[keycloak-user] offline sessions lost after restart
Phillip Fleischer
pcfleischer at outlook.com
Wed Dec 20 07:47:39 EST 2017
Hi,
We recently upgraded to 3.4.0.Final from 3.0.0.Final and we noticed that refresh_tokens for offline sessions stopped working after restarting the services… My perception was before we upgraded that while user sessions would get lost that offline sessions were backed by the database by default in offline_user_session, so even local caches would preload sessions from the database which still seems to be updated.
When calling refresh
{
"error": "invalid_grant",
"error_description": "Offline user session not found"
}
Since we have an infinispan cluster with jgroups we tried to remedy it by increasing the owners from the default standalone-ha.xml configuration from 1 to 2. However this had no effect.
<distributed-cache name="offlineSessions" mode="SYNC" owners="2" />
Questions:
- Did the database persistence get disabled and only infinispan is used now (why do we continue to write to database?)
- Should I expect the distributed cache to behave in a way that sessions are not lost? Do we need to diagnose our cluster or jgroups configuration?
-- Phil
More information about the keycloak-user
mailing list