[keycloak-dev] Mongo Replica Sets

Stian Thorgersen sthorger at redhat.com
Thu Oct 8 13:15:59 EDT 2015


Sorry, I scanned it to a bit to quick.

Your patch looks good, create a PR and we'll merge it.

On 8 October 2015 at 12:24, Carsten Saathoff <Carsten.Saathoff at kisters.de>
wrote:

> I am not asking for support, I am proposing a change to the mongodb
> connection provider to support mongo replica sets.
>
> best
>
> Carsten
> ------------------------------
> Carsten Saathoff - KISTERS AG - Stau 75 - 26122 Oldenburg - Germany
> Handelsregister Aachen, HRB-Nr. 7838 | Vorstand: Klaus Kisters, Hanns
> Kisters | Aufsichtsratsvorsitzender: Dr. Thomas Klevers
> Phone: +49 441 93602 -257 | Fax: +49 441 93602 -222 | E-Mail:
> Carsten.Saathoff at kisters.de | WWW: http://www.kisters.de
> ------------------------------
> Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte
> Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail
> irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und
> vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte
> Weitergabe dieser Mail ist nicht gestattet.
> This e-mail may contain confidential and/or privileged information. If you
> are not the intended recipient (or have received this e-mail in error)
> please notify the sender immediately and destroy this e-mail. Any
> unauthorised copying, disclosure or distribution of the material in this
> e-mail is strictly forbidden.
>
>
>
> From:        Stian Thorgersen <sthorger at redhat.com>
> To:        Carsten Saathoff <Carsten.Saathoff at kisters.de>,
> Cc:        keycloak-dev <keycloak-dev at lists.jboss.org>
> Date:        08/10/2015 12:00
> Subject:        Re: [keycloak-dev] Mongo Replica Sets
> Sent by:        keycloak-dev-bounces at lists.jboss.org
> ------------------------------
>
>
>
> Please use user mailing list for support
>
> On 8 October 2015 at 10:42, Carsten Saathoff <
> *Carsten.Saathoff at kisters.de* <Carsten.Saathoff at kisters.de>> wrote:
> Hi all,
>
> we are currently setting up a production system that uses keycloak as the
> Identity Provider. We use mongodb as the database for keycloak (since this
> is our main database), but require keycloak to also handle mongodb replica
> sets appropriately. Currently, when the primary changes in a mongo replica
> set, keycloak stops working, since it only connects to a single instance.
>
> I have a version of keycloak that uses a mongodb:// uri[1] to specify the
> mongo connection parameters in the keycloak configuration file. Since
> mongodb:// uris are a standard way of obtaining a mongo client, this
> naturally supports replica sets. The patch is only a couple of lines and
> seems to work. The only issue I have is that the MongoDB update seems to be
> broken in master currently. But this is also the case when I build keycloak
> without my patch, so I assume this to be an unrelated issue.
>
> The commit is available in my keycloak fork:
>
>
> *https://github.com/kodemaniak/keycloak/commit/6741dffe38c9c8d9fd8ca1e92cb15762666a607a*
> <https://github.com/kodemaniak/keycloak/commit/6741dffe38c9c8d9fd8ca1e92cb15762666a607a>
>
> Only the setup of the operational attributes is still missing for the
> configuration via uri, but it can easily be added.
>
> I would like to get this somehow into an official release, since I think
> that supporting replica sets is crucial in order to use keycloak with mongo
> in a production setup. Personally I think that specifying mongo connection
> parameters via mongodb:// uris is the most convenient way and it's
> standardized. So it could even be the only way of specifying the connection
> details IMHO.
>
> Since in the contribution section it's encouraged to first discuss such
> ideas on this mailing list prior to sending a pull request, I am sending
> this mail to receive any feedback.
>
> best
>
> Carsten
>
> [1] *http://docs.mongodb.org/manual/reference/connection-string/*
> <http://docs.mongodb.org/manual/reference/connection-string/>
>
> ------------------------------
> Carsten Saathoff - KISTERS AG - Stau 75 - 26122 Oldenburg - Germany
> Handelsregister Aachen, HRB-Nr. 7838 | Vorstand: Klaus Kisters, Hanns
> Kisters | Aufsichtsratsvorsitzender: Dr. Thomas Klevers
> Phone: *+49 441 93602 -257* <%2B49%20441%2093602%20-257> | Fax: *+49 441
> 93602 -222* <%2B49%20441%2093602%20-222> | E-Mail:
> *Carsten.Saathoff at kisters.de* <Carsten.Saathoff at kisters.de> | WWW:
> *http://www.kisters.de* <http://www.kisters.de/>
> ------------------------------
> Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte
> Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail
> irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und
> vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte
> Weitergabe dieser Mail ist nicht gestattet.
> This e-mail may contain confidential and/or privileged information. If you
> are not the intended recipient (or have received this e-mail in error)
> please notify the sender immediately and destroy this e-mail. Any
> unauthorised copying, disclosure or distribution of the material in this
> e-mail is strictly forbidden.
> _______________________________________________
> keycloak-dev mailing list
> *keycloak-dev at lists.jboss.org* <keycloak-dev at lists.jboss.org>
> *https://lists.jboss.org/mailman/listinfo/keycloak-dev*
> <https://lists.jboss.org/mailman/listinfo/keycloak-dev>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20151008/8907f4d6/attachment.html 


More information about the keycloak-dev mailing list