Keycloak.X persisting infinispan to jdbc store

Hi.

I am trying to setup infinspan on Keycloak.X to persist to a JDBC cache store. I thought that the new infinispan XML namespace would allow for the same configuration as is available on a dedicated infinispan server, but I might have misundertood that, because I tried setting up a jdbc cache the same way it is done on a dedicated infinispan, and it would not parse. So I looked up the xml schema, and sure that configuration is not available. Is there really no other way to persist to jdbc, than to use a dedicated infinispan server and configuring that as a remote-cache? I was really hoping keycloak.x had a solution for this, because I really want to avoid setting up the infinispan infrastructure if I can.

I got the following error when I tried the configuration below:

ERROR [org.key.cli.Picocli] (main) ERROR: org.infinispan.commons.CacheConfigurationException: ISPN000327: Cannot find a parser for element 'string-keyed-jdbc-store' in namespace 'urn:infinispan:config:11.0'. Check that your configuration is up-to date for Infinispan '11.0.4.Final' and if you have the proper dependency in the classpath
ERROR [org.key.cli.Picocli] (main) ERROR: ISPN000327: Cannot find a parser for element 'string-keyed-jdbc-store' in namespace 'urn:infinispan:config:11.0'. Check that your configuration is up-to date for Infinispan '11.0.4.Final' and if you have the proper dependency in the classpath

Below is my cluster-default.xml configuration.

<?xml version="1.0" encoding="UTF-8"?>
<!--
  ~ Copyright 2019 Red Hat, Inc. and/or its affiliates
  ~ and other contributors as indicated by the @author tags.
  ~
  ~ Licensed under the Apache License, Version 2.0 (the "License");
  ~ you may not use this file except in compliance with the License.
  ~ You may obtain a copy of the License at
  ~
  ~ http://www.apache.org/licenses/LICENSE-2.0
  ~
  ~ Unless required by applicable law or agreed to in writing, software
  ~ distributed under the License is distributed on an "AS IS" BASIS,
  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  ~ See the License for the specific language governing permissions and
  ~ limitations under the License.
  -->

<infinispan
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="urn:infinispan:config:11.0 http://www.infinispan.org/schemas/infinispan-config-11.0.xsd"
    xmlns="urn:infinispan:config:11.0">

<cache-container name="keycloak">
    <transport lock-timeout="60000"/>
    <local-cache name="realms">
        <encoding>
            <key media-type="application/x-java-object"/>
            <value media-type="application/x-java-object"/>
        </encoding>
        <memory storage="HEAP" max-count="10000"/>
    </local-cache>
    <local-cache name="users">
        <encoding>
            <key media-type="application/x-java-object"/>
            <value media-type="application/x-java-object"/>
        </encoding>
        <memory storage="HEAP" max-count="10000"/>
    </local-cache>

    <distributed-cache-configuration name="persistent-jdbc-string-keyed">
        <persistence>
            <string-keyed-jdbc-store datasource="java:jboss/datasources/PostgresDS" fetch-state="true" preload="false" purge="false" shared="false">
                <string-keyed-table prefix="ISPN">
                    <id-column name="id" type="VARCHAR"/>
                    <data-column name="datum" type="BYTEA"/>
                    <timestamp-column name="version" type="BIGINT"/>
                </string-keyed-table>
                <write-behind modification-queue-size="1024" thread-pool-size="1"/>
            </string-keyed-jdbc-store>
        </persistence>
    </distributed-cache-configuration>

    <distributed-cache name="sessions" owners="1" configuration="persistent-jdbc-string-keyed"/>
    <distributed-cache name="authenticationSessions" owners="1" configuration="persistent-jdbc-string-keyed"/>
    <distributed-cache name="offlineSessions" owners="1" configuration="persistent-jdbc-string-keyed"/>
    <distributed-cache name="clientSessions" owners="1" configuration="persistent-jdbc-string-keyed"/>
    <distributed-cache name="offlineClientSessions" owners="1" configuration="persistent-jdbc-string-keyed"/>
    <distributed-cache name="loginFailures" owners="1" configuration="persistent-jdbc-string-keyed"/>
    <local-cache name="authorization">
        <encoding>
            <key media-type="application/x-java-object"/>
            <value media-type="application/x-java-object"/>
        </encoding>
        <memory storage="HEAP" max-count="10000"/>
    </local-cache>
    <replicated-cache name="work" configuration="persistent-jdbc-string-keyed"/>
    <local-cache name="keys">
        <encoding>
            <key media-type="application/x-java-object"/>
            <value media-type="application/x-java-object"/>
        </encoding>
        <expiration max-idle="3600000"/>
        <memory storage="HEAP" max-count="1000"/>
    </local-cache>
    <distributed-cache name="actionTokens" owners="2" configuration="persistent-jdbc-string-keyed">
        <encoding>
            <key media-type="application/x-java-object"/>
            <value media-type="application/x-java-object"/>
        </encoding>
        <expiration max-idle="-1" interval="300000"/>
        <memory storage="HEAP" max-count="-1"/>
    </distributed-cache>
</cache-container>
</infinispan>
3 Likes

Hi.
I’ve the same problem using Redis configuration allowed by Infinispan:

Below is my “cluster-custom.xml” configuration:

<infinispan
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="urn:infinispan:config:11.0 http://www.infinispan.org/schemas/infinispan-config-11.0.xsd
                          urn:infinispan:config:store:redis:8.0 http://www.infinispan.org/schemas/infinispan-cachestore-redis-config-8.0.xsd"
    xmlns="urn:infinispan:config:11.0"
    xmlns:redis="urn:infinispan:config:store:redis:8.0" >

    <cache-container name="keycloak">
        <local-cache name="default">
            <transaction transaction-manager-lookup="org.infinispan.transaction.lookup.JBossStandaloneJTAManagerLookup"/>
        </local-cache>
        <local-cache name="realms">
            <encoding>
                <key media-type="application/x-java-object"/>
                <value media-type="application/x-java-object"/>
            </encoding>
            <memory storage="HEAP" max-count="10000"/>
        </local-cache>
        <local-cache name="users">
            <encoding>
                <key media-type="application/x-java-object"/>
                <value media-type="application/x-java-object"/>
            </encoding>
            <memory storage="HEAP" max-count="10000"/>
        </local-cache>        
        <local-cache name="sessions"/>
        <!--<local-cache name="authenticationSessions"/>-->
        <local-cache name="authenticationSessions">
            <persistence passivation="false">
                <redis-store xmlns="urn:infinispan:config:store:redis:8.0"
                    topology="server" socket-timeout="10000" connection-timeout="10000">
                    <redis-server host="xx.xxx.xx.xx" port="6379" />
                    <connection-pool min-idle="6" max-idle="10" max-total="20"
                        min-evictable-idle-time="30000" time-between-eviction-runs="30000" />
                </redis-store>
            </persistence>
        </local-cache> ....

But, i got the following error:

2021-01-04 14:26:03,329 ERROR [org.key.cli.Picocli] (main) ERROR: org.infinispan.commons.CacheConfigurationException: ISPN000327: Cannot find a parser for element ‘redis-store’ in namespace ‘urn:infinispan:config:store:redis:8.0’. Check that your configuration is up-to date for Infinispan ‘11.0.4.Final’ and if you have the proper dependency in the classpath
2021-01-04 14:26:03,329 ERROR [org.key.cli.Picocli] (main) ERROR: ISPN000327: Cannot find a parser for element ‘redis-store’ in namespace ‘urn:infinispan:config:store:redis:8.0’. Check that your configuration is up-to date for Infinispan ‘11.0.4.Final’ and if you have the proper dependency in the classpath

Is really possible to define another cache store in infinispan configuration, using the new Keycloak.X distribution?

12 Likes

Can someone confirm that the new infinispan xml schema introduced with keycloak.x is designed not to allow these kinds of configuration?

2 Likes