[keycloak-dev] Application Clustering problems

Christian Beikov christian.beikov at gmail.com
Fri Jan 22 06:48:04 EST 2016


Hello,

I am running some tests with my application cluster being secured by a 
single keycloak server instance and I encountered problems with the adapter.

My application cluster contains 2 nodes and is load balanced by nginx. 
For testing purposes, I enabled round robin load balancing which is 
probably the "cause" for my issues.

When I access a secured page, I get redirected to keycloak and 
everything is fine. When I then login, and keycloak redirects me back to 
the application, I get to a different application cluster node because 
of round robin. On that node, apparently the initial information of the 
client session is not available and I get redirected to keycloak login 
page again. Then keycloak redirects me back to the application, this 
time to the original node, and says that access is forbidden.

I suppose the web session caches are not in sync but I just used the 
default cache containers as they are defined in standalone-ha.xml of my 
Wildlfy 10 CR4. Clustering with jgroups works, as I use other 
distributed caches too which work just fine.

We are using Keycloak 1.8.0.CR2 on a Wildfly 10 CR4

Regards,
Christian


More information about the keycloak-dev mailing list