MariaDB as Airlock IAM database

This page describes how to use a MariaDB database with the Airlock IAM database schema. In order to use Airlock IAM with this database, a JDBC connector/driver library is required.

Notice

The chosen data layer has to be well managed and monitored. IAM is not responsible for the operation and backup/recovery. For production usage, the data layer should be clustered.
In order to use Airlock IAM with this database, a JDBC connector/driver library is required.

Database settings

The following MariaDB database settings may be useful:

Purpose	Command Line	my.cnf
table names are used case-insensitive Note: use this option to avoid issues with older Demo Configurations using table names in upper case	--lower_case_table_names=1	[mysqld] lower_case_table_names=1

Schema creation and upgrade

SQLs scripts for MariaDB databases are available here:

SQL File	Description
create-medusa-schema.sql	Creates tables used for Airlock IAM.
iam-schema-migration-8_5-8_6.sql	Upgrades IAM 8.5 database schema for release IAM 8.6.
iam-schema-migration-8_4-8_5.sql	Upgrades IAM 8.4 database schema for release IAM 8.5.
iam-schema-migration-8_3-8_4.sql	Upgrades IAM 8.3 database schema for release IAM 8.4.
iam-schema-migration-8_2-8_3.sql	Upgrades IAM 8.2 database schema for release IAM 8.3. See note below.
insert-admin.sql	Inserts an administrator “admin” with password “password” (works with demo configuration).

Notice

For performance tuning hints, see: Performance tuning and scaling best practices

Notice

Improtant note on schema migration from IAM 8.2 to IAM 8.3

Note that the schema upgrade from IAM 8.2 to IAM 8.3 contains a change to the collation of oauth2_session table.

Applying this change will cause a database index to be rebuilt. If the table contains a lot of records, this change may take a long time to complete.

Applying the change is recommended but optional.

JDBC connector (JDBC driver)

The JDBC connector can be downloaded from the MariaDB website.
Copy the driver (JAR file) to the libs folder of the common instance (or an instance's folder).
Example:

Terminal box

cp mariadb-java-client-*.jar instances/common/libs/

Restart the IAM instance(s): see e.g. Starting and stopping IAM.

Database schema version

The database schema includes a table named schema_metadata, which stores the schema version. Additional information may be added to this table in future releases.

The schema version information serves two purposes:

Schema upgrade scripts can be made more robust by asserting the correct previous schema version.
It enables automated database schema upgrades.

Notice

Do not manually modify the schema version value in the database. Futurae migration scripts may rely on it.

Further information and links

Internal links:

For the minimal required database version, see System requirements.