The issue you are encountering with Crowd 3.2.1 and its logging of DDL errors during schema creation for OpenID is primarily related to changes in logging configurations that were introduced in this version. Here’s a detailed explanation of the situation:
Overview of the Issue
Since the release of Crowd 3.2.1, modifications to the logging configuration, particularly those involving Log4j, have enabled Hibernate to log DDL (Data Definition Language) errors when it attempts to create the database schema for the OpenID server. These errors, while logged, do not impact the functionality of Crowd or OpenID operations, meaning that they are harmless in terms of application performance or usability.
Nature of the DDL Errors
The DDL errors you see in the logs typically resemble the following:
2018-06-27 16:11:12,881 localhost-startStop-1 WARN [tool.schema.internal.ExceptionHandlerLoggedImpl] GenerationTarget encountered exception accepting command : Error executing DDL via JDBC Statement
org.hibernate.tool.schema.spi.CommandAcceptanceException: Error executing DDL via JDBC Statement
...
Caused by: java.sql.SQLException: Constraint already exists: FKAD5HDVSJWPAH0OJNRAAQT2VQS in statement [alter table SITEAPPROVAL add constraint FKad5hdvsjwpah0ojnraaqt2vqs foreign key (PROFILE_ID) references PROFILE]
This example indicates that a foreign key constraint already exists, which is a common scenario when the schema is being initialized or updated, and it does not indicate a critical failure.
Historical Context
Prior to version 3.2.1, these errors existed but were not logged, making them invisible to administrators and developers. The change in logging behavior has made these issues more apparent, although they were present in earlier versions as well.
Resolution and Workaround
Current Status
As of now, this logging behavior has been acknowledged, and while it is classified as a minor issue (Severity 3), it has been documented in issue tracking systems, such as Jira, indicating that it has been recognized by the developers.
Workaround to Suppress Logging
If the DDL error messages are cluttering your logs and you wish to suppress them, you can modify the logging configuration. Here’s a general approach:
- Shutdown Crowd: Ensure that the Crowd application is not running.
- Edit Configuration File: Navigate to the installation directory of Crowd and locate the following file:
/crowd-openidserver-webapp/WEB-INF/classes/applicationContext-OpenIDBootstrap.xml
- Modify Logging Level: Adjust the logging level for Hibernate or the specific packages that are generating these DDL error logs. You may want to set it to a higher level (e.g., ERROR or FATAL) to avoid logging warnings.
- Restart Crowd: After making the necessary changes, restart the Crowd application and check the startup logs to confirm that the DDL errors are no longer being logged.
This workaround should help maintain cleaner logs while still allowing Crowd and OpenID to function without issues.
Conclusion
The logging of DDL errors in Crowd 3.2.1 is a result of enhanced logging capabilities introduced in that version. While these logs do not affect functionality, they can be suppressed through configuration changes if they are deemed unnecessary for your operational needs.
Citations:
[1] https://www.youtube.com/watch?v=pRGiuEpQqQI
[2] https://jira.atlassian.com/browse/CWD-5199
[3] https://confluence.atlassian.com/display/CROWD/Crowd%2B3.2%2BRelease%2BNotes
[4] https://stackoverflow.com/questions/436276/configuring-hibernate-logging-using-log4j-xml-config-file
[5] https://gist.github.com/victorhooi/6709897
[6] https://confluence.atlassian.com/crowd/logging-and-profiling-24248601.html
[7] https://confluence.atlassian.com/display/CROWDKB/Crowd%2Bnot%2Bable%2Bto%2Bstart%2Bup%2Bdue%2Bto%2Bdatabase%2Bpool%2Bmax%2Bout
[8] https://confluence.atlassian.com/display/CROWD043/Troubleshooting%2BCrowdID
[9] https://github.com/adamstauffer/crowdbeat
[10] https://docs.gcp.databricks.com/en/release-notes/runtime/12.2lts.html
[11] https://stackoverflow.com/questions/70797504/spring-data-jpa-h2-database-is-returning-ddl-error-during-table-creation
[12] https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-92.pdf
[13] https://developer.jboss.org/thread/110355
[14] https://joshuakugler.com/bringing-up-atlassian-jiraconfluencecrowd-on-dreamhosts-dreamcompute.html
[15] https://docs.redhat.com/en/documentation/red_hat_single_sign-on/7.4/html/upgrading_guide/release_changes
[16] https://docs.oracle.com/en/middleware/goldengate/big-data/23/gadbd/oracle-goldengate-distributed-applications-and-analytics.pdf
[17] https://support.smartbear.com/collaborator/docs/server/admin-tasks/single-sign-on/crowd.html