[midPoint] config.xml during installation

Colin Thompson cthompson31 at ucmerced.edu
Tue Oct 16 21:50:49 CEST 2018 

Sounds like a missing/incorrect keystore.jceks issue. I believe the administrator password, among other things, is stored encrypted in the database, and the key by which it is encrypted is stored in the keystore.jceks file in /opt/midpoint/var/.  Ive found that when the administrator password doesn't match (assuming you're typing it correctly), it's usually because you're not using the key/keystore it was created with.

There are instructions in the default config.xml file for how to create the keystore if you want to customize things.

Get Outlook for Android<https://aka.ms/ghei36>

________________________________
From: midPoint <midpoint-bounces at lists.evolveum.com> on behalf of Solberg, Eric <eric at solberg.com>
Sent: Tuesday, October 16, 2018 1:11:16 PM
To: midPoint General Discussion
Subject: [midPoint] config.xml during installation

I'm installing MySQL drivers for my Midpoint setup, and have updated config.xml. I've got connectivity to the database, but am encountering a problem logging in as administrator. I'm just starting to evaluate this, but I'm not 100% confident I followed the right process for setting up config.xml.

Here's what I did:
- Installed the midpoint demo with embedded database. Made a copy of the generated config.xml.
- Deleted this demo instance
- Setup a MySQL instance, created midpoint user & database, imported mysql-3.8-all.sql
- Modified the config.xml to include <repository> settings for mysql
- Modified the Dockerfile to copy config.xml to ${MP_DIR}/var/
- Also modified the Dockerfile to install the SQL driver
- Built the Docker image and deployed to my VM

This is working and I have connectivity to the database. This setup is pretty slow, but I'm not tuning yet... The problem I'm having is I can't log in as administrator (5ecr3t password).

Here's what I got in midpoint.log:
018-10-16 16:44:02,824 [] [http-nio-8080-exec-4] ERROR (com.evolveum.midpoint.model.impl.sec
urity.AuthenticationEvaluatorImpl): Error dealing with credentials of user "administrator" cr
edentials: No key mapped to key digest FbJhcZYWk/Q3KnAucPQgRSxD/QM= could be found in the key
store. Keys digests must be recomputed during initialization

I'm guessing it's one of 3 things:
- Was I supposed to copy config.xml from the demo? Or should I create a new config.xml with only the repository settings and let midpoint recreate everything else?
- Or should I also copy the other files from the demo /opt/midpoint/var directory?
- Or is there some other step to recompute key digests?

Any suggestions?

Thanks,
Eric


_______________________________________________
midPoint mailing list
midPoint at lists.evolveum.com
http://lists.evolveum.com/mailman/listinfo/midpoint
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20181016/aa1cf378/attachment.htm>

More information about the midPoint mailing list