[keycloak-user] Clustering on localhost with shared DB
Marek Posolda
mposolda at redhat.com
Fri Apr 24 13:06:16 EDT 2015
Hi Libor,
the config files looks good (at least for the first look), but question
is if you're using loadbalancer?
If you're not using loadbalancer and you access keycloak servers
directly on localhost:8080 and localhost:8180, the problem might be just
in the fact that browser cookie KEYCLOAK_IDENTITY is not shared between
them and hence going to localhost:8180 will not find KEYCLOAK_IDENTITY
cookie from localhost:8080 and will try to create new session.
You can check admin console or account management and list available
user sessions on both nodes. If both cluster nodes have same sessions,
then replication of userSessions works fine, but only issue is really
the cookie.
I suspect that in production, you will use loadbalancer, so this issue
won't happen.
Marek
On 24.4.2015 15:50, Libor Krzyžanek wrote:
> Attaching keycloak-server.json and standalone-ha.xml
>
> Thanks,
>
> Libor Krzyžanek
> jboss.org <http://jboss.org> Development Team
>
>
>
>
>
>> On 24 Apr 2015, at 15:36, Stian Thorgersen <stian at redhat.com
>> <mailto:stian at redhat.com>> wrote:
>>
>> Can you attach your keycloak-server.json and standalone.xml?
>>
>> ----- Original Message -----
>>> From: "Libor Krzyžanek" <lkrzyzan at redhat.com
>>> <mailto:lkrzyzan at redhat.com>>
>>> To: "keycloak-user" <keycloak-user at lists.jboss.org
>>> <mailto:keycloak-user at lists.jboss.org>>
>>> Sent: Friday, 24 April, 2015 3:12:29 PM
>>> Subject: [keycloak-user] Clustering on localhost with shared DB
>>>
>>> Hi,
>>> I’m trying to achieve full user session replication which means when I’m
>>> logged in on node 1 and then hit node 2 then I expect to be logged
>>> in but
>>> I’m forced to log in again.
>>>
>>> I have:
>>> 1. two localhost nodes with JBoss EAP 6.4 + War installation
>>> 2. Postgres
>>> 3. EAP cofigured based on
>>> http://docs.jboss.org/keycloak/docs/1.2.0.Beta1/userguide/html/clustering.html
>>>
>>> I triedeither
>>> <distributed-cache name="sessions" mode="SYNC" owners=“ 2 " />
>>> <distributed-cache name="loginFailures" mode="SYNC" owners=“ 2 " />
>>> or
>>> <replicated-cache name="sessions" mode="SYNC"/>
>>> <replicated-cache name="loginFailures" mode="SYNC”/>
>>> but with same result.
>>>
>>> I’m starting nodes by
>>> ./jb1/bin/standalone.sh --server-config=standalone-ha.xml
>>> -Djboss.node.name=node1
>>> ./jb2/bin/standalone.sh --server-config=standalone-ha.xml
>>> -Djboss.socket.binding.port-offset=100 -Djboss.node.name=node2
>>>
>>>
>>> both jb1 and jb2 are identical and they know each other (Received
>>> new cluster
>>> view: [node1/keycloak|1] [node1/keycloak, node2/keycloak])
>>>
>>> How do you test clustering of KC please?
>>>
>>> Thanks,
>>>
>>> Libor Krzyžanek
>>> jboss.org Development Team
>>>
>>>
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150424/f174cd15/attachment.html
More information about the keycloak-user
mailing list