[keycloak-user] Logouts / how to disable keycloak "user session" cache?

[Stian Thorgersen]

It is not currently possible to run multiple nodes without clustering.
However, it's possible to configure JGroups to work on AWS. I can't
remember the configuration required though, but if you search the user
mailing list you'll find instructions or google for JGroups and AWS.

On 7 April 2016 at 10:22, Christian Schwarz <christian at datek.no> wrote:

> Hi!
>
> I'm trying to setup a keycloak cluster on AWS, which does not support UDP
> multicast. IP addresses of the nodes are also not known in advance (I'm
> using docker-cloud), so Infinispan/JGroups ("keycloak-ha-posgres" docker
> image) for user session replication will not work (seems that it requires
> either UDP multicast or IP addresses known in advance).
>
> The main problem I have is that logout is not working propertly. I only
> get logged out from one of the two keycloak nodes.
>
> I have tried to disable the user cache (by setting
> userCache.default.enabled = false) and to disable infinispan (by using
> “keycloak-postgres” docker image), but to no avail. The “other” keycloak
> node still thinks that the user is logged in, it’s not refreshing the user
> session from the database even if user cache and infinispan cluster cache
> is disbled.
>
> => Is there a possibility of using the database as a synchronization point
> between keycloak nodes? (i.e. each node always checks logout status in the
> database)
> Or is there another way of getting a keycloak cluster up and running on
> AWS when IP addresses are not known in advance?
>
> I hope there is a way… :)
>
> Kind regards,
> Christian
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160407/ec8a75fc/attachment.html