[keycloak-user] basic-auth

Amat, Juan (Nokia - US) juan.amat at nokia.com
Mon Aug 21 15:52:11 EDT 2017


Hello,

As we need to support some legacy applications we are enabling basic auth in the wildfly adapater of our REST oidc clients.

What I have noticed is that for every REST call, a 'session' is created on the keycloak server.
Is there a way to not create this session?
We do have perf tests that will call those REST apis a lot and I am concerned that we will use memory for nothing.

Another concern is that during those perf tests we noticed that the keycloak server was using a lot of CPU.
A large part of it was used checking the password (the same user was used for all those calls).
For legacy reason we cannot ask the caller to first get a token and use it for subsequent calls.
So I am wondering if there is a way to configure some 'authentication cache'.
(I guess that I am asking for something like the JBossCachedAuthenticationManager for those who know JBoss EAP/Wildfly).

In fact I would not even care about the token too and just an OK/NOK from the keycloak server would be needed.
This is probably too much to ask and I could do all this from my end.
But then to support new clients that are  OAuth aware I would need to replicate what the adapter is doing.



More information about the keycloak-user mailing list