问题
We are using Keycloak 3.4.0 / Keycloak.js in our single page app. Keycloak stores its data within a MariaDB.
When I restart the Keycloak server (NOT MariaDB) and refresh my single page app I am redirected to the login page. I thougt that Keycloak stores all tokens within its database, shouldn't these tokens still be valid after a restart? Or is it expected that all sessions are logged out?
Do I have to use offline tokens to support this scenario?
The offline token is valid even after a user logout or server restart. https://www.keycloak.org/docs/3.4/server_admin/index.html#_offline-access
回答1:
This is written by one of the members of the Keycloak development team:
The JPA user session provider was dropped (performance was horrible so we deemed it unusable). The user session persister is only used for offline sessions, they survive a server restart.
So yes, it seems like they removed it because of performance related issues. Here you've got the whole thread.
来源:https://stackoverflow.com/questions/50203490/keycloak-access-tokens-invalid-after-keycloak-server-restart