[keycloak-dev] sticky sessions, clustering, and authentication
Marek Posolda
mposolda at redhat.com
Thu Jun 4 02:49:03 EDT 2015
Question is if the requirement for sticky sessions is not too
restrictive? I guess not everyone want to use sticky sessions.
Maybe we should offer both possibilities (in-memory + sticky sessions OR
AuthenticationSession saved in infinispan and replicated after each
request) ?
Another question is if overhead of current replication is really so bad
to introduce another abstraction and increase code complexity?
Marek
On 4.6.2015 01:49, mike cirioli wrote:
> So sticky sessions would be needed only during the authentication phase, and once complete an underlying clustered session would be created?
>
> On Jun 3, 2015 7:00 PM, Bill Burke <bburke at redhat.com> wrote:
>> I was thinking a bit about performance in a cluster. Right now a client
>> session is created whenever login is initiated. This ends up requiring
>> the client session to be propagated to the cluster, either through a
>> database insert/update or an infinispan replication. Then, with each
>> authentication/required action step, another insert/update/replication.
>>
>> I was thinking we should have an AuthenticationSession that was in
>> memory only. Then, once all authentication and required actions are
>> finished, then create the usersession and client session. This would
>> require sticky sessions though with a load balancer.
>>
>> --
>> Bill Burke
>> JBoss, a division of Red Hat
>> http://bill.burkecentral.com
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
More information about the keycloak-dev
mailing list