You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have reproduced the issue with the latest release
Area
oidc
Describe the bug
The property connectionTTL can be set but it is never used in the org.keycloak.adapters.HttpClientBuilder#build method. This results that connections live forever, resulting in Connection reset Exceptions, when the connection was closed on the server.
The PoolingHttpClientConnectionManager should be created like this:
PoolingHttpClientConnectionManager tcm = new PoolingHttpClientConnectionManager(sf.build(), null, null, null, connectionTTL, connectionTTLUnit);
If the poolsize is set to 1 its more difficult. Could be fixed by setting the keepAliveStrategy on BasicHttpClientConnectionManager
Version
20.0.1
Expected behavior
Property connectionTTL of org.keycloak.adapters.HttpClientBuilder should be used when creating a httpClient
Actual behavior
Property connectionTTL of org.keycloak.adapters.HttpClientBuilder is ignored when creating a httpClient
Have some component in between that closes idle connection. This happens for example when an AWS NAT Gateway is in between, that closes the connection after 350 seconds with an RST packet
Before reporting an issue
Area
oidc
Describe the bug
The property connectionTTL can be set but it is never used in the org.keycloak.adapters.HttpClientBuilder#build method. This results that connections live forever, resulting in Connection reset Exceptions, when the connection was closed on the server.
The PoolingHttpClientConnectionManager should be created like this:
If the poolsize is set to 1 its more difficult. Could be fixed by setting the keepAliveStrategy on BasicHttpClientConnectionManager
Version
20.0.1
Expected behavior
Property connectionTTL of org.keycloak.adapters.HttpClientBuilder should be used when creating a httpClient
Actual behavior
Property connectionTTL of org.keycloak.adapters.HttpClientBuilder is ignored when creating a httpClient
How to Reproduce?
=> javax.net.ssl.SSLException: Connection reset
Anything else?
https://stackoverflow.com/questions/49994901/connection-reset-by-keycloaks-java-adapter
https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway-troubleshooting.html
The text was updated successfully, but these errors were encountered: