Hi,
please find my replies embedded below.
Regards.
On 30/05/2018 15:11, tjholmes66 wrote:
I am an Apache Syncope newbie, and I am having one helluva time trying to get
Apache Syncope to work.
The overall thing is that I have a web-app that has it's own MySQL database,
and I have my own user and roles tables.
I don't want to code my own user management, so I was going to have Syncope
running as an iDM, so I could authenticate and manage my users through this
tool. I would delete my user and roles tables in place of Syncope tables.
Not sure this is a valid use case at all: Syncope is a provisioning
engine, and performs its best with provisioning towards / from multiple
identity repositories.
Moreover, for non-trivial scenarios, it can be integrated with an Access
Management system (as Apereo CAS, for example) which will handle
authentication and authorization.
You have just one application, which will access Syncope's tables..
Initially, I would use the "syncope" database to get it up and running, then
I would change the database name to something I want, update the
configuration, and then add the rest of my own tables for the rest of my
web-app. That way, I have one database for my user/roles and whatever else
syncope does, and then I'd add my other tables. Anyway, that was the
plan.....
So First, I started off with doing a maven build which is the "preferred"
way to setup Syncope for maximum flexibility and production use. I was able
to use maven to create the project, build it, and create all the WAR files.
The second step says to then check the "Reference" documentation which IMHO
does NOT tell you what you need to do in order to configure Syncope fully
... if at all.
In the reference guide, after a general introduction [1] about how the
sources are organized and how the build works, it is explained what
deployment directories are [2], and then the full build command:
$ mvn clean verify \
-Dconf.directory=/opt/syncope/conf \
-Dbundles.directory=/opt/syncope/bundles \
-Dlog.directory=/opt/syncope/log
$ cp core/target/classes/*properties /opt/syncope/conf
$ cp console/target/classes/*properties /opt/syncope/conf
$ cp enduser/target/classes/*properties /opt/syncope/conf
$ cp enduser/target/classes/customForm.json /opt/syncope/conf
to generate WAR files for production.
If you need to tune the default settings (DBMS [3] - as you need MySQL
instead of the default PostgreSQL, Java EE container [4],
High-Availability [5], ..) you will find further instructions.
[1] https://syncope.apache.org/docs/reference-guide.html#customization
[2]
https://syncope.apache.org/docs/reference-guide.html#deployment-directories
[3] https://syncope.apache.org/docs/reference-guide.html#dbms
[4] https://syncope.apache.org/docs/reference-guide.html#javaee-container
[5] https://syncope.apache.org/docs/reference-guide.html#high-availability
I did create a syncope database in MySQL, I created a syncope_user and a
syncope_pass, and made sure it had all the correct permissions and could
login locally.
With this process, here is what I added to the Tomcat 8.5 conf.xml file:
<Resource name="jdbc/syncopeDataSource"
auth="Container"
type="javax.sql.DataSource"
factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"
testWhileIdle="true"
testOnBorrow="true"
testOnReturn="true"
validationQuery="SELECT 1"
validationInterval="30000"
maxActive="50"
minIdle="2"
maxWait="10000"
initialSize="2"
removeAbandonedTimeout="20000"
removeAbandoned="true"
logAbandoned="true"
suspectTimeout="20000"
timeBetweenEvictionRunsMillis="5000"
minEvictableIdleTimeMillis="5000"
jdbcInterceptors="org.apache.tomcat.jdbc.pool.interceptor.ConnectionState;
org.apache.tomcat.jdbc.pool.interceptor.StatementFinalizer"
username="syncope_user"
password="syncope_pass"
driverClassName="com.mysql.jdbc.Driver"
url="jdbc:mysql://localhost:3306/syncope?serverTimezone=UTC" />
Funny thing is ... the standalone Syncope/Tomcat doesn't have this
configuration, nor does the GUI Installer version.
Standalone is using an in-memory H2 instance, not meant for production.
Hence, the database connection pool is not managed at container level.
GUI installer requires you to properly configure upfront the Java EE
container, including the database connection pool.
One final issue about the maven build is that the tomcat lib is using this
driver: mysql-connector-java-6.0.6.jar do we need a 5.x.x driver?
As far as I can tell, the latest JDBC driver versions available from
MySQL are currently [6] 5.1.46 and 8.0.11: I would use the latter with
MySQL 8 and the former with earlier MySQL versions, but I am definitely
not an expert with MySQL.
[6]
https://search.maven.org/#search%7Cgav%7C1%7Cg%3A%22mysql%22%20AND%20a%3A%22mysql-connector-java%22
Second, the next process was to use the GUI installer, which seemed to go
well. I did make sure I updated my tomcat-users.xml file and added the role
and user that was needed. I did specify MySQL as the database, I did specify
the location for the log, the bundles, etc ... again, where was this
documentation when we do the maven build because it was NOT obvious in the
"Reference" documentation.
The location of the source files generated by the GUI installer is
indicated as part of the wizard [7].
Moreover, the log files generated by the installer and reported by the
wizard [8] contains such information, including the whole build output.
[7] http://syncope.apache.org/docs/images/installer-4.png
[8] http://syncope.apache.org/docs/images/installer-12.png
The process of the using the GUI Installer also did not work as expected. I
got a lot of database errors. There seems to be an issue with the EDT time
zone, and I am wondering where that is coming from? If you look at the
existing Tomcat context.xml file, it does say that the serverTimeZone
parameter is specifically UTC.
If I followed the directions closely, then Apache Syncope Console should be
working correctly, but it's NOT coming up.
If you have seen "a lot of database errors", then it means your upfront
setup is not correct, or at least not correctly supported by the
installer process.
If you could provide the actual error messages, we might have the chance
to evaluate the situation.
Thirdly and Finally, I am going to try to use the StandAlone Syncope with
Tomcat to just try and get it to work, and this will be fine to test, but I
understand it is not ideal for Production.
I would really like to get the Maven build configured correctly so I can use
it for testing AND Production. Please help me get Syncope working correctly
so I can use it with my Syncope MySQL database.
The GUI installer is essentially a wrapper for the Maven project: once
you manage to configure the latter for MySQL (which is actually far from
difficult), you could easily get into the same troubles you have with
GUI installer, especially if there are problems with your database setup.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/
