fix label error for persistent-user-sessions feature flag in documentation
Closes #30368 Signed-off-by: daviddelannoy <16318239+daviddelannoy@users.noreply.github.com>
This commit is contained in:
parent
498ca3f342
commit
d4fc5249c4
6 changed files with 14 additions and 14 deletions
|
@ -59,13 +59,13 @@ For information on how to migrate, see the link:{upgradingguide_link}[{upgrading
|
||||||
= Persistent user sessions
|
= Persistent user sessions
|
||||||
|
|
||||||
Previous versions of {project_name} stored only offline user and offline client sessions in the databases.
|
Previous versions of {project_name} stored only offline user and offline client sessions in the databases.
|
||||||
The new feature `persistent-user-session` stores online user sessions and online client sessions not only in memory, but also in the database.
|
The new feature `persistent-user-sessions` stores online user sessions and online client sessions not only in memory, but also in the database.
|
||||||
This will allow a user to stay logged in even if all instances of {project_name} are restarted or upgraded.
|
This will allow a user to stay logged in even if all instances of {project_name} are restarted or upgraded.
|
||||||
|
|
||||||
The feature is a preview feature and disabled by default. To use it, add the following to your build command:
|
The feature is a preview feature and disabled by default. To use it, add the following to your build command:
|
||||||
|
|
||||||
----
|
----
|
||||||
bin/kc.sh build --features=persistent-user-session ...
|
bin/kc.sh build --features=persistent-user-sessions ...
|
||||||
----
|
----
|
||||||
|
|
||||||
For more details see the https://www.keycloak.org/server/features[Enabling and disabling features] {section}.
|
For more details see the https://www.keycloak.org/server/features[Enabling and disabling features] {section}.
|
||||||
|
|
|
@ -13,7 +13,7 @@ When users log into realms, {project_name} maintains a user session for each use
|
||||||
ifeval::[{project_community}==true]
|
ifeval::[{project_community}==true]
|
||||||
By default, online user and online client sessions are only kept in memory, and will be lost if all {project_name} nodes are shut down for maintenance or during upgrades.
|
By default, online user and online client sessions are only kept in memory, and will be lost if all {project_name} nodes are shut down for maintenance or during upgrades.
|
||||||
|
|
||||||
If the feature `persistent-user-session` is enabled, {project_name} online user and online client sessions are saved to the database to persist them across restarts and upgrades.
|
If the feature `persistent-user-sessions` is enabled, {project_name} online user and online client sessions are saved to the database to persist them across restarts and upgrades.
|
||||||
See https://www.keycloak.org/server/caching[Configuring distributed caches] on how to configure this.
|
See https://www.keycloak.org/server/caching[Configuring distributed caches] on how to configure this.
|
||||||
|
|
||||||
endif::[]
|
endif::[]
|
||||||
|
|
|
@ -10,7 +10,7 @@ The client application is responsible for persisting the offline token in storag
|
||||||
|
|
||||||
The difference between a refresh token and an offline token is that an offline token never expires and is not subject to the `SSO Session Idle` timeout and `SSO Session Max` lifespan. The offline token is valid after a user logout or server restart. You must use the offline token for a refresh token action at least once per thirty days or for the value of the <<_offline-session-idle, Offline Session Idle>>.
|
The difference between a refresh token and an offline token is that an offline token never expires and is not subject to the `SSO Session Idle` timeout and `SSO Session Max` lifespan. The offline token is valid after a user logout or server restart. You must use the offline token for a refresh token action at least once per thirty days or for the value of the <<_offline-session-idle, Offline Session Idle>>.
|
||||||
|
|
||||||
If you enable <<_offline-session-max-limited, Offline Session Max Limited>>, offline tokens expire after 60 days even if you use the offline token for a refresh token action. You can change this value, <<_offline-session-max, Offline Session Max>>, in the Admin Console.
|
If you enable <<_offline-session-max-limited, Offline Session Max Limited>>, offline tokens expire after 60 days even if you use the offline token for a refresh token action. You can change this value, <<_offline-session-max, Offline Session Max>>, in the Admin Console.
|
||||||
|
|
||||||
When using offline access, client idle and max timeouts can be overridden at the <<_client_advanced_settings_oidc,client level>>. The options *Client Offline Session Idle* and *Client Offline Session Max*, in the client *Advanced Settings* tab, allow you to have a shorter offline timeouts for a specific application. Note that client session values also control the refresh token expiration but they never affect the global offline user SSO session. The option *Client Offline Session Max* is only evaluated in the client if <<_offline-session-max-limited, Offline Session Max Limited>> is *Enabled* at the realm level.
|
When using offline access, client idle and max timeouts can be overridden at the <<_client_advanced_settings_oidc,client level>>. The options *Client Offline Session Idle* and *Client Offline Session Max*, in the client *Advanced Settings* tab, allow you to have a shorter offline timeouts for a specific application. Note that client session values also control the refresh token expiration but they never affect the global offline user SSO session. The option *Client Offline Session Max* is only evaluated in the client if <<_offline-session-max-limited, Offline Session Max Limited>> is *Enabled* at the realm level.
|
||||||
|
|
||||||
|
@ -26,7 +26,7 @@ Offline sessions are besides the Infinispan caches stored also in the database.
|
||||||
|
|
||||||
To reduce memory requirements, we introduced a configuration option to shorten lifespan for imported offline sessions. Such sessions will be evicted from the Infinispan caches after the specified lifespan, but still available in the database. This will lower memory consumption, especially for deployments with a large number of offline sessions. Currently, the offline session lifespan override is disabled by default.
|
To reduce memory requirements, we introduced a configuration option to shorten lifespan for imported offline sessions. Such sessions will be evicted from the Infinispan caches after the specified lifespan, but still available in the database. This will lower memory consumption, especially for deployments with a large number of offline sessions. Currently, the offline session lifespan override is disabled by default.
|
||||||
ifeval::[{project_community}==true]
|
ifeval::[{project_community}==true]
|
||||||
This override is only available if the feature `persistent-user-session` is disabled.
|
This override is only available if the feature `persistent-user-sessions` is disabled.
|
||||||
endif::[]
|
endif::[]
|
||||||
|
|
||||||
To specify the lifespan override for offline user sessions, start {project_name} server with the following parameter:
|
To specify the lifespan override for offline user sessions, start {project_name} server with the following parameter:
|
||||||
|
@ -34,7 +34,7 @@ To specify the lifespan override for offline user sessions, start {project_name}
|
||||||
[source,bash]
|
[source,bash]
|
||||||
----
|
----
|
||||||
--spi-user-sessions-infinispan-offline-session-cache-entry-lifespan-override=<lifespan-in-seconds>
|
--spi-user-sessions-infinispan-offline-session-cache-entry-lifespan-override=<lifespan-in-seconds>
|
||||||
----
|
----
|
||||||
|
|
||||||
Similarly for offline client sessions:
|
Similarly for offline client sessions:
|
||||||
|
|
||||||
|
@ -44,7 +44,7 @@ Similarly for offline client sessions:
|
||||||
----
|
----
|
||||||
|
|
||||||
ifeval::[{project_community}==true]
|
ifeval::[{project_community}==true]
|
||||||
If the feature `persistent-user-session` is enabled, {project_name} will limit its internal cache for offline user and offline client sessions to 10000 entries by default, which will reduce the overall memory usage for offline sessions.
|
If the feature `persistent-user-sessions` is enabled, {project_name} will limit its internal cache for offline user and offline client sessions to 10000 entries by default, which will reduce the overall memory usage for offline sessions.
|
||||||
Items which are evicted from memory will be loaded on-demand from the database when needed.
|
Items which are evicted from memory will be loaded on-demand from the database when needed.
|
||||||
To set different sizes for the caches, edit {project_name}'s cache config file to set a `+<memory max-count="..."/>+` for those caches.
|
To set different sizes for the caches, edit {project_name}'s cache config file to set a `+<memory max-count="..."/>+` for those caches.
|
||||||
endif::[]
|
endif::[]
|
||||||
|
|
|
@ -83,7 +83,7 @@ For more details and more comprehensive scenarios, see https://www.keycloak.org/
|
||||||
= Persistent user sessions
|
= Persistent user sessions
|
||||||
|
|
||||||
Previous versions of {project_name} stored only offline user and offline client sessions in the databases.
|
Previous versions of {project_name} stored only offline user and offline client sessions in the databases.
|
||||||
The new feature `persistent-user-session` stores online user sessions and online client sessions not only in memory, but also in the database.
|
The new feature `persistent-user-sessions` stores online user sessions and online client sessions not only in memory, but also in the database.
|
||||||
This will allow a user to stay logged in even if all instances of {project_name} are restarted or upgraded.
|
This will allow a user to stay logged in even if all instances of {project_name} are restarted or upgraded.
|
||||||
|
|
||||||
== Enabling persistent user sessions
|
== Enabling persistent user sessions
|
||||||
|
@ -91,7 +91,7 @@ This will allow a user to stay logged in even if all instances of {project_name}
|
||||||
The feature is a preview feature and disabled by default. To use it, add the following to your build command:
|
The feature is a preview feature and disabled by default. To use it, add the following to your build command:
|
||||||
|
|
||||||
----
|
----
|
||||||
bin/kc.sh build --features=persistent-user-session ...
|
bin/kc.sh build --features=persistent-user-sessions ...
|
||||||
----
|
----
|
||||||
|
|
||||||
For more details see the https://www.keycloak.org/server/features[Enabling and disabling features] {section}.
|
For more details see the https://www.keycloak.org/server/features[Enabling and disabling features] {section}.
|
||||||
|
@ -162,7 +162,7 @@ TIP: If the remote {jdgserver_name} is used in a multi-site setup, you can reduc
|
||||||
== Signing out existing users
|
== Signing out existing users
|
||||||
|
|
||||||
In previous versions and when the feature is disabled, a restart of all {project_name} nodes logged out all users.
|
In previous versions and when the feature is disabled, a restart of all {project_name} nodes logged out all users.
|
||||||
To sign out all online users sessions of a realm with the `persistent-user-session` feature enabled, use the following steps as before:
|
To sign out all online users sessions of a realm with the `persistent-user-sessions` feature enabled, use the following steps as before:
|
||||||
|
|
||||||
. Log in to the Admin Console.
|
. Log in to the Admin Console.
|
||||||
. Select the menu entry *Sessions*.
|
. Select the menu entry *Sessions*.
|
||||||
|
|
|
@ -20,7 +20,7 @@ After the upgrade of {project_name}, except for offline user sessions, user sess
|
||||||
endif::[]
|
endif::[]
|
||||||
|
|
||||||
ifeval::[{project_community}==true]
|
ifeval::[{project_community}==true]
|
||||||
After the upgrade of {project_name}, only if the feature `persistent-user-session` is enabled, users will still be logged in with their online sessions.
|
After the upgrade of {project_name}, only if the feature `persistent-user-sessions` is enabled, users will still be logged in with their online sessions.
|
||||||
If it is not enabled, users will have to log in again, except where offline user sessions are used.
|
If it is not enabled, users will have to log in again, except where offline user sessions are used.
|
||||||
endif::[]
|
endif::[]
|
||||||
|
|
||||||
|
|
|
@ -109,13 +109,13 @@ CPU, memory, and network utilization.
|
||||||
ifeval::[{project_community}==true]
|
ifeval::[{project_community}==true]
|
||||||
|
|
||||||
.Persistent user sessions
|
.Persistent user sessions
|
||||||
The feature `persistent-user-session` stores online user and client sessions also in the database.
|
The feature `persistent-user-sessions` stores online user and client sessions also in the database.
|
||||||
This will allow a user to stay logged in even if all instances of {project_name} are restarted or upgraded.
|
This will allow a user to stay logged in even if all instances of {project_name} are restarted or upgraded.
|
||||||
|
|
||||||
The feature is disabled by default. To use it, enable the feature:
|
The feature is disabled by default. To use it, enable the feature:
|
||||||
|
|
||||||
----
|
----
|
||||||
bin/kc.sh start --features=persistent-user-session ...
|
bin/kc.sh start --features=persistent-user-sessions ...
|
||||||
----
|
----
|
||||||
|
|
||||||
With this feature enabled, the in-memory caches for online user sessions and online client sessions are limited to, by default, 10000 entries per node which will reduce the overall memory usage of {project_name} for larger installations.
|
With this feature enabled, the in-memory caches for online user sessions and online client sessions are limited to, by default, 10000 entries per node which will reduce the overall memory usage of {project_name} for larger installations.
|
||||||
|
@ -146,7 +146,7 @@ Upon a cluster restart, offline sessions are lazily loaded from the database and
|
||||||
|
|
||||||
ifeval::[{project_community}==true]
|
ifeval::[{project_community}==true]
|
||||||
|
|
||||||
With feature `persistent-user-session` enabled, the in-memory caches for offline user sessions and offline client sessions are limited to 10000 entries which will reduce the overall memory usage of Keycloak for larger installations.
|
With feature `persistent-user-sessions` enabled, the in-memory caches for offline user sessions and offline client sessions are limited to 10000 entries which will reduce the overall memory usage of Keycloak for larger installations.
|
||||||
Items which are evicted from memory will be loaded on-demand from the database when needed.
|
Items which are evicted from memory will be loaded on-demand from the database when needed.
|
||||||
To set different sizes for the caches, edit {project_name}'s cache config file to set a `+<memory max-count="..."/>+` for those caches.
|
To set different sizes for the caches, edit {project_name}'s cache config file to set a `+<memory max-count="..."/>+` for those caches.
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue