[keycloak-user] cluster configuration

Marek Posolda mposolda at redhat.com
Mon Mar 2 14:46:23 EST 2015 

Hi,

I am not sure if pointing H2 to same file is enough. For shared database 
in cluster, I would rather try to use "Server mode" with URL like 
jdbc:h2:tcp://<server>[:<port>]/[<path>]<databaseName> as described here 
http://www.h2database.com/html/features.html . Another alternative is to 
use some "real" database like MySQL or PostgreSQL.

Marek

On 27.2.2015 20:37, Kevin Chen wrote:
> Stian:
> Thanks, I did follow the documentation. One thing I am not sure is the "Shared DB", does it refer to keycloak.h2.db? if so, I did point both cluster to the same  file.
>
> BTW, I am running both nodes on the same machine with port offset.
>
> Thanks
> Kevin
>
> -----Original Message-----
> From: Stian Thorgersen [mailto:stian at redhat.com]
> Sent: Thursday, February 26, 2015 11:54 PM
> To: Kevin Chen
> Cc: keycloak-user at lists.jboss.org
> Subject: [EXTERNAL] Re: [keycloak-user] cluster configuration
>
> Have you followed the docs (http://docs.jboss.org/keycloak/docs/1.1.0.Final/userguide/html/clustering.html)? You need:
>
> * Keycloak 1.1.0.Final
> * Shared DB
> * Properly configured Infinispan caches
> * Infinispan user session provider and Infinispan realm+user cache providers
>
> ----- Original Message -----
>> From: "Kevin Chen" <Peng.Chen at halliburton.com>
>> To: keycloak-user at lists.jboss.org
>> Sent: Thursday, February 26, 2015 9:25:42 PM
>> Subject: [keycloak-user] cluster configuration
>>
>> I am using keycloak 1.1, and tried to configure the cluster with 2
>> nodes. I am using apache httpd-2.2 as front end for both nodes. The
>> log shows both node.
>>
>> I deployed KeyCloakWebTest.war on both node and without problem to access it.
>>
>> But when I try to access /auth/admin, it did not work:
>> 1. if both nodes are running, after input correct username/password,
>> the same login page will show up again.
>> 2. I stopped one node, login with the same user, it is successful and
>> able to manage my Realms.
>> 3. Then I started the other node, and click on any actions in my
>> already logged in session,  the browser will show the login page again
>> and in the newly started node, the following exception show up:
>> 	14:22:42,033 WARN  [org.jboss.resteasy.core.SynchronousDispatcher]
>> 	(ajp-/127.0.0.1:8009-2) Failed executing GET /admin/serverinfo:
>> 	org.jboss.resteasy.
>> spi.UnauthorizedException: Bearer
>>          at
>>          org.keycloak.services.resources.admin.AdminRoot.authenticateRealmAdminRequest(AdminRoot.java:152)
>>          [keycloak-services-1.2.0.Beta1-SNAPSHOT.j
>> ar:1.2.0.Beta1-SNAPSHOT]
>>
>> How can I fix this?
>>
>> Thanks
>> Kevin
>>
>> ----------------------------------------------------------------------
>> This e-mail, including any attached files, may contain confidential
>> and privileged information for the sole use of the intended recipient.
>> Any review, use, distribution, or disclosure by others is strictly prohibited.
>> If you are not the intended recipient (or authorized to receive
>> information for the intended recipient), please contact the sender by
>> reply e-mail and delete all copies of this message.
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

More information about the keycloak-user mailing list