[keycloak-user] How to enable Infinispan cache for realms, users and user sessions in Keycloak 1.6.1?

Lohitha Chiranjeewa kalc04 at gmail.com
Fri Nov 27 07:20:28 EST 2015 

Apologies, keycloak-server.json entries should change to:

    "realm": {
        "provider": "jpa"
    },

    "user": {
        "provider": "jpa"
    },

    "userSessionPersister": {
        "provider": "jpa"
    },

On Fri, Nov 27, 2015 at 5:49 PM, Lohitha Chiranjeewa <kalc04 at gmail.com>
wrote:

> Hi Stian,
>
> As per the migration guide, I should have Infinispan up and running for
> realms, users and user sessions without doing any specific changes.
> keycloak-server.json was reverted back to have the following entries:
> ...
>     "realm": {
>         "provider": "infinispan"
>     },
>
>     "user": {
>         "provider": "infinispan"
>     },
>
>     "userSessionPersister": {
>         "provider": "infinispan"
>     },
> ...
>
> In the Admin Console I have both Realm Cache and User Cache enables. I see
> certain Infinispan related logs getting logged as well.
>
> However, at the same time, I see MySQL queries getting executed for all
> user retrieval API invocations (even if the same user is retrieved
> continuously):
> ...
> select userentity0_.ID as ID1_42_, userentity0_.CREATED_TIMESTAMP as
> CREATED_2_42_, userentity0_.EMAIL as EMAIL3_42_,
> userentity0_.EMAIL_CONSTRAINT as EMAIL_CO4_42_, userentity0_.EMAIL_VERIFIED
> as EMAIL_VE5_42_, userentity0_.ENABLED as ENABLED6_42_,
> userentity0_.federation_link as federati7_42_, userentity0_.FIRST_NAME as
> FIRST_NA8_42_, userentity0_.LAST_NAME as LAST_NAM9_42_,
> userentity0_.REALM_ID as REALM_I10_42_,
> userentity0_.SERVICE_ACCOUNT_CLIENT_LINK as SERVICE11_42_,
> userentity0_.TOTP as TOTP12_42_, userentity0_.USERNAME as USERNAM13_42_
> from USER_ENTITY userentity0_ where
> userentity0_.ID='55ffe851-2d94-460e-88b9-bc7340531b56' and
> userentity0_.REALM_ID='xxxxx'
> ...
>
> So it seems something is wrong here. Could you point out any areas that I
> could further look into?
>
>
> Regards,
> Lohitha.
>
> On Thu, Nov 26, 2015 at 7:58 PM, Stian Thorgersen <sthorger at redhat.com>
> wrote:
>
>> Please read the migration guide
>>
>> On 26 November 2015 at 14:53, Lohitha Chiranjeewa <kalc04 at gmail.com>
>> wrote:
>>
>>> Hi,
>>>
>>> We're in the process of assessing the impact on upgrading from Keycloak
>>> 1.2.0 to 1.6.1. We came across an issue when trying to enable Infinispan
>>> cache through the keycloak-server.json file as we used to do in 1.2.0.
>>>
>>> We have the following entries in 1.6.1:
>>>     "realm": {
>>>         "provider": "infinispan"
>>>     },
>>>
>>>     "user": {
>>>         "provider": "infinispan"
>>>     },
>>>
>>>     "userSessionPersister": {
>>>         "provider": "infinispan"
>>>     },
>>> .........
>>>     "connectionsInfinispan": {
>>>         "default" : {
>>>             "cacheContainer" : "java:comp/env/infinispan/Keycloak"
>>>         }
>>>     }
>>>
>>> All configurations in 1.6.1 standalone-ha.xml file remains comparable
>>> (and correct to the best of our knowledge) with the ones in 1.2.0.
>>>
>>> With the above configs, when we start the Keycloak service the following
>>> error(s) get logged:
>>>
>>> 18:03:31,610 ERROR [org.jboss.msc.service.fail] (ServerService Thread
>>> Pool -- 64) MSC000001: Failed to start service
>>> jboss.undertow.deployment.default-server.default-host./auth:
>>> org.jboss.msc.service.StartException in service
>>> jboss.undertow.deployment.default-server.default-host./auth:
>>> java.lang.RuntimeException: Failed to construct public
>>> org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher)
>>>     at
>>> org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:85)
>>>     at
>>> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
>>> [rt.jar:1.7.0_45]
>>>     at java.util.concurrent.FutureTask.run(FutureTask.java:262)
>>> [rt.jar:1.7.0_45]
>>>     at
>>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
>>> [rt.jar:1.7.0_45]
>>>     at
>>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
>>> [rt.jar:1.7.0_45]
>>>     at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_45]
>>>     at org.jboss.threads.JBossThread.run(JBossThread.java:320)
>>> [jboss-threads-2.2.0.Final.jar:2.2.0.Final]
>>> Caused by: java.lang.RuntimeException: Failed to construct public
>>> org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher)
>>>     at
>>> org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:160)
>>>     at
>>> org.jboss.resteasy.spi.ResteasyProviderFactory.createProviderInstance(ResteasyProviderFactory.java:2211)
>>>     at
>>> org.jboss.resteasy.spi.ResteasyDeployment.createApplication(ResteasyDeployment.java:295)
>>>     at
>>> org.jboss.resteasy.spi.ResteasyDeployment.start(ResteasyDeployment.java:236)
>>>     at
>>> org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.init(ServletContainerDispatcher.java:112)
>>>     at
>>> org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.init(HttpServletDispatcher.java:36)
>>>     at
>>> io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:117)
>>>     at
>>> org.wildfly.extension.undertow.security.RunAsLifecycleInterceptor.init(RunAsLifecycleInterceptor.java:78)
>>>     at
>>> io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:103)
>>>     at
>>> io.undertow.servlet.core.ManagedServlet$DefaultInstanceStrategy.start(ManagedServlet.java:230)
>>>     at
>>> io.undertow.servlet.core.ManagedServlet.createServlet(ManagedServlet.java:131)
>>>     at
>>> io.undertow.servlet.core.DeploymentManagerImpl.start(DeploymentManagerImpl.java:511)
>>>     at
>>> org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:101)
>>>     at
>>> org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:82)
>>>     ... 6 more
>>> Caused by: java.lang.RuntimeException: Failed to find provider
>>> infinispan for realm
>>>     at
>>> org.keycloak.services.DefaultKeycloakSessionFactory.init(DefaultKeycloakSessionFactory.java:66)
>>>     at
>>> org.keycloak.services.resources.KeycloakApplication.createSessionFactory(KeycloakApplication.java:162)
>>>     at
>>> org.keycloak.services.resources.KeycloakApplication.<init>(KeycloakApplication.java:62)
>>>     at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
>>> Method) [rt.jar:1.7.0_45]
>>>     at
>>> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
>>> [rt.jar:1.7.0_45]
>>>     at
>>> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
>>> [rt.jar:1.7.0_45]
>>>     at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
>>> [rt.jar:1.7.0_45]
>>>     at
>>> org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:148)
>>>     ... 19 more
>>>
>>>
>>> Is the new way to enable Infinispan different to what we had earlier? If
>>> so, can someone please point out the correct way?
>>>
>>>
>>> Regards,
>>> Lohitha.
>>>
>>>
>>>
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20151127/8ab953db/attachment-0001.html

More information about the keycloak-user mailing list