keycloak-aplcache
Changes
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/keycloak/keycloak-model-jpa/main/module.xml 1(+0 -1)
distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/keycloak/keycloak-server-spi/main/module.xml 1(+0 -1)
federation/ldap/pom.xml 5(+0 -5)
model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/entities/AbstractExtendableRevisioned.java 40(+0 -40)
model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/entities/AbstractRevisioned.java 9(+0 -9)
model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/entities/CachedUser.java 2(+1 -1)
model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/InfinispanCacheUserProviderFactory.java 16(+11 -5)
model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/UserCacheSession.java 78(+30 -48)
model/infinispan/src/main/resources/META-INF/services/org.keycloak.models.cache.CacheUserProviderFactory 2(+1 -1)
model/infinispan/src/test/java/org/keycloak/models/sessions/infinispan/initializer/ClusteredCacheBehaviorTest.java 27(+0 -27)
model/jpa/src/main/java/org/keycloak/connections/jpa/DefaultJpaConnectionProviderFactory.java 215(+82 -133)
model/jpa/src/main/java/org/keycloak/connections/jpa/updater/liquibase/lock/LiquibaseDBLockProvider.java 78(+34 -44)
model/jpa/src/main/java/org/keycloak/models/jpa/entities/CredentialAttributeEntity.java 111(+0 -111)
model/jpa/src/main/java/org/keycloak/storage/jpa/entity/FederatedUserCredentialAttributeEntity.java 113(+0 -113)
model/jpa/src/main/java/org/keycloak/storage/jpa/entity/FederatedUserCredentialEntity.java 16(+0 -16)
model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/MongoUserProvider.java 2(+0 -2)
Details
diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/keycloak/keycloak-model-jpa/main/module.xml b/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/keycloak/keycloak-model-jpa/main/module.xml
index 94c80a2..5373067 100755
--- a/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/keycloak/keycloak-model-jpa/main/module.xml
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/keycloak/keycloak-model-jpa/main/module.xml
@@ -25,7 +25,6 @@
</resources>
<dependencies>
- <module name="javax.transaction.api"/>
<module name="org.keycloak.keycloak-common"/>
<module name="org.keycloak.keycloak-core"/>
<module name="org.keycloak.keycloak-server-spi"/>
diff --git a/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/keycloak/keycloak-server-spi/main/module.xml b/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/keycloak/keycloak-server-spi/main/module.xml
index 8b5632e..95f34b6 100755
--- a/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/keycloak/keycloak-server-spi/main/module.xml
+++ b/distribution/feature-packs/server-feature-pack/src/main/resources/modules/system/layers/keycloak/org/keycloak/keycloak-server-spi/main/module.xml
@@ -33,6 +33,5 @@
<module name="javax.ws.rs.api"/>
<module name="org.apache.httpcomponents"/>
<module name="org.jboss.resteasy.resteasy-jaxrs"/>
- <module name="javax.transaction.api"/>
</dependencies>
</module>
federation/ldap/pom.xml 5(+0 -5)
diff --git a/federation/ldap/pom.xml b/federation/ldap/pom.xml
index 257c617..f6a8c4b 100755
--- a/federation/ldap/pom.xml
+++ b/federation/ldap/pom.xml
@@ -74,11 +74,6 @@
<artifactId>junit</artifactId>
<scope>test</scope>
</dependency>
- <dependency>
- <groupId>org.jboss.spec.javax.transaction</groupId>
- <artifactId>jboss-transaction-api_1.2_spec</artifactId>
- <scope>provided</scope>
- </dependency>
</dependencies>
<build>
diff --git a/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/entities/AbstractRevisioned.java b/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/entities/AbstractRevisioned.java
index ed49ddf..8916620 100755
--- a/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/entities/AbstractRevisioned.java
+++ b/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/entities/AbstractRevisioned.java
@@ -9,7 +9,6 @@ import java.io.Serializable;
public class AbstractRevisioned implements Revisioned, Serializable {
private String id;
private Long revision;
- private final long cacheTimestamp = System.currentTimeMillis();
public AbstractRevisioned(Long revision, String id) {
this.revision = revision;
@@ -31,12 +30,4 @@ public class AbstractRevisioned implements Revisioned, Serializable {
this.revision = revision;
}
- /**
- * When was this cached
- *
- * @return
- */
- public long getCacheTimestamp() {
- return cacheTimestamp;
- }
}
diff --git a/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/entities/CachedUser.java b/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/entities/CachedUser.java
index 7c24594..89049ca 100755
--- a/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/entities/CachedUser.java
+++ b/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/entities/CachedUser.java
@@ -36,7 +36,7 @@ import java.util.Set;
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
-public class CachedUser extends AbstractExtendableRevisioned implements InRealm {
+public class CachedUser extends AbstractRevisioned implements InRealm {
private String realm;
private String username;
private Long createdTimestamp;
diff --git a/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/UserAdapter.java b/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/UserAdapter.java
index ea6698c..d697ad2 100755
--- a/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/UserAdapter.java
+++ b/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/UserAdapter.java
@@ -28,7 +28,6 @@ import org.keycloak.models.UserConsentModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserCredentialValueModel;
import org.keycloak.models.UserModel;
-import org.keycloak.models.cache.CachedUserModel;
import org.keycloak.models.cache.infinispan.entities.CachedUser;
import org.keycloak.models.cache.infinispan.entities.CachedUserConsent;
import org.keycloak.models.utils.KeycloakModelUtils;
@@ -40,13 +39,12 @@ import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
-import java.util.concurrent.ConcurrentHashMap;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
-public class UserAdapter implements CachedUserModel {
+public class UserAdapter implements UserModel {
protected UserModel updated;
protected CachedUser cached;
protected UserCacheSession userProviderCache;
@@ -67,22 +65,6 @@ public class UserAdapter implements CachedUserModel {
if (updated == null) throw new IllegalStateException("Not found in database");
}
}
-
- @Override
- public void invalidate() {
- getDelegateForUpdate();
- }
-
- @Override
- public long getCacheTimestamp() {
- return cached.getCacheTimestamp();
- }
-
- @Override
- public ConcurrentHashMap getCachedWith() {
- return cached.getCachedWith();
- }
-
@Override
public String getId() {
if (updated != null) return updated.getId();
diff --git a/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/UserCacheSession.java b/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/UserCacheSession.java
index b38d9aa..8a62c33 100755
--- a/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/UserCacheSession.java
+++ b/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/UserCacheSession.java
@@ -34,9 +34,7 @@ import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserProvider;
-import org.keycloak.models.cache.CachedUserModel;
-import org.keycloak.models.cache.OnUserCache;
-import org.keycloak.models.cache.UserCache;
+import org.keycloak.models.cache.CacheUserProvider;
import org.keycloak.models.cache.infinispan.entities.CachedFederatedIdentityLinks;
import org.keycloak.models.cache.infinispan.entities.CachedUser;
import org.keycloak.models.cache.infinispan.entities.CachedUserConsent;
@@ -49,7 +47,7 @@ import java.util.*;
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
-public class UserCacheSession implements UserCache {
+public class UserCacheSession implements CacheUserProvider {
protected static final Logger logger = Logger.getLogger(UserCacheSession.class);
protected UserCacheManager cache;
protected KeycloakSession session;
@@ -75,6 +73,7 @@ public class UserCacheSession implements UserCache {
cache.clear();
}
+ @Override
public UserProvider getDelegate() {
if (!transactionActive) throw new IllegalStateException("Cannot access delegate without a transaction");
if (delegate != null) return delegate;
@@ -90,20 +89,6 @@ public class UserCacheSession implements UserCache {
if (realm.isIdentityFederationEnabled()) invalidations.add(getFederatedIdentityLinksCacheKey(user.getId()));
}
- @Override
- public void evict(RealmModel realm, UserModel user) {
- if (user instanceof CachedUserModel) {
- ((CachedUserModel)user).invalidate();
- } else {
- invalidations.add(user.getId());
- if (user.getEmail() != null) invalidations.add(getUserByEmailCacheKey(realm.getId(), user.getEmail()));
- invalidations.add(getUserByUsernameCacheKey(realm.getId(), user.getUsername()));
- if (realm.isIdentityFederationEnabled()) invalidations.add(getFederatedIdentityLinksCacheKey(user.getId()));
- }
- }
-
-
-
protected void runInvalidations() {
for (String realmId : realmInvalidations) {
cache.invalidateRealmUsers(realmId, invalidations);
@@ -162,13 +147,8 @@ public class UserCacheSession implements UserCache {
logger.trace("registered for invalidation return delegate");
return getDelegate().getUserById(id, realm);
}
- if (managedUsers.containsKey(id)) {
- logger.trace("return managedusers");
- return managedUsers.get(id);
- }
CachedUser cached = cache.get(id, CachedUser.class);
- boolean wasCached = cached != null;
if (cached == null) {
logger.trace("not cached");
Long loaded = cache.getCurrentRevision(id);
@@ -177,12 +157,19 @@ public class UserCacheSession implements UserCache {
logger.trace("delegate returning null");
return null;
}
+ if (managedUsers.containsKey(id)) {
+ logger.trace("return managedusers");
+ return managedUsers.get(id);
+ }
+ if (invalidations.contains(id)) return model;
cached = new CachedUser(loaded, realm, model);
cache.addRevisioned(cached, startupRevision);
+ } else if (managedUsers.containsKey(id)) {
+ logger.trace("return managedusers");
+ return managedUsers.get(id);
}
logger.trace("returning new cache adapter");
UserAdapter adapter = new UserAdapter(cached, this, session, realm);
- if (!wasCached) onCache(realm, adapter);
managedUsers.put(id, adapter);
return adapter;
}
@@ -236,7 +223,13 @@ public class UserCacheSession implements UserCache {
return managedUsers.get(userId);
}
- UserAdapter adapter = getUserAdapter(realm, userId, loaded, model);
+ CachedUser cached = cache.get(userId, CachedUser.class);
+ if (cached == null) {
+ cached = new CachedUser(loaded, realm, model);
+ cache.addRevisioned(cached, startupRevision);
+ }
+ logger.trace("return new cache adapter");
+ UserAdapter adapter = new UserAdapter(cached, this, session, realm);
managedUsers.put(userId, adapter);
return adapter;
} else {
@@ -251,26 +244,6 @@ public class UserCacheSession implements UserCache {
}
}
- protected UserAdapter getUserAdapter(RealmModel realm, String userId, Long loaded, UserModel model) {
- CachedUser cached = cache.get(userId, CachedUser.class);
- boolean wasCached = cached != null;
- if (cached == null) {
- cached = new CachedUser(loaded, realm, model);
- cache.addRevisioned(cached, startupRevision);
- }
- UserAdapter adapter = new UserAdapter(cached, this, session, realm);
- if (!wasCached) {
- onCache(realm, adapter);
- }
- return adapter;
-
- }
-
- private void onCache(RealmModel realm, UserAdapter adapter) {
- ((OnUserCache)getDelegate()).onCache(realm, adapter);
- ((OnUserCache)session.userCredentialManager()).onCache(realm, adapter);
- }
-
@Override
public UserModel getUserByEmail(String email, RealmModel realm) {
if (email == null) return null;
@@ -295,7 +268,12 @@ public class UserCacheSession implements UserCache {
if (invalidations.contains(userId)) return model;
if (managedUsers.containsKey(userId)) return managedUsers.get(userId);
- UserAdapter adapter = getUserAdapter(realm, userId, loaded, model);
+ CachedUser cached = cache.get(userId, CachedUser.class);
+ if (cached == null) {
+ cached = new CachedUser(loaded, realm, model);
+ cache.addRevisioned(cached, startupRevision);
+ }
+ UserAdapter adapter = new UserAdapter(cached, this, session, realm);
managedUsers.put(userId, adapter);
return adapter;
} else {
@@ -338,7 +316,12 @@ public class UserCacheSession implements UserCache {
if (invalidations.contains(userId)) return model;
if (managedUsers.containsKey(userId)) return managedUsers.get(userId);
- UserAdapter adapter = getUserAdapter(realm, userId, loaded, model);
+ CachedUser cached = cache.get(userId, CachedUser.class);
+ if (cached == null) {
+ cached = new CachedUser(loaded, realm, model);
+ cache.addRevisioned(cached, startupRevision);
+ }
+ UserAdapter adapter = new UserAdapter(cached, this, session, realm);
managedUsers.put(userId, adapter);
return adapter;
} else {
@@ -686,5 +669,4 @@ public class UserCacheSession implements UserCache {
getDelegate().preRemove(realm, component);
}
-
}
diff --git a/model/infinispan/src/test/java/org/keycloak/models/sessions/infinispan/initializer/ClusteredCacheBehaviorTest.java b/model/infinispan/src/test/java/org/keycloak/models/sessions/infinispan/initializer/ClusteredCacheBehaviorTest.java
index 4c5ccc4..de6e587 100755
--- a/model/infinispan/src/test/java/org/keycloak/models/sessions/infinispan/initializer/ClusteredCacheBehaviorTest.java
+++ b/model/infinispan/src/test/java/org/keycloak/models/sessions/infinispan/initializer/ClusteredCacheBehaviorTest.java
@@ -101,19 +101,14 @@ public class ClusteredCacheBehaviorTest {
System.out.println("node1 create entry");
node1Cache.put("key", "node1");
-
System.out.println("node1 create entry");
node1Cache.put("key", "node111");
-
System.out.println("node2 create entry");
node2Cache.put("key", "node2");
-
System.out.println("node1 remove entry");
node1Cache.remove("key");
-
System.out.println("node2 remove entry");
node2Cache.remove("key");
-
System.out.println("node2 put entry");
node2Cache.put("key", "node2");
System.out.println("node2 evict entry");
@@ -123,28 +118,6 @@ public class ClusteredCacheBehaviorTest {
node2Cache.putForExternalRead("key", "common");
System.out.println("node2 remove entry");
node2Cache.remove("key");
- System.out.println("node1 remove entry");
- node1Cache.remove("key");
-
- // test remove non-existing node 2, existing node 1
- System.out.println("Test non existent remove");
- System.out.println("node1 create entry");
- node1Cache.put("key", "value");
- System.out.println("node2 remove non-existent entry");
- System.out.println("exists?: " + node2Cache.containsKey("key"));
- node2Cache.remove("key");
-
- // test clear
- System.out.println("Test clear cache");
- System.out.println("add key to node 1, key2 to node2");
- node1Cache.putForExternalRead("key", "value");
- node2Cache.putForExternalRead("key", "value");
- node2Cache.putForExternalRead("key2", "value");
- System.out.println("Clear from node1");
- node1Cache.clear();
- System.out.println("node 2 exists key2?: " + node2Cache.containsKey("key2"));
- System.out.println("node 2 exists key?: " + node2Cache.containsKey("key"));
-
}
diff --git a/model/jpa/src/main/java/org/keycloak/connections/jpa/DefaultJpaConnectionProvider.java b/model/jpa/src/main/java/org/keycloak/connections/jpa/DefaultJpaConnectionProvider.java
index e35e5b0..db85a82 100644
--- a/model/jpa/src/main/java/org/keycloak/connections/jpa/DefaultJpaConnectionProvider.java
+++ b/model/jpa/src/main/java/org/keycloak/connections/jpa/DefaultJpaConnectionProvider.java
@@ -17,8 +17,6 @@
package org.keycloak.connections.jpa;
-import org.jboss.logging.Logger;
-
import javax.persistence.EntityManager;
/**
@@ -26,7 +24,6 @@ import javax.persistence.EntityManager;
*/
public class DefaultJpaConnectionProvider implements JpaConnectionProvider {
- private static final Logger logger = Logger.getLogger(DefaultJpaConnectionProvider.class);
private final EntityManager em;
public DefaultJpaConnectionProvider(EntityManager em) {
@@ -40,7 +37,6 @@ public class DefaultJpaConnectionProvider implements JpaConnectionProvider {
@Override
public void close() {
- logger.trace("DefaultJpaConnectionProvider close()");
em.close();
}
diff --git a/model/jpa/src/main/java/org/keycloak/connections/jpa/DefaultJpaConnectionProviderFactory.java b/model/jpa/src/main/java/org/keycloak/connections/jpa/DefaultJpaConnectionProviderFactory.java
index d029e16..3c74264 100755
--- a/model/jpa/src/main/java/org/keycloak/connections/jpa/DefaultJpaConnectionProviderFactory.java
+++ b/model/jpa/src/main/java/org/keycloak/connections/jpa/DefaultJpaConnectionProviderFactory.java
@@ -29,22 +29,12 @@ import java.util.Map;
import javax.naming.InitialContext;
import javax.persistence.EntityManager;
import javax.persistence.EntityManagerFactory;
-import javax.persistence.SynchronizationType;
import javax.sql.DataSource;
-import javax.transaction.InvalidTransactionException;
-import javax.transaction.Synchronization;
-import javax.transaction.SystemException;
-import javax.transaction.Transaction;
-import javax.transaction.TransactionManager;
-import javax.transaction.UserTransaction;
import org.hibernate.ejb.AvailableSettings;
-import org.hibernate.engine.transaction.jta.platform.internal.AbstractJtaPlatform;
-import org.hibernate.engine.transaction.jta.platform.spi.JtaPlatform;
import org.jboss.logging.Logger;
import org.keycloak.Config;
import org.keycloak.connections.jpa.updater.JpaUpdaterProvider;
-import org.keycloak.connections.jpa.updater.liquibase.conn.LiquibaseConnectionProvider;
import org.keycloak.connections.jpa.util.JpaUtils;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
@@ -55,7 +45,6 @@ import org.keycloak.provider.ServerInfoAwareProviderFactory;
import org.keycloak.models.dblock.DBLockManager;
import org.keycloak.ServerStartupError;
import org.keycloak.timer.TimerProvider;
-import org.keycloak.transaction.JtaTransactionManagerLookup;
/**
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
@@ -71,29 +60,16 @@ public class DefaultJpaConnectionProviderFactory implements JpaConnectionProvide
private volatile EntityManagerFactory emf;
private Config.Scope config;
-
- private Map<String, String> operationalInfo;
-
- private boolean jtaEnabled;
- private JtaTransactionManagerLookup jtaLookup;
-
- private KeycloakSessionFactory factory;
+
+ private Map<String,String> operationalInfo;
@Override
public JpaConnectionProvider create(KeycloakSession session) {
- logger.trace("Create JpaConnectionProvider");
lazyInit(session);
- EntityManager em = null;
- if (!jtaEnabled) {
- logger.trace("enlisting EntityManager in JpaKeycloakTransaction");
- em = emf.createEntityManager();
- } else {
-
- em = emf.createEntityManager(SynchronizationType.SYNCHRONIZED);
- }
+ EntityManager em = emf.createEntityManager();
em = PersistenceExceptionConverter.create(em);
- if (!jtaEnabled) session.getTransactionManager().enlist(new JpaKeycloakTransaction(em));
+ session.getTransactionManager().enlist(new JpaKeycloakTransaction(em));
return new DefaultJpaConnectionProvider(em);
}
@@ -116,112 +92,85 @@ public class DefaultJpaConnectionProviderFactory implements JpaConnectionProvide
@Override
public void postInit(KeycloakSessionFactory factory) {
- this.factory = factory;
- checkJtaEnabled(factory);
}
- protected void checkJtaEnabled(KeycloakSessionFactory factory) {
- jtaLookup = (JtaTransactionManagerLookup) factory.getProviderFactory(JtaTransactionManagerLookup.class);
- if (jtaLookup != null) {
- if (jtaLookup.getTransactionManager() != null) {
- jtaEnabled = true;
- }
- }
- }
-
private void lazyInit(KeycloakSession session) {
if (emf == null) {
synchronized (this) {
if (emf == null) {
- KeycloakModelUtils.suspendJtaTransaction(session.getKeycloakSessionFactory(), () -> {
- logger.debug("Initializing JPA connections");
+ logger.debug("Initializing JPA connections");
- Map<String, Object> properties = new HashMap<String, Object>();
+ Map<String, Object> properties = new HashMap<String, Object>();
- String unitName = "keycloak-default";
+ String unitName = "keycloak-default";
- String dataSource = config.get("dataSource");
- if (dataSource != null) {
- if (config.getBoolean("jta", jtaEnabled)) {
- properties.put(AvailableSettings.JTA_DATASOURCE, dataSource);
- } else {
- properties.put(AvailableSettings.NON_JTA_DATASOURCE, dataSource);
- }
+ String dataSource = config.get("dataSource");
+ if (dataSource != null) {
+ if (config.getBoolean("jta", false)) {
+ properties.put(AvailableSettings.JTA_DATASOURCE, dataSource);
} else {
- properties.put(AvailableSettings.JDBC_URL, config.get("url"));
- properties.put(AvailableSettings.JDBC_DRIVER, config.get("driver"));
-
- String user = config.get("user");
- if (user != null) {
- properties.put(AvailableSettings.JDBC_USER, user);
- }
- String password = config.get("password");
- if (password != null) {
- properties.put(AvailableSettings.JDBC_PASSWORD, password);
- }
+ properties.put(AvailableSettings.NON_JTA_DATASOURCE, dataSource);
+ }
+ } else {
+ properties.put(AvailableSettings.JDBC_URL, config.get("url"));
+ properties.put(AvailableSettings.JDBC_DRIVER, config.get("driver"));
+
+ String user = config.get("user");
+ if (user != null) {
+ properties.put(AvailableSettings.JDBC_USER, user);
+ }
+ String password = config.get("password");
+ if (password != null) {
+ properties.put(AvailableSettings.JDBC_PASSWORD, password);
+ }
+ }
+
+ String schema = getSchema();
+ if (schema != null) {
+ properties.put(JpaUtils.HIBERNATE_DEFAULT_SCHEMA, schema);
+ }
+
+ MigrationStrategy migrationStrategy = getMigrationStrategy();
+ boolean initializeEmpty = config.getBoolean("initializeEmpty", true);
+ File databaseUpdateFile = getDatabaseUpdateFile();
+
+ properties.put("hibernate.show_sql", config.getBoolean("showSql", false));
+ properties.put("hibernate.format_sql", config.getBoolean("formatSql", true));
+
+ Connection connection = getConnection();
+ try{
+ prepareOperationalInfo(connection);
+
+ String driverDialect = detectDialect(connection);
+ if (driverDialect != null) {
+ properties.put("hibernate.dialect", driverDialect);
}
- String schema = getSchema();
- if (schema != null) {
- properties.put(JpaUtils.HIBERNATE_DEFAULT_SCHEMA, schema);
+ migration(migrationStrategy, initializeEmpty, schema, databaseUpdateFile, connection, session);
+
+ int globalStatsInterval = config.getInt("globalStatsInterval", -1);
+ if (globalStatsInterval != -1) {
+ properties.put("hibernate.generate_statistics", true);
}
- MigrationStrategy migrationStrategy = getMigrationStrategy();
- boolean initializeEmpty = config.getBoolean("initializeEmpty", true);
- File databaseUpdateFile = getDatabaseUpdateFile();
-
- properties.put("hibernate.show_sql", config.getBoolean("showSql", false));
- properties.put("hibernate.format_sql", config.getBoolean("formatSql", true));
-
- Connection connection = getConnection();
- try {
- prepareOperationalInfo(connection);
-
- String driverDialect = detectDialect(connection);
- if (driverDialect != null) {
- properties.put("hibernate.dialect", driverDialect);
- }
-
- migration(migrationStrategy, initializeEmpty, schema, databaseUpdateFile, connection, session);
-
- int globalStatsInterval = config.getInt("globalStatsInterval", -1);
- if (globalStatsInterval != -1) {
- properties.put("hibernate.generate_statistics", true);
- }
-
- logger.trace("Creating EntityManagerFactory");
- logger.tracev("***** create EMF jtaEnabled {0} ", jtaEnabled);
- if (jtaEnabled) {
- properties.put(org.hibernate.cfg.AvailableSettings.JTA_PLATFORM, new AbstractJtaPlatform() {
- @Override
- protected TransactionManager locateTransactionManager() {
- return jtaLookup.getTransactionManager();
- }
-
- @Override
- protected UserTransaction locateUserTransaction() {
- return null;
- }
- });
- }
- emf = JpaUtils.createEntityManagerFactory(session, unitName, properties, getClass().getClassLoader(), jtaEnabled);
- logger.trace("EntityManagerFactory created");
-
- if (globalStatsInterval != -1) {
- startGlobalStats(session, globalStatsInterval);
- }
- } finally {
- // Close after creating EntityManagerFactory to prevent in-mem databases from closing
- if (connection != null) {
- try {
- connection.close();
- } catch (SQLException e) {
- logger.warn("Can't close connection", e);
- }
- }
+ logger.trace("Creating EntityManagerFactory");
+ emf = JpaUtils.createEntityManagerFactory(session, unitName, properties, getClass().getClassLoader());
+ logger.trace("EntityManagerFactory created");
+
+ if (globalStatsInterval != -1) {
+ startGlobalStats(session, globalStatsInterval);
}
- });
+ } finally {
+ // Close after creating EntityManagerFactory to prevent in-mem databases from closing
+ if (connection != null) {
+ try {
+ connection.close();
+ } catch (SQLException e) {
+ logger.warn("Can't close connection", e);
+ }
+ }
+ }
}
}
}
@@ -233,19 +182,19 @@ public class DefaultJpaConnectionProviderFactory implements JpaConnectionProvide
}
protected void prepareOperationalInfo(Connection connection) {
- try {
- operationalInfo = new LinkedHashMap<>();
- DatabaseMetaData md = connection.getMetaData();
- operationalInfo.put("databaseUrl", md.getURL());
- operationalInfo.put("databaseUser", md.getUserName());
- operationalInfo.put("databaseProduct", md.getDatabaseProductName() + " " + md.getDatabaseProductVersion());
- operationalInfo.put("databaseDriver", md.getDriverName() + " " + md.getDriverVersion());
+ try {
+ operationalInfo = new LinkedHashMap<>();
+ DatabaseMetaData md = connection.getMetaData();
+ operationalInfo.put("databaseUrl",md.getURL());
+ operationalInfo.put("databaseUser", md.getUserName());
+ operationalInfo.put("databaseProduct", md.getDatabaseProductName() + " " + md.getDatabaseProductVersion());
+ operationalInfo.put("databaseDriver", md.getDriverName() + " " + md.getDriverVersion());
logger.debugf("Database info: %s", operationalInfo.toString());
- } catch (SQLException e) {
- logger.warn("Unable to prepare operational info due database exception: " + e.getMessage());
- }
- }
+ } catch (SQLException e) {
+ logger.warn("Unable to prepare operational info due database exception: " + e.getMessage());
+ }
+ }
protected String detectDialect(Connection connection) {
@@ -385,11 +334,11 @@ public class DefaultJpaConnectionProviderFactory implements JpaConnectionProvide
public String getSchema() {
return config.get("schema");
}
-
+
@Override
- public Map<String, String> getOperationalInfo() {
- return operationalInfo;
- }
+ public Map<String,String> getOperationalInfo() {
+ return operationalInfo;
+ }
private MigrationStrategy getMigrationStrategy() {
String migrationStrategy = config.get("migrationStrategy");
diff --git a/model/jpa/src/main/java/org/keycloak/connections/jpa/updater/liquibase/lock/LiquibaseDBLockProvider.java b/model/jpa/src/main/java/org/keycloak/connections/jpa/updater/liquibase/lock/LiquibaseDBLockProvider.java
index d080542..7c48499 100644
--- a/model/jpa/src/main/java/org/keycloak/connections/jpa/updater/liquibase/lock/LiquibaseDBLockProvider.java
+++ b/model/jpa/src/main/java/org/keycloak/connections/jpa/updater/liquibase/lock/LiquibaseDBLockProvider.java
@@ -23,13 +23,14 @@ import java.sql.SQLException;
import liquibase.Liquibase;
import liquibase.exception.DatabaseException;
import liquibase.exception.LiquibaseException;
+import liquibase.exception.LockException;
+import liquibase.lockservice.LockService;
import org.jboss.logging.Logger;
import org.keycloak.connections.jpa.JpaConnectionProvider;
import org.keycloak.connections.jpa.JpaConnectionProviderFactory;
import org.keycloak.connections.jpa.updater.liquibase.conn.LiquibaseConnectionProvider;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.dblock.DBLockProvider;
-import org.keycloak.models.utils.KeycloakModelUtils;
/**
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
@@ -56,7 +57,6 @@ public class LiquibaseDBLockProvider implements DBLockProvider {
this.session = session;
}
-
private void lazyInit() {
if (!initialized) {
LiquibaseConnectionProvider liquibaseProvider = session.getProvider(LiquibaseConnectionProvider.class);
@@ -92,41 +92,35 @@ public class LiquibaseDBLockProvider implements DBLockProvider {
@Override
public void waitForLock() {
- KeycloakModelUtils.suspendJtaTransaction(session.getKeycloakSessionFactory(), () -> {
-
- lazyInit();
-
- while (maxAttempts > 0) {
- try {
- lockService.waitForLock();
- factory.setHasLock(true);
- this.maxAttempts = DEFAULT_MAX_ATTEMPTS;
- return;
- } catch (LockRetryException le) {
- // Indicates we should try to acquire lock again in different transaction
- safeRollbackConnection();
- restart();
- maxAttempts--;
- } catch (RuntimeException re) {
- safeRollbackConnection();
- safeCloseConnection();
- throw re;
- }
- }
- });
+ lazyInit();
+ while (maxAttempts > 0) {
+ try {
+ lockService.waitForLock();
+ factory.setHasLock(true);
+ this.maxAttempts = DEFAULT_MAX_ATTEMPTS;
+ return;
+ } catch (LockRetryException le) {
+ // Indicates we should try to acquire lock again in different transaction
+ safeRollbackConnection();
+ restart();
+ maxAttempts--;
+ } catch (RuntimeException re) {
+ safeRollbackConnection();
+ safeCloseConnection();
+ throw re;
+ }
+ }
}
@Override
public void releaseLock() {
- KeycloakModelUtils.suspendJtaTransaction(session.getKeycloakSessionFactory(), () -> {
- lazyInit();
+ lazyInit();
- lockService.releaseLock();
- lockService.reset();
- factory.setHasLock(false);
- });
+ lockService.releaseLock();
+ lockService.reset();
+ factory.setHasLock(false);
}
@Override
@@ -142,25 +136,21 @@ public class LiquibaseDBLockProvider implements DBLockProvider {
@Override
public void destroyLockInfo() {
- KeycloakModelUtils.suspendJtaTransaction(session.getKeycloakSessionFactory(), () -> {
- lazyInit();
+ lazyInit();
- try {
- this.lockService.destroy();
- dbConnection.commit();
- logger.debug("Destroyed lock table");
- } catch (DatabaseException | SQLException de) {
- logger.error("Failed to destroy lock table");
- safeRollbackConnection();
- }
- });
+ try {
+ this.lockService.destroy();
+ dbConnection.commit();
+ logger.debug("Destroyed lock table");
+ } catch (DatabaseException | SQLException de) {
+ logger.error("Failed to destroy lock table");
+ safeRollbackConnection();
+ }
}
@Override
public void close() {
- KeycloakModelUtils.suspendJtaTransaction(session.getKeycloakSessionFactory(), () -> {
- safeCloseConnection();
- });
+ safeCloseConnection();
}
private void safeRollbackConnection() {
diff --git a/model/jpa/src/main/java/org/keycloak/connections/jpa/util/JpaUtils.java b/model/jpa/src/main/java/org/keycloak/connections/jpa/util/JpaUtils.java
index 0385f6a..5ac7d2f 100644
--- a/model/jpa/src/main/java/org/keycloak/connections/jpa/util/JpaUtils.java
+++ b/model/jpa/src/main/java/org/keycloak/connections/jpa/util/JpaUtils.java
@@ -21,8 +21,6 @@ import org.hibernate.boot.registry.classloading.internal.ClassLoaderServiceImpl;
import org.hibernate.jpa.boot.internal.ParsedPersistenceXmlDescriptor;
import org.hibernate.jpa.boot.internal.PersistenceXmlParser;
import org.hibernate.jpa.boot.spi.Bootstrap;
-import org.jboss.logging.Logger;
-import org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory;
import org.keycloak.connections.jpa.entityprovider.JpaEntityProvider;
import org.keycloak.connections.jpa.entityprovider.ProxyClassLoader;
import org.keycloak.models.KeycloakSession;
@@ -48,9 +46,8 @@ public class JpaUtils {
return (schema==null) ? tableName : schema + "." + tableName;
}
- public static EntityManagerFactory createEntityManagerFactory(KeycloakSession session, String unitName, Map<String, Object> properties, ClassLoader classLoader, boolean jta) {
- PersistenceUnitTransactionType txType = jta ? PersistenceUnitTransactionType.JTA : PersistenceUnitTransactionType.RESOURCE_LOCAL;
- PersistenceXmlParser parser = new PersistenceXmlParser(new ClassLoaderServiceImpl(classLoader), txType);
+ public static EntityManagerFactory createEntityManagerFactory(KeycloakSession session, String unitName, Map<String, Object> properties, ClassLoader classLoader) {
+ PersistenceXmlParser parser = new PersistenceXmlParser(new ClassLoaderServiceImpl(classLoader), PersistenceUnitTransactionType.RESOURCE_LOCAL);
List<ParsedPersistenceXmlDescriptor> persistenceUnits = parser.doResolve(properties);
for (ParsedPersistenceXmlDescriptor persistenceUnit : persistenceUnits) {
if (persistenceUnit.getName().equals(unitName)) {
@@ -61,7 +58,6 @@ public class JpaUtils {
}
// Now build the entity manager factory, supplying a proxy classloader, so Hibernate will be able
// to find and load the extra provided entities. Set the provided classloader as parent classloader.
- persistenceUnit.setTransactionType(txType);
return Bootstrap.getEntityManagerFactoryBuilder(persistenceUnit, properties,
new ProxyClassLoader(providedEntities, classLoader)).build();
}
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/CredentialEntity.java b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/CredentialEntity.java
index 4c8f0b3..ceb284c 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/CredentialEntity.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/CredentialEntity.java
@@ -19,7 +19,6 @@ package org.keycloak.models.jpa.entities;
import javax.persistence.Access;
import javax.persistence.AccessType;
-import javax.persistence.CascadeType;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.FetchType;
@@ -28,19 +27,14 @@ import javax.persistence.JoinColumn;
import javax.persistence.ManyToOne;
import javax.persistence.NamedQueries;
import javax.persistence.NamedQuery;
-import javax.persistence.OneToMany;
import javax.persistence.Table;
-import java.util.ArrayList;
-import java.util.Collection;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
@NamedQueries({
- @NamedQuery(name="credentialByUser", query="select cred from CredentialEntity cred where cred.user = :user"),
@NamedQuery(name="credentialByUserAndType", query="select cred from CredentialEntity cred where cred.user = :user and cred.type = :type"),
- @NamedQuery(name="credentialByNameAndType", query="select cred from CredentialEntity cred where cred.user = :user and cred.type = :type and cred.device = :device"),
@NamedQuery(name="deleteCredentialsByRealm", query="delete from CredentialEntity cred where cred.user IN (select u from UserEntity u where u.realmId=:realmId)"),
@NamedQuery(name="deleteCredentialsByRealmAndLink", query="delete from CredentialEntity cred where cred.user IN (select u from UserEntity u where u.realmId=:realmId and u.federationLink=:link)")
@@ -80,8 +74,6 @@ public class CredentialEntity {
@Column(name="PERIOD")
protected int period;
- @OneToMany(cascade = CascadeType.REMOVE, fetch = FetchType.EAGER, orphanRemoval = true, mappedBy="credential")
- protected Collection<CredentialAttributeEntity> credentialAttributes = new ArrayList<>();
public String getId() {
return id;
@@ -179,14 +171,6 @@ public class CredentialEntity {
this.period = period;
}
- public Collection<CredentialAttributeEntity> getCredentialAttributes() {
- return credentialAttributes;
- }
-
- public void setCredentialAttributes(Collection<CredentialAttributeEntity> credentialAttributes) {
- this.credentialAttributes = credentialAttributes;
- }
-
@Override
public boolean equals(Object o) {
if (this == o) return true;
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/JpaUserProvider.java b/model/jpa/src/main/java/org/keycloak/models/jpa/JpaUserProvider.java
index d44c6fe..0d938d6 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/JpaUserProvider.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/JpaUserProvider.java
@@ -17,11 +17,7 @@
package org.keycloak.models.jpa;
-import org.keycloak.common.util.MultivaluedHashMap;
import org.keycloak.component.ComponentModel;
-import org.keycloak.credential.CredentialInput;
-import org.keycloak.credential.CredentialModel;
-import org.keycloak.credential.UserCredentialStore;
import org.keycloak.models.ClientModel;
import org.keycloak.models.CredentialValidationOutput;
import org.keycloak.models.FederatedIdentityModel;
@@ -38,8 +34,6 @@ import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserProvider;
-import org.keycloak.models.jpa.entities.CredentialAttributeEntity;
-import org.keycloak.models.jpa.entities.CredentialEntity;
import org.keycloak.models.jpa.entities.FederatedIdentityEntity;
import org.keycloak.models.jpa.entities.UserAttributeEntity;
import org.keycloak.models.jpa.entities.UserConsentEntity;
@@ -54,9 +48,7 @@ import javax.persistence.EntityManager;
import javax.persistence.TypedQuery;
import java.util.ArrayList;
import java.util.Collection;
-import java.util.Collections;
import java.util.HashSet;
-import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
@@ -66,7 +58,7 @@ import java.util.Set;
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
-public class JpaUserProvider implements UserProvider, UserCredentialStore {
+public class JpaUserProvider implements UserProvider {
private static final String EMAIL = "email";
private static final String USERNAME = "username";
@@ -375,8 +367,6 @@ public class JpaUserProvider implements UserProvider, UserCredentialStore {
.setParameter("realmId", realm.getId()).executeUpdate();
num = em.createNamedQuery("deleteFederatedIdentityByRealm")
.setParameter("realmId", realm.getId()).executeUpdate();
- num = em.createNamedQuery("deleteCredentialAttributeByRealm")
- .setParameter("realmId", realm.getId()).executeUpdate();
num = em.createNamedQuery("deleteCredentialsByRealm")
.setParameter("realmId", realm.getId()).executeUpdate();
num = em.createNamedQuery("deleteUserAttributesByRealm")
@@ -401,10 +391,6 @@ public class JpaUserProvider implements UserProvider, UserCredentialStore {
.setParameter("realmId", realm.getId())
.setParameter("link", link.getId())
.executeUpdate();
- num = em.createNamedQuery("deleteCredentialAttributeByRealmAndLink")
- .setParameter("realmId", realm.getId())
- .setParameter("link", link.getId())
- .executeUpdate();
num = em.createNamedQuery("deleteCredentialsByRealmAndLink")
.setParameter("realmId", realm.getId())
.setParameter("link", link.getId())
@@ -730,174 +716,4 @@ public class JpaUserProvider implements UserProvider, UserCredentialStore {
public void preRemove(RealmModel realm, ComponentModel component) {
}
-
- @Override
- public void updateCredential(RealmModel realm, UserModel user, CredentialModel cred) {
- CredentialEntity entity = em.find(CredentialEntity.class, cred.getId());
- if (entity == null) return;
- entity.setAlgorithm(cred.getAlgorithm());
- entity.setCounter(cred.getCounter());
- entity.setCreatedDate(cred.getCreatedDate());
- entity.setDevice(cred.getDevice());
- entity.setDigits(cred.getDigits());
- entity.setHashIterations(cred.getHashIterations());
- entity.setPeriod(cred.getPeriod());
- entity.setSalt(cred.getSalt());
- entity.setType(cred.getType());
- entity.setValue(cred.getValue());
- if (entity.getCredentialAttributes().isEmpty() && (cred.getConfig() == null || cred.getConfig().isEmpty())) {
-
- } else {
- MultivaluedHashMap<String, String> attrs = cred.getConfig();
- MultivaluedHashMap<String, String> config = cred.getConfig();
- if (config == null) config = new MultivaluedHashMap<>();
-
- Iterator<CredentialAttributeEntity> it = entity.getCredentialAttributes().iterator();
- while (it.hasNext()) {
- CredentialAttributeEntity attr = it.next();
- List<String> values = config.getList(attr.getName());
- if (values == null || !values.contains(attr.getValue())) {
- em.remove(attr);
- it.remove();
- } else {
- attrs.add(attr.getName(), attr.getValue());
- }
-
- }
- for (String key : config.keySet()) {
- List<String> values = config.getList(key);
- List<String> attrValues = attrs.getList(key);
- for (String val : values) {
- if (attrValues == null || !attrValues.contains(val)) {
- CredentialAttributeEntity attr = new CredentialAttributeEntity();
- attr.setId(KeycloakModelUtils.generateId());
- attr.setValue(val);
- attr.setName(key);
- attr.setCredential(entity);
- em.persist(attr);
- entity.getCredentialAttributes().add(attr);
- }
- }
- }
-
- }
-
- }
-
- @Override
- public CredentialModel createCredential(RealmModel realm, UserModel user, CredentialModel cred) {
- CredentialEntity entity = new CredentialEntity();
- String id = cred.getId() == null ? KeycloakModelUtils.generateId() : cred.getId();
- entity.setId(id);
- entity.setAlgorithm(cred.getAlgorithm());
- entity.setCounter(cred.getCounter());
- entity.setCreatedDate(cred.getCreatedDate());
- entity.setDevice(cred.getDevice());
- entity.setDigits(cred.getDigits());
- entity.setHashIterations(cred.getHashIterations());
- entity.setPeriod(cred.getPeriod());
- entity.setSalt(cred.getSalt());
- entity.setType(cred.getType());
- entity.setValue(cred.getValue());
- UserEntity userRef = em.getReference(UserEntity.class, user.getId());
- entity.setUser(userRef);
- em.persist(entity);
- MultivaluedHashMap<String, String> config = cred.getConfig();
- if (config != null || !config.isEmpty()) {
-
- for (String key : config.keySet()) {
- List<String> values = config.getList(key);
- for (String val : values) {
- CredentialAttributeEntity attr = new CredentialAttributeEntity();
- attr.setId(KeycloakModelUtils.generateId());
- attr.setValue(val);
- attr.setName(key);
- attr.setCredential(entity);
- em.persist(attr);
- entity.getCredentialAttributes().add(attr);
- }
- }
-
- }
- return toModel(entity);
- }
-
- @Override
- public boolean removeStoredCredential(RealmModel realm, UserModel user, String id) {
- CredentialEntity entity = em.find(CredentialEntity.class, id);
- if (entity == null) return false;
- em.remove(entity);
- return true;
- }
-
- @Override
- public CredentialModel getStoredCredentialById(RealmModel realm, UserModel user, String id) {
- CredentialEntity entity = em.find(CredentialEntity.class, id);
- if (entity == null) return null;
- CredentialModel model = toModel(entity);
- return model;
- }
-
- protected CredentialModel toModel(CredentialEntity entity) {
- CredentialModel model = new CredentialModel();
- model.setId(entity.getId());
- model.setType(entity.getType());
- model.setValue(entity.getValue());
- model.setAlgorithm(entity.getAlgorithm());
- model.setSalt(entity.getSalt());
- model.setPeriod(entity.getPeriod());
- model.setCounter(entity.getCounter());
- model.setCreatedDate(entity.getCreatedDate());
- model.setDevice(entity.getDevice());
- model.setDigits(entity.getDigits());
- MultivaluedHashMap<String, String> config = new MultivaluedHashMap<>();
- model.setConfig(config);
- for (CredentialAttributeEntity attr : entity.getCredentialAttributes()) {
- config.add(attr.getName(), attr.getValue());
- }
- return model;
- }
-
- @Override
- public List<CredentialModel> getStoredCredentials(RealmModel realm, UserModel user) {
- UserEntity userEntity = em.getReference(UserEntity.class, user.getId());
- TypedQuery<CredentialEntity> query = em.createNamedQuery("credentialByUser", CredentialEntity.class)
- .setParameter("user", userEntity);
- List<CredentialEntity> results = query.getResultList();
- List<CredentialModel> rtn = new LinkedList<>();
- for (CredentialEntity entity : results) {
- rtn.add(toModel(entity));
- }
- return rtn;
- }
-
- @Override
- public List<CredentialModel> getStoredCredentialsByType(RealmModel realm, UserModel user, String type) {
- UserEntity userEntity = em.getReference(UserEntity.class, user.getId());
- TypedQuery<CredentialEntity> query = em.createNamedQuery("credentialByUserAndType", CredentialEntity.class)
- .setParameter("type", type)
- .setParameter("user", userEntity);
- List<CredentialEntity> results = query.getResultList();
- List<CredentialModel> rtn = new LinkedList<>();
- for (CredentialEntity entity : results) {
- rtn.add(toModel(entity));
- }
- return rtn;
- }
-
- @Override
- public CredentialModel getStoredCredentialByNameAndType(RealmModel realm, UserModel user, String name, String type) {
- UserEntity userEntity = em.getReference(UserEntity.class, user.getId());
- TypedQuery<CredentialEntity> query = em.createNamedQuery("credentialByNameAndType", CredentialEntity.class)
- .setParameter("type", type)
- .setParameter("device", name)
- .setParameter("user", userEntity);
- List<CredentialEntity> results = query.getResultList();
- if (results.isEmpty()) return null;
- return toModel(results.get(0));
- }
-
-
-
-
}
diff --git a/model/jpa/src/main/java/org/keycloak/storage/jpa/entity/FederatedUserCredentialEntity.java b/model/jpa/src/main/java/org/keycloak/storage/jpa/entity/FederatedUserCredentialEntity.java
index 52a757c..996608b 100755
--- a/model/jpa/src/main/java/org/keycloak/storage/jpa/entity/FederatedUserCredentialEntity.java
+++ b/model/jpa/src/main/java/org/keycloak/storage/jpa/entity/FederatedUserCredentialEntity.java
@@ -17,12 +17,10 @@
package org.keycloak.storage.jpa.entity;
-import org.keycloak.models.jpa.entities.CredentialEntity;
import org.keycloak.models.jpa.entities.UserEntity;
import javax.persistence.Access;
import javax.persistence.AccessType;
-import javax.persistence.CascadeType;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.FetchType;
@@ -31,10 +29,7 @@ import javax.persistence.JoinColumn;
import javax.persistence.ManyToOne;
import javax.persistence.NamedQueries;
import javax.persistence.NamedQuery;
-import javax.persistence.OneToMany;
import javax.persistence.Table;
-import java.util.ArrayList;
-import java.util.Collection;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
@@ -43,7 +38,6 @@ import java.util.Collection;
@NamedQueries({
@NamedQuery(name="federatedUserCredentialByUser", query="select cred from FederatedUserCredentialEntity cred where cred.userId = :userId"),
@NamedQuery(name="federatedUserCredentialByUserAndType", query="select cred from FederatedUserCredentialEntity cred where cred.userId = :userId and cred.type = :type"),
- @NamedQuery(name="federatedUserCredentialByNameAndType", query="select cred from FederatedUserCredentialEntity cred where cred.userId = :userId and cred.type = :type and cred.device = :device"),
@NamedQuery(name="deleteFederatedUserCredentialByUser", query="delete from FederatedUserCredentialEntity cred where cred.userId = :userId and cred.realmId = :realmId"),
@NamedQuery(name="deleteFederatedUserCredentialByUserAndType", query="delete from FederatedUserCredentialEntity cred where cred.userId = :userId and cred.type = :type"),
@NamedQuery(name="deleteFederatedUserCredentialByUserAndTypeAndDevice", query="delete from FederatedUserCredentialEntity cred where cred.userId = :userId and cred.type = :type and cred.device = :device"),
@@ -93,8 +87,6 @@ public class FederatedUserCredentialEntity {
protected int digits;
@Column(name="PERIOD")
protected int period;
- @OneToMany(cascade = CascadeType.REMOVE, fetch = FetchType.EAGER, orphanRemoval = true, mappedBy="credential")
- protected Collection<FederatedUserCredentialAttributeEntity> credentialAttributes = new ArrayList<>();
public String getId() {
@@ -209,14 +201,6 @@ public class FederatedUserCredentialEntity {
this.period = period;
}
- public Collection<FederatedUserCredentialAttributeEntity> getCredentialAttributes() {
- return credentialAttributes;
- }
-
- public void setCredentialAttributes(Collection<FederatedUserCredentialAttributeEntity> credentialAttributes) {
- this.credentialAttributes = credentialAttributes;
- }
-
@Override
public boolean equals(Object o) {
if (this == o) return true;
diff --git a/model/jpa/src/main/java/org/keycloak/storage/jpa/JpaUserFederatedStorageProvider.java b/model/jpa/src/main/java/org/keycloak/storage/jpa/JpaUserFederatedStorageProvider.java
index 1c72da0..f6710dd 100644
--- a/model/jpa/src/main/java/org/keycloak/storage/jpa/JpaUserFederatedStorageProvider.java
+++ b/model/jpa/src/main/java/org/keycloak/storage/jpa/JpaUserFederatedStorageProvider.java
@@ -18,8 +18,6 @@ package org.keycloak.storage.jpa;
import org.keycloak.common.util.MultivaluedHashMap;
import org.keycloak.component.ComponentModel;
-import org.keycloak.credential.CredentialModel;
-import org.keycloak.credential.UserCredentialStore;
import org.keycloak.models.ClientModel;
import org.keycloak.models.FederatedIdentityModel;
import org.keycloak.models.GroupModel;
@@ -51,7 +49,6 @@ import org.keycloak.storage.jpa.entity.FederatedUserAttributeEntity;
import org.keycloak.storage.jpa.entity.FederatedUserConsentEntity;
import org.keycloak.storage.jpa.entity.FederatedUserConsentProtocolMapperEntity;
import org.keycloak.storage.jpa.entity.FederatedUserConsentRoleEntity;
-import org.keycloak.storage.jpa.entity.FederatedUserCredentialAttributeEntity;
import org.keycloak.storage.jpa.entity.FederatedUserCredentialEntity;
import org.keycloak.storage.jpa.entity.FederatedUserGroupMembershipEntity;
import org.keycloak.storage.jpa.entity.FederatedUserRequiredActionEntity;
@@ -62,7 +59,6 @@ import javax.persistence.TypedQuery;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
-import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
@@ -79,8 +75,7 @@ public class JpaUserFederatedStorageProvider implements
UserCredentialsFederatedStorage,
UserGroupMembershipFederatedStorage,
UserRequiredActionsFederatedStorage,
- UserRoleMappingsFederatedStorage,
- UserCredentialStore {
+ UserRoleMappingsFederatedStorage {
private final KeycloakSession session;
protected EntityManager em;
@@ -612,200 +607,6 @@ public class JpaUserFederatedStorageProvider implements
}
@Override
- public boolean removeCredential(RealmModel realm, String id) {
- return false;
- }
-
- @Override
- public CredentialModel getCredentialById(String id) {
- return null;
- }
-
- @Override
- public List<CredentialModel> getCredentials(RealmModel realm) {
- return null;
- }
-
- @Override
- public List<CredentialModel> getUserCredentials(RealmModel realm, UserModel user) {
- return null;
- }
-
- @Override
- public List<CredentialModel> getCredentialsByType(RealmModel realm, UserModel user, String type) {
- return null;
- }
-
- @Override
- public CredentialModel getCredentialByNameAndType(RealmModel realm, UserModel user, String name, String type) {
- return null;
- }
-
- @Override
- public void updateCredential(RealmModel realm, UserModel user, CredentialModel cred) {
- FederatedUserCredentialEntity entity = em.find(FederatedUserCredentialEntity.class, cred.getId());
- if (entity == null) return;
- entity.setAlgorithm(cred.getAlgorithm());
- entity.setCounter(cred.getCounter());
- entity.setCreatedDate(cred.getCreatedDate());
- entity.setDevice(cred.getDevice());
- entity.setDigits(cred.getDigits());
- entity.setHashIterations(cred.getHashIterations());
- entity.setPeriod(cred.getPeriod());
- entity.setSalt(cred.getSalt());
- entity.setType(cred.getType());
- entity.setValue(cred.getValue());
- if (entity.getCredentialAttributes().isEmpty() && (cred.getConfig() == null || cred.getConfig().isEmpty())) {
-
- } else {
- MultivaluedHashMap<String, String> attrs = cred.getConfig();
- MultivaluedHashMap<String, String> config = cred.getConfig();
- if (config == null) config = new MultivaluedHashMap<>();
-
- Iterator<FederatedUserCredentialAttributeEntity> it = entity.getCredentialAttributes().iterator();
- while (it.hasNext()) {
- FederatedUserCredentialAttributeEntity attr = it.next();
- List<String> values = config.getList(attr.getName());
- if (values == null || !values.contains(attr.getValue())) {
- em.remove(attr);
- it.remove();
- } else {
- attrs.add(attr.getName(), attr.getValue());
- }
-
- }
- for (String key : config.keySet()) {
- List<String> values = config.getList(key);
- List<String> attrValues = attrs.getList(key);
- for (String val : values) {
- if (attrValues == null || !attrValues.contains(val)) {
- FederatedUserCredentialAttributeEntity attr = new FederatedUserCredentialAttributeEntity();
- attr.setId(KeycloakModelUtils.generateId());
- attr.setValue(val);
- attr.setName(key);
- attr.setCredential(entity);
- em.persist(attr);
- entity.getCredentialAttributes().add(attr);
- }
- }
- }
-
- }
-
- }
-
- @Override
- public CredentialModel createCredential(RealmModel realm, UserModel user, CredentialModel cred) {
- FederatedUserCredentialEntity entity = new FederatedUserCredentialEntity();
- String id = cred.getId() == null ? KeycloakModelUtils.generateId() : cred.getId();
- entity.setId(id);
- entity.setAlgorithm(cred.getAlgorithm());
- entity.setCounter(cred.getCounter());
- entity.setCreatedDate(cred.getCreatedDate());
- entity.setDevice(cred.getDevice());
- entity.setDigits(cred.getDigits());
- entity.setHashIterations(cred.getHashIterations());
- entity.setPeriod(cred.getPeriod());
- entity.setSalt(cred.getSalt());
- entity.setType(cred.getType());
- entity.setValue(cred.getValue());
- entity.setUserId(user.getId());
- entity.setRealmId(realm.getId());
- entity.setStorageProviderId(StorageId.resolveProviderId(user));
- em.persist(entity);
- MultivaluedHashMap<String, String> config = cred.getConfig();
- if (config != null || !config.isEmpty()) {
-
- for (String key : config.keySet()) {
- List<String> values = config.getList(key);
- for (String val : values) {
- FederatedUserCredentialAttributeEntity attr = new FederatedUserCredentialAttributeEntity();
- attr.setId(KeycloakModelUtils.generateId());
- attr.setValue(val);
- attr.setName(key);
- attr.setCredential(entity);
- em.persist(attr);
- entity.getCredentialAttributes().add(attr);
- }
- }
-
- }
- return toModel(entity);
- }
-
- @Override
- public boolean removeStoredCredential(RealmModel realm, UserModel user, String id) {
- FederatedUserCredentialEntity entity = em.find(FederatedUserCredentialEntity.class, id);
- if (entity == null) return false;
- em.remove(entity);
- return true;
- }
-
- @Override
- public CredentialModel getStoredCredentialById(RealmModel realm, UserModel user, String id) {
- FederatedUserCredentialEntity entity = em.find(FederatedUserCredentialEntity.class, id);
- if (entity == null) return null;
- CredentialModel model = toModel(entity);
- return model;
- }
-
- protected CredentialModel toModel(FederatedUserCredentialEntity entity) {
- CredentialModel model = new CredentialModel();
- model.setId(entity.getId());
- model.setType(entity.getType());
- model.setValue(entity.getValue());
- model.setAlgorithm(entity.getAlgorithm());
- model.setSalt(entity.getSalt());
- model.setPeriod(entity.getPeriod());
- model.setCounter(entity.getCounter());
- model.setCreatedDate(entity.getCreatedDate());
- model.setDevice(entity.getDevice());
- model.setDigits(entity.getDigits());
- MultivaluedHashMap<String, String> config = new MultivaluedHashMap<>();
- model.setConfig(config);
- for (FederatedUserCredentialAttributeEntity attr : entity.getCredentialAttributes()) {
- config.add(attr.getName(), attr.getValue());
- }
- return model;
- }
-
- @Override
- public List<CredentialModel> getStoredCredentials(RealmModel realm, UserModel user) {
- TypedQuery<FederatedUserCredentialEntity> query = em.createNamedQuery("federatedUserCredentialByUser", FederatedUserCredentialEntity.class)
- .setParameter("userId", user.getId());
- List<FederatedUserCredentialEntity> results = query.getResultList();
- List<CredentialModel> rtn = new LinkedList<>();
- for (FederatedUserCredentialEntity entity : results) {
- rtn.add(toModel(entity));
- }
- return rtn;
- }
-
- @Override
- public List<CredentialModel> getStoredCredentialsByType(RealmModel realm, UserModel user, String type) {
- TypedQuery<FederatedUserCredentialEntity> query = em.createNamedQuery("federatedUserCredentialByUserAndType", FederatedUserCredentialEntity.class)
- .setParameter("type", type)
- .setParameter("userId", user.getId());
- List<FederatedUserCredentialEntity> results = query.getResultList();
- List<CredentialModel> rtn = new LinkedList<>();
- for (FederatedUserCredentialEntity entity : results) {
- rtn.add(toModel(entity));
- }
- return rtn;
- }
-
- @Override
- public CredentialModel getStoredCredentialByNameAndType(RealmModel realm, UserModel user, String name, String type) {
- TypedQuery<FederatedUserCredentialEntity> query = em.createNamedQuery("federatedUserCredentialByNameAndType", FederatedUserCredentialEntity.class)
- .setParameter("type", type)
- .setParameter("device", name)
- .setParameter("userId", user.getId());
- List<FederatedUserCredentialEntity> results = query.getResultList();
- if (results.isEmpty()) return null;
- return toModel(results.get(0));
- }
-
- @Override
public void preRemove(RealmModel realm) {
int num = em.createNamedQuery("deleteFederatedUserConsentRolesByRealm")
.setParameter("realmId", realm.getId()).executeUpdate();
@@ -819,8 +620,6 @@ public class JpaUserFederatedStorageProvider implements
.setParameter("realmId", realm.getId()).executeUpdate();
num = em.createNamedQuery("deleteBrokerLinkByRealm")
.setParameter("realmId", realm.getId()).executeUpdate();
- num = em.createNamedQuery("deleteFederatedCredentialAttributeByRealm")
- .setParameter("realmId", realm.getId()).executeUpdate();
num = em.createNamedQuery("deleteFederatedUserCredentialsByRealm")
.setParameter("realmId", realm.getId()).executeUpdate();
num = em.createNamedQuery("deleteUserFederatedAttributesByRealm")
@@ -843,10 +642,6 @@ public class JpaUserFederatedStorageProvider implements
.setParameter("realmId", realm.getId())
.setParameter("link", link.getId())
.executeUpdate();
- num = em.createNamedQuery("deleteFederatedCredentialAttributeByRealmAndLink")
- .setParameter("realmId", realm.getId())
- .setParameter("link", link.getId())
- .executeUpdate();
num = em.createNamedQuery("deleteFederatedUserCredentialsByRealmAndLink")
.setParameter("realmId", realm.getId())
.setParameter("link", link.getId())
@@ -904,10 +699,6 @@ public class JpaUserFederatedStorageProvider implements
.setParameter("userId", user.getId())
.setParameter("realmId", realm.getId())
.executeUpdate();
- em.createNamedQuery("deleteFederatedCredentialAttributeByUser")
- .setParameter("userId", user.getId())
- .setParameter("realmId", realm.getId())
- .executeUpdate();
em.createNamedQuery("deleteFederatedUserCredentialByUser")
.setParameter("userId", user.getId())
.setParameter("realmId", realm.getId())
@@ -946,9 +737,6 @@ public class JpaUserFederatedStorageProvider implements
em.createNamedQuery("deleteFederatedUserConsentsByStorageProvider")
.setParameter("storageProviderId", model.getId())
.executeUpdate();
- em.createNamedQuery("deleteFederatedCredentialAttributeByStorageProvider")
- .setParameter("storageProviderId", model.getId())
- .executeUpdate();
em.createNamedQuery("deleteFederatedUserCredentialsByStorageProvider")
.setParameter("storageProviderId", model.getId())
.executeUpdate();
diff --git a/model/jpa/src/main/resources/META-INF/jpa-changelog-2.2.0.xml b/model/jpa/src/main/resources/META-INF/jpa-changelog-2.2.0.xml
index a9b6078..63afbb2 100755
--- a/model/jpa/src/main/resources/META-INF/jpa-changelog-2.2.0.xml
+++ b/model/jpa/src/main/resources/META-INF/jpa-changelog-2.2.0.xml
@@ -24,39 +24,4 @@
</addColumn>
</changeSet>
- <changeSet author="bburke@redhat.com" id="2.2.0">
- <createTable tableName="CREDENTIAL_ATTRIBUTE">
- <column name="ID" type="VARCHAR(36)">
- <constraints nullable="false"/>
- </column>
- <column name="CREDENTIAL_ID" type="VARCHAR(36)">
- <constraints nullable="false"/>
- </column>
- <column name="NAME" type="VARCHAR(255)">
- <constraints nullable="false"/>
- </column>
- <column name="VALUE" type="VARCHAR(4000)"/>
- </createTable>
-
- <createTable tableName="FED_CREDENTIAL_ATTRIBUTE">
- <column name="ID" type="VARCHAR(36)">
- <constraints nullable="false"/>
- </column>
- <column name="CREDENTIAL_ID" type="VARCHAR(36)">
- <constraints nullable="false"/>
- </column>
- <column name="NAME" type="VARCHAR(255)">
- <constraints nullable="false"/>
- </column>
- <column name="VALUE" type="VARCHAR(4000)"/>
- </createTable>
- <modifyDataType tableName="CREDENTIAL" columnName="VALUE" newDataType="VARCHAR(4000)"/>
-
- <addForeignKeyConstraint baseColumnNames="CREDENTIAL_ID" baseTableName="FED_CREDENTIAL_ATTRIBUTE" constraintName="FK_FED_CRED_ATTR" referencedColumnNames="ID" referencedTableName="FED_USER_CREDENTIAL"/>
- <addForeignKeyConstraint baseColumnNames="CREDENTIAL_ID" baseTableName="CREDENTIAL_ATTRIBUTE" constraintName="FK_CRED_ATTR" referencedColumnNames="ID" referencedTableName="CREDENTIAL"/>
-
-
- </changeSet>
-
-
</databaseChangeLog>
\ No newline at end of file
diff --git a/model/jpa/src/main/resources/META-INF/persistence.xml b/model/jpa/src/main/resources/META-INF/persistence.xml
index 6288fe5..0b2ff23 100755
--- a/model/jpa/src/main/resources/META-INF/persistence.xml
+++ b/model/jpa/src/main/resources/META-INF/persistence.xml
@@ -22,7 +22,6 @@
<persistence-unit name="keycloak-default" transaction-type="RESOURCE_LOCAL">
<class>org.keycloak.models.jpa.entities.ClientEntity</class>
<class>org.keycloak.models.jpa.entities.CredentialEntity</class>
- <class>org.keycloak.models.jpa.entities.CredentialAttributeEntity</class>
<class>org.keycloak.models.jpa.entities.RealmEntity</class>
<class>org.keycloak.models.jpa.entities.RealmAttributeEntity</class>
<class>org.keycloak.models.jpa.entities.RequiredCredentialEntity</class>
@@ -75,7 +74,6 @@
<class>org.keycloak.storage.jpa.entity.FederatedUserConsentRoleEntity</class>
<class>org.keycloak.storage.jpa.entity.FederatedUserConsentProtocolMapperEntity</class>
<class>org.keycloak.storage.jpa.entity.FederatedUserCredentialEntity</class>
- <class>org.keycloak.storage.jpa.entity.FederatedUserCredentialAttributeEntity</class>
<class>org.keycloak.storage.jpa.entity.FederatedUserGroupMembershipEntity</class>
<class>org.keycloak.storage.jpa.entity.FederatedUserRequiredActionEntity</class>
<class>org.keycloak.storage.jpa.entity.FederatedUserRoleMappingEntity</class>
diff --git a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/MongoUserProvider.java b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/MongoUserProvider.java
index 9ad2c1e..c0537ba 100755
--- a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/MongoUserProvider.java
+++ b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/MongoUserProvider.java
@@ -24,7 +24,6 @@ import com.mongodb.QueryBuilder;
import org.keycloak.component.ComponentModel;
import org.keycloak.connections.mongo.api.MongoStore;
import org.keycloak.connections.mongo.api.context.MongoStoreInvocationContext;
-import org.keycloak.credential.CredentialInput;
import org.keycloak.models.ClientModel;
import org.keycloak.models.CredentialValidationOutput;
import org.keycloak.models.FederatedIdentityModel;
@@ -636,5 +635,4 @@ public class MongoUserProvider implements UserProvider {
public void preRemove(RealmModel realm, ComponentModel component) {
}
-
}
diff --git a/server-spi/src/main/java/org/keycloak/models/cache/CacheUserProviderSpi.java b/server-spi/src/main/java/org/keycloak/models/cache/CacheUserProviderSpi.java
index a0efa39..c6723fb 100755
--- a/server-spi/src/main/java/org/keycloak/models/cache/CacheUserProviderSpi.java
+++ b/server-spi/src/main/java/org/keycloak/models/cache/CacheUserProviderSpi.java
@@ -39,11 +39,11 @@ public class CacheUserProviderSpi implements Spi {
@Override
public Class<? extends Provider> getProviderClass() {
- return UserCache.class;
+ return CacheUserProvider.class;
}
@Override
public Class<? extends ProviderFactory> getProviderFactoryClass() {
- return UserCacheProviderFactory.class;
+ return CacheUserProviderFactory.class;
}
}
diff --git a/server-spi/src/main/java/org/keycloak/models/KeycloakSession.java b/server-spi/src/main/java/org/keycloak/models/KeycloakSession.java
index 2a1ad0f..8b6dcd3 100755
--- a/server-spi/src/main/java/org/keycloak/models/KeycloakSession.java
+++ b/server-spi/src/main/java/org/keycloak/models/KeycloakSession.java
@@ -17,7 +17,6 @@
package org.keycloak.models;
-import org.keycloak.models.cache.UserCache;
import org.keycloak.provider.Provider;
import org.keycloak.scripting.ScriptingProvider;
import org.keycloak.storage.federated.UserFederatedStorageProvider;
@@ -75,7 +74,6 @@ public interface KeycloakSession {
Object removeAttribute(String attribute);
void setAttribute(String name, Object value);
-
void enlistForClose(Provider provider);
KeycloakSessionFactory getKeycloakSessionFactory();
@@ -103,14 +101,7 @@ public interface KeycloakSession {
void close();
/**
- * The user cache
- *
- * @return may be null if cache is disabled
- */
- UserCache getUserCache();
-
- /**
- * A possibly cached view of all users in system.
+ * A cached view of all users in system.
*
* @return
*/
@@ -124,10 +115,8 @@ public interface KeycloakSession {
*/
UserProvider userStorageManager();
- UserCredentialManager userCredentialManager();
-
/**
- * A possibly cached view of all users in system that does NOT include users available from the deprecated UserFederationProvider SPI.
+ * A cached view of all users in system that does NOT include users available from the deprecated UserFederationProvider SPI.
*/
UserProvider userStorage();
@@ -140,7 +129,6 @@ public interface KeycloakSession {
/**
* Hybrid storage for UserStorageProviders that can't store a specific piece of keycloak data in their external storage.
- * No cache in front.
*
* @return
*/
diff --git a/server-spi/src/main/java/org/keycloak/models/KeycloakTransactionManager.java b/server-spi/src/main/java/org/keycloak/models/KeycloakTransactionManager.java
index a18d8cf..0e2dcbe 100755
--- a/server-spi/src/main/java/org/keycloak/models/KeycloakTransactionManager.java
+++ b/server-spi/src/main/java/org/keycloak/models/KeycloakTransactionManager.java
@@ -23,21 +23,6 @@ package org.keycloak.models;
*/
public interface KeycloakTransactionManager extends KeycloakTransaction {
- enum JTAPolicy {
- /**
- * Do not interact with JTA at all
- *
- */
- NOT_SUPPORTED,
- /**
- * A new JTA Transaction will be created when Keycloak TM begin() is called. If an existing JTA transaction
- * exists, it is suspended and resumed after the Keycloak transaction finishes.
- */
- REQUIRES_NEW,
- }
-
- JTAPolicy getJTAPolicy();
- void setJTAPolicy(JTAPolicy policy);
void enlist(KeycloakTransaction transaction);
void enlistAfterCompletion(KeycloakTransaction transaction);
diff --git a/server-spi/src/main/java/org/keycloak/models/UserCredentialModel.java b/server-spi/src/main/java/org/keycloak/models/UserCredentialModel.java
index 4be355d..3e03508 100755
--- a/server-spi/src/main/java/org/keycloak/models/UserCredentialModel.java
+++ b/server-spi/src/main/java/org/keycloak/models/UserCredentialModel.java
@@ -17,26 +17,23 @@
package org.keycloak.models;
-import org.keycloak.credential.CredentialInput;
-import org.keycloak.credential.CredentialModel;
-
import java.util.UUID;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
* @version $Revision: 1 $
*/
-public class UserCredentialModel implements CredentialInput {
- public static final String PASSWORD = CredentialModel.PASSWORD;
- public static final String PASSWORD_HISTORY = CredentialModel.PASSWORD_HISTORY;
- public static final String PASSWORD_TOKEN = CredentialModel.PASSWORD_TOKEN;
+public class UserCredentialModel {
+ public static final String PASSWORD = "password";
+ public static final String PASSWORD_HISTORY = "password-history";
+ public static final String PASSWORD_TOKEN = "password-token";
// Secret is same as password but it is not hashed
- public static final String SECRET = CredentialModel.SECRET;
- public static final String TOTP = CredentialModel.TOTP;
- public static final String HOTP = CredentialModel.HOTP;
- public static final String CLIENT_CERT = CredentialModel.CLIENT_CERT;
- public static final String KERBEROS = CredentialModel.KERBEROS;
+ public static final String SECRET = "secret";
+ public static final String TOTP = "totp";
+ public static final String HOTP = "hotp";
+ public static final String CLIENT_CERT = "cert";
+ public static final String KERBEROS = "kerberos";
protected String type;
protected String value;
diff --git a/server-spi/src/main/java/org/keycloak/models/UserFederationManager.java b/server-spi/src/main/java/org/keycloak/models/UserFederationManager.java
index e103705..cb6867a 100755
--- a/server-spi/src/main/java/org/keycloak/models/UserFederationManager.java
+++ b/server-spi/src/main/java/org/keycloak/models/UserFederationManager.java
@@ -19,7 +19,6 @@ package org.keycloak.models;
import org.jboss.logging.Logger;
import org.keycloak.component.ComponentModel;
-import org.keycloak.credential.CredentialInput;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.policy.PasswordPolicyManagerProvider;
import org.keycloak.policy.PolicyError;
diff --git a/server-spi/src/main/java/org/keycloak/models/UserProvider.java b/server-spi/src/main/java/org/keycloak/models/UserProvider.java
index 642131b..d6ef2cd 100755
--- a/server-spi/src/main/java/org/keycloak/models/UserProvider.java
+++ b/server-spi/src/main/java/org/keycloak/models/UserProvider.java
@@ -18,7 +18,6 @@
package org.keycloak.models;
import org.keycloak.component.ComponentModel;
-import org.keycloak.credential.CredentialInput;
import org.keycloak.provider.Provider;
import org.keycloak.storage.user.UserCredentialValidatorProvider;
import org.keycloak.storage.user.UserLookupProvider;
@@ -86,5 +85,4 @@ public interface UserProvider extends Provider,
void close();
void preRemove(RealmModel realm, ComponentModel component);
-
}
diff --git a/server-spi/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java b/server-spi/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java
index b8adc62..bc20d49 100755
--- a/server-spi/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java
+++ b/server-spi/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java
@@ -44,14 +44,8 @@ import org.keycloak.models.UserModel;
import org.keycloak.representations.idm.CertificateRepresentation;
import org.keycloak.common.util.CertificateUtils;
import org.keycloak.common.util.PemUtils;
-import org.keycloak.transaction.JtaTransactionManagerLookup;
import javax.crypto.spec.SecretKeySpec;
-import javax.naming.InitialContext;
-import javax.sql.DataSource;
-import javax.transaction.InvalidTransactionException;
-import javax.transaction.SystemException;
-import javax.transaction.Transaction;
import java.io.IOException;
import java.io.StringWriter;
import java.security.Key;
@@ -62,7 +56,6 @@ import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
-import java.sql.DriverManager;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
@@ -70,7 +63,6 @@ import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.UUID;
-import java.util.function.Function;
/**
* Set of helper methods, which are useful in various model implementations.
@@ -311,7 +303,6 @@ public final class KeycloakModelUtils {
}
}
-
public static String getMasterRealmAdminApplicationClientId(String realmName) {
return realmName + "-realm";
}
@@ -660,33 +651,4 @@ public final class KeycloakModelUtils {
}
}
}
-
- public static void suspendJtaTransaction(KeycloakSessionFactory factory, Runnable runnable) {
- JtaTransactionManagerLookup lookup = (JtaTransactionManagerLookup)factory.getProviderFactory(JtaTransactionManagerLookup.class);
- Transaction suspended = null;
- try {
- if (lookup != null) {
- if (lookup.getTransactionManager() != null) {
- try {
- suspended = lookup.getTransactionManager().suspend();
- } catch (SystemException e) {
- throw new RuntimeException(e);
- }
- }
- }
- runnable.run();
- } finally {
- if (suspended != null) {
- try {
- lookup.getTransactionManager().resume(suspended);
- } catch (InvalidTransactionException e) {
- throw new RuntimeException(e);
- } catch (SystemException e) {
- throw new RuntimeException(e);
- }
- }
-
- }
-
- }
}
diff --git a/server-spi/src/main/java/org/keycloak/storage/federated/UserCredentialsFederatedStorage.java b/server-spi/src/main/java/org/keycloak/storage/federated/UserCredentialsFederatedStorage.java
index 2202f62..7239182 100644
--- a/server-spi/src/main/java/org/keycloak/storage/federated/UserCredentialsFederatedStorage.java
+++ b/server-spi/src/main/java/org/keycloak/storage/federated/UserCredentialsFederatedStorage.java
@@ -16,7 +16,6 @@
*/
package org.keycloak.storage.federated;
-import org.keycloak.credential.CredentialModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserCredentialValueModel;
@@ -29,20 +28,8 @@ import java.util.List;
* @version $Revision: 1 $
*/
public interface UserCredentialsFederatedStorage {
- // deprecated
void updateCredential(RealmModel realm, UserModel user, UserCredentialModel cred);
void updateCredential(RealmModel realm, UserModel user, UserCredentialValueModel cred);
void removeCredential(RealmModel realm, UserModel user, UserCredentialValueModel cred);
List<UserCredentialValueModel> getCredentials(RealmModel realm, UserModel user);
-
- // new
- void updateCredential(RealmModel realm, UserModel user, CredentialModel cred);
- CredentialModel createCredential(RealmModel realm, UserModel user, CredentialModel cred);
- boolean removeCredential(RealmModel realm, String id);
- CredentialModel getCredentialById(String id);
- List<CredentialModel> getCredentials(RealmModel realm);
- List<CredentialModel> getUserCredentials(RealmModel realm, UserModel user);
- List<CredentialModel> getCredentialsByType(RealmModel realm, UserModel user, String type);
- CredentialModel getCredentialByNameAndType(RealmModel realm, UserModel user, String name, String type);
-
}
diff --git a/server-spi/src/main/java/org/keycloak/storage/UserStorageProviderModel.java b/server-spi/src/main/java/org/keycloak/storage/UserStorageProviderModel.java
index 42ad397..351107f 100755
--- a/server-spi/src/main/java/org/keycloak/storage/UserStorageProviderModel.java
+++ b/server-spi/src/main/java/org/keycloak/storage/UserStorageProviderModel.java
@@ -17,8 +17,14 @@
package org.keycloak.storage;
+import org.keycloak.common.util.MultivaluedHashMap;
import org.keycloak.component.ComponentModel;
-import org.keycloak.component.PrioritizedComponentModel;
+import org.keycloak.models.RealmModel;
+
+import java.io.Serializable;
+import java.util.Comparator;
+import java.util.HashMap;
+import java.util.Map;
/**
* Stored configuration of a User Storage provider instance.
@@ -26,7 +32,14 @@ import org.keycloak.component.PrioritizedComponentModel;
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
* @author <a href="mailto:bburke@redhat.com">Bill Burke</a>
*/
-public class UserStorageProviderModel extends PrioritizedComponentModel {
+public class UserStorageProviderModel extends ComponentModel {
+
+ public static Comparator<UserStorageProviderModel> comparator = new Comparator<UserStorageProviderModel>() {
+ @Override
+ public int compare(UserStorageProviderModel o1, UserStorageProviderModel o2) {
+ return o1.getPriority() - o2.getPriority();
+ }
+ };
public UserStorageProviderModel() {
setProviderType(UserStorageProvider.class.getName());
@@ -36,4 +49,14 @@ public class UserStorageProviderModel extends PrioritizedComponentModel {
super(copy);
}
+ public int getPriority() {
+ String priority = getConfig().getFirst("priority");
+ if (priority == null) return 0;
+ return Integer.valueOf(priority);
+
+ }
+
+ public void setPriority(int priority) {
+ getConfig().putSingle("priority", Integer.toString(priority));
+ }
}
diff --git a/server-spi/src/main/resources/META-INF/services/org.keycloak.provider.Spi b/server-spi/src/main/resources/META-INF/services/org.keycloak.provider.Spi
index 5ab0346..d2431d8 100755
--- a/server-spi/src/main/resources/META-INF/services/org.keycloak.provider.Spi
+++ b/server-spi/src/main/resources/META-INF/services/org.keycloak.provider.Spi
@@ -61,5 +61,4 @@ org.keycloak.authorization.AuthorizationSpi
org.keycloak.models.cache.authorization.CachedStoreFactorySpi
org.keycloak.protocol.oidc.TokenIntrospectionSpi
org.keycloak.policy.PasswordPolicySpi
-org.keycloak.policy.PasswordPolicyManagerSpi
-org.keycloak.transaction.TransactionManagerLookupSpi
+org.keycloak.policy.PasswordPolicyManagerSpi
\ No newline at end of file
diff --git a/services/src/main/java/org/keycloak/services/DefaultKeycloakSession.java b/services/src/main/java/org/keycloak/services/DefaultKeycloakSession.java
index b1ae4dd..1fae787 100644
--- a/services/src/main/java/org/keycloak/services/DefaultKeycloakSession.java
+++ b/services/src/main/java/org/keycloak/services/DefaultKeycloakSession.java
@@ -16,18 +16,15 @@
*/
package org.keycloak.services;
-import org.keycloak.credential.UserCredentialStore;
-import org.keycloak.credential.UserCredentialStoreManager;
import org.keycloak.models.*;
import org.keycloak.models.cache.CacheRealmProvider;
-import org.keycloak.models.cache.UserCache;
+import org.keycloak.models.cache.CacheUserProvider;
import org.keycloak.provider.Provider;
import org.keycloak.provider.ProviderFactory;
import org.keycloak.scripting.ScriptingProvider;
import org.keycloak.storage.UserStorageManager;
import org.keycloak.storage.federated.UserFederatedStorageProvider;
-import javax.transaction.TransactionManager;
import java.util.*;
/**
@@ -43,7 +40,6 @@ public class DefaultKeycloakSession implements KeycloakSession {
private RealmProvider model;
private UserProvider userModel;
private UserStorageManager userStorageManager;
- private UserCredentialStoreManager userCredentialStorageManager;
private ScriptingProvider scriptingProvider;
private UserSessionProvider sessionProvider;
private UserFederationManager federationManager;
@@ -52,7 +48,7 @@ public class DefaultKeycloakSession implements KeycloakSession {
public DefaultKeycloakSession(DefaultKeycloakSessionFactory factory) {
this.factory = factory;
- this.transactionManager = new DefaultKeycloakTransactionManager(this);
+ this.transactionManager = new DefaultKeycloakTransactionManager();
federationManager = new UserFederationManager(this);
context = new DefaultKeycloakContext(this);
}
@@ -72,7 +68,7 @@ public class DefaultKeycloakSession implements KeycloakSession {
}
private UserProvider getUserProvider() {
- UserCache cache = getProvider(UserCache.class);
+ CacheUserProvider cache = getProvider(CacheUserProvider.class);
if (cache != null) {
return cache;
} else {
@@ -81,12 +77,6 @@ public class DefaultKeycloakSession implements KeycloakSession {
}
@Override
- public UserCache getUserCache() {
- return getProvider(UserCache.class);
-
- }
-
- @Override
public void enlistForClose(Provider provider) {
closable.add(provider);
}
@@ -136,12 +126,6 @@ public class DefaultKeycloakSession implements KeycloakSession {
}
@Override
- public UserCredentialManager userCredentialManager() {
- if (userCredentialStorageManager == null) userCredentialStorageManager = new UserCredentialStoreManager(this);
- return userCredentialStorageManager;
- }
-
- @Override
public UserProvider userStorage() {
if (userModel == null) {
userModel = getUserProvider();
diff --git a/services/src/main/java/org/keycloak/services/DefaultKeycloakSessionFactory.java b/services/src/main/java/org/keycloak/services/DefaultKeycloakSessionFactory.java
index d5474dc..45bef3c 100755
--- a/services/src/main/java/org/keycloak/services/DefaultKeycloakSessionFactory.java
+++ b/services/src/main/java/org/keycloak/services/DefaultKeycloakSessionFactory.java
@@ -49,6 +49,7 @@ public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory, Pr
private Map<Class<? extends Provider>, String> provider = new HashMap<>();
private volatile Map<Class<? extends Provider>, Map<String, ProviderFactory>> factoriesMap = new HashMap<>();
protected CopyOnWriteArrayList<ProviderEventListener> listeners = new CopyOnWriteArrayList<>();
+ private TransactionManager tm;
// TODO: Likely should be changed to int and use Time.currentTime() to be compatible with all our "time" reps
protected long serverStartupTimestamp;
@@ -96,6 +97,8 @@ public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory, Pr
// make the session factory ready for hot deployment
ProviderManagerRegistry.SINGLETON.setDeployer(this);
+ JtaTransactionManagerLookup lookup = (JtaTransactionManagerLookup)getProviderFactory(JtaTransactionManagerLookup.class);
+ if (lookup != null) tm = lookup.getTransactionManager();
}
protected Map<Class<? extends Provider>, Map<String, ProviderFactory>> getFactoriesCopy() {
Map<Class<? extends Provider>, Map<String, ProviderFactory>> copy = new HashMap<>();
@@ -279,6 +282,9 @@ public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory, Pr
public KeycloakSession create() {
KeycloakSession session = new DefaultKeycloakSession(this);
+ if (tm != null) {
+ session.getTransactionManager().enlist(new JtaTransactionWrapper(tm));
+ }
return session;
}
diff --git a/services/src/main/java/org/keycloak/services/DefaultKeycloakTransactionManager.java b/services/src/main/java/org/keycloak/services/DefaultKeycloakTransactionManager.java
index 81379a1..53f92f4 100755
--- a/services/src/main/java/org/keycloak/services/DefaultKeycloakTransactionManager.java
+++ b/services/src/main/java/org/keycloak/services/DefaultKeycloakTransactionManager.java
@@ -16,13 +16,9 @@
*/
package org.keycloak.services;
-import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakTransaction;
import org.keycloak.models.KeycloakTransactionManager;
-import org.keycloak.transaction.JtaTransactionManagerLookup;
-import org.keycloak.transaction.JtaTransactionWrapper;
-import javax.transaction.TransactionManager;
import java.util.LinkedList;
import java.util.List;
@@ -38,12 +34,6 @@ public class DefaultKeycloakTransactionManager implements KeycloakTransactionMan
private List<KeycloakTransaction> afterCompletion = new LinkedList<KeycloakTransaction>();
private boolean active;
private boolean rollback;
- private KeycloakSession session;
- private JTAPolicy jtaPolicy = JTAPolicy.REQUIRES_NEW;
-
- public DefaultKeycloakTransactionManager(KeycloakSession session) {
- this.session = session;
- }
@Override
public void enlist(KeycloakTransaction transaction) {
@@ -73,30 +63,11 @@ public class DefaultKeycloakTransactionManager implements KeycloakTransactionMan
}
@Override
- public JTAPolicy getJTAPolicy() {
- return jtaPolicy;
- }
-
- @Override
- public void setJTAPolicy(JTAPolicy policy) {
- jtaPolicy = policy;
-
- }
-
- @Override
public void begin() {
if (active) {
throw new IllegalStateException("Transaction already active");
}
- if (jtaPolicy == JTAPolicy.REQUIRES_NEW) {
- JtaTransactionManagerLookup jtaLookup = session.getProvider(JtaTransactionManagerLookup.class);
- TransactionManager tm = jtaLookup.getTransactionManager();
- if (tm != null) {
- enlist(new JtaTransactionWrapper(tm));
- }
- }
-
for (KeycloakTransaction tx : transactions) {
tx.begin();
}
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
index 7d49223..4fd941b 100644
--- a/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
@@ -34,6 +34,8 @@ import org.keycloak.events.admin.OperationType;
import org.keycloak.events.admin.ResourceType;
import org.keycloak.exportimport.ClientDescriptionConverter;
import org.keycloak.exportimport.ClientDescriptionConverterFactory;
+import org.keycloak.jose.jws.JWSBuilder;
+import org.keycloak.jose.jws.JWSInput;
import org.keycloak.models.ClientModel;
import org.keycloak.models.GroupModel;
import org.keycloak.models.KeycloakSession;
@@ -42,7 +44,7 @@ import org.keycloak.models.RealmModel;
import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserSessionModel;
import org.keycloak.models.cache.CacheRealmProvider;
-import org.keycloak.models.cache.UserCache;
+import org.keycloak.models.cache.CacheUserProvider;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.models.utils.RepresentationToModel;
@@ -53,6 +55,7 @@ import org.keycloak.representations.idm.AdminEventRepresentation;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.EventRepresentation;
import org.keycloak.representations.idm.GroupRepresentation;
+import org.keycloak.representations.idm.IdentityProviderRepresentation;
import org.keycloak.representations.idm.PartialImportRepresentation;
import org.keycloak.representations.idm.RealmEventsConfigRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
@@ -64,6 +67,7 @@ import org.keycloak.services.ServicesLogger;
import org.keycloak.services.managers.UsersSyncManager;
import org.keycloak.services.ErrorResponse;
import org.keycloak.services.resources.admin.RealmAuth.Resource;
+import org.keycloak.timer.TimerProvider;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
@@ -81,6 +85,8 @@ import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import javax.ws.rs.core.UriInfo;
+import java.security.PrivateKey;
+import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.text.ParseException;
import java.text.SimpleDateFormat;
@@ -860,7 +866,7 @@ public class RealmAdminResource {
public void clearUserCache() {
auth.requireManage();
- UserCache cache = session.getProvider(UserCache.class);
+ CacheUserProvider cache = session.getProvider(CacheUserProvider.class);
if (cache != null) {
cache.clear();
}
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java b/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
index 26daf84..3986988 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
@@ -184,8 +184,6 @@ public class UsersResource {
return ErrorResponse.exists("User is read only!");
} catch (ModelException me) {
return ErrorResponse.exists("Could not update user!");
- } catch (Exception me) { // JPA may be committed by JTA which can't
- return ErrorResponse.exists("Could not update user!");
}
}
diff --git a/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java b/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java
index 68e0806..6cdf52e 100644
--- a/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java
+++ b/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java
@@ -45,13 +45,10 @@ import org.keycloak.services.scheduled.ClusterAwareScheduledTaskRunner;
import org.keycloak.services.util.JsonConfigProvider;
import org.keycloak.services.util.ObjectMapperResolver;
import org.keycloak.timer.TimerProvider;
-import org.keycloak.transaction.JtaTransactionManagerLookup;
import org.keycloak.util.JsonSerialization;
import org.keycloak.common.util.SystemEnvProperties;
import javax.servlet.ServletContext;
-import javax.transaction.SystemException;
-import javax.transaction.Transaction;
import javax.ws.rs.core.Application;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.UriInfo;
@@ -158,28 +155,11 @@ public class KeycloakApplication extends Application {
// Migrate model, bootstrap master realm, import realms and create admin user. This is done with acquired dbLock
protected ExportImportManager migrateAndBootstrap() {
ExportImportManager exportImportManager;
- logger.debug("Calling migrateModel");
migrateModel();
- logger.debug("bootstrap");
KeycloakSession session = sessionFactory.create();
try {
session.getTransactionManager().begin();
- JtaTransactionManagerLookup lookup = (JtaTransactionManagerLookup) sessionFactory.getProviderFactory(JtaTransactionManagerLookup.class);
- if (lookup != null) {
- if (lookup.getTransactionManager() != null) {
- try {
- Transaction transaction = lookup.getTransactionManager().getTransaction();
- logger.debugv("bootstrap current transaction? {0}", transaction != null);
- if (transaction != null) {
- logger.debugv("bootstrap current transaction status? {0}", transaction.getStatus());
- }
- } catch (SystemException e) {
- throw new RuntimeException(e);
- }
- }
- }
-
ApplianceBootstrap applianceBootstrap = new ApplianceBootstrap(session);
exportImportManager = new ExportImportManager(session);
diff --git a/services/src/main/java/org/keycloak/transaction/JtaTransactionWrapper.java b/services/src/main/java/org/keycloak/transaction/JtaTransactionWrapper.java
index e387ff4..ecc3071 100644
--- a/services/src/main/java/org/keycloak/transaction/JtaTransactionWrapper.java
+++ b/services/src/main/java/org/keycloak/transaction/JtaTransactionWrapper.java
@@ -16,9 +16,7 @@
*/
package org.keycloak.transaction;
-import org.jboss.logging.Logger;
import org.keycloak.models.KeycloakTransaction;
-import org.keycloak.storage.UserStorageManager;
import javax.transaction.InvalidTransactionException;
import javax.transaction.NotSupportedException;
@@ -33,22 +31,16 @@ import javax.transaction.UserTransaction;
* @version $Revision: 1 $
*/
public class JtaTransactionWrapper implements KeycloakTransaction {
- private static final Logger logger = Logger.getLogger(JtaTransactionWrapper.class);
protected TransactionManager tm;
protected Transaction ut;
protected Transaction suspended;
- protected Exception ended;
public JtaTransactionWrapper(TransactionManager tm) {
this.tm = tm;
try {
-
suspended = tm.suspend();
- logger.debug("new JtaTransactionWrapper");
- logger.debugv("was existing? {0}", suspended != null);
tm.begin();
ut = tm.getTransaction();
- //ended = new Exception();
} catch (Exception e) {
throw new RuntimeException(e);
}
@@ -61,20 +53,16 @@ public class JtaTransactionWrapper implements KeycloakTransaction {
@Override
public void commit() {
try {
- logger.debug("JtaTransactionWrapper commit");
- tm.commit();
+ ut.commit();
} catch (Exception e) {
throw new RuntimeException(e);
- } finally {
- end();
}
}
@Override
public void rollback() {
try {
- logger.debug("JtaTransactionWrapper rollback");
- tm.rollback();
+ ut.rollback();
} catch (Exception e) {
throw new RuntimeException(e);
} finally {
@@ -86,7 +74,7 @@ public class JtaTransactionWrapper implements KeycloakTransaction {
@Override
public void setRollbackOnly() {
try {
- tm.setRollbackOnly();
+ ut.setRollbackOnly();
} catch (Exception e) {
throw new RuntimeException(e);
}
@@ -95,7 +83,7 @@ public class JtaTransactionWrapper implements KeycloakTransaction {
@Override
public boolean getRollbackOnly() {
try {
- return tm.getStatus() == Status.STATUS_MARKED_ROLLBACK;
+ return ut.getStatus() == Status.STATUS_MARKED_ROLLBACK;
} catch (Exception e) {
throw new RuntimeException(e);
}
@@ -104,28 +92,15 @@ public class JtaTransactionWrapper implements KeycloakTransaction {
@Override
public boolean isActive() {
try {
- return tm.getStatus() == Status.STATUS_ACTIVE;
+ return ut.getStatus() == Status.STATUS_ACTIVE;
} catch (Exception e) {
throw new RuntimeException(e);
}
}
- /*
-
- @Override
- protected void finalize() throws Throwable {
- if (ended != null) {
- logger.error("TX didn't close at position", ended);
- }
-
- }
- */
protected void end() {
- ended = null;
- logger.debug("JtaTransactionWrapper end");
if (suspended != null) {
try {
- logger.debug("JtaTransactionWrapper resuming suspended");
tm.resume(suspended);
} catch (Exception e) {
throw new RuntimeException(e);
diff --git a/services/src/main/resources/META-INF/services/org.keycloak.provider.Spi b/services/src/main/resources/META-INF/services/org.keycloak.provider.Spi
index 55b31a0..77cba5e 100755
--- a/services/src/main/resources/META-INF/services/org.keycloak.provider.Spi
+++ b/services/src/main/resources/META-INF/services/org.keycloak.provider.Spi
@@ -18,4 +18,5 @@
org.keycloak.exportimport.ClientDescriptionConverterSpi
org.keycloak.wellknown.WellKnownSpi
org.keycloak.services.clientregistration.ClientRegistrationSpi
+org.keycloak.transaction.TransactionManagerLookupSpi
diff --git a/wildfly/server-subsystem/src/main/resources/subsystem-templates/keycloak-datasources.xml b/wildfly/server-subsystem/src/main/resources/subsystem-templates/keycloak-datasources.xml
index c823e4f..326fa7f 100755
--- a/wildfly/server-subsystem/src/main/resources/subsystem-templates/keycloak-datasources.xml
+++ b/wildfly/server-subsystem/src/main/resources/subsystem-templates/keycloak-datasources.xml
@@ -29,7 +29,7 @@
<password>sa</password>
</security>
</datasource>
- <datasource jndi-name="java:jboss/datasources/KeycloakDS" pool-name="KeycloakDS" enabled="true" use-java-context="true">
+ <datasource jndi-name="java:jboss/datasources/KeycloakDS" jta="false" pool-name="KeycloakDS" enabled="true" use-java-context="true">
<?KEYCLOAK_DS_CONNECTION_URL?>
<driver>h2</driver>
<security>