You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@ofbiz.apache.org by Carsten Schinzer <c....@googlemail.com> on 2012/05/16 23:11:50 UTC
Multitenant, EncryptionKey
All,
I am migrating from a r10.4 codebase towards the trunk.
I do have a running and working Multi-Tenant setup in r10.4 base and was
always able to load data using the following command line:
java -jar ofbiz.jar -install -readers=seed -delegator=default#DCS
Now, when I run this on the trunk codebase, I do get the following error
message:
---- exception report
----------------------------------------------------------
Failure in findOne operation for entity [TenantKeyEncryptingKey]:
org.ofbiz.entity.GenericModelException: [GenericDelegator.findOne] Passed
primary key is not a valid primary key:
[GenericEntity:TenantKeyEncryptingKey][tenantId,DCS(java.lang.String)].
Rolling back transaction.
I checked the table tenant_key_encryption_key on the database and it is
empty.
Now I do have the following questions:
(1) Why is the data load now attempting to lookup the Tenant's
EncryptionKey? I do assume this is in order to allow for encrypted
passwords on the TenantDataSource data file. Can I switch that off? If so,
where?
(2) What is the typical encryption method used in OFBiz? Does anyone have
an example entry that defines a TenantKeyEntityKey entity?
I did check the Multitenancy page on the wiki, but that does not seem to
contain any change as compared to when I visited it last.
Any help will be much appreciated !
Kind regards
Carsten
Re: Multitenant, EncryptionKey
Posted by Scott Gray <sc...@hotwaxmedia.com>.
Hi Carsten,
That kek stuff is a very new addition done by Adam, I'm not sure how closely he follows the user list so you may want to raise this up on the dev list or in jira. My understanding though was that kek was an optional feature so this most likely is a bug of some sort.
Regards
Scott
On 17/05/2012, at 7:58 PM, Carsten Schinzer wrote:
> The issue seems to be the following:
>
> Table TenantKeyEncryptingKey has a combined primary key (TenantId,KeyName)
> while the GenericDelegator constructor attempts a findOne call as follows:
>
> baseDelegator.findOne("TenantKeyEncryptingKey", true, "tenantId",
> getDelegatorTenantId())
>
> Ie. in my understanding the primary key is incomplete and hence invalid.
>
> Fix-attempt:
> (1) Convention required on the keyName: called it "jdbcpw" now, left
> keyText empty (as I do not use keys at this point)
> (2) adding the second primary key on the GenericDelegator constructor as
> follows
>
> baseDelegator.findOne("TenantKeyEncryptingKey", true, "tenantId",
> getDelegatorTenantId(), "keyName", "jdbcpw");
>
> ... and that works out.
> Hum. I presume this is then more for the dev list, is it ?
>
> I shall open a ticket on JIRA in any case
>
>
> 2012/5/16 Carsten Schinzer <c....@googlemail.com>
>
>> All,
>>
>>
>> I am migrating from a r10.4 codebase towards the trunk.
>>
>> I do have a running and working Multi-Tenant setup in r10.4 base and was
>> always able to load data using the following command line:
>>
>> java -jar ofbiz.jar -install -readers=seed -delegator=default#DCS
>>
>> Now, when I run this on the trunk codebase, I do get the following error
>> message:
>> ---- exception report
>> ----------------------------------------------------------
>> Failure in findOne operation for entity [TenantKeyEncryptingKey]:
>> org.ofbiz.entity.GenericModelException: [GenericDelegator.findOne] Passed
>> primary key is not a valid primary key:
>> [GenericEntity:TenantKeyEncryptingKey][tenantId,DCS(java.lang.String)].
>> Rolling back transaction.
>>
>> I checked the table tenant_key_encryption_key on the database and it is
>> empty.
>>
>> Now I do have the following questions:
>> (1) Why is the data load now attempting to lookup the Tenant's
>> EncryptionKey? I do assume this is in order to allow for encrypted
>> passwords on the TenantDataSource data file. Can I switch that off? If so,
>> where?
>> (2) What is the typical encryption method used in OFBiz? Does anyone have
>> an example entry that defines a TenantKeyEntityKey entity?
>>
>> I did check the Multitenancy page on the wiki, but that does not seem to
>> contain any change as compared to when I visited it last.
>>
>> Any help will be much appreciated !
>> Kind regards
>>
>>
>> Carsten
>>
>
>
>
> --
>
> Best
>
> Carsten Schinzer
>
> Plankstettenstr. 7
> 80638 München
> Germany
Re: Multitenant, EncryptionKey
Posted by Carsten Schinzer <c....@googlemail.com>.
The issue seems to be the following:
Table TenantKeyEncryptingKey has a combined primary key (TenantId,KeyName)
while the GenericDelegator constructor attempts a findOne call as follows:
baseDelegator.findOne("TenantKeyEncryptingKey", true, "tenantId",
getDelegatorTenantId())
Ie. in my understanding the primary key is incomplete and hence invalid.
Fix-attempt:
(1) Convention required on the keyName: called it "jdbcpw" now, left
keyText empty (as I do not use keys at this point)
(2) adding the second primary key on the GenericDelegator constructor as
follows
baseDelegator.findOne("TenantKeyEncryptingKey", true, "tenantId",
getDelegatorTenantId(), "keyName", "jdbcpw");
... and that works out.
Hum. I presume this is then more for the dev list, is it ?
I shall open a ticket on JIRA in any case
2012/5/16 Carsten Schinzer <c....@googlemail.com>
> All,
>
>
> I am migrating from a r10.4 codebase towards the trunk.
>
> I do have a running and working Multi-Tenant setup in r10.4 base and was
> always able to load data using the following command line:
>
> java -jar ofbiz.jar -install -readers=seed -delegator=default#DCS
>
> Now, when I run this on the trunk codebase, I do get the following error
> message:
> ---- exception report
> ----------------------------------------------------------
> Failure in findOne operation for entity [TenantKeyEncryptingKey]:
> org.ofbiz.entity.GenericModelException: [GenericDelegator.findOne] Passed
> primary key is not a valid primary key:
> [GenericEntity:TenantKeyEncryptingKey][tenantId,DCS(java.lang.String)].
> Rolling back transaction.
>
> I checked the table tenant_key_encryption_key on the database and it is
> empty.
>
> Now I do have the following questions:
> (1) Why is the data load now attempting to lookup the Tenant's
> EncryptionKey? I do assume this is in order to allow for encrypted
> passwords on the TenantDataSource data file. Can I switch that off? If so,
> where?
> (2) What is the typical encryption method used in OFBiz? Does anyone have
> an example entry that defines a TenantKeyEntityKey entity?
>
> I did check the Multitenancy page on the wiki, but that does not seem to
> contain any change as compared to when I visited it last.
>
> Any help will be much appreciated !
> Kind regards
>
>
> Carsten
>
--
Best
Carsten Schinzer
Plankstettenstr. 7
80638 München
Germany