Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-13599

Be a bit more robust on what resource exceptions the repo init service will accept


    • Target Version/s:
    • Verified Version/s:
    • Story Points:
    • Sprint:
      2019.11 - IDM, 2019.12 - IDM



      The RepoInitService(https://stash.forgerock.org/projects/OPENIDM/repos/openidm/browse/openidm-repo-init/src/main/java/org/forgerock/openidm/repo/init/RepoInitService.java) is responsible for creating, updating, or deleting repo objects on IDM startup. This is used, for example, to create the openidm-admin internal user account. Currently the RepoInitService will successfully startup regardless if there are any errors produced when creating, updating, or deleting the repo objects. The service allows errors since it assumes errors will occur if other nodes have already done the create, update, or deletes.


      This is a problem because if the repo is in a poor state and the internal user accounts were actually not created IDM will still startup, but be unusable due to the missing internal user accounts.

      Potential Solution

      The RepoInitService can be enhanced to only accept known errors, and actually fail when unknown errors occur. These are the list of known acceptable conditions and their errors.

      1) Created object already exists == PreconditionFailedException
      2) Updated object already updated == PreconditionFailedException
      3) Delete object already deleted == NotFoundException

      If we enhance the RepoInitService to capture those errors and allow it to fail for unknown errors, then IDM will fail to start if the internal user accounts are not able to be created which is the correct behavior (IDM should not be able to start if openidm-admin does not exist).




            • Assignee:
              jbranch Jon Branch
              jason Jason Lemay
              QA Assignee:
              Travis Haagen
            • Votes:
              0 Vote for this issue
              2 Start watching this issue


              • Created: