PingIntelligence

Connecting ABS to MongoDB

Connect ABS to MongoDB.

Steps

  1. Check and open the MongoDB default port.

    The MongoDB default port for connection with ABS is 27017.

    1. Run the check_ports_abs.sh script on the ABS machine to determine whether the default port is available.

    2. Input the MongoDB host IP address and default port as arguments.

      Example:

      /opt/pingidentity/abs/util ./check_ports_abs.sh {MongoDB IPv4:[port]}
    3. Run the script for the MongoDB master and slave. If the default ports are not accessible, open the port from the MongoDB machine.

  2. Configure ABS to connect to MongoDB.

    1. Edit abs_init.js in the /opt/pingidentity/mongo directory to set the key values.

      Example:

      Below is a sample abs_init.js file:

      db.auth_info.insert({
      "access_key" : "abs_ak",
      "secret_key" : "abs_sk"
      });

      ":" (colon) is a restricted character and not allowed in the access key or secret key.

      Do not edit the abs_init.js file for any subsequent changes to the ABS access key and secret key. It is recommended to use the update_keys CLI command to change the keys. For more information, see ABS CLI commands.

    2. Copy the abs_init.js file from the ABS /opt/pingidentity/abs/mongo

      folder to the MongoDB system [.filepath]``/opt/pingidentity/mongo`` folder.
    3. At the MongoDB command prompt, update the MongoDB settings with the latest abs_init.js file.

      # mongo admin -u absuser -p abs123 < /opt/pingidentity/abs/mongo/abs_init.js
      MongoDB Shell version 5.0.18
      connecting to: admin
      switched to db abs_metadata
      WriteResult({ “nInserted” : 1})
      bye
  3. Optional: To verify MongoDB SSL certificates, configure ABS to verify the validity of the MongoDB server certificate.

    1. Set the mongo_certificate parameter in the /<pi_install_path>/pingidentity/abs/config/abs.properties file.

      For more information, see Verify MongoDB SSL certificates.