<div dir="ltr">Please use user mailing list for support</div><div class="gmail_extra"><br><div class="gmail_quote">On 8 October 2015 at 10:42, Carsten Saathoff <span dir="ltr"><<a href="mailto:Carsten.Saathoff@kisters.de" target="_blank">Carsten.Saathoff@kisters.de</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><font size="2" face="sans-serif">Hi all,</font>
<br>
<br><font size="2" face="sans-serif">we are currently setting up a production
system that uses keycloak as the Identity Provider. We use mongodb as the
database for keycloak (since this is our main database), but require keycloak
to also handle mongodb replica sets appropriately. Currently, when the
primary changes in a mongo replica set, keycloak stops working, since it
only connects to a single instance.</font>
<br>
<br><font size="2" face="sans-serif">I have a version of keycloak that uses
a mongodb:// uri[1] to specify the mongo connection parameters in the keycloak
configuration file. Since mongodb:// uris are a standard way of obtaining
a mongo client, this naturally supports replica sets. The patch is only
a couple of lines and seems to work. The only issue I have is that the
MongoDB update seems to be broken in master currently. But this is also
the case when I build keycloak without my patch, so I assume this to be
an unrelated issue.</font>
<br>
<br><font size="2" face="sans-serif">The commit is available in my keycloak
fork:</font>
<br>
<br><a href="https://github.com/kodemaniak/keycloak/commit/6741dffe38c9c8d9fd8ca1e92cb15762666a607a" target="_blank"><font size="2" face="sans-serif">https://github.com/kodemaniak/keycloak/commit/6741dffe38c9c8d9fd8ca1e92cb15762666a607a</font></a>
<br>
<br><font size="2" face="sans-serif">Only the setup of the operational attributes
is still missing for the configuration via uri, but it can easily be added.</font>
<br>
<br><font size="2" face="sans-serif">I would like to get this somehow into
an official release, since I think that supporting replica sets is crucial
in order to use keycloak with mongo in a production setup. Personally I
think that specifying mongo connection parameters via mongodb:// uris is
the most convenient way and it's standardized. So it could even be the
only way of specifying the connection details IMHO.</font>
<br>
<br><font size="2" face="sans-serif">Since in the contribution section it's
encouraged to first discuss such ideas on this mailing list prior to sending
a pull request, I am sending this mail to receive any feedback.</font>
<br>
<br><font size="2" face="sans-serif">best</font>
<br>
<br><font size="2" face="sans-serif">Carsten</font>
<br>
<br><font size="2" face="sans-serif">[1] </font><a href="http://docs.mongodb.org/manual/reference/connection-string/" target="_blank"><font size="2" face="sans-serif">http://docs.mongodb.org/manual/reference/connection-string/</font></a>
<br>
<br>
<hr>
<font size="3" face="Calibri,sans-serif">
Carsten Saathoff - KISTERS AG - Stau 75 - 26122 Oldenburg - Germany<br>Handelsregister Aachen, HRB-Nr. 7838 | Vorstand: Klaus Kisters, Hanns Kisters | Aufsichtsratsvorsitzender: Dr. Thomas Klevers<br>Phone: <a href="tel:%2B49%20441%2093602%20-257" value="+4944193602257" target="_blank">+49 441 93602 -257</a> | Fax: <a href="tel:%2B49%20441%2093602%20-222" value="+4944193602222" target="_blank">+49 441 93602 -222</a> | E-Mail: <a href="mailto:Carsten.Saathoff@kisters.de" target="_blank">Carsten.Saathoff@kisters.de</a> | WWW: <a href="http://www.kisters.de" target="_blank">http://www.kisters.de</a>
<hr>
<font size="2" face="Calibri,sans-serif">
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet. <br>This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorised copying, disclosure or distribution of the material in this e-mail is strictly forbidden.
</font></font><br>_______________________________________________<br>
keycloak-dev mailing list<br>
<a href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br></blockquote></div><br></div>