[keycloak-user] Trying to use JTA transactions for JPA causes errors

Mon Mar 17 07:48:21 EDT 2014

A datasource is a managed connection provided by the container and provides connection pooling, so you don't need to configure connection pooling in persistence.xml.

I think your issues are not directly related to Keycloak, but has something to do with how the datasource is configured and/or the JDBC driver. The 'Read timed out' error suggests to me that you may be receiving an expired connection from the datasource/connection pool.

It should be 'non-jta-data-source', but that won't make any difference as even though JPA is asking for a JTA capable datasource it doesn't use JTA transactions.

----- Original Message -----
> From: "Dean Peterson" <peterson.dean at gmail.com>
> To: "Stian Thorgersen" <stian at redhat.com>
> Cc: keycloak-user at lists.jboss.org
> Sent: Friday, 14 March, 2014 4:26:52 PM
> Subject: Re: [keycloak-user] Trying to use JTA transactions for JPA causes errors
> 
> That makes sense.  I do not necessarily need JTA transactions for keycloak
> but I am experiencing the error you can see in the keycloak-log.txt
> constantly.  Without fail, that error occurs when I let keycloak sit idle
> for about 5 minutes or so.
> 
> It would be nice to let the container manage connections and transactions
> to Keycloak still.  Without that, I am fairly certain a production
> environment needs something like c3p0 or DBCP(Apache Database Connection
> Pooling) to make the connections to the database stable.  What are your
> thoughts?  I will try using c3p0 today to see if that fixes the problem in
> the attached log.  Also, should the jta-data-source tag in the
> persistence.xml be changed to non-jta-data-source?  The keycloak-server
> persistence.xml comes with jta-data-source tag out of the box.  I did try
> changing it to non-jta-data-source and I still get the same errors so that
> is not the cause of my problem.
> 
> Thanks,
> 
> Dean
> 
> 
> On Fri, Mar 14, 2014 at 3:53 AM, Stian Thorgersen <stian at redhat.com> wrote:
> 
> > Keycloak has been designed to work in multiple environments, not just
> > JavaEE. That's why container managed transactions are not used. JTA
> > transactions are not required either as there's a single database, hence no
> > need for distributed transactions.
> >
> > Can you provide me with some more information about the errors you are
> > seeing? Including the server log, persistence.xml, etc. It should work
> > perfectly well with resource local transactions.
> >
> > If you have a real requirement for using JTA a data-source we can
> > certainly look into supporting that.
> >
> > ----- Original Message -----
> > > From: "Dean Peterson" <peterson.dean at gmail.com>
> > > To: keycloak-user at lists.jboss.org
> > > Sent: Thursday, 13 March, 2014 6:40:23 PM
> > > Subject: [keycloak-user] Trying to use JTA transactions for JPA causes
> > errors
> > >
> > > I get transaction rollback errors frequently. Every time I leave the
> > > application idle for a few minutes and come back, the system has
> > transaction
> > > errors. I have to refresh multiple times for the keycloak admun-ui to
> > start
> > > responding again. I realized my settings were using local database
> > > transactions and that does not work well. I am using JBOSS and J2EE so I
> > > definitely want to use the container managed transactions. I switched the
> > > settings in my management console and changed my persistence.xml to this:
> > >
> > > <persistence xmlns=" http://java.sun.com/xml/ns/persistence "
> > > xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance "
> > > xsi:schemaLocation=" http://java.sun.com/xml/ns/persistence
> > > http://java.sun.com/xml/ns/persistence/persistence_1_0.xsd "
> > > version="1.0">
> > > <persistence-unit name="jpa-keycloak-identity-store"
> > transaction-type="JTA">
> > > <jta-data-source>java:jboss/datasources/ui_users</jta-data-source>
> > > <class>org.keycloak.models.jpa.entities.ApplicationEntity</class>
> > > <class>org.keycloak.models.jpa.entities.CredentialEntity</class>
> > > <class>org.keycloak.models.jpa.entities.OAuthClientEntity</class>
> > > <class>org.keycloak.models.jpa.entities.RealmEntity</class>
> > > <class>org.keycloak.models.jpa.entities.RequiredCredentialEntity</class>
> > > <class>org.keycloak.models.jpa.entities.ApplicationRoleEntity</class>
> > > <class>org.keycloak.models.jpa.entities.RealmRoleEntity</class>
> > > <class>org.keycloak.models.jpa.entities.SocialLinkEntity</class>
> > > <class>org.keycloak.models.jpa.entities.UserEntity</class>
> > > <class>org.keycloak.models.jpa.entities.UserRoleMappingEntity</class>
> > > <class>org.keycloak.models.jpa.entities.ScopeMappingEntity</class>
> > >
> > > <exclude-unlisted-classes>true</exclude-unlisted-classes>
> > >
> > > <properties>
> > > <property name="hibernate.dialect"
> > > value="org.hibernate.dialect.SQLServer2008Dialect"/>
> > > <property name="hibernate.hbm2ddl.auto" value="update"/>
> > > </properties>
> > > </persistence-unit>
> > > </persistence>
> > >
> > >
> > >
> > >
> > >
> > > Now when I start the server I get the following error:
> > >
> > > java.lang.NullPointerException
> > > at
> > >
> > org.hibernate.engine.transaction.internal.jta.JtaStatusHelper.getStatus(JtaStatusHelper.java:76)
> > > at
> > > .
> > > .
> > > .
> > >
> > org.keycloak.models.jpa.JpaKeycloakSessionFactory.createSession(JpaKeycloakSessionFactory.java:21)
> > > at
> > > .
> > > .
> > > .
> > > jboss.undertow.deployment.default-server.default-host./auth: Failed to
> > start
> > > service
> > > Caused by: java.lang.RuntimeException: Failed to construct public
> > >
> > org.keycloak.server.KeycloakServerApplication(javax.servlet.ServletContext)
> > > throws java.io.FileNotFoundException
> > >
> > > Any ideas why this is happening?
> > >
> > > Thanks,
> > >
> > > Dean Peterson
> > >
> > > _______________________________________________
> > > keycloak-user mailing list
> > > keycloak-user at lists.jboss.org
> > > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
> 