Uploaded image for project: 'Identity Provider'
  1. Identity Provider
  2. IDP-880

Expose newer StoredID features on deprecated connector

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 3.2.0
    • Fix Version/s: 3.2.1, 3.3.0
    • Labels:
      None
    • Environment:

      all environments to my knowledge.

      Description

      Per the email exchange between Chris and Scott ( http://shibboleth.1660669.n2.nabble.com/Stored-persistent-ID-and-migration-to-3-2-td7620826.html )

      The 3.2.0 IdP issues a WARN when using database connections that do not trap retryable conditions and yet there is no way to eliminate or remedy the warning (other than do not use a database)

      sample error:
      2015-11-20 15:22:12,305 - WARN [net.shibboleth.idp.saml.nameid.impl.JDBCPersistentIdStoreEx:782] - Stored Id Store: Duplicate insert failed as required with SQL State '23000', ensure this value is configured as a retryable error

      From a user (person configuring the IDP that is) perspective, one wants to behave in alignment with other database connection capabilities and there is divergence between the existing and new ways. In this case there is no way to get to the new way of db connectivity.

      It may be useful to take the approach of a global database connection pool for the entire IdP in global.xml but do not know the consequences from a performance or security and span/scope of utility of the the db connection to the rest of the IdP (e.g. because it was defined in global could I some how pervert the user input and cleverly do a sql injection attack on something?? – I am unable to assess if this is a risk or not)

      From a usage perspective:
      If the existing syntax is preserved but has the ability to perform what the new format does (ie pass in arguments to itemize the possible retry errors) and would eliminate the warning and behave as desired for a database connection, that may be one way to resolve things to have minimal effort.

        Attachments

          Activity

            People

            Assignee:
            cantor.2@osu.edu Scott Cantor
            Reporter:
            cphillips@canarie.ca Chris Phillips
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 3 hours, 15 minutes
                3h 15m