Describe the bug

https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/services/managers/DefaultBruteForceProtector.java uses a single thread/queue to update the database for success/failed login attempts.

The idea behind it is to prevent multiple concurrent writes to overwrite each-other. The problem with that though is most installation of Keycloak is leveraging a cluster with multiple nodes, which means this doesn't really do anything other than introduce a bottleneck.

This is a follow-up to #7748, where it was observed that during both success and failed login attempts a wait of up to 5 seconds is introduced waiting for the queue to process the event. It can be questioned if this is a good idea or not for failed login attempts, but it certainly isn't a good idea to do this for successful logins.

Version

main

Expected behavior

No response

Actual behavior

No response

How to Reproduce?

No response

Anything else?

No response