[keycloak-dev] Facing Issue with Resource Server in Clustered Environment

[Bappaditya Gorai (bgorai)]

Hi Team,
Please find the details on setup and observation below. Please provide your suggestion on how to overcome this issue. We are using Keycloak 1.0.4.Final (Adapter & Server).


Setup:

1.       We have brought up Jboss cluster ( Using mod_cluster, httpd )  with 2  nodes in domain mode and enabled session replication between these nodes.

2.       Our Recourse server is deployed  in this clustered environment with distributable and Sticky session Off.


Behavior observed :
During the Authorization/Authentication process ,when Initial call(Resource Access) lands on master and next redirection (post Code To token) falls on slave Adapter is treating it as  a new session and redirecting to login URL again. So we ended up with circular redirection error. After further investigation seems like session replication delay is causing adapter to behave this way. As the redirection call happens very quickly and this results in circular redirection error.



NOTE: Sticky Session  in mod_cluster environment solves the issue but  it does not provide true load balancing. Therefore we are not considering Stick session option.


Thanks
Bappaditya Gorai
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20150130/319fd655/attachment.html