[keycloak-user] Is clustering required?

Bill Burke bburke at redhat.com
Wed Aug 3 19:50:25 EDT 2016 

you don't need session replication, just load balancer sticky sessions.  
Basically the HTTP load balancer sets a cookie when you visit for the 
first time.  Based on that cookie the load balancer knows which machine 
you are "stuck" on and will continually route the browser to that same 
machine.


On 8/3/16 7:04 PM, John D. Ament wrote:
>
> Mmmph ok.  Do you know how quickly sessions replicate now?  Last time 
> I did this it was about a minute which didn't perform well for me.  
> This is going back at least 6 years though.
>
>
> On Aug 3, 2016 18:50, "Bill Burke" <bburke at redhat.com 
> <mailto:bburke at redhat.com>> wrote:
>
>     I think SAML would be ok so long as you have sticky sessions
>     enabled with your load balancer.
>
>
>     On 8/3/16 6:07 PM, John D. Ament wrote:
>>     Thanks Bill.  What if I'm primarily using SAML? Same session issue?
>>
>>     John
>>
>>     On Wed, Aug 3, 2016 at 5:17 PM Bill Burke <bburke at redhat.com
>>     <mailto:bburke at redhat.com>> wrote:
>>
>>         It is required.  The auth code flow for OAuth is an out of
>>         band HTTP request so you may be loadbalanced to a machine
>>         that doesn't have the user session.  We have "sticky
>>         sessions" for out of band requests like this planned, but not
>>         implemented yet.
>>
>>
>>         On 8/3/16 4:55 PM, John D. Ament wrote:
>>>         Hey,
>>>
>>>         I was wondering, is clustering actually required on the
>>>         keycloak server if I have multiple deployed? Or will it read
>>>         data from the database?
>>>
>>>         John
>>>
>>>
>>>         _______________________________________________
>>>         keycloak-user mailing list
>>>         keycloak-user at lists.jboss.org
>>>         <mailto:keycloak-user at lists.jboss.org>
>>>         https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>>         _______________________________________________
>>         keycloak-user mailing list
>>         keycloak-user at lists.jboss.org
>>         <mailto:keycloak-user at lists.jboss.org>
>>         https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160803/d785d2ea/attachment-0001.html

More information about the keycloak-user mailing list