Hi,
I am trying to configure haproxy. I have an application which is authenticated using keycloak server. Here I am trying to configure 2 keycloak servers for my application for load balancing and I am using standalone cluster method.
If I am not enabling sticky session, same request is going to both servers and I am getting Redirecting issue.
frontend haproxynode
bind HAPROXYIP:PORT
mode http
default_backend backendnodes
backend backendnodes
balance roundrobin
cookie AUTH_SESSION_ID prefix nocache
option forwardfor
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
option httpchk HEAD / HTTP/1.1\r\nHost:localhost
server keynd1 KEYCLOAK_SERVER1_IP:PORT check cookie keynd1
server keynd2 KEYCLOAK_SERVER2_IP:PORT check cookie keynd2
This is the configuration I am using right now and I am getting forbidden when I login using username and password.
In the standalone-ha.xml file I have included :
- When using ‘cookie AUTH_SESSION_ID prefix nocache’ :
NOTE: I have not added in the configuration file.
- Getting forbidden error after logging into application.
Response Headers include these cookies: KEYCLOAK_LOCALE, KC_RESTART, KEYCLOAK_IDENTITY, KEYCLOAK_IDENTITY_LEGACY, KEYCLOAK_SESSION, KEYCLOAK_SESSION_LEGACY, KEYCLOAK_REMEMBER_ME
Request Headers include these cookies: AUTH_SESSION_ID, KC_RESTART, KEYCLOAK_SESSION_LEGACY
- When using ‘cookie JSESSIONID prefix nocache’
- Getting ’ The page isn’t redirecting properly’ after logging into application
Response Headers include :
AUTH_SESSION_ID=50271b90-b461-4762-980c-5d997df03886.keynd2
Request Headers include:
AUTH_SESSION_ID=6d1fba8d-628b-4b82-bf74-4a471862082f.keynd1,
KC_RESTART, KEYCLOAK_SESSION_LEGACY
NOTE: In the Response header cookie AUTH_SESSION_ID, it is showing keynd2 as value and in request header it is keynd1
How do I fix this issue? Someone please help me with this. Thanks in advance.
Regards,
Deeps.