libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

KEYCLOAK-14533 Cleanup auth sessions immediately

Browse source
This commit is contained in:
Hynek Mlnarik 2020-06-22 10:02:08 +02:00 committed by Marek Posolda
parent 3c0ecefacc
commit 8d8fae5def
1 changed files with 6 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
model/infinispan/src/main/java/org/keycloak/models/sessions/infinispan/InfinispanAuthenticationSessionProvider.java
View file

@ -39,6 +39,7 @@ import org.keycloak.models.utils.RealmInfoUtil;
import org.keycloak.sessions.AuthenticationSessionCompoundId;
import org.keycloak.sessions.AuthenticationSessionProvider;
import org.keycloak.sessions.RootAuthenticationSessionModel;
import org.infinispan.AdvancedCache;
/**
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
@ -108,25 +109,15 @@ public class InfinispanAuthenticationSessionProvider implements AuthenticationSe
int expired = Time.currentTime() - RealmInfoUtil.getDettachedClientSessionLifespan(realm);
final AdvancedCache<String, RootAuthenticationSessionEntity> localCache = CacheDecorators.localCache(cache);
int localCacheSizePre = localCache.size();
// Each cluster node cleanups just local sessions, which are those owned by himself (+ few more taking l1 cache into account)
Iterator<Map.Entry<String, RootAuthenticationSessionEntity>> itr = CacheDecorators.localCache(cache)
.entrySet()
.stream()
.filter(RootAuthenticationSessionPredicate.create(realm.getId()).expired(expired))
.iterator();
localCache.entrySet()
.removeIf(RootAuthenticationSessionPredicate.create(realm.getId()).expired(expired));
int counter = 0;
while (itr.hasNext()) {
counter++;
RootAuthenticationSessionEntity entity = itr.next().getValue();
tx.remove(cache, entity.getId());
}
log.debugf("Removed %d expired authentication sessions for realm '%s'", counter, realm.getName());
log.debugf("Removed %d expired authentication sessions for realm '%s'", localCache.size() - localCacheSizePre, realm.getName());
}
@Override
public void onRealmRemoved(RealmModel realm) {
// Send message to all DCs. The remoteCache will notify client listeners on all DCs for remove authentication sessions