<div dir="ltr">Sorry, I scanned it to a bit to quick.<div><br></div><div>Your patch looks good, create a PR and we'll merge it.</div></div><div class="gmail_extra"><br><div class="gmail_quote">On 8 October 2015 at 12:24, Carsten Saathoff <span dir="ltr"><<a href="mailto:Carsten.Saathoff@kisters.de" target="_blank">Carsten.Saathoff@kisters.de</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><font size="2" face="sans-serif">I am not asking for support, I am proposing
a change to the mongodb connection provider to support mongo replica sets.</font>
<br>
<br><font size="2" face="sans-serif">best</font>
<br>
<br><font size="2" face="sans-serif">Carsten</font>
<br>
<hr>
<font size="3" face="Calibri,sans-serif"><span class="">
Carsten Saathoff - KISTERS AG - Stau 75 - 26122 Oldenburg - Germany<br>Handelsregister Aachen, HRB-Nr. 7838 | Vorstand: Klaus Kisters, Hanns Kisters | Aufsichtsratsvorsitzender: Dr. Thomas Klevers<br>Phone: <a href="tel:%2B49%20441%2093602%20-257" value="+4944193602257" target="_blank">+49 441 93602 -257</a> | Fax: <a href="tel:%2B49%20441%2093602%20-222" value="+4944193602222" target="_blank">+49 441 93602 -222</a> | E-Mail: <a href="mailto:Carsten.Saathoff@kisters.de" target="_blank">Carsten.Saathoff@kisters.de</a> | WWW: <a href="http://www.kisters.de" target="_blank">http://www.kisters.de</a>
<hr>
<font size="2" face="Calibri,sans-serif">
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet. <br>This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorised copying, disclosure or distribution of the material in this e-mail is strictly forbidden.
</font><br>
<br>
<br>
<br></span><font size="1" color="#5f5f5f" face="sans-serif">From:
</font><font size="1" face="sans-serif">Stian Thorgersen <<a href="mailto:sthorger@redhat.com" target="_blank">sthorger@redhat.com</a>></font>
<br><font size="1" color="#5f5f5f" face="sans-serif">To:
</font><font size="1" face="sans-serif">Carsten Saathoff <<a href="mailto:Carsten.Saathoff@kisters.de" target="_blank">Carsten.Saathoff@kisters.de</a>>,
</font>
<br><font size="1" color="#5f5f5f" face="sans-serif">Cc:
</font><font size="1" face="sans-serif">keycloak-dev <<a href="mailto:keycloak-dev@lists.jboss.org" target="_blank">keycloak-dev@lists.jboss.org</a>></font>
<br><font size="1" color="#5f5f5f" face="sans-serif">Date:
</font><font size="1" face="sans-serif">08/10/2015 12:00</font>
<br><font size="1" color="#5f5f5f" face="sans-serif">Subject:
</font><font size="1" face="sans-serif">Re: [keycloak-dev]
Mongo Replica Sets</font>
<br><font size="1" color="#5f5f5f" face="sans-serif">Sent by:
</font><font size="1" face="sans-serif"><a href="mailto:keycloak-dev-bounces@lists.jboss.org" target="_blank">keycloak-dev-bounces@lists.jboss.org</a></font>
<br>
<hr noshade><div><div class="h5">
<br>
<br>
<br><font size="3">Please use user mailing list for support</font>
<br>
<br><font size="3">On 8 October 2015 at 10:42, Carsten Saathoff <</font><a href="mailto:Carsten.Saathoff@kisters.de" target="_blank"><font size="3" color="blue"><u>Carsten.Saathoff@kisters.de</u></font></a><font size="3">>
wrote:</font>
<br><font size="2" face="sans-serif">Hi all,</font><font size="3"> <br>
</font><font size="2" face="sans-serif"><br>
we are currently setting up a production system that uses keycloak as the
Identity Provider. We use mongodb as the database for keycloak (since this
is our main database), but require keycloak to also handle mongodb replica
sets appropriately. Currently, when the primary changes in a mongo replica
set, keycloak stops working, since it only connects to a single instance.</font><font size="3">
<br>
</font><font size="2" face="sans-serif"><br>
I have a version of keycloak that uses a mongodb:// uri[1] to specify the
mongo connection parameters in the keycloak configuration file. Since mongodb://
uris are a standard way of obtaining a mongo client, this naturally supports
replica sets. The patch is only a couple of lines and seems to work. The
only issue I have is that the MongoDB update seems to be broken in master
currently. But this is also the case when I build keycloak without my patch,
so I assume this to be an unrelated issue.</font><font size="3"> <br>
</font><font size="2" face="sans-serif"><br>
The commit is available in my keycloak fork:</font><font size="3"> <br>
</font><font size="3" color="blue"><u><br>
</u></font><a href="https://github.com/kodemaniak/keycloak/commit/6741dffe38c9c8d9fd8ca1e92cb15762666a607a" target="_blank"><font size="2" color="blue" face="sans-serif"><u>https://github.com/kodemaniak/keycloak/commit/6741dffe38c9c8d9fd8ca1e92cb15762666a607a</u></font></a><font size="3">
<br>
</font><font size="2" face="sans-serif"><br>
Only the setup of the operational attributes is still missing for the configuration
via uri, but it can easily be added.</font><font size="3"> <br>
</font><font size="2" face="sans-serif"><br>
I would like to get this somehow into an official release, since I think
that supporting replica sets is crucial in order to use keycloak with mongo
in a production setup. Personally I think that specifying mongo connection
parameters via mongodb:// uris is the most convenient way and it's standardized.
So it could even be the only way of specifying the connection details IMHO.</font><font size="3">
<br>
</font><font size="2" face="sans-serif"><br>
Since in the contribution section it's encouraged to first discuss such
ideas on this mailing list prior to sending a pull request, I am sending
this mail to receive any feedback.</font><font size="3"> <br>
</font><font size="2" face="sans-serif"><br>
best</font><font size="3"> <br>
</font><font size="2" face="sans-serif"><br>
Carsten</font><font size="3"> <br>
</font><font size="2" face="sans-serif"><br>
[1] </font><a href="http://docs.mongodb.org/manual/reference/connection-string/" target="_blank"><font size="2" color="blue" face="sans-serif"><u>http://docs.mongodb.org/manual/reference/connection-string/</u></font></a><font size="3">
<br>
<br>
</font>
<hr><font size="3" face="Calibri">Carsten Saathoff - KISTERS AG - Stau 75
- 26122 Oldenburg - Germany<br>
Handelsregister Aachen, HRB-Nr. 7838 | Vorstand: Klaus Kisters, Hanns Kisters
| Aufsichtsratsvorsitzender: Dr. Thomas Klevers<br>
Phone: </font><a href="tel:%2B49%20441%2093602%20-257" target="_blank"><font size="3" color="blue" face="Calibri"><u>+49
441 93602 -257</u></font></a><font size="3" face="Calibri"> | Fax: </font><a href="tel:%2B49%20441%2093602%20-222" target="_blank"><font size="3" color="blue" face="Calibri"><u>+49
441 93602 -222</u></font></a><font size="3" face="Calibri"> | E-Mail: </font><a href="mailto:Carsten.Saathoff@kisters.de" target="_blank"><font size="3" color="blue" face="Calibri"><u>Carsten.Saathoff@kisters.de</u></font></a><font size="3" face="Calibri">
| WWW: </font><a href="http://www.kisters.de/" target="_blank"><font size="3" color="blue" face="Calibri"><u>http://www.kisters.de</u></font></a><font size="3" face="Calibri">
</font>
<hr><font size="2" face="Calibri">Diese E-Mail enthält vertrauliche und/oder
rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat
sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte
sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren
sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet. <br>
This e-mail may contain confidential and/or privileged information. If
you are not the intended recipient (or have received this e-mail in error)
please notify the sender immediately and destroy this e-mail. Any unauthorised
copying, disclosure or distribution of the material in this e-mail is strictly
forbidden. </font><font size="3"><br>
_______________________________________________<br>
keycloak-dev mailing list</font><font size="3" color="blue"><u><br>
</u></font><a href="mailto:keycloak-dev@lists.jboss.org" target="_blank"><font size="3" color="blue"><u>keycloak-dev@lists.jboss.org</u></font></a><font size="3" color="blue"><u><br>
</u></font><a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" target="_blank"><font size="3" color="blue"><u>https://lists.jboss.org/mailman/listinfo/keycloak-dev</u></font></a>
<br><tt><font size="2">_______________________________________________<br>
keycloak-dev mailing list<br>
<a href="mailto:keycloak-dev@lists.jboss.org" target="_blank">keycloak-dev@lists.jboss.org</a><br>
</font></tt><a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" target="_blank"><tt><font size="2">https://lists.jboss.org/mailman/listinfo/keycloak-dev</font></tt></a>
<br>
</div></div></font></blockquote></div><br></div>