<div dir="ltr">By default the adapters will require sticky sessions, please refer to <a href="http://keycloak.github.io/docs/userguide/keycloak-server/html/applicationClustering.html">http://keycloak.github.io/docs/userguide/keycloak-server/html/applicationClustering.html</a> for more information</div><div class="gmail_extra"><br><div class="gmail_quote">On 22 January 2016 at 12:48, Christian Beikov <span dir="ltr"><<a href="mailto:christian.beikov@gmail.com" target="_blank">christian.beikov@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hello,<br>
<br>
I am running some tests with my application cluster being secured by a<br>
single keycloak server instance and I encountered problems with the adapter.<br>
<br>
My application cluster contains 2 nodes and is load balanced by nginx.<br>
For testing purposes, I enabled round robin load balancing which is<br>
probably the "cause" for my issues.<br>
<br>
When I access a secured page, I get redirected to keycloak and<br>
everything is fine. When I then login, and keycloak redirects me back to<br>
the application, I get to a different application cluster node because<br>
of round robin. On that node, apparently the initial information of the<br>
client session is not available and I get redirected to keycloak login<br>
page again. Then keycloak redirects me back to the application, this<br>
time to the original node, and says that access is forbidden.<br>
<br>
I suppose the web session caches are not in sync but I just used the<br>
default cache containers as they are defined in standalone-ha.xml of my<br>
Wildlfy 10 CR4. Clustering with jgroups works, as I use other<br>
distributed caches too which work just fine.<br>
<br>
We are using Keycloak 1.8.0.CR2 on a Wildfly 10 CR4<br>
<br>
Regards,<br>
Christian<br>
_______________________________________________<br>
keycloak-dev mailing list<br>
<a href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br>
</blockquote></div><br></div>