[midPoint] Adding Members to Role through Members page

Florin. Stingaciu fstingaciu at mirantis.com
Thu Jun 30 23:17:06 CEST 2016


Hey Pavol,

I looked through the logs on my sql server and couldn't find anything
alarming. Also, I've been trying to delete the task for the last half an
hour through the very slow GUI with no success. Here's my config.xml:

<configuration>
    <midpoint>
        <webApplication>
            <importFolder>${midpoint.home}/import</importFolder>
        </webApplication>
        <repository>
                <embedded>false</embedded>
                <driverClassName>com.mysql.jdbc.Driver</driverClassName>
                <hibernateHbm2ddl>validate</hibernateHbm2ddl>

<hibernateDialect>org.hibernate.dialect.MySQLDialect</hibernateDialect>

<repositoryServiceFactoryClass>com.evolveum.midpoint.repo.sql.SqlRepositoryFactory</repositoryServiceFactoryClass>
                <database>mysql</database>
                <jdbcUsername>midpoint</jdbcUsername>
                <jdbcPassword>password</jdbcPassword>

<jdbcUrl>jdbc:mysql://db-server:3306/midpoint_prod_live</jdbcUrl>
        </repository>
        <taskManager>
                <clustered>true</clustered>

<jdbcUrl>jdbc:mysql://db-server:3306/midpoint_prod_quartz_live</jdbcUrl>
                <jmxUsername>midpoint</jmxUsername>
                <jmxPassword>password</jmxPassword>
        </taskManager>
        <audit>
            <auditService>

<auditServiceFactoryClass>com.evolveum.midpoint.audit.impl.LoggerAuditServiceFactory</auditServiceFactoryClass>
            </auditService>
            <auditService>

<auditServiceFactoryClass>com.evolveum.midpoint.repo.sql.SqlAuditServiceFactory</auditServiceFactoryClass>
            </auditService>
        </audit>
        <icf>
            <scanClasspath>true</scanClasspath>
            <scanDirectory>${midpoint.home}/icf-connectors</scanDirectory>
        </icf>
        <keystore>
            <keyStorePath>${midpoint.home}/keystore.jceks</keyStorePath>
            <keyStorePassword>dEpCSVuC6kerpO8aaReMiA==</keyStorePassword>
            <encryptionKeyAlias>default</encryptionKeyAlias>
            <!--
            You can use smaller cipher key size for encryption. For:
            AES_128 "http://www.w3.org/2001/04/xmlenc#aes128-cbc";
            AES_256 "http://www.w3.org/2001/04/xmlenc#aes256-cbc";
            AES_192 "http://www.w3.org/2001/04/xmlenc#aes192-cbc";

            in element <xmlCipher></xmlCipher>
            By default AES_128 is used. If you change key size, than
            you must also create secret key in key store with proper key
size and change encryptionKeyAlias.

            To generate keystore with keytool use command:
            keytool -genseckey -alias default -keystore keystore.jceks
-storetype jceks -keyalg AES -keysize 128

            secret key password is by default 'midpoint'
            -->
        </keystore>
    </midpoint>
</configuration>


On Thu, Jun 30, 2016 at 2:07 PM, Pavol Mederly <mederly at evolveum.com> wrote:

> Hello Florin,
>
> this is really strange. Looks like some low-level DB problem.
>
> I read your log in this way:
>
> Wicket has problems displaying a page, because thread
> *http-bio-8443-exec-2* is blocking (line #2). And why and where is it
> blocked?
>
> It is reading a task (line #51), therefore it asks hibernate for data
> (line #36), so hibernate calls MySQL driver (line #19). And the call didn't
> complete, as it waits for something to come through the network socket
> (line #5).
>
> (What troubles me a lot is that one-node configuration does not work as
> well.)
>
> So I'd recommend to have a look at your database configuration or setup.
>
> I'm not an expert on databases (nor on MySQL in particular), so I have no
> idea e.g. what troubleshooting tools to use at this moment. Maybe you could
> open MySQL admin console to see if there's something suspicious. Or look at
> MySQL server logs. Or you could share your midPoint config.xml here,
> particularly the <repository> section of it.
>
> Best regards,
> Pavol
>
> On 30.06.2016 22:49, Florin. Stingaciu wrote:
>
> Hello,
>
> Whenever I try to add a member through the "Members" tab in Midpoint,
> nothing happens. I tried to add myself to the Role "Approver" through the
> "Members" tab and the task never completes.
>
> In fact midPoint starts hanging and the issue doesn't resolve and I get
> all these errors: http://pastebin.com/GEgdtXnh
>
> I'm running two instances of midPoint with the following task manager
> configuration:
>
>         <taskManager>
>                 <clustered>true</clustered>
>
> <jdbcUrl>jdbc:mysql://db-server:3306/midpoint_prod_quartz_live</jdbcUrl>
>                 <jmxUsername>midpoint</jmxUsername>
>                 <jmxPassword>password</jmxPassword>
>         </taskManager>
>
> I've tried this action with both instances alive as well as with only one.
>
> Also here's my tomcat config pertaining to jmx:
>
>  -Dcom.sun.management.jmxremote.password.file=/var/opt/midpoint/jmxremote.password
> -Dcom.sun.management.jmxremote.access.file=/var/opt/midpoint/jmxremote.access
> -Dmidpoint.nodeId=001 -Dcom.sun.management.jmxremote.port=20001
> -Dcom.sun.management.jmxremote.ssl=false
>
> Even after I restart the tomcat server, midPoint doesn't respond anymore
> and the logs don't show anything.
>
> I'm willing to forgo the active active configuration and use an active
> passive configuration. Also I believe this is the cause of the earlier
> issues with the upgrade process (besides the mismatch in the connector)
>
> Any help would be greatly appreciated.
>
> Thanks,
>
> -F
>
>
> _______________________________________________
> midPoint mailing listmidPoint at lists.evolveum.comhttp://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160630/3e88129c/attachment.htm>


More information about the midPoint mailing list