In our environment, we've seen sticky sessions fail in ~5% of requests. We generally avoid it. I'll play around with the clustering to see how it works.

On Wed, Aug 3, 2016 at 7:50 PM Bill Burke <bburke@redhat.com> wrote:

you don't need session replication, just load balancer sticky sessions. Basically the HTTP load balancer sets a cookie when you visit for the first time. Based on that cookie the load balancer knows which machine you are "stuck" on and will continually route the browser to that same machine.
On 8/3/16 7:04 PM, John D. Ament wrote:
Mmmph ok. Do you know how quickly sessions replicate now? Last time I did this it was about a minute which didn't perform well for me. This is going back at least 6 years though.
On Aug 3, 2016 18:50, "Bill Burke" <bburke@redhat.com> wrote:
I think SAML would be ok so long as you have sticky sessions enabled with your load balancer.

On 8/3/16 6:07 PM, John D. Ament wrote:
Thanks Bill. What if I'm primarily using SAML? Same session issue?
John
On Wed, Aug 3, 2016 at 5:17 PM Bill Burke <bburke@redhat.com> wrote:
It is required. The auth code flow for OAuth is an out of band HTTP request so you may be loadbalanced to a machine that doesn't have the user session. We have "sticky sessions" for out of band requests like this planned, but not implemented yet.

On 8/3/16 4:55 PM, John D. Ament wrote:

Hey,

I was wondering, is clustering actually required on the keycloak server if I have multiple deployed? Or will it read data from the database?

John
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user