Question about shibboleth.ClientPersistentStorageService

Mathew, Sunil smathew at hbs.edu
Sat Oct 8 11:23:47 UTC 2022 

Hi All,

Even though I have defined only ClientPersistentStorageService in idp.properties, why is it doing both ClientSessionStorageService and ClientPersistentStorageService?

conf/idp.properties:

idp.session.StorageService = shibboleth.ClientPersistentStorageService


2022-10-08 06:57:56,416 - 10.227.147.129 - DEBUG [org.opensaml.storage.impl.client.PopulateClientStorageLoadContext:118] - Profile Action PopulateClientStorageLoadContext: ClientStorageServices requiring load: [shibboleth.ClientSessionStorageService, shibboleth.ClientPersistentStorageService]


Also, even though ClientPersistentStorageService succeeded, why am I not seeing any data in the database?


2022-10-08 06:58:16,819 - 10.227.147.129 - DEBUG [org.opensaml.storage.impl.client.LogLocalStorageSaveResults:81] - Profile Action LogLocalStorageSaveResults: Save to local storage for StorageService 'shibboleth.ClientPersistentStorageService' succeeded


MariaDB [mysql]> select * from storageservice.StorageRecords;

Empty set (0.000 sec)


Thanks for your help.


Regards,
Sunil


From: users <users-bounces at shibboleth.net> on behalf of Mathew, Sunil via users <users at shibboleth.net>
Date: Friday, October 7, 2022 at 12:11 PM
To: Users at shibboleth.net <users at shibboleth.net>
Cc: Mathew, Sunil <smathew at hbs.edu>
Subject: Question about shibboleth.ClientPersistentStorageService
Hi,

I am trying to use shibboleth.ClientPersistentStorageService to store idp session. Here are the changes I made:

conf/idp.properties:

idp.session.StorageService = shibboleth.ClientPersistentStorageService

conf/global.xml

<!-- DB-independent Configuration -->



<bean id="shibboleth.JPAStorageService"

      class="org.opensaml.storage.impl.JPAStorageService"

      p:cleanupInterval="%{idp.storage.cleanupInterval:PT10M}"

      c:factory-ref="shibboleth.JPAStorageService.EntityManagerFactory"/>



<bean id="shibboleth.JPAStorageService.EntityManagerFactory"

      class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">

      <property name="persistenceUnitName" value="storageservice" />

      <property name="packagesToScan" value="org.opensaml.storage.impl"/>

      <property name="dataSource" ref="shibboleth.JPAStorageService.DataSource"/>

      <property name="jpaVendorAdapter" ref="shibboleth.JPAStorageService.JPAVendorAdapter"/>

      <property name="jpaDialect">

         <bean class="org.springframework.orm.jpa.vendor.HibernateJpaDialect" />

      </property>

</bean>



<!-- DB-dependent Configuration -->



<bean id="shibboleth.JPAStorageService.JPAVendorAdapter"

      class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter">

      <property name="database" value="MYSQL" />

</bean>



<!-- Bean to store IdP data unrelated with persistent identifiers on 'storageservice' database -->



<bean id="shibboleth.JPAStorageService.DataSource"

      class="com.zaxxer.hikari.HikariDataSource" destroy-method="close" lazy-init="true"

      p:driverClassName="com.mysql.jdbc.Driver"

      p:jdbcUrl="jdbc:mysql://localhost:3306/storageservice?autoReconnect=true"

      p:username="root"

      p:password="******" />



Here is the script that created the table:

SET NAMES 'utf8';



SET CHARACTER SET utf8;



CREATE DATABASE IF NOT EXISTS storageservice CHARACTER SET=utf8;



GRANT ALL PRIVILEGES ON storageservice.* TO 'root'@'localhost';



-- ##_SS-DB_USER-PASSWORD-CHANGEME_## can't contain the characters:  ;   &   #   <

CREATE USER IF NOT EXISTS 'root'@'localhost' IDENTIFIED BY '******';

GRANT ALL PRIVILEGES ON storageservice.* TO 'root'@'localhost';



FLUSH PRIVILEGES;



USE storageservice;



CREATE TABLE IF NOT EXISTS StorageRecords

(

context VARCHAR(255) NOT NULL,

id VARCHAR(255) NOT NULL,

expires BIGINT(20) DEFAULT NULL,

value LONGTEXT NOT NULL,

version BIGINT(20) NOT NULL,

PRIMARY KEY (context, id)

);



quit

I am using mariadb database. I confirmed that mysql-connector-java.jar and HikariCP-5.0.1.jar are in idp.war WEB-INF/lib. Jetty server is starting with no errors and I am able to test SP login without any issues.

But I don’t see any records inserted into the table after successful login.


> select * from storageservice.StorageRecords;

Empty set (0.000 sec)

I added the following to logback.xml:

    <variable name="idp.loglevel.opensaml" value="${idp.loglevel.opensaml:-TRACE}" />

    <logger name="org.opensaml.saml" level="${idp.loglevel.opensaml}"/>

    <logger name="com.zaxxer.hikari" level="${idp.loglevel.opensaml}"/>

I am not seeing any database calls in the logs. How can I see the database calls?

Can you please let me know if I missed anything.


Regards,
Sunil

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20221008/f3ab25d4/attachment.htm>

More information about the users mailing list