[keycloak-user] Losing some sessions during clustering
chairfield at gmail.com
Thu Nov 3 13:36:11 EDT 2016
Many thanks, John. This seems very likely. If there's no response from our
part, you may assume it's fixed.
On Thu, Nov 3, 2016 at 11:26 AM John Bartko <john.bartko at drillinginfo.com>
> It sounds like sessions distributed-cache is not being replicated.
> From the Install/Config documentation on cache replication
> "By default, Keycloak only specifies one owner for data. So if that one
> node goes down that data is lost. This usually means that users will be
> logged out and will have to login again."
> jboss-cli snippet:
> Hope that helps,
> -John Bartko
> On Thu, Nov 3, 2016 at 12:08 PM, Chris Hairfield <chairfield at gmail.com>
> Hello Keycloak users,
> We're seeing strange behavior with the session handling when starting up a
> new node. Keycloak doesn't retain all sessions. Here's our experiment:
> 1. start with 1 node containing a few dozen sessions
> 2. start node 2 (nodes clustered via JGroups Ping table + infinispan)
> 3. wait for 10 minutes
> 4. stop node 1
> End result: *some* of the clients connected are forced to log back in. Most
> sessions remain.
> We're still investigating, so I cannot infer beyond this point at the
> moment. I'm simply curious whether anyone knows the following:
> - are *all* sessions meant to be migrated to new nodes?
> - how long does it take to migrate sessions?
> - does a new node wait until sessions are migrated before it enables the
> admin interface?
> - is there any logic to prune sessions on clustering?
> Any thoughts would be greatly appreciated.
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
More information about the keycloak-user