Hi,
Bringing to the mailing list the discussion about this issue:
https://osgeo-org.atlassian.net/browse/GEOS-7648
This issue is related to the geofence-server community module:
http://docs.geoserver.org/stable/en/user/community/geofence-server/index.html
So far when using GeoFence embedded as a user we only had to include the
geofence-server plugin and we could start using it without any configurations
concerns.
At this point I need to explain how this was working behind the scenes. GeoFence
uses hibernate to store is data, i.e. GeoFence data is stored in a database. By
default GeoFence will use the H2 database engine in a persistent mode, the
database files are stored in GeoServer data directory under 'geofence'
directory:
geoserver_data_dir
`-- geofence
|-- geofence-datasource-ovr.properties
|-- geofence_db
| |-- geofence.1.log.db
| |-- geofence.data.db
| |-- geofence.index.db
| `-- geofence.lock.db
`-- geofence-server.properties
Before storing the data in the database (we are talking about classical
relational databases here) we need to create the schema were our data will be
stored.
Hibernate can automatically create and update the schema for us, we can control
this behavior with the 'hibernate.hbm2ddl.auto' option. Be default GeoFence was
using this configuration:
geofenceEntityManagerFactory.jpaPropertyMap[hibernate.hbm2ddl.auto]=update
Which means that the schema would have been generated and updated automatically
by Hibernate. This is why we could use GeoFence embedded without worrying about
any extra configuration.
Recent changes on geofence-server module broke this behavior, H2 database still
be used by default but Hibernate will no longer generate the schema
automatically.
This raise some questions:
- Is it safe to use H2 database in production ?
If the answer is no the documentation should be explicit about using H2 as the
default database engine.
- Should by default Hibernate be allowed to automatically generate the Schema ?
If yes this means that in some production environments this feature would
probably need to be disabled explicitly by the user.
If no this means that from now on the user would need to activate this feature
explicitly or manually create the schema before using geofence-server.
Opinions about this ?
My opinion about his is:
Hibernate should create the schema automatically, this will allow users to
quickly test GeoFence without worrying about the database schema and extra
configurations.
The documentation should be updated to clearly stay that H2 database is used by
default and that Hibernate will manage the database schema automatically. The
documentation should also stay that for production environments a more reliable
database should be used and hibernate should not be allowed to automatically
manage the database schema, i.e. the user will have to explicitly disable this
feature.
Regards,
Nuno Oliveira
--
GeoServer Professional Services from the experts!
Visit http://goo.gl/it488V for more information.
Nuno Miguel Carvalho Oliveira
@nmcoliveira
Software Engineer
GeoSolutions S.A.S.
Via di Montramito 3/A
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 333 8128928
http://www.geo-solutions.it
http://twitter.com/geosolutions_it
-------------------------------------------------------
AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono
da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate
nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e
-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo
anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai
principi dettati dal D.Lgs. 196/2003.
The information in this message and/or attachments, is intended solely for the attention and use of
the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree
June, 30 2003, no.196 - Italy's New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying,
distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named
addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the
information in this message that has been received in error. The sender does not give any warranty or accept liability as the content,
accuracy or completeness of sent messages and accepts no responsibility for changes made after they were sent or for other risks which
arise as a result of e-mail transmission, viruses, etc.