[keycloak-user] Logouts / how to disable keycloak "user session" cache?
Christian Schwarz
christian at datek.no
Thu Apr 7 04:22:45 EDT 2016
Hi!
I'm trying to setup a keycloak cluster on AWS, which does not support UDP multicast. IP addresses of the nodes are also not known in advance (I'm using docker-cloud), so Infinispan/JGroups ("keycloak-ha-posgres" docker image) for user session replication will not work (seems that it requires either UDP multicast or IP addresses known in advance).
The main problem I have is that logout is not working propertly. I only get logged out from one of the two keycloak nodes.
I have tried to disable the user cache (by setting userCache.default.enabled = false) and to disable infinispan (by using “keycloak-postgres” docker image), but to no avail. The “other” keycloak node still thinks that the user is logged in, it’s not refreshing the user session from the database even if user cache and infinispan cluster cache is disbled.
=> Is there a possibility of using the database as a synchronization point between keycloak nodes? (i.e. each node always checks logout status in the database)
Or is there another way of getting a keycloak cluster up and running on AWS when IP addresses are not known in advance?
I hope there is a way… :)
Kind regards,
Christian
More information about the keycloak-user
mailing list