[keycloak-dev] Keycloak installation based on MongoDB

Marek Posolda mposolda at redhat.com
Fri Sep 6 18:05:28 EDT 2013 

On 6.9.2013 23:53, Bill Burke wrote:
> That's great!  I was also thinking of having a read-only file back-end
> too.  Does it make sense to have an Infinispan backend?
Actually my MongoDB is both read+write:-)

Infinispan might be useful too. AFAIK Picketlink team plans to do 
IdentityStore implementation based on infinispan, so we might have that 
automatically from picketlink. We will just need to switch from 
JPAIdentityStore to Infinispan based identity store.

Marek
>
> On 9/6/2013 5:45 PM, Marek Posolda wrote:
>> Hi,
>>
>> Thomas asked me to investigate possibility of using NoSQL database
>> (MongoDB) instead of Picketlink as storage of Keycloak identity data. At
>> this moment, I have working MongoDB prototype here
>> https://github.com/mposolda/keycloak/tree/nosql . Keycloak already has
>> flexible identity model, which easily allows to provide different
>> abstraction for storing of identity data, so I just needed to create my
>> own implementations of KeycloakSessionFactory and KeycloakSession
>> interfaces and model classes. I almost didn't need to touch existing
>> code despite some changes in KeycloakApplication class to allow
>> switching between Picketlink and MongoDB. Note that Picketlink is still
>> used by default if you don't provide system property
>> -Dkeycloak.sessionFactory=mongo.
>>
>> To try it, you just need working installation of MongoDB and then you
>> can run Keycloak with:
>>
>> ./standalone.sh -Dkeycloak.sessionFactory=mongo
>> -Dkeycloak.mongodb.host=localhost -Dkeycloak.mongodb.port=27017
>> -Dkeycloak.mongodb.databaseName=keycloak
>>
>> (Last 3 properties can be usually omited as localhost/27017/keycloak are
>> default values for host, port and databaseName. MongoDB is installed on
>> port 27017 by default and it automatically creates database "keycloak"
>> if it doesn't exist).
>>
>> There is still work needed, but actually almost everything, which works
>> for Picketlink works for MongoDB as well. Let me know if you have any
>> questions, concerns.
>>
>> Marek
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>

More information about the keycloak-dev mailing list