有没有办法在 Keycloak 中配置 storageProviderTimeout?
Is there a way to configure the storageProviderTimeout in Keycloak?
我开发了一个 User Storage SPI 的实现,它在遗留系统中调用 API 来迁移用户。我需要为 storageProviderTimeout 配置我自己的值,因为获得响应所需的时间可能比默认的 3 秒更长。我已经将 socket-timeout-millis 配置为超过默认的超时前 5 秒,但这没有帮助,因为 storageProviderTimeout 的默认值为 3 秒。在查看 Keycloak 源代码时,特别是 AbstractStorageManager.java 提到了这个值是可配置的:
/**
* Timeouts are used as time boundary for obtaining models from an external storage. Default value is set
* to 3000 milliseconds and it's configurable.
*/
private static final Long STORAGE_PROVIDER_DEFAULT_TIMEOUT = 3000L;
读取配置值的函数如下所示:
protected Long getStorageProviderTimeout() {
if (storageProviderTimeout == null) {
storageProviderTimeout = Config.scope(configScope).getLong("storageProviderTimeout", STORAGE_PROVIDER_DEFAULT_TIMEOUT);
}
return storageProviderTimeout;
}
创建 UserStorageManager 实例(扩展 AbstractUserManager 时,构造函数使用以下代码实例化超类:
public UserStorageManager(KeycloakSession session) {
super(session, UserStorageProviderFactory.class, UserStorageProvider.class,
UserStorageProviderModel::new, "user");
}
其中 "user" 是稍后在 getStorageProviderTimeout() 函数中传递给 Config.scope() 的内容。
到目前为止,我尝试过的是在 standalone-ha.xml 中手动添加与 <theme> 标签相同级别的标签 <user>,如下所示:
<user>
<storageProviderTimeout>10000</storageProviderTimeout>
</user>
但是在启动 Keycloak 时,我得到这个错误:
10:55:59,730 ERROR [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0055: Caught exception during boot: org.jboss.as.controller.persistence.ConfigurationPersistenceException: WFLYCTL0085: Failed to parse configuration
at org.jboss.as.controller@15.0.1.Final//org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:143)
at org.jboss.as.server@15.0.1.Final//org.jboss.as.server.ServerService.boot(ServerService.java:403)
at org.jboss.as.controller@15.0.1.Final//org.jboss.as.controller.AbstractControllerService.run(AbstractControllerService.java:416)
at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: javax.xml.stream.XMLStreamException: Unknown keycloak-server subsystem tag: user
我希望有人能为我阐明这一点,因为我觉得我遗漏了一些明显的东西。提前致谢!
如此处 https://keycloak.discourse.group/t/how-to-configure-storageprovidertimeout/9171 所述,目前无法配置此 属性。
有一个未解决的问题可以解决这个问题:https://issues.redhat.com/browse/KEYCLOAK-18856
作为一种临时快速但肮脏的解决方法,您可以在运行时通过反射设置值,例如您的自定义 UserStorageProvier 实现:
public class CustomUserStorageProviderFactory implements UserStorageProviderFactory<CustomUserStorageProvider> {
@Override
public void onCreate(KeycloakSession session, RealmModel realm, ComponentModel model) {
UserProvider userProvider = session.userStorageManager();
try {
Field field = userProvider.getClass().getSuperclass().getDeclaredField("STORAGE_PROVIDER_DEFAULT_TIMEOUT");
field.setAccessible(true);
Field modifiers = field.getClass().getDeclaredField("modifiers");
modifiers.setAccessible(true);
modifiers.setInt(field, field.getModifiers() & ~Modifier.FINAL);
field.set(userProvider, 5000L);
} catch (NoSuchFieldException | IllegalAccessException e) {
throw new RuntimeException(e);
}
}
}
在Keycloak/Quarkus (v17.0.0)中你可以在keycloak.conf[=18中指定参数spi-user-storage-provider-timeout =] 文件.
示例(10 秒):
spi-user-storage-provider-timeout=10000
我开发了一个 User Storage SPI 的实现,它在遗留系统中调用 API 来迁移用户。我需要为 storageProviderTimeout 配置我自己的值,因为获得响应所需的时间可能比默认的 3 秒更长。我已经将 socket-timeout-millis 配置为超过默认的超时前 5 秒,但这没有帮助,因为 storageProviderTimeout 的默认值为 3 秒。在查看 Keycloak 源代码时,特别是 AbstractStorageManager.java 提到了这个值是可配置的:
/**
* Timeouts are used as time boundary for obtaining models from an external storage. Default value is set
* to 3000 milliseconds and it's configurable.
*/
private static final Long STORAGE_PROVIDER_DEFAULT_TIMEOUT = 3000L;
读取配置值的函数如下所示:
protected Long getStorageProviderTimeout() {
if (storageProviderTimeout == null) {
storageProviderTimeout = Config.scope(configScope).getLong("storageProviderTimeout", STORAGE_PROVIDER_DEFAULT_TIMEOUT);
}
return storageProviderTimeout;
}
创建 UserStorageManager 实例(扩展 AbstractUserManager 时,构造函数使用以下代码实例化超类:
public UserStorageManager(KeycloakSession session) {
super(session, UserStorageProviderFactory.class, UserStorageProvider.class,
UserStorageProviderModel::new, "user");
}
其中 "user" 是稍后在 getStorageProviderTimeout() 函数中传递给 Config.scope() 的内容。
到目前为止,我尝试过的是在 standalone-ha.xml 中手动添加与 <theme> 标签相同级别的标签 <user>,如下所示:
<user>
<storageProviderTimeout>10000</storageProviderTimeout>
</user>
但是在启动 Keycloak 时,我得到这个错误:
10:55:59,730 ERROR [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0055: Caught exception during boot: org.jboss.as.controller.persistence.ConfigurationPersistenceException: WFLYCTL0085: Failed to parse configuration
at org.jboss.as.controller@15.0.1.Final//org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:143)
at org.jboss.as.server@15.0.1.Final//org.jboss.as.server.ServerService.boot(ServerService.java:403)
at org.jboss.as.controller@15.0.1.Final//org.jboss.as.controller.AbstractControllerService.run(AbstractControllerService.java:416)
at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: javax.xml.stream.XMLStreamException: Unknown keycloak-server subsystem tag: user
我希望有人能为我阐明这一点,因为我觉得我遗漏了一些明显的东西。提前致谢!
如此处 https://keycloak.discourse.group/t/how-to-configure-storageprovidertimeout/9171 所述,目前无法配置此 属性。
有一个未解决的问题可以解决这个问题:https://issues.redhat.com/browse/KEYCLOAK-18856
作为一种临时快速但肮脏的解决方法,您可以在运行时通过反射设置值,例如您的自定义 UserStorageProvier 实现:
public class CustomUserStorageProviderFactory implements UserStorageProviderFactory<CustomUserStorageProvider> {
@Override
public void onCreate(KeycloakSession session, RealmModel realm, ComponentModel model) {
UserProvider userProvider = session.userStorageManager();
try {
Field field = userProvider.getClass().getSuperclass().getDeclaredField("STORAGE_PROVIDER_DEFAULT_TIMEOUT");
field.setAccessible(true);
Field modifiers = field.getClass().getDeclaredField("modifiers");
modifiers.setAccessible(true);
modifiers.setInt(field, field.getModifiers() & ~Modifier.FINAL);
field.set(userProvider, 5000L);
} catch (NoSuchFieldException | IllegalAccessException e) {
throw new RuntimeException(e);
}
}
}
在Keycloak/Quarkus (v17.0.0)中你可以在keycloak.conf[=18中指定参数spi-user-storage-provider-timeout =] 文件.
示例(10 秒):
spi-user-storage-provider-timeout=10000