This is supposed to work for Keycloak OIDC clients and some docs is here
https://keycloak.gitbooks.io/securing-client-applications-guide/content/t...
.
I don't know about Keycloak SAML clients. Is it an alternative for you
to try OIDC instead of SAML?
Marek
On 20/01/17 08:19, Pulkit Gupta wrote:
Hi All,
I am running multiple applications deployed on a Jboss cluster with
infinispan used as a cache and for distributed sessions.
I verified and can see that session replication is working for a normal
application where I can see the same session on all the servers in the
cluster and hence the application is working fine without session
stickiness.
However when I am trying to use any Keycloak SAML client based application
it is only working if the request is going to a particular box in the
cluster. On all the other boxes we are getting errors.
>From this behavior I am concluding that somehow for Keycloak based
applications sessions are not getting replicated.
Both these applications has <distributable /> tag in them so I am not sure
why it is showing different behaviour.
I know we can fix this by just enabling session stickiness but we want the
sessions to be replicated as well.
This is because we want to make our set up more resilient. Also in case of
logout when Keycloak is sending a back channel logout request it amy send
it to any server in the cluster.
If the sessions are not properly replicated then the logout will fail as
the session will remain preserved on some other server in the cluster.
Can someone please suggest me something what to try.