[keycloak-user] Not able to setup Keycloak to fully replicate user sessions in cluster
Jyoti Kumar Singh
jyoti.tech90 at gmail.com
Wed Jun 7 10:17:56 EDT 2017
Hi Team,
We are setting up keycloak:3.1.0.Final in a cluster mode for HA with full
user sessions replication in a cloud system, i.e. when one node goes down
then user will keep logged in on other node.
I have setup cluster by using standalone-ha.xml and having infinispan cache
as mentioned below:-
<cache-container name="keycloak" jndi-name="infinispan/Keycloak">
<transport lock-timeout="60000"/>
<invalidation-cache name="realms" mode="SYNC"/>
<invalidation-cache name="users" mode="SYNC"/>
<distributed-cache name="sessions" mode="SYNC" owners="2"/>
<distributed-cache name="loginFailures" mode="SYNC"
owners="2"/>
</cache-container>
Every thing works fine except below use case:-
1. Node 1 and Node 2 both are up and user logged in - User session is
getting generated by Node 1
2. Node 1 is now stopped and user session is getting replicated in Node 2 -
User is still able to use the Keycloak console
3. Node 1 is up again and request is being transferred from LB to Node 1 -
User is asked to log in again because session cache is not replicated to
Node 1 immediately once it is up
I saw one option to add *start="EAGER" *in cache-container to fix this but
looks like with latest version of WildFly it is no longer supported. Do we
have any other way to fix this issue ?
--
*With Regards, Jyoti Kumar Singh*
More information about the keycloak-user
mailing list