[keycloak-user] Fuse Keycloak Adapter not performing Log out

Pana panayioc at amdocs.com
Wed Nov 8 17:01:02 EST 2017


Hi

We are using JBOSS Fuse Keycloak adapter 2.5.5-final-redhat.
We observed that at each authorization request the adapter creates sessions
on the Keycloak Server  which are not released. As a result the number of
sessions is ever increasing impacting the performance on Keycloak Server.

In looking in the code, we saw that in many cases, the authorization flow
requests a token from the Keycloak Server but eventually it does not call
log out or does not cache the token in the deployment in order not to call
again. 

For example: KeycloakAdapterPolicyEnforcer::requestAuthorizationToken.
if configuration is User Managed Access, it will create a token with this
statement:
authzClient.protection().permission().forResource(permissionRequest);

At the end, it will not call log out and session will remain in the SSO
Server Cache.



--
Sent from: http://keycloak-user.88327.x6.nabble.com/


More information about the keycloak-user mailing list