[keycloak-user] basic-auth
Amat, Juan (Nokia - US)
juan.amat at nokia.com
Mon Aug 21 15:52:11 EDT 2017
Hello,
As we need to support some legacy applications we are enabling basic auth in the wildfly adapater of our REST oidc clients.
What I have noticed is that for every REST call, a 'session' is created on the keycloak server.
Is there a way to not create this session?
We do have perf tests that will call those REST apis a lot and I am concerned that we will use memory for nothing.
Another concern is that during those perf tests we noticed that the keycloak server was using a lot of CPU.
A large part of it was used checking the password (the same user was used for all those calls).
For legacy reason we cannot ask the caller to first get a token and use it for subsequent calls.
So I am wondering if there is a way to configure some 'authentication cache'.
(I guess that I am asking for something like the JBossCachedAuthenticationManager for those who know JBoss EAP/Wildfly).
In fact I would not even care about the token too and just an OK/NOK from the keycloak server would be needed.
This is probably too much to ask and I could do all this from my end.
But then to support new clients that are OAuth aware I would need to replicate what the adapter is doing.
More information about the keycloak-user
mailing list