Question about shibboleth.ClientPersistentStorageService

Mathew, Sunil smathew at hbs.edu
Fri Oct 7 16:11:46 UTC 2022 

Hi,

I am trying to use shibboleth.ClientPersistentStorageService to store idp session. Here are the changes I made:

conf/idp.properties:

idp.session.StorageService = shibboleth.ClientPersistentStorageService

conf/global.xml

<!-- DB-independent Configuration -->



<bean id="shibboleth.JPAStorageService"

      class="org.opensaml.storage.impl.JPAStorageService"

      p:cleanupInterval="%{idp.storage.cleanupInterval:PT10M}"

      c:factory-ref="shibboleth.JPAStorageService.EntityManagerFactory"/>



<bean id="shibboleth.JPAStorageService.EntityManagerFactory"

      class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">

      <property name="persistenceUnitName" value="storageservice" />

      <property name="packagesToScan" value="org.opensaml.storage.impl"/>

      <property name="dataSource" ref="shibboleth.JPAStorageService.DataSource"/>

      <property name="jpaVendorAdapter" ref="shibboleth.JPAStorageService.JPAVendorAdapter"/>

      <property name="jpaDialect">

         <bean class="org.springframework.orm.jpa.vendor.HibernateJpaDialect" />

      </property>

</bean>



<!-- DB-dependent Configuration -->



<bean id="shibboleth.JPAStorageService.JPAVendorAdapter"

      class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter">

      <property name="database" value="MYSQL" />

</bean>



<!-- Bean to store IdP data unrelated with persistent identifiers on 'storageservice' database -->



<bean id="shibboleth.JPAStorageService.DataSource"

      class="com.zaxxer.hikari.HikariDataSource" destroy-method="close" lazy-init="true"

      p:driverClassName="com.mysql.jdbc.Driver"

      p:jdbcUrl="jdbc:mysql://localhost:3306/storageservice?autoReconnect=true"

      p:username="root"

      p:password="******" />



Here is the script that created the table:

SET NAMES 'utf8';



SET CHARACTER SET utf8;



CREATE DATABASE IF NOT EXISTS storageservice CHARACTER SET=utf8;



GRANT ALL PRIVILEGES ON storageservice.* TO 'root'@'localhost';



-- ##_SS-DB_USER-PASSWORD-CHANGEME_## can't contain the characters:  ;   &   #   <

CREATE USER IF NOT EXISTS 'root'@'localhost' IDENTIFIED BY '******';

GRANT ALL PRIVILEGES ON storageservice.* TO 'root'@'localhost';



FLUSH PRIVILEGES;



USE storageservice;



CREATE TABLE IF NOT EXISTS StorageRecords

(

context VARCHAR(255) NOT NULL,

id VARCHAR(255) NOT NULL,

expires BIGINT(20) DEFAULT NULL,

value LONGTEXT NOT NULL,

version BIGINT(20) NOT NULL,

PRIMARY KEY (context, id)

);



quit

I am using mariadb database. I confirmed that mysql-connector-java.jar and HikariCP-5.0.1.jar are in idp.war WEB-INF/lib. Jetty server is starting with no errors and I am able to test SP login without any issues.

But I don’t see any records inserted into the table after successful login.


> select * from storageservice.StorageRecords;

Empty set (0.000 sec)

I added the following to logback.xml:

    <variable name="idp.loglevel.opensaml" value="${idp.loglevel.opensaml:-TRACE}" />

    <logger name="org.opensaml.saml" level="${idp.loglevel.opensaml}"/>

    <logger name="com.zaxxer.hikari" level="${idp.loglevel.opensaml}"/>

I am not seeing any database calls in the logs. How can I see the database calls?

Can you please let me know if I missed anything.


Regards,
Sunil

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20221007/f96b1c95/attachment.htm>

More information about the users mailing list