H2 as Airlock IAM database

This page describes how to use an H2 database with the Airlock IAM database schema. For more information on H2, please refer to http://www.h2database.com.

The chosen data layer has to be well managed and monitored. IAM is not responsible for the operation and backup/recovery. For production usage, the data layer should be clustered.

Performance Limitations

H2 has known performance limitations:

  • H2 uses only one index per logical table at a time in each query.
  • The H2 cluster feature imposes additional limitations on performance (result sets are completely loaded into memory).

We, therefore, recommend using H2 only for small production scenarios with hundreds of users.

There are two ways how to use H2 as IAM database:

Deployment

Description

Usage

External

Standard deployment outside of Airlock IAM (as with any other database system).

Documentation can be found at http://www.h2database.com.

Testing and Integration

Demos

Production (small deployments with few users).

Internal

Airlock IAM can be started with an embedded H2 database.

To enable it, add "h2" to the list of IAM modules in property "iam.modules" in the instance configuration (instances/<instance-name>/instance.properties).

Testing and Integration

Demos

not for productive usage

Database schema files

SQLs scripts for H2 databases are available here:

SQL File

Description

Creates tables used for Airlock IAM.

Upgrades IAM 7.3 database schema for release IAM 7.4.

Upgrades IAM 7.4 database schema for release IAM 7.5.

Upgrades IAM 7.5 database schema for release IAM 7.6.

If the embedded H2 database is used, the database must be upgraded as described in H2 database migration for Airlock IAM 7.6 or newer.

Upgrades IAM 7.6 database schema for release IAM 7.7.

Inserts an administrator "admin" with password "password" (works with demo configuration).

For performance tuning hints, see: Performance tuning and scaling best practices