diff --git a/docs/janssen-server/install/setup.md b/docs/janssen-server/install/setup.md index 318757060f4..120f03cc907 100644 --- a/docs/janssen-server/install/setup.md +++ b/docs/janssen-server/install/setup.md @@ -74,7 +74,7 @@ python3 /opt/jans/jans-setup/setup.py --help ``` ``` -usage: setup.py [-h] [--version] [-c] [-d D] [-f F] [-n] [-N] [-u] [-csx] [-encode-salt ENCODE_SALT] [-remote-rdbm {mysql,pgsql,spanner} | -local-rdbm {mysql,pgsql}] [-ip-address IP_ADDRESS] +usage: setup.py [-h] [--version] [-c] [-d D] [-f F] [-n] [-N] [-u] [-csx] [-encode-salt ENCODE_SALT] [-remote-rdbm {mysql,pgsql} | -local-rdbm {mysql,pgsql}] [-ip-address IP_ADDRESS] [-host-name HOST_NAME] [-org-name ORG_NAME] [-email EMAIL] [-city CITY] [-state STATE] [-country COUNTRY] [-rdbm-user RDBM_USER] [-rdbm-password RDBM_PASSWORD] [-rdbm-port RDBM_PORT] [-rdbm-db RDBM_DB] [-rdbm-host RDBM_HOST] [--reset-rdbm-db] [--shell] [--dump-config-on-error] [--no-progress] [-admin-password ADMIN_PASSWORD] [-jans-max-mem JANS_MAX_MEM] [-properties-password PROPERTIES_PASSWORD] [-approved-issuer APPROVED_ISSUER] [--force-download] [--download-exit] [-jans-app-version JANS_APP_VERSION] [-jans-build JANS_BUILD] @@ -84,8 +84,7 @@ usage: setup.py [-h] [--version] [-c] [-d D] [-f F] [-n] [-N] [-u] [-csx] [-enco [-couchbase-default-mem COUCHBASE_DEFAULT_MEM] [-couchbase-user-mem COUCHBASE_USER_MEM] [-couchbase-site-mem COUCHBASE_SITE_MEM] [-couchbase-cache-mem COUCHBASE_CACHE_MEM] [-couchbase-token-mem COUCHBASE_TOKEN_MEM] [-couchbase-session-mem COUCHBASE_SESSION_MEM] [--no-data] [--no-jsauth] [--no-config-api] [--no-scim] [--no-fido2] [--install-jans-ldap-link] [--install-jans-keycloak-link] [--with-casa] [--install-jans-saml] [--install-jans-lock] [--install-opa] [--load-config-api-test] [-config-patch-creds CONFIG_PATCH_CREDS] - [-spanner-project SPANNER_PROJECT] [-spanner-instance SPANNER_INSTANCE] [-spanner-database SPANNER_DATABASE] - [-spanner-emulator-host SPANNER_EMULATOR_HOST | -google-application-credentials GOOGLE_APPLICATION_CREDENTIALS] [-test-client-id TEST_CLIENT_ID] [-test-client-pw TEST_CLIENT_PW] + [-test-client-id TEST_CLIENT_ID] [-test-client-pw TEST_CLIENT_PW] [-test-client-redirect-uri TEST_CLIENT_REDIRECT_URI] [--test-client-trusted] ``` @@ -104,7 +103,7 @@ Below are the optional arguments: | -N, --no-httpd | No apache httpd server | | -u | Update hosts file with IP address / hostname | | -csx | Collect setup properties, save and exit | -| -remote-rdbm {mysql,pgsql,spanner} | Enables using remote RDBM server | +| -remote-rdbm {mysql,pgsql} | Enables using remote RDBM server | | -local-rdbm {mysql,pgsql} | Enables installing/configuring local RDBM server | | -ip-address IP_ADDRESS | Used primarily by Apache httpd for the Listen directive | | -host-name HOST_NAME | Internet-facing FQDN that is used to generate certificates and metadata. | @@ -158,11 +157,6 @@ Below are the optional arguments: | --load-config-api-test | Load Config Api Test Data | | --install-cache-refresh | Install Cache Refresh Server | | -config-patch-creds CONFIG_PATCH_CREDS | password:username for downloading auto test ciba password | -| -spanner-project SPANNER_PROJECT | Spanner project name | -| -spanner-instance SPANNER_INSTANCE | Spanner instance name | -| -spanner-database SPANNER_DATABASE | Spanner database name | -| -spanner-emulator-host SPANNER_EMULATOR_HOST | Use Spanner emulator host | -| -google-application-credentials GOOGLE_APPLICATION_CREDENTIALS | Path to Google application credentials json file | | -test-client-id TEST_CLIENT_ID | ID of test client which has all available scopes. Must be in UUID format. | | -test-client-pw TEST_CLIENT_PW | Secret for test client | | -test-client-redirect-uri TEST_CLIENT_REDIRECT_URI | Redirect URI for test client | diff --git a/docs/janssen-server/install/vm-install/ubuntu.md b/docs/janssen-server/install/vm-install/ubuntu.md index 636acaf2df0..1db461aa491 100644 --- a/docs/janssen-server/install/vm-install/ubuntu.md +++ b/docs/janssen-server/install/vm-install/ubuntu.md @@ -175,7 +175,6 @@ Removing /etc/default/jans-auth Stopping jans-auth Removing /etc/default/jans-client-api Stopping jans-client-api -Stopping OpenDj Server Executing rm -r -f /etc/certs Executing rm -r -f /etc/jans Executing rm -r -f /opt/jans @@ -184,7 +183,6 @@ Executing rm -r -f /opt/jre Executing rm -r -f /opt/node* Executing rm -r -f /opt/jetty* Executing rm -r -f /opt/jython* -Executing rm -r -f /opt/opendj Executing rm -r -f /opt/dist Removing /etc/apache2/sites-enabled/https_jans.conf Removing /etc/apache2/sites-available/https_jans.conf diff --git a/docs/janssen-server/reference/database/README.md b/docs/janssen-server/reference/database/README.md index a2d607dce42..996e5d1de8e 100644 --- a/docs/janssen-server/reference/database/README.md +++ b/docs/janssen-server/reference/database/README.md @@ -16,7 +16,6 @@ One of the main target of ORM module is to provide simple lightweight layer to a Jans has next persistence modules out-of-the-box: - [Couchbase](./cb-config.md) -- [Spanner](./spanner-config.md) - [MySQL](./mysql-config.md) - [PostgreSQL](./pgsql-config.md) - [Hybrid](./pgsql-config.md). This is virtual DB layer which allows to combine few DB types based on record type. @@ -36,7 +35,6 @@ on choice of persistence(DB) type, it can be one of these supported values: - `couchbase` - `sql` -- `spanner` - `hybrid`. !!! abstract "Code Connect" @@ -50,7 +48,6 @@ the directory `/etc/jans/conf/`. List of configuration files for these persistence types are: - `jans-couchbase.properties` -- `jans-spanner.properties` - `jans-sql.properties` - `jans-hybrid.properties` @@ -164,7 +161,7 @@ Jans ORM has modular architecture. The are few layers in this implementation 1. **jans-orm-standalone**: Provides reusable factory for non CDI based application -1. **jans-orm-ldap, jans-orm-couchbase, jans-orm-spanner, jans-orm-sql**: These are DB specific implementations. +1. **jans-orm-ldap, jans-orm-couchbase, jans-orm-sql**: These are DB specific implementations. ## Sample table and ORM API @@ -293,4 +290,4 @@ schema [file](https://github.com/JanssenProject/jans/blob/main/jans-linux-setup/ It's possible to override default generation rules. For this case there is next [file](https://github.com/JanssenProject/jans/blob/main/jans-linux-setup/jans_setup/static/rdbm/sql_data_types.json). -Default indexes defined in next files: [coubase_index.json](https://github.com/JanssenProject/jans/blob/main/jans-linux-setup/jans_setup/static/couchbase/index.json), [spanner_index.json](https://github.com/JanssenProject/jans/blob/main/jans-linux-setup/jans_setup/static/rdbm/spanner_index.json), [mysql_index.json](https://github.com/JanssenProject/jans/blob/main/jans-linux-setup/jans_setup/static/rdbm/mysql_index.json), [pgsql_index.json](https://github.com/JanssenProject/jans/blob/main/jans-linux-setup/jans_setup/static/rdbm/pgsql_index.json) +Default indexes defined in next files: [coubase_index.json](https://github.com/JanssenProject/jans/blob/main/jans-linux-setup/jans_setup/static/couchbase/index.json), [mysql_index.json](https://github.com/JanssenProject/jans/blob/main/jans-linux-setup/jans_setup/static/rdbm/mysql_index.json), [pgsql_index.json](https://github.com/JanssenProject/jans/blob/main/jans-linux-setup/jans_setup/static/rdbm/pgsql_index.json) diff --git a/docs/janssen-server/reference/database/mysql-config.md b/docs/janssen-server/reference/database/mysql-config.md index f6d98b023a5..4f3cbd1eedc 100644 --- a/docs/janssen-server/reference/database/mysql-config.md +++ b/docs/janssen-server/reference/database/mysql-config.md @@ -81,7 +81,7 @@ In order to support transparency for end applications and allow data migration f Each table in **jansdb** MySQL schema follow next rules: -1. one table for every LDAP **objectClass** +1. one table for every **objectClass** 1. has 2 mandatory column `DN` and `doc_id` 1. Index for primary key diff --git a/docs/janssen-server/reference/database/spanner-config.md b/docs/janssen-server/reference/database/spanner-config.md deleted file mode 100644 index 3de8c648d90..00000000000 --- a/docs/janssen-server/reference/database/spanner-config.md +++ /dev/null @@ -1,186 +0,0 @@ ---- -tags: - - administration - - reference - - database ---- - -# Spanner ORM persistence layer - -The recommended Spanner version is 6.3x or newer. Setup supports both Spanner emulator and Spanner Cloud DB servers. Spanner emulator has many limitations and it's recommended only for development and testing. For case with Spanner Cloud the administrator should pre-create database and get Google credentials file. During install setup will prompt to enter project/instance/database and path to Google credentials file. After entering these details setup will check connection and start tables creation in specified DB. - -![](../../../assets/database-spanner-db.png) - -![](../../../assets/database-spanner-tables.png) - -During install setup generates default **/etc/jans/conf/jans-spanner.properties** for Jans applications - -## Configuration properties - -List of specific for Spanner default setting from `jans-spanner.properties`: - -``` -connection.project=jans-project -connection.instance=jans-instance -connection.database=jansdb - -# Prefix connection.client-property.key=value will be coverterd to key=value -# This is reserved for future usage -#connection.client-property=clientPropertyValue - -# spanner creds or emulator -#connection.emulator-host= - -connection.credentials-file=/etc/jans/google_application_credentials.json - -# Password hash method -password.encryption.method=SSHA-256 - -# Connection pool size -#connection.pool.max-sessions=400 -#connection.pool.min-sessions=100 -#connection.pool.inc-step=25 - -# Max time needed to create connection pool in milliseconds -connection.pool.create-max-wait-time-millis=20000 - -# Maximum allowed statement result set size -statement.limit.default-maximum-result-size=1000 - -# Maximum allowed delete statement result set size -statement.limit.maximum-result-delete-size=10000 - -``` - -The rest of properties are static for all other supported DB: - -``` -binaryAttributes=objectGUID -certificateAttributes=userCertificate -``` - -## `doc_id` building rules - -In order to support transparency for end applications and allow data migration from one DB to another ORM requires `DN` attribute in each entry. This attribute it also uses to build `doc_id`. Here is example of this `DN` -> `doc_id` conversion: - -![](../../../assets/database-spanner-scope-1.png) - -`doc_id` is primary key. In order to build unique document identifier ORM uses another unique attribute `DN`. `doc_id` is last `RDN` value. - -# Generic tables structure - -Each table in **jansdb** Spanner schema follow next rules: - -1. one table for every **objectClass** -1. has 2 mandatory column `DN` and `doc_id` -1. Index for primary key -1. Interleaved tables with name pattern **objectClass_propertyName** - -![](../../../assets/database-spanner-scope-index.png) - -# Multi-valued attributes support - -Spanner DB supports ARRAY attributes but at same time it's not possible to index them. This led to full table scan when query has filter with these attributes. Alternative for this is to use interleaved child tables. These tables can increase queries performance but in parallel with this this approach requires additional storage space for child table and index. Administrator should move only attributes which need ARRAY index to such tables. - -**ARRAY columns:** - -![](../../../assets/database-spanner-array-attribute.png) - - -**Interleaved columns moved to tables:** - -![](../../../assets/database-spanner-person-interleaved_extuid.png) - -![](../../../assets/database-spanner-person-interleaved_extuid-ddl.png) - -More details about interleaved tables, DB size and performance is in ORM [Spanner](https://github.com/JanssenProject/jans/blob/main/jans-orm/spanner/docs/multi_value_attribute_design.md) module. - - -## Data mapping rules - -ORM uses **STRING / TIMESTAMP / INT64 / BYTES / BOOL / ARRAY** data types. - -![](../../../assets/database-spanner-scope-schema.png) - -`ARRAY` it uses to store multi-valued attribute values. The generic format of such values is: - -``` -["value_1", "value_2", ...] - -``` - -For user password field ORM on persist/update operations automatically create hash. On authentication ORM compares hashes. - -![](../../../assets/database-spanner-person.png) - -To store attributes defined in java beans with `@JsonObject` annotation ORM uses **STRING(MAX)** column type. - -![](../../../assets/database-spanner-configuration.png) - -# Java example - -This example shows how to use ORM. It opens connection to Spanner DB and add user entry to it: - -``` - public static void main(String[] args) { - // Create Sql entry manager - SpannerEntryManager spannerEntryManager = createSpannerEntryManager(); - - // Create and fill user bean - SimpleUser newUser = new SimpleUser(); - newUser.setDn(String.format("inum=%s,ou=people,o=jans", System.currentTimeMillis())); - newUser.setUserId("sample_user_" + System.currentTimeMillis()); - newUser.setUserPassword("test"); - newUser.getCustomAttributes().add(new CustomObjectAttribute("jansAddres", Arrays.asList("London", "Texas", "New York"))); - newUser.getCustomAttributes().add(new CustomObjectAttribute("jansGuid", "test_value")); - - // Call ORM API to store entry - spannerEntryManager.persist(newUser); - - spannerEntryManager.destroy(); - } - - public static SpannerEntryManager createSpannerEntryManager() { - SpannerEntryManagerFactory spannerEntryManagerFactory = new SpannerEntryManagerFactory(); - spannerEntryManagerFactory.create(); - Properties connectionProperties = getSampleConnectionProperties(); - - SpannerEntryManager spannerEntryManager = spannerEntryManagerFactory.createEntryManager(connectionProperties); - - return spannerEntryManager; - } - - private static Properties getSampleConnectionProperties() { - Properties connectionProperties = new Properties(); - - connectionProperties.put("spanner#connection.project", "jans-project"); - connectionProperties.put("spanner#connection.instance", "jans-instance"); - connectionProperties.put("spanner#connection.database", "jansdb"); - - boolean emulator = true; - if (emulator) { - connectionProperties.put("spanner#connection.emulator-host", "localhost:9010"); - } else { - connectionProperties.put("spanner#connection.credentials-file", "V:\\dev-gluu-cloud-platform-32136abdceb7.json"); - } - - // Password hash method - connectionProperties.put("spanner#password.encryption.method", "SSHA-256"); - - // Max time needed to create connection pool in milliseconds - connectionProperties.put("spanner#connection.pool.create-max-wait-time-millis", "20000"); - - // # Maximum allowed statement result set size - connectionProperties.put("spanner#statement.limit.default-maximum-result-size", "1000"); - - // # Maximum allowed delete statement result set size - connectionProperties.put("spanner#statement.limit.maximum-result-delete-size", "10000"); - - connectionProperties.put("spanner#binaryAttributes", "objectGUID"); - connectionProperties.put("spanner#certificateAttributes", "userCertificate"); - - return connectionProperties; - } -``` - -More Spanner ORM examples is in [this](https://github.com/JanssenProject/jans/tree/main/jans-orm/spanner-sample/src/main/java/io/jans/orm/cloud/spanner) sample module. diff --git a/docs/janssen-server/reference/database/spanner-ops.md b/docs/janssen-server/reference/database/spanner-ops.md deleted file mode 100644 index eb4686627da..00000000000 --- a/docs/janssen-server/reference/database/spanner-ops.md +++ /dev/null @@ -1,18 +0,0 @@ ---- -tags: - - administration - - reference - - database ---- - -## This content is in progress - -The Janssen Project documentation is currently in development. Topic pages are being created in order of broadest relevance, and this page is coming in the near future. - -## Have questions in the meantime? - -While this documentation is in progress, you can ask questions through [GitHub Discussions](https://github.com/JanssenProject/jans/discussions) or the [community chat on Gitter](https://gitter.im/JanssenProject/Lobby). Any questions you have will help determine what information our documentation should cover. - -## Want to contribute? - -If you have content you'd like to contribute to this page in the meantime, you can get started with our [Contribution guide](https://docs.jans.io/head/CONTRIBUTING/). \ No newline at end of file diff --git a/docs/janssen-server/reference/database/spanner-schema.md b/docs/janssen-server/reference/database/spanner-schema.md deleted file mode 100644 index eb4686627da..00000000000 --- a/docs/janssen-server/reference/database/spanner-schema.md +++ /dev/null @@ -1,18 +0,0 @@ ---- -tags: - - administration - - reference - - database ---- - -## This content is in progress - -The Janssen Project documentation is currently in development. Topic pages are being created in order of broadest relevance, and this page is coming in the near future. - -## Have questions in the meantime? - -While this documentation is in progress, you can ask questions through [GitHub Discussions](https://github.com/JanssenProject/jans/discussions) or the [community chat on Gitter](https://gitter.im/JanssenProject/Lobby). Any questions you have will help determine what information our documentation should cover. - -## Want to contribute? - -If you have content you'd like to contribute to this page in the meantime, you can get started with our [Contribution guide](https://docs.jans.io/head/CONTRIBUTING/). \ No newline at end of file diff --git a/mkdocs.yml b/mkdocs.yml index 33670e5bc59..33aa4372a10 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -161,10 +161,6 @@ nav: - MySQL Schema: janssen-server/reference/database/mysql-schema.md - MySQL Configuration: janssen-server/reference/database/mysql-config.md - MySQL Operation: janssen-server/reference/database/mysql-ops.md - - Spanner: - - Spanner Schema: janssen-server/reference/database/spanner-schema.md - - Spanner Configuration: janssen-server/reference/database/spanner-config.md - - Spanner Operation: janssen-server/reference/database/spanner-ops.md - PostgreSQL: - PostgreSQL Schema: janssen-server/reference/database/pgsql-schema.md - PostgreSQL Indexes: janssen-server/reference/database/pgsql-schema-indexes.md