KEYCLOAK-14533 Cleanup auth sessions immediately

This commit is contained in:
Hynek Mlnarik 2020-06-22 10:02:08 +02:00 committed by Marek Posolda
parent 3c0ecefacc
commit 8d8fae5def

View file

@ -39,6 +39,7 @@ import org.keycloak.models.utils.RealmInfoUtil;
import org.keycloak.sessions.AuthenticationSessionCompoundId; import org.keycloak.sessions.AuthenticationSessionCompoundId;
import org.keycloak.sessions.AuthenticationSessionProvider; import org.keycloak.sessions.AuthenticationSessionProvider;
import org.keycloak.sessions.RootAuthenticationSessionModel; import org.keycloak.sessions.RootAuthenticationSessionModel;
import org.infinispan.AdvancedCache;
/** /**
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a> * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
@ -108,25 +109,15 @@ public class InfinispanAuthenticationSessionProvider implements AuthenticationSe
int expired = Time.currentTime() - RealmInfoUtil.getDettachedClientSessionLifespan(realm); int expired = Time.currentTime() - RealmInfoUtil.getDettachedClientSessionLifespan(realm);
final AdvancedCache<String, RootAuthenticationSessionEntity> localCache = CacheDecorators.localCache(cache);
int localCacheSizePre = localCache.size();
// Each cluster node cleanups just local sessions, which are those owned by himself (+ few more taking l1 cache into account) // Each cluster node cleanups just local sessions, which are those owned by himself (+ few more taking l1 cache into account)
Iterator<Map.Entry<String, RootAuthenticationSessionEntity>> itr = CacheDecorators.localCache(cache) localCache.entrySet()
.entrySet() .removeIf(RootAuthenticationSessionPredicate.create(realm.getId()).expired(expired));
.stream()
.filter(RootAuthenticationSessionPredicate.create(realm.getId()).expired(expired))
.iterator();
int counter = 0; log.debugf("Removed %d expired authentication sessions for realm '%s'", localCache.size() - localCacheSizePre, realm.getName());
while (itr.hasNext()) {
counter++;
RootAuthenticationSessionEntity entity = itr.next().getValue();
tx.remove(cache, entity.getId());
}
log.debugf("Removed %d expired authentication sessions for realm '%s'", counter, realm.getName());
} }
@Override @Override
public void onRealmRemoved(RealmModel realm) { public void onRealmRemoved(RealmModel realm) {
// Send message to all DCs. The remoteCache will notify client listeners on all DCs for remove authentication sessions // Send message to all DCs. The remoteCache will notify client listeners on all DCs for remove authentication sessions