<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Hi all,<div class=""><br class=""></div><div class="">What would we need to do to make Keycloak user sessions persistent in the database?</div><div class=""><br class=""></div><div class="">I think the information in: <a href="http://lists.jboss.org/pipermail/keycloak-user/2015-April/001921.html" class="">http://lists.jboss.org/pipermail/keycloak-user/2015-April/001921.html</a> is not relevant anymore with Keycloak 1.9.0? Specifically:</div><div class=""><br class=""></div><div class=""><pre style="background-color: rgb(255, 255, 255);" class="">"userSessions": {
"provider": "jpa"
}
</pre></div><div class=""><br class=""></div><div class="">Does not seem to work (“Failed to find provider jpa for userSessions”). User sessions are now managed using Infinispan by default if I understand correctly: <a href="http://keycloak.github.io/docs/userguide/keycloak-server/html/clustering.html#d4e3292" class="">http://keycloak.github.io/docs/userguide/keycloak-server/html/clustering.html#d4e3292</a> ?</div><div class=""><br class=""></div><div class="">Is there a way to make user sessions persistent? </div><div class=""><br class=""></div><div class="">Our issue is that we send out a lot of activation (‘update password’) emails from our (single) Keycloak server to new users and since we have a continuous delivery pipeline Keycloak does down and up quite a bit and every time it restarts all temporary log in tokens used for these update password actions are lost (since they are stored in memory only). And if I understand correctly these tokens are actually a sort of user sessions.</div><div class=""><br class=""></div><div class="">cheers</div><div class=""><br class=""></div><div class="">Edgar</div><div class=""><br class=""></div><div class=""><br class=""><div><blockquote type="cite" class=""><div class="">On 29 Feb 2016, at 17:52, Edgar Vonk - <a href="http://info.nl" class="">Info.nl</a> <<a href="mailto:Edgar@info.nl" class="">Edgar@info.nl</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div class="">Hi,<br class=""><br class="">See if I understand this correctly: in the default set up of Keycloak sessions and temporary tokens are not persisted in the Keycloak database? So consider this scenario:<br class=""><br class="">1/ login as admin to master realm<br class="">2/ go to Users - Credentials and send a ‘Update Password’ reset action email<br class="">3/ user receives an email with a link with a unique token to update his/her password in Keycloak<br class="">4/ Keycloak server is restarted for whatever reason<br class="">5/ the temporary ‘login action token’ no longer exists and the link from 3/ no longer works<br class=""><br class="">Is this correct and expected behaviour?<br class=""><br class="">And if so, can somebody maybe point us in the direction to solve this? I.e. by making sessions/tokens by persistent I guess.<br class=""><br class="">cheers<br class=""><br class="">Edgar</div></div></blockquote></div><br class=""></div></body></html>