and just add them
>>to future versions too.
>> >
>> >Need an Jira for it?
>>
>> I checked in this code already.
>>
>> -- Scott
>>
>> --
>> To unsubscribe from this list send an email to
>>users-unsubscribe at shibboleth.net
>--
>To unsubscribe from this list send an email to
>users-unsubscribe at shibboleth.net
More information about the users
mailing list