[keycloak-dev] Async HTTP Request Processing

Marek Posolda mposolda at redhat.com
Thu Mar 31 06:56:04 EDT 2016


On 30/03/16 15:43, Bill Burke wrote:
> JAX-RS async can be enabled per resource, so its really up to you to 
> decide if Authz needs it.
>
> Async doesn't make sense for core KC autthentication.  KC Identity 
> broker does not wait/block for a response on a login. Authenticators 
> are not waiting/blocking for responses either. Waiting/blocking only 
> happens on backchannel logouts and background admin operations.
Not directly related to JAX-RS Async, but IMO at least the performance 
of backchannel logout in ResourceAdminMAnager can be slightly improved 
if we send the backchannel logout requests asynchronously. Currently if 
you are logged to 5 apps, you first need to send backchannel logout to 
product-portal, then wait for response, then send another backchannel 
logout to customer-portal, wait again etc. IMO sending 5 requests 
asynchronously can improve performance of logout and it can be done 
quite easily inside ResourceAdminManager.

Marek
> Somebody is going to have to show me real tangible benefits before we 
> switch core KC to use Async JAX-RS or some async event driven SPI, 
> because right now, with our currently functionality and our roadmap, 
> there is no need for an async model.
>
>
>
> On 3/29/2016 9:57 PM, Raghuram Prabhala wrote:
>> +1. Makes sense for even KC (as Identity broker waiting for a 
>> response from Identity provider or as Identity provider waiting for a 
>> response from Authenticators)
>>
>>
>> ------------------------------------------------------------------------
>> *From:* Pedro Igor Silva <psilva at redhat.com>
>> *To:* keycloak-dev <keycloak-dev at lists.jboss.org>
>> *Sent:* Tuesday, March 29, 2016 9:47 PM
>> *Subject:* [keycloak-dev] Async HTTP Request Processing
>>
>> Hi,
>>
>>     I'm working with the AuthZ Java API in order to make it more 
>> event-driven and non-blocking. During our F2F, I've discussed some 
>> very interesting requirements with Marc Savy around that.
>>
>>     I would like to know if makes sense to enable JAX-RS Async 
>> support to some AuthZ REST endpoints, which are basically using this 
>> API to evaluate policies using different providers (where these 
>> providers can be executed in parallel).
>>
>> Regards.
>> Pedro Igor
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org <mailto:keycloak-dev at lists.jboss.org>
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
>>
>>
>>
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
> -- 
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20160331/28d1e702/attachment-0001.html 


More information about the keycloak-dev mailing list