[keycloak-user] Will Keycloak scale to handle hundreads of LDAP integrations?
Stian Thorgersen
sthorger at redhat.com
Thu Jun 14 08:34:40 EDT 2018
Are you planning to have a single realm?
The way users are retrieved when there is multiple LDAP servers is
currently quite limited. It will simply search through them in order until
the user is found. Once found a user with the link to the correct LDAP will
be setup. With hundreds of LDAP connections this will most likely be rather
slow.
It's also not a scenario we've tested so you would have to test and
experiment with this yourself.
On 14 June 2018 at 14:30, Filipe Abrahao <lfa at doodle.com> wrote:
> Hi everyone,
>
> I work at Doodle, an online platform to help people to schedule meetings
> and social events, we have around 28m people that use our product every
> month and we are in the process of splitting our monolith.
>
> We have been experimenting with Keycloak as our auth service, and so far we
> are pretty happy with it, we just making sure it fulfils all our
> requirements, but we have one that we are not sure if it would work with
> Keycloak:
>
> Some of our bigger users, like universities and big corporations require to
> manage their users via LDAP. We know that Keycloak can integrate with LDAP.
> But my question is if creating one LDAP configuration for each client is
> the right way to do it.
>
> If we have to configure one LDAP integration for each client that requires
> it, we potentially will end-up with hundreds (perhaps thousands) of them.
> Will it scale? Will Keycloak be able to handle that?
>
> many thanks,
> Filipe A
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
More information about the keycloak-user
mailing list