[keycloak-user] mongodb 3.0 scram-sha security

Stian Thorgersen sthorger at redhat.com
Wed Jan 27 03:59:56 EST 2016


Even better a PR as well ;)

On 26 January 2016 at 21:30, Marek Posolda <mposolda at redhat.com> wrote:

> Hi,
>
> could you please create JIRA for this?
>
> Thanks,
> Marek
>
>
> On 26/01/16 18:53, Dean Peterson wrote:
>
> I can see the DefaultMongoConnectionFactoryProvider hard codes the old
> mongocr security:
>
>
> MongoCredential credential = MongoCredential.createMongoCRCredential(user,
> dbName, password.toCharArray());
>
> client = new MongoClient(new ServerAddress(host, port), Collections.singletonList(credential),
> clientOptions);
>
> } else {
>
> client = new MongoClient(new ServerAddress(host, port), clientOptions);
>
> } It should be using:
> MongoCredential credential = MongoCredential.createScramSha1Credential(
> System.getProperty("mongouser"),
> System.getProperty("mongodatabase"),
> System.getProperty("mongopassword").toCharArray());
>
> On Tue, Jan 26, 2016 at 11:40 AM, Dean Peterson <peterson.dean at gmail.com>
> wrote:
>
>> Does keycloak v1.3.1 support mongodb 3.0 and it's new default scram-sha
>> security?  If not, do later versions support it?
>>
>
>
>
> _______________________________________________
> keycloak-user mailing listkeycloak-user at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160127/4d679877/attachment.html 


More information about the keycloak-user mailing list