[keycloak-dev] sticky sessions
Bill Burke
bburke at redhat.com
Wed Dec 2 12:58:33 EST 2015
On 12/2/2015 12:54 PM, Bill Burke wrote:
>
>
> On 12/2/2015 12:46 PM, Stian Thorgersen wrote:
>> Wonder if we could do something similar with code 2 token. Could we not
>> set a cookie there as well? Then at most there would be two nodes for
>> one user.
>>
>> Alternative is to update code 2 token so it doesn't require the user
>> model. That would be more elegant. We could do that by making sure user
>> sessions are updated when required if user model changes.
>>
>
> You could optimistically create the token and store it within the client
> session. But then your overhead is in replication? Then again is
> replicating a few kilobytes that big of a deal?
>
Answering my own question...It probabbly isn't a big deal as you are
already replicating the client session anyways.
Doesn't help refresh token though. Refresh token needs to verify the
user is still enabled.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list