[keycloak-user] KEYCLOAK-3202 Creating users causes memory leak
Valerij Timofeev
valerij.timofeev at gmail.com
Fri Jul 8 04:40:47 EDT 2016
Hi Stian,
You are the assignee in KEYCLOAK-3202
<https://issues.jboss.org/browse/KEYCLOAK-3202>, so I addressed this email
to you directly.
I guess that this issue could be the cause of trouble in our production
environment.
There are 4 EAP-6 nodes with Keycloak adapters and 2 Keycloak 1.9.4
standalone servers running in 2 clusters respectively.
We experience logout failures approximately after one and a half days of
operation.
Restarting EAP 6 nodes temporary resolves the logout problem.
Durable load tests in out test environment showed that login and logout of
existing users don't result in above behaviour.
We added to the durable load test additional scenario creating new users
and were able to reproduce logout failure: users are getting empty page and
not the login screen as expected. Page reload navigates back into the
protected web application .
Logout is accomplished in a Java web applictaion by calling OIDC logout
endpoint:
*FacesContext .getCurrentInstance()
.getExternalContext()
.redirect(keycloakDeployment.getLogoutUrl().queryParam("redirect_uri",
redirectURL).toTemplate());*
Logout is initiated via h:commandLink, so I suppose that the OIDC logout
endpoint is called via the GET method. Should we use the POST method
instead?
Has servlet logout any advantages?
*((HttpServletRequest)
FacesContext.getCurrentInstance().getExternalContext().getRequest()).logout();*
I'd appreciate quick response*, *because restarting production EAP cluster
every day is not a pleasant option ;-)
Thank you in advance
Kind regards
Valerij Timofeev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160708/9de49d98/attachment.html
More information about the keycloak-user
mailing list