[keycloak-user] "You took too long to login" when adding the initial admin user
Stian Thorgersen
sthorger at redhat.com
Wed May 25 01:14:19 EDT 2016
It sounds like you have an issue with the Infinispan configuration. There's
a few threads in the mailing list about setting up clustering on AWS.
On 23 May 2016 at 14:49, Riedel, Sven <Sven.Riedel at glomex.com> wrote:
> Hi,
> after enabling sticky sessions on the loadbalancer, the login works.
> Cranking up the logs to "debug" told me that the "RestartLoginCookies
> client session does not match the code's clientSession".
>
> The phrasing leads me to believe that the session was not shared in the
> infinispans cache among the nodes. I'll still need to figure out if the
> cache distribution per se isn't working, or if this was a special case for
> commandline generated users.
>
> Regards,
> Sven
>
>
>
> Am 2016-05-23 12:59 schrieb "Riedel, Sven" unter <Sven.Riedel at glomex.com>:
>
> >Hi,
> >I'm set up keycloak 1.9.4final on AWS as an HA-cluster using JDBC-Ping for
> >infinispan group management behind an load balancer.
> >Now, when I create a user with the bin/add-user-keycloak.sh script and
> >restart keycloak on the respektive instance, I get the message "You took
> >too long to login. Login process starting from beginning." on my first try
> >to login with the newly created account. On my second try, I just get "An
> >error occurred, please login again through your application."
> >
> >From what I can see, the account is successfully being created in the
> >database. The login attempts happen within one minute of restarting the
> >keycloak service. In the console log I can see the message
> >"type=LOGIN_ERROR, realmId=master, clientId=null, userId=null,
> >ipAddress=a.b.c.d, error=expired_code, restart_after_timeout=true" on the
> >first attempt and "type=LOGIN_ERROR, realmId=master, clientId=null,
> >userId=null, ipAddress=a.b.c.d, error=invalid_code" on the second attempt.
> >
> >I'm a bit at a loss as to how to proceed, to get the admin user set up
> >properly and get the login to work. Any pointers would be appreciated.
> >
> >Regards,
> >Sven
> >
> >
> >--
> >Sven Riedel
> >Senior Systemsarchitect
> >
> >glomex GmbH
> >Ein Unternehmen der ProSiebenSat.1 Media SE
> >
> >Medienallee 4
> >D-85774 Unterföhring
> >Tel. +49 [89] 9507-8167
> >sven.riedel at glomex.com
> >
> >Geschäftsführer: Michael Jaschke, Arnd Mückenberger
> >HRB 224542 AG München
> >USt.-ID.-Nr. DE 218559421
> >St.-Nr. 143/141/71293
> >
> >
> >
> >
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160525/2fd6922c/attachment.html
More information about the keycloak-user
mailing list