[keycloak-user] LDAP failover
Rainer-Harbach Marian
Marian.Rainer-Harbach at apa.at
Mon Jun 4 10:36:12 EDT 2018
Hi,
we tried this some time ago and it does work: When you specify multiple
(space-separated) connection URLs Keycloak uses the first one. If it
goes down, it switches to the next one. We tested this extensively and
failover works as expected.
Marian
On Mon, 2018-06-04 at 10:21 -0400, Vinay wrote:
> Nope. It doesn't work. What is recommendation for these high
> availability
> usecases, use loadbalancer between keycloak and LDAP ? It seems
> pretty
> common usecase.
>
> On Thu, May 31, 2018 at 2:15 AM, Marek Posolda <mposolda at redhat.com>
> wrote:
>
> > JNDI itself supports it per the docs: https://docs.oracle.com/javas
> > e
> > /1.5.0/docs/guide/jndi/jndi-ldap-gl.html#url .
> >
> > So it's possible that if you just configure "Connection URL" and
> > add more
> > URLs, the failover will just work. But I never tried to test it, so
> > no
> > guarantee...
> >
> > Marek
> >
> >
> > On 30/05/18 18:40, Vinay wrote:
> >
> > > Does keycloak provide LDAP failover i.e. provide two LDAP URLs
> > > while
> > > creating an LDAP provider so that users can be search on both
> > > primary and
> > > secondary LDAP server ? This is required for high availability ?
> > > _______________________________________________
> > > keycloak-user mailing list
> > > keycloak-user at lists.jboss.org
> > > https://lists.jboss.org/mailman/listinfo/keycloak-user
> > >
> >
> >
> >
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list