<div dir="ltr"><div>The docs state that &quot;By default there&#39;s nothing to prevent unauthorized nodes from joining the cluster and sending potentially malicious messages to the cluster.&quot; (<a href="http://keycloak.github.io/docs/userguide/keycloak-server/html/clustering.html" target="_blank">http://keycloak.github.io/docs/userguide/keycloak-server/html/clustering.html</a>)<br><br></div>Is this still the case if the jgroups stack in Wildfly has implemented the AUTH protocol? For example, the Openshift Wildfly config looks something like this:<br><br><pre style="" class=""><code><span class=""><code><span class="">    </span><span class=""></span></code>&lt;</span><span class="">stack name</span><span class="">=</span><span class="">&quot;tcp&quot;</span><span class="">&gt;</span><span class="">
        </span><span class="">&lt;</span><span class="">transport type</span><span class="">=</span><span class="">&quot;TCP&quot;</span><span class=""> socket</span><span class="">-</span><span class="">binding</span><span class="">=</span><span class="">&quot;jgroups-tcp&quot;</span><span class="">&gt;</span><span class="">
            </span><span class="">&lt;</span><span class="">property name</span><span class="">=</span><span class="">&quot;external_addr&quot;</span><span class="">&gt;</span><span class="">$</span><span class="">{</span><span class="">env</span><span class="">.</span><span class="">OPENSHIFT_GEAR_DNS</span><span class="">}&lt;/</span><span class="">property</span><span class="">&gt;</span><span class="">
            </span><span class="">&lt;</span><span class="">property name</span><span class="">=</span><span class="">&quot;external_port&quot;</span><span class="">&gt;</span><span class="">$</span><span class="">{</span><span class="">env</span><span class="">.</span><span class="">OPENSHIFT_WILDFLY_CLUSTER_PROXY_PORT</span><span class="">}&lt;/</span><span class="">property</span><span class="">&gt;</span><span class="">
            </span><span class="">&lt;</span><span class="">property name</span><span class="">=</span><span class="">&quot;bind_port&quot;</span><span class="">&gt;</span><span class="">$</span><span class="">{</span><span class="">env</span><span class="">.</span><span class="">OPENSHIFT_WILDFLY_CLUSTER_PORT</span><span class="">}&lt;/</span><span class="">property</span><span class="">&gt;</span><span class="">
            </span><span class="">&lt;</span><span class="">property name</span><span class="">=</span><span class="">&quot;bind_addr&quot;</span><span class="">&gt;</span><span class="">$</span><span class="">{</span><span class="">env</span><span class="">.</span><span class="">OPENSHIFT_WILDFLY_IP</span><span class="">}&lt;/</span><span class="">property</span><span class="">&gt;</span><span class="">
            </span><span class="">&lt;</span><span class="">property name</span><span class="">=</span><span class="">&quot;defer_client_bind_addr&quot;</span><span class="">&gt;</span><span class="">true</span><span class="">&lt;/</span><span class="">property</span><span class="">&gt;</span><span class="">
        </span><span class="">&lt;/</span><span class="">transport</span><span class="">&gt;</span><span class="">
        </span><span class="">&lt;</span><span class="">protocol type</span><span class="">=</span><span class="">&quot;TCPPING&quot;</span><span class="">&gt;</span><span class="">
            </span><span class="">&lt;</span><span class="">property name</span><span class="">=</span><span class="">&quot;timeout&quot;</span><span class="">&gt;</span><span class="">30000</span><span class="">&lt;/</span><span class="">property</span><span class="">&gt;</span><span class="">
            </span><span class="">&lt;</span><span class="">property name</span><span class="">=</span><span class="">&quot;initial_hosts&quot;</span><span class="">&gt;</span><span class="">$</span><span class="">{</span><span class="">env</span><span class="">.</span><span class="">OPENSHIFT_WILDFLY_CLUSTER</span><span class="">}&lt;/</span><span class="">property</span><span class="">&gt;</span><span class="">
            </span><span class="">&lt;</span><span class="">property name</span><span class="">=</span><span class="">&quot;port_range&quot;</span><span class="">&gt;</span><span class="">0</span><span class="">&lt;/</span><span class="">property</span><span class="">&gt;</span><span class="">
            </span><span class="">&lt;</span><span class="">property name</span><span class="">=</span><span class="">&quot;num_initial_members&quot;</span><span class="">&gt;</span><span class="">1</span><span class="">&lt;/</span><span class="">property</span><span class="">&gt;</span><span class="">
        </span><span class="">&lt;/</span><span class="">protocol</span><span class="">&gt;</span><span class="">
        </span><span class="">&lt;</span><span class="">protocol type</span><span class="">=</span><span class="">&quot;MERGE2&quot;</span><span class="">/&gt;</span><span class="">
        </span><span class="">&lt;</span><span class="">protocol type</span><span class="">=</span><span class="">&quot;FD&quot;</span><span class="">/&gt;</span><span class="">
        </span><span class="">&lt;</span><span class="">protocol type</span><span class="">=</span><span class="">&quot;VERIFY_SUSPECT&quot;</span><span class="">/&gt;</span><span class="">
        </span><span class="">&lt;</span><span class="">protocol type</span><span class="">=</span><span class="">&quot;BARRIER&quot;</span><span class="">/&gt;</span><span class="">
        </span><span class="">&lt;</span><span class="">protocol type</span><span class="">=</span><span class="">&quot;pbcast.NAKACK&quot;</span><span class="">/&gt;</span><span class="">
        </span><span class="">&lt;</span><span class="">protocol type</span><span class="">=</span><span class="">&quot;UNICAST2&quot;</span><span class="">/&gt;</span><span class="">
        </span><span class="">&lt;</span><span class="">protocol type</span><span class="">=</span><span class="">&quot;pbcast.STABLE&quot;</span><span class="">/&gt;</span><span class="">
        </span><span class="">&lt;</span><span class="">protocol type</span><span class="">=</span><span class="">&quot;AUTH&quot;</span><span class="">&gt;</span><span class="">
            </span><span class="">&lt;</span><span class="">property name</span><span class="">=</span><span class="">&quot;auth_class&quot;</span><span class="">&gt;</span><span class="">org</span><span class="">.</span><span class="">jgroups</span><span class="">.</span><span class="">auth</span><span class="">.</span><span class="">MD5Token</span><span class="">&lt;/</span><span class="">property</span><span class="">&gt;</span><span class="">
            </span><span class="">&lt;</span><span class="">property name</span><span class="">=</span><span class="">&quot;token_hash&quot;</span><span class="">&gt;</span><span class="">SHA</span><span class="">&lt;/</span><span class="">property</span><span class="">&gt;</span><span class="">
            </span><span class="">&lt;</span><span class="">property name</span><span class="">=</span><span class="">&quot;auth_value&quot;</span><span class="">&gt;</span><span class="">$</span><span class="">{</span><span class="">env</span><span class="">.</span><span class="">OPENSHIFT_SECRET_TOKEN</span><span class="">}&lt;/</span><span class="">property</span><span class="">&gt;</span><span class="">
        </span><span class="">&lt;/</span><span class="">protocol</span><span class="">&gt;</span><span class="">
        </span><span class="">&lt;</span><span class="">protocol type</span><span class="">=</span><span class="">&quot;pbcast.GMS&quot;</span><span class="">/&gt;</span><span class="">
        </span><span class="">&lt;</span><span class="">protocol type</span><span class="">=</span><span class="">&quot;UFC&quot;</span><span class="">/&gt;</span><span class="">
        </span><span class="">&lt;</span><span class="">protocol type</span><span class="">=</span><span class="">&quot;MFC&quot;</span><span class="">/&gt;</span><span class="">
        </span><span class="">&lt;</span><span class="">protocol type</span><span class="">=</span><span class="">&quot;FRAG2&quot;</span><span class="">/&gt;</span><span class="">
        </span><span class="">&lt;!--</span><span class="">protocol type</span><span class="">=</span><span class="">&quot;pbcast.STATE_TRANSFER&quot;</span><span class="">/&gt;</span><span class="">
        </span><span class="">&lt;</span><span class="">protocol type</span><span class="">=</span><span class="">&quot;pbcast.FLUSH&quot;</span><span class="">/--&gt;</span><span class="">
    </span><span class="">&lt;/</span><span class="">stack</span><span class="">&gt;</span></code></pre><br clear="all"><div><div><div><div><br>-- <br><div><div dir="ltr"><div><div dir="ltr"><div><b><font face="tahoma, sans-serif">Matthew Casperson</font></b></div><div><b><font face="tahoma, sans-serif">Senior Front End Developer</font></b></div><div><font face="tahoma, sans-serif">Technology, Space &amp; Distribution</font></div><div><font face="tahoma, sans-serif">Auto &amp; General Holdings Pty Ltd</font></div><div><font face="tahoma, sans-serif">P: 07) 3377 </font><span style="font-family:tahoma,sans-serif;font-size:small">8751</span><font face="tahoma, sans-serif"> (Direct: 3377 </font><span style="font-family:tahoma,sans-serif;font-size:small">8751</span><font face="tahoma, sans-serif">)</font></div><div><font face="tahoma, sans-serif">F: 07) 3377 8833<br><br></font></div><img src="https://sites.google.com/a/autogeneral.com.au/logos/_/rsrc/1375661597693/home/autogeneral.gif" style="border: 0px none; max-width: 100%; font-family: &quot;Helvetica Neue&quot;,Helvetica,Arial,sans-serif; line-height: 18px;"><br></div></div></div></div>
</div></div></div></div></div>

<br>
<pre style="font-family:Menlo,Monaco,&#39;Courier New&#39;,monospace;font-size:12px;white-space:pre-wrap;padding:8.5px;color:rgb(51,51,51);border-top-left-radius:4px;border-top-right-radius:4px;border-bottom-right-radius:4px;border-bottom-left-radius:4px;margin-top:0px;margin-bottom:9px;line-height:18px;background-color:rgb(245,245,245);border:1px solid rgba(0,0,0,0.14902);word-break:break-all;word-wrap:break-word">This email is sent by Auto &amp; General Insurance Company Ltd, Auto &amp; General Services Pty Ltd, Auto &amp; General Holdings Pty Ltd or a related body corporate (Auto &amp; General) and is for the intended addressee.
The views expressed in this email and attachments (email) reflect the views of the stated author but may not reflect views of Auto &amp; General. This email is confidential and subject to copyright. 
It may be privileged. If you are not the intended addressee, confidentiality and privilege have not been waived and any use, interference with, or disclosure of this email is unauthorised. 
If you are not the intended addressee please immediately notify the sender and then delete the email. Auto &amp; General does not warrant that this email is error or virus free.</pre>