Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-2559

OpenIDM does not store provisioner in MySQL repo

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: OpenIDM 3.1.0
    • Fix Version/s: OpenIDM 3.1.0
    • Environment:
      OpenIDM version "3.1.0-RC3-SNAPSHOT" (revision: 4315) jenkins-OpenIDM-3761, MySQL: 5.5.32 MySQL Community Server
    • Sprint:
      Sprint 30

      Description

      Recently we've started to see this exception when launching our tests.

      Nov 18, 2014 10:41:29 AM org.forgerock.openidm.config.installer.JSONConfigInstaller setConfig
      WARNING: Loading configuration file /RobotFramework/deploys/openidm/conf/provisioner.openicf-groovy.json failed 
      org.forgerock.json.fluent.JsonValueException: /
      	at org.forgerock.openidm.provisioner.openicf.impl.ConnectorInfoProviderService.getPropertiesToEncrypt(ConnectorInfoProviderService.java:884)
      	at org.forgerock.openidm.config.crypto.ConfigCrypto.getPropertiesToEncrypt(ConfigCrypto.java:108)
      	at org.forgerock.openidm.config.crypto.ConfigCrypto.encrypt(ConfigCrypto.java:150)
      	at org.forgerock.openidm.config.crypto.ConfigCrypto.encrypt(ConfigCrypto.java:141)
      	at org.forgerock.openidm.config.installer.JSONConfigInstaller.setConfig(JSONConfigInstaller.java:329)
      	at org.forgerock.openidm.config.installer.JSONConfigInstaller.setConfig(JSONConfigInstaller.java:315)
      	at org.forgerock.openidm.config.installer.JSONConfigInstaller.install(JSONConfigInstaller.java:121)
      	at org.apache.felix.fileinstall.internal.DirectoryWatcher.install(DirectoryWatcher.java:929)
      	at org.apache.felix.fileinstall.internal.DirectoryWatcher.install(DirectoryWatcher.java:857)
      	at org.apache.felix.fileinstall.internal.DirectoryWatcher.process(DirectoryWatcher.java:483)
      	at org.apache.felix.fileinstall.internal.DirectoryWatcher.start(DirectoryWatcher.java:224)
      	at org.apache.felix.fileinstall.internal.FileInstall.updated(FileInstall.java:252)
      	at org.apache.felix.fileinstall.internal.FileInstall$ConfigAdminSupport$Tracker.updated(FileInstall.java:422)
      	at org.apache.felix.cm.impl.helper.ManagedServiceFactoryTracker.provideConfiguration(ManagedServiceFactoryTracker.java:88)
      	at org.apache.felix.cm.impl.ConfigurationManager$UpdateConfiguration.run(ConfigurationManager.java:1744)
      	at org.apache.felix.cm.impl.UpdateThread.run(UpdateThread.java:103)
      	at java.lang.Thread.run(Thread.java:724)
      

      It does not matter whether there is some sensitive property in the provisioner that should be encrypted or not. This error causes the provisioner config not being registred and stored into the repo. In order to workaround this problem, one has to update the provisioner file to trigger the registration/storing process again.

      Steps to reproduce:
      You will need mysql server running for the following steps.
      1) fresh openidm
      2) copy the attached config files to openidm/conf
      3) deploy the openidm database into mysql.
      4) deploy the remote java connector server
      5) copy there the groovy connector from openidm/connectors
      6) copy the scripts from https://svn.forgerock.org/internal/trunk/QA/OpenIDM/RobotFramework/trunk/testcases/icf/frameworks/remote_java_connector_server/groovy/part1/scripts/
      7) start the icf by ./bin/ConnectorServer.sh /run
      8) start the idm by ./startup.sh
      9) after it starts up, call:

      curl --header "X-OpenIDM-Password: openidm-admin" --header "X-OpenIDM-Username: openidm-admin" --request GET "http://localhost:8080/openidm/config" | python -mjson.tool | grep provisioner
      
            "pid": "provisioner.openicf.connectorinfoprovider",
            "_id": "provisioner.openicf.connectorinfoprovider"
      

      this means, that the groovy provisioner was not registered.
      10) now, search the logs for the exception from above

      to fix this:

      • update the groovy provisioner with empty space and save it
      • now the provisioner should be registered fine. Verify this by:
        curl --header "X-OpenIDM-Password: openidm-admin" --header "X-OpenIDM-Username: openidm-admin" --request GET "http://localhost:8080/openidm/config" | python -mjson.tool | grep provisioner
        
              "factoryPid": "provisioner.openicf",
              "pid": "provisioner.openicf.d1b215ad-4e94-42e0-9d12-b6d8e9e93460",
              "_id": "provisioner.openicf/groovy"
              "pid": "provisioner.openicf.connectorinfoprovider",
              "_id": "provisioner.openicf.connectorinfoprovider"
        

        Attachments

          Activity

            People

            • Assignee:
              alin Alin Brici
              Reporter:
              Ladislav.Folta Ladislav Folta
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: