[keycloak-user] TCPPING problem.
Vaclav Havlik
Johny.Dee at seznam.cz
Mon Feb 11 04:53:41 EST 2019
Hello.
sorry, after some investigation I got it to work. The problem seems to have
been, that I have to use a concrete address in interface, not any-addr .
But here is another less problem.
I have 2 instances of Keycloak on 2 different computers, namely 10.0.206.31
and 10.0.206.32 . Config files and log files are attached. I also use httpd
load-balancer in front of them.
It works very well with my specialized webapp called web_app_clustering,
which is also attached . It is plain webapp, thus JSESSIONID is always sent.
Now with Keycloak, I have set up a realm and SPNEGO & TOTP to log into /
auth/realms/<realm>/account . To goal is to keep the session and avoid
TOTP form again.
1.
Keycloak sends AUTH_SESSION_ID, KEYCLOAK_IDENTITY and KEYCLOAK_SESSION, and
it is not 100% reliable. Sometimes , when I log in into one instance and
then I start the other instance and stop the first instance, it empties the
cookies and display TOTP form again. But sometimes it works.
2.
I wanted to experiment with attribute mode ( SYNC / ASYNC ) of replicated-
cache / distributed-cache, but it errors that there is no such attribute.
I am also attaching timeouts for the realm.
Thank you, Venca.
---------- Původní e-mail ----------
Od: Sebastian Laskawiec <slaskawi at redhat.com>
Komu: Vaclav Havlik <Johny.Dee at seznam.cz>
Datum: 31. 1. 2019 13:42:35
Předmět: Re: [keycloak-user] TCPPING problem.
"Hey Vaclav,
Could you please send us your configuration xml (make sure you're using
standalone-ha.xml) and output of your logs?
Thanks,
Sebastian
On Thu, Jan 31, 2019 at 12:04 PM Vaclav Havlik <Johny.Dee at seznam.cz> wrote:
> Dears,
> I would like to ask a question.
>
> I have Wildfly, version WildFly Full 14.0.1.Final(http://14.0.1.final)
> (WildFly Core 6.0.2.Final(http://6.0.2.final)) .
> And then I have Keycloak, version Keycloak 4.7.0.Final(http://4.7.0.final)
>
> (WildFly Core 6.0.2.Final(http://6.0.2.final)) .
>
> Static cluster configuration, using TCPPING, works in Wildflys, but does
> not
> work in Keycloaks.
>
> I always have 2 instances on localhost (browser thus sends them the same
> JSESSIONID). On both I have deployed a testing clustering webapp, with
> which to test, if sessions are replicated. But Keycloaks do not pass
> sessions to each other. I can see that when the page from the second
> instance is reloaded in browser, it sends Set-Cookie header with another
> cookie, as it obviously does not know the JSESSIONID from the first
> instance.
>
> With Wildflys the same does work.
>
> Can you tell me, is there any reason, why this is the case, when Keycloak
> uses Wildfly ?
>
> Thank you. With regards V. Havlik.
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: keycloak_bug.tar.gz
Type: application/x-gzip
Size: 35256 bytes
Desc: not available
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20190211/974966a0/attachment-0001.gz
-------------- next part --------------
A non-text attachment was scrubbed...
Name: screen_kc.png
Type: image/png
Size: 76081 bytes
Desc: not available
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20190211/974966a0/attachment-0001.png
More information about the keycloak-user
mailing list