[keycloak-user] Can not logout from demo broker
Andrej P
ado.boj.83 at gmail.com
Wed Nov 4 09:31:01 EST 2015
Again inside text are my answers.
On Wed, Nov 4, 2015 at 2:49 PM, Marko Strukelj <mstrukel at redhat.com> wrote:
> Your log.txt doesn't look right. Only a host controller is started - no
> server running your idbt-ha profile is started at all.
>
> There should be entries in the log looking like:
>
> [Server:configuration-server-demosetup] 15:58:05,712 INFO
> [org.jboss.modules] (main) JBoss Modules version 1.4.3.Final
> [Server:configuration-server-demosetup] 15:58:06,017 INFO [org.jboss.msc]
> (main) JBoss MSC version 1.2.6.Final
> [Server:configuration-server-demosetup] 15:58:06,118 INFO [org.jboss.as]
> (MSC service thread 1-6) WFLYSRV0049: WildFly Full 9.0.1.Final (WildFly
> Core 1.0.1.Final) starting
>
...
>
In log /opt/wildfly-9.0.1.Final/domain/log/host-controller.log are
presnt your requested lines (log.txt was copied from command line)
2015-11-04 13:38:43,479 INFO [org.jboss.as.host.controller] (Controller
Boot Thread) WFLYHC0023: Starting server configuration-server-demosetup
2015-11-04 13:38:46,125 INFO [org.jboss.as.host.controller] (Remoting
"demosetup:MANAGEMENT" task-4) WFLYHC0021: Server
[Server:configuration-server-demosetup] connected using connection
[Channel ID 656dd302 (inbound) of Remoting connection 1d425566 to /
127.0.0.1:50449]
2015-11-04 13:38:46,193 INFO [org.jboss.as.host.controller] (Controller
Boot Thread) WFLYHC0023: Starting server authentication-server-demosetup
2015-11-04 13:38:46,246 INFO [org.jboss.as.host.controller]
(server-registration-threads - 1) WFLYHC0020: Registering server
configuration-server-demosetup
2015-11-04 13:38:53,794 INFO [org.jboss.as.host.controller] (Remoting
"demosetup:MANAGEMENT" task-8) WFLYHC0021: Server
[Server:authentication-server-demosetup] connected using connection
[Channel ID 3e8ad11c (inbound) of Remoting connection 67282c6a to /
127.0.0.1:52804]
2015-11-04 13:38:53,867 INFO [org.jboss.as.host.controller]
(server-registration-threads - 1) WFLYHC0020: Registering server
authentication-server-demosetup
>
>
> There must be a problem with your host.xml file. You should have a server
> definition there referring to one of your server groups, for example:
>
> <servers>
> <server name="configuration-server-demosetup"
> group="group-authentication"/>
> ...
> </servers>
>
I attached host-idbt.xml now and from my point of view it looks fine.
>
> Also, in domain-idbt.xml your Infinispan cache is configured to be local.
> For distributed setup you should be using distributed Infinispan cache:
>
> <cache-container name="keycloak"
> jndi-name="infinispan/Keycloak">
> <transport lock-timeout="60000"/>
> <invalidation-cache name="realms" mode="SYNC"/>
> <invalidation-cache name="users" mode="SYNC"/>
> <distributed-cache name="sessions" mode="SYNC"
> owners="1"/>
> <distributed-cache name="loginFailures" mode="SYNC"
> owners="1"/>
> </cache-container>
>
In previous attached domain-idbt.xml I configured Infinispan cache like
local not distributed, is it conflict, have to be in HA mode?
>
>
>
> On Wed, Nov 4, 2015 at 2:20 PM, Andrej P <ado.boj.83 at gmail.com> wrote:
>
>> Hi Marko,
>>
>> thanks for your hints, I went through but still w/o positive result.
>> I will write my comments inside your hints.
>> I attached 2 files: domain-idbt.xml - with added sections for keycloak
>> log.txt - log after start wildfly in command
>> line
>>
>> Br,
>> Andrej.
>>
>> On Tue, Nov 3, 2015 at 4:24 PM, Marko Strukelj <mstrukel at redhat.com>
>> wrote:
>>
>>> From your descriptions of the problem it sounds like your server-one
>>> which binds to port 8080 doesn't have keycloak-server configured at all -
>>> it's using a server group, that uses a different profile than the one you
>>> configured.
>>>
>> Our group/server/profile setup looks like:
>>
>> GROUP SERVER PROFILE configuration configuration-server-demosetup
>> idbt-ha authentication authentication-server-demosetup idbt-ha
>>
>>
>>>
>>> There are four profiles in the default domain.xml - default, ha, full,
>>> and full-ha
>>>
>> In our domain-idbt.xml are only 2 profiles:idbt-ha and idbt-security
>> and I modified inifinispan for idbt-ha (but ha is only in name not used
>> inside configuration)
>>
>>>
>>> If you want your multiple Keycloak instances to run in high availability
>>> mode, using a shared Infinispan cache, and a shared database, then that's
>>> the most complex of all configurations - you have to setup a standalone
>>> database, use "full-ha" profile to configure the datasource with proper
>>> database connection url, and configure the distributed Infinispan cache.
>>> Also add <subsystem xmlns="urn:jboss:domain:keycloak-server:1.1">
>>> declaration.
>>>
>>
>> I created Keycloak_DS, which was before missing.
>> I add : extension; inifinispan and subsystem section for Keycloak
>> inside my domain-idbt.xml (I attached finally modified domain-idbt.xml) Pls
>> you can check it inside.
>>
>>>
>>>
>>> In server-groups section define a new group or reuse existing one, and
>>> set its profile to "full-ha", and use "full-ha-sockets" binding group.
>>> In host.xml make sure that server definitions have the proper group set.
>>>
>>> Then you also have to copy some configurations.
>>>
>>> Assuming you have two servers defined in host.xml - called server-one,
>>> and server-two, create a directory:
>>>
>>> $WILDFLY_HOME/domain/servers/server-one/configuration
>>> $WILDFLY_HOME/domain/servers/server-two/configuration
>>>
>>> Then copy the following configurations from standalone/configuration:
>>>
>>> cp $WILDFLY_HOME/standalone/configuration/keycloak-server.json
>>> $WILDFLY_HOME/domain/servers/server-one/configuration/
>>> cp -r $WILDFLY_HOME/standalone/configuration/themes
>>> $WILDFLY_HOME/domain/servers/server-one/configuration/
>>> cp -r $WILDFLY_HOME/standalone/configuration/providers
>>> $WILDFLY_HOME/domain/servers/server-one/configuration/
>>>
>>> cp $WILDFLY_HOME/standalone/configuration/keycloak-server.json
>>> $WILDFLY_HOME/domain/servers/server-two/configuration/
>>> cp -r $WILDFLY_HOME/standalone/configuration/themes
>>> $WILDFLY_HOME/domain/servers/server-two/configuration/
>>> cp -r $WILDFLY_HOME/standalone/configuration/providers
>>> $WILDFLY_HOME/domain/servers/server-two/configuration/
>>>
>>
>> Done all creation and copying steps.
>>
>>
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20151104/6c8f50c3/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: host-idbt.xml
Type: text/xml
Size: 3559 bytes
Desc: not available
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20151104/6c8f50c3/attachment.xml
More information about the keycloak-user
mailing list