Re: [keycloak-user] Logout in cluster environments

This is supposed to work for Keycloak OIDC clients and some docs is here https://keycloak.gitbooks.io/securing-client-applications-gu ide/content/topics/oidc/java/application-clustering.html . I don't know about Keycloak SAML clients. Is it an alternative for you to try OIDC instead of SAML? Marek On 20/01/17 08:19, Pulkit Gupta wrote: > Hi All, > > I am running multiple applications deployed on a Jboss cluster with > infinispan used as a cache and for distributed sessions. > I verified and can see that session replication is working for a normal > application where I can see the same session on all the servers in the > cluster and hence the application is working fine without session > stickiness. > > However when I am trying to use any Keycloak SAML client based application > it is only working if the request is going to a particular box in the > cluster. On all the other boxes we are getting errors. > >From this behavior I am concluding that somehow for Keycloak based > applications sessions are not getting replicated. > Both these applications has <distributable /> tag in them so I am not sure > why it is showing different behaviour. > > I know we can fix this by just enabling session stickiness but we want the > sessions to be replicated as well. > This is because we want to make our set up more resilient. Also in case of > logout when Keycloak is sending a back channel logout request it amy send > it to any server in the cluster. > If the sessions are not properly replicated then the logout will fail as > the session will remain preserved on some other server in the cluster. > > Can someone please suggest me something what to try. > >