[keycloak-user] Permissions performance problem

Corentin Dupont corentin.dupont at gmail.com
Sat May 25 11:56:57 EDT 2019


Hi guys,
I noticed that if I request permissions with one client, it is faster than
with another one.
For instance:

TOKEN=`curl -X POST  -H "Content-Type: application/x-www-form-urlencoded"
-d 'username=cdupont&password=xxx&grant_type=password&*client_id=api-server*&client_secret=4e9dcb80-efcd-484c-b3d7-1e95a0096ac0'
"http://localhost:8080/auth/realms/waziup/protocol/openid-connect/token" |
jq .access_token -r`
time curl -X POST
http://localhost:8080/auth/realms/waziup/protocol/openid-connect/token -H
"Authorization: Bearer $TOKEN" -d
"grant_type=urn:ietf:params:oauth:grant-type:uma-ticket&audience=api-server&permission=#devices:view&response_mode=permissions"
*real 0m0,196s*
user 0m0,000s
sys 0m0,006s

TOKEN=`curl -X POST  -H "Content-Type: application/x-www-form-urlencoded"
-d 'username=cdupont&password=xxx&grant_type=password&*client_id=dashboard*'
"http://localhost:8080/auth/realms/waziup/protocol/openid-connect/token" |
jq .access_token -r`
time curl -X POST
http://localhost:8080/auth/realms/waziup/protocol/openid-connect/token -H
"Authorization: Bearer $TOKEN" -d
"grant_type=urn:ietf:params:oauth:grant-type:uma-ticket&audience=api-server&permission=#devices:view&response_mode=permissions"
*real 0m2,142s*
user 0m0,006s
sys 0m0,006s

The only difference between the two commands is the client (highlighted in
red). With the second client, it takes 2 seconds more consistently.
Any idea? I might be a cache problem...
Cheers
Corentin


More information about the keycloak-user mailing list