Re: [keycloak-user] TCPPING problem.

Hello. sorry, after some investigation I got it to work. The problem seems to have been, that I have to use a concrete address in interface, not any-addr . But here is another less problem. I have 2 instances of Keycloak on 2 different computers, namely 10.0.206.31 and 10.0.206.32 . Config files and log files are attached. I also use httpd load-balancer in front of them. It works very well with my specialized webapp called web_app_clustering, which is also attached . It is plain webapp, thus JSESSIONID is always sent.   Now with Keycloak, I have set up a realm and SPNEGO & TOTP  to log into   / auth/realms/<realm>/account  .  To goal is to keep the session and avoid TOTP form again. 1. Keycloak sends AUTH_SESSION_ID, KEYCLOAK_IDENTITY and KEYCLOAK_SESSION, and it is not 100% reliable. Sometimes , when I log in into one instance and then I start the other instance and stop the first instance, it empties the cookies and display TOTP form again. But sometimes it works. 2. I wanted to experiment with attribute mode ( SYNC / ASYNC ) of replicated- cache / distributed-cache, but it errors that there is no such attribute. I am also attaching timeouts for the realm. Thank you, Venca. ---------- Původní e-mail ---------- Od: Sebastian Laskawiec <slaskawi(a)redhat.com&gt; Komu: Vaclav Havlik <Johny.Dee(a)seznam.cz&gt; Datum: 31. 1. 2019 13:42:35 Předmět: Re: [keycloak-user] TCPPING problem. "Hey Vaclav, Could you please send us your configuration xml (make sure you're using standalone-ha.xml) and output of your logs? Thanks, Sebastian On Thu, Jan 31, 2019 at 12:04 PM Vaclav Havlik <Johny.Dee(a)seznam.cz&gt; wrote: _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user "