[midPoint] Adding Members to Role through Members page

Florin. Stingaciu fstingaciu at mirantis.com
Thu Jun 30 23:38:41 CEST 2016 

Hey,

I just performed 1 and 3 and adding users to a role through a task works
just fine. Can I still run in active active configuration with the
in-memory Quartz scheduling?

Also is there anything else you think I should try?

Thanks,
-F

On Thu, Jun 30, 2016 at 2:31 PM, Pavol Mederly <mederly at evolveum.com> wrote:

> Florin,
>
> just a few comments/questions:
>
> 1) We use a custom hibernate dialect for MySQL:
> *com.evolveum.midpoint.repo.sql.util.MidPointMySQLDialect* (which is
> derived from MySQL5InnoDBDialect). The one you use is marked as deprecated
> in hibernate sources. I'd suggest using midPoint-supplied one.
>
> 2) I see that you use a separate database for Quartz. Although this is
> required for H2, it is not required for other databases. You may consider
> using a common one. (Although it shouldn't be a cause of your problems. But
> ... who knows.)
> 3) You said that the problem is visible even if there is only one node in
> the cluster. If previous suggestions wouldn't help, could you please try to
> comment out <taskManager> configuration in the config file to switch to
> in-memory Quartz scheduling, just to see if it changes the situation?
>
> Best regards,
> Pavol
>
>
> On 30.06.2016 23:17, Florin. Stingaciu wrote:
>
> Hey Pavol,
>
> I looked through the logs on my sql server and couldn't find anything
> alarming. Also, I've been trying to delete the task for the last half an
> hour through the very slow GUI with no success. Here's my config.xml:
>
> <configuration>
>     <midpoint>
>         <webApplication>
>             <importFolder>${midpoint.home}/import</importFolder>
>         </webApplication>
>         <repository>
>                 <embedded>false</embedded>
>                 <driverClassName>com.mysql.jdbc.Driver</driverClassName>
>                 <hibernateHbm2ddl>validate</hibernateHbm2ddl>
>
> <hibernateDialect>org.hibernate.dialect.MySQLDialect</hibernateDialect>
>
> <repositoryServiceFactoryClass>com.evolveum.midpoint.repo.sql.SqlRepositoryFactory</repositoryServiceFactoryClass>
>                 <database>mysql</database>
>                 <jdbcUsername>midpoint</jdbcUsername>
>                 <jdbcPassword>password</jdbcPassword>
>
> <jdbcUrl>jdbc:mysql://db-server:3306/midpoint_prod_live</jdbcUrl>
>         </repository>
>         <taskManager>
>                 <clustered>true</clustered>
>
> <jdbcUrl>jdbc:mysql://db-server:3306/midpoint_prod_quartz_live</jdbcUrl>
>                 <jmxUsername>midpoint</jmxUsername>
>                 <jmxPassword>password</jmxPassword>
>         </taskManager>
>         <audit>
>             <auditService>
>
> <auditServiceFactoryClass>com.evolveum.midpoint.audit.impl.LoggerAuditServiceFactory</auditServiceFactoryClass>
>             </auditService>
>             <auditService>
>
> <auditServiceFactoryClass>com.evolveum.midpoint.repo.sql.SqlAuditServiceFactory</auditServiceFactoryClass>
>             </auditService>
>         </audit>
>         <icf>
>             <scanClasspath>true</scanClasspath>
>             <scanDirectory>${midpoint.home}/icf-connectors</scanDirectory>
>         </icf>
>         <keystore>
>             <keyStorePath>${midpoint.home}/keystore.jceks</keyStorePath>
>             <keyStorePassword>dEpCSVuC6kerpO8aaReMiA==</keyStorePassword>
>             <encryptionKeyAlias>default</encryptionKeyAlias>
>             <!--
>             You can use smaller cipher key size for encryption. For:
>             AES_128 "http://www.w3.org/2001/04/xmlenc#aes128-cbc";
>             AES_256 "http://www.w3.org/2001/04/xmlenc#aes256-cbc";
>             AES_192 "http://www.w3.org/2001/04/xmlenc#aes192-cbc";
>
>             in element <xmlCipher></xmlCipher>
>             By default AES_128 is used. If you change key size, than
>             you must also create secret key in key store with proper key
> size and change encryptionKeyAlias.
>
>             To generate keystore with keytool use command:
>             keytool -genseckey -alias default -keystore keystore.jceks
> -storetype jceks -keyalg AES -keysize 128
>
>             secret key password is by default 'midpoint'
>             -->
>         </keystore>
>     </midpoint>
> </configuration>
>
>
> On Thu, Jun 30, 2016 at 2:07 PM, Pavol Mederly <mederly at evolveum.com>
> wrote:
>
>> Hello Florin,
>>
>> this is really strange. Looks like some low-level DB problem.
>>
>> I read your log in this way:
>>
>> Wicket has problems displaying a page, because thread
>> *http-bio-8443-exec-2* is blocking (line #2). And why and where is it
>> blocked?
>>
>> It is reading a task (line #51), therefore it asks hibernate for data
>> (line #36), so hibernate calls MySQL driver (line #19). And the call didn't
>> complete, as it waits for something to come through the network socket
>> (line #5).
>>
>> (What troubles me a lot is that one-node configuration does not work as
>> well.)
>>
>> So I'd recommend to have a look at your database configuration or setup.
>>
>> I'm not an expert on databases (nor on MySQL in particular), so I have no
>> idea e.g. what troubleshooting tools to use at this moment. Maybe you could
>> open MySQL admin console to see if there's something suspicious. Or look at
>> MySQL server logs. Or you could share your midPoint config.xml here,
>> particularly the <repository> section of it.
>>
>> Best regards,
>> Pavol
>>
>> On 30.06.2016 22:49, Florin. Stingaciu wrote:
>>
>> Hello,
>>
>> Whenever I try to add a member through the "Members" tab in Midpoint,
>> nothing happens. I tried to add myself to the Role "Approver" through the
>> "Members" tab and the task never completes.
>>
>> In fact midPoint starts hanging and the issue doesn't resolve and I get
>> all these errors:  <http://pastebin.com/GEgdtXnh>
>> http://pastebin.com/GEgdtXnh
>>
>> I'm running two instances of midPoint with the following task manager
>> configuration:
>>
>>         <taskManager>
>>                 <clustered>true</clustered>
>>
>> <jdbcUrl>jdbc:mysql://db-server:3306/midpoint_prod_quartz_live</jdbcUrl>
>>                 <jmxUsername>midpoint</jmxUsername>
>>                 <jmxPassword>password</jmxPassword>
>>         </taskManager>
>>
>> I've tried this action with both instances alive as well as with only
>> one.
>>
>> Also here's my tomcat config pertaining to jmx:
>>
>>  -Dcom.sun.management.jmxremote.password.file=/var/opt/midpoint/jmxremote.password
>> -Dcom.sun.management.jmxremote.access.file=/var/opt/midpoint/jmxremote.access
>> -Dmidpoint.nodeId=001 -Dcom.sun.management.jmxremote.port=20001
>> -Dcom.sun.management.jmxremote.ssl=false
>>
>> Even after I restart the tomcat server, midPoint doesn't respond anymore
>> and the logs don't show anything.
>>
>> I'm willing to forgo the active active configuration and use an active
>> passive configuration. Also I believe this is the cause of the earlier
>> issues with the upgrade process (besides the mismatch in the connector)
>>
>> Any help would be greatly appreciated.
>>
>> Thanks,
>>
>> -F
>>
>>
>> _______________________________________________
>> midPoint mailing listmidPoint at lists.evolveum.comhttp://lists.evolveum.com/mailman/listinfo/midpoint
>>
>>
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>
>>
>
>
> _______________________________________________
> midPoint mailing listmidPoint at lists.evolveum.comhttp://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160630/342e282e/attachment.htm>

More information about the midPoint mailing list