[keycloak-user] cluster configuration

Kevin Chen Peng.Chen at halliburton.com
Fri Feb 27 14:37:47 EST 2015

Thanks, I did follow the documentation. One thing I am not sure is the "Shared DB", does it refer to keycloak.h2.db? if so, I did point both cluster to the same  file.

BTW, I am running both nodes on the same machine with port offset.


-----Original Message-----
From: Stian Thorgersen [mailto:stian at redhat.com] 
Sent: Thursday, February 26, 2015 11:54 PM
To: Kevin Chen
Cc: keycloak-user at lists.jboss.org
Subject: [EXTERNAL] Re: [keycloak-user] cluster configuration

Have you followed the docs (http://docs.jboss.org/keycloak/docs/1.1.0.Final/userguide/html/clustering.html)? You need:

* Keycloak 1.1.0.Final
* Shared DB
* Properly configured Infinispan caches
* Infinispan user session provider and Infinispan realm+user cache providers

----- Original Message -----
> From: "Kevin Chen" <Peng.Chen at halliburton.com>
> To: keycloak-user at lists.jboss.org
> Sent: Thursday, February 26, 2015 9:25:42 PM
> Subject: [keycloak-user] cluster configuration
> I am using keycloak 1.1, and tried to configure the cluster with 2 
> nodes. I am using apache httpd-2.2 as front end for both nodes. The 
> log shows both node.
> I deployed KeyCloakWebTest.war on both node and without problem to access it.
> But when I try to access /auth/admin, it did not work:
> 1. if both nodes are running, after input correct username/password, 
> the same login page will show up again.
> 2. I stopped one node, login with the same user, it is successful and 
> able to manage my Realms.
> 3. Then I started the other node, and click on any actions in my 
> already logged in session,  the browser will show the login page again 
> and in the newly started node, the following exception show up:
> 	14:22:42,033 WARN  [org.jboss.resteasy.core.SynchronousDispatcher]
> 	(ajp-/ Failed executing GET /admin/serverinfo:
> 	org.jboss.resteasy.
> spi.UnauthorizedException: Bearer
>         at
>         org.keycloak.services.resources.admin.AdminRoot.authenticateRealmAdminRequest(AdminRoot.java:152)
>         [keycloak-services-1.2.0.Beta1-SNAPSHOT.j
> ar:1.2.0.Beta1-SNAPSHOT]
> How can I fix this?
> Thanks
> Kevin
> ----------------------------------------------------------------------
> This e-mail, including any attached files, may contain confidential 
> and privileged information for the sole use of the intended recipient.  
> Any review, use, distribution, or disclosure by others is strictly prohibited.
> If you are not the intended recipient (or authorized to receive 
> information for the intended recipient), please contact the sender by 
> reply e-mail and delete all copies of this message.
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

More information about the keycloak-user mailing list