[keycloak-user] cluster configuration

Stian Thorgersen stian at redhat.com
Fri Feb 27 00:54:02 EST 2015 

Have you followed the docs (http://docs.jboss.org/keycloak/docs/1.1.0.Final/userguide/html/clustering.html)? You need:

* Keycloak 1.1.0.Final
* Shared DB
* Properly configured Infinispan caches
* Infinispan user session provider and Infinispan realm+user cache providers

----- Original Message -----
> From: "Kevin Chen" <Peng.Chen at halliburton.com>
> To: keycloak-user at lists.jboss.org
> Sent: Thursday, February 26, 2015 9:25:42 PM
> Subject: [keycloak-user] cluster configuration
> 
> I am using keycloak 1.1, and tried to configure the cluster with 2 nodes. I
> am using apache httpd-2.2 as front end for both nodes. The log shows both
> node.
> 
> I deployed KeyCloakWebTest.war on both node and without problem to access it.
> 
> But when I try to access /auth/admin, it did not work:
> 1. if both nodes are running, after input correct username/password, the same
> login page will show up again.
> 2. I stopped one node, login with the same user, it is successful and able to
> manage my Realms.
> 3. Then I started the other node, and click on any actions in my already
> logged in session,  the browser will show the login page again and in the
> newly started node, the following exception show up:
> 	14:22:42,033 WARN  [org.jboss.resteasy.core.SynchronousDispatcher]
> 	(ajp-/127.0.0.1:8009-2) Failed executing GET /admin/serverinfo:
> 	org.jboss.resteasy.
> spi.UnauthorizedException: Bearer
>         at
>         org.keycloak.services.resources.admin.AdminRoot.authenticateRealmAdminRequest(AdminRoot.java:152)
>         [keycloak-services-1.2.0.Beta1-SNAPSHOT.j
> ar:1.2.0.Beta1-SNAPSHOT]
> 
> How can I fix this?
> 
> Thanks
> Kevin
> 
> ----------------------------------------------------------------------
> This e-mail, including any attached files, may contain confidential and
> privileged information for the sole use of the intended recipient.  Any
> review, use, distribution, or disclosure by others is strictly prohibited.
> If you are not the intended recipient (or authorized to receive information
> for the intended recipient), please contact the sender by reply e-mail and
> delete all copies of this message.
> 
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>

More information about the keycloak-user mailing list