I have a question concerning the lifecycle of instances of a custom UserLookupProvider.
We have a custom user storage/lookup provider running which queries a MySQL database that contains the users directory. That provider uses an injected EntityManger and is implemented according to the docs at https://www.keycloak.org/docs/latest/server_development/index.html#leveraging-java-ee-2 (i.e. provider factory creates the provider via JDNI lookup).
One statement in the docs is:
You must put the
@Removeannotation on the
close()method of your provider. If you do not, the stateful bean will never be cleaned up and you might eventually see error messages.
To verify that I implemented the provider correctly and everything is cleaned up, I created a simple counter which is incremented when an instance of the provider is created and decremented when close() is called.
Issue: The first thing I noticed is that for each user login, multiple instances of the provider are created, and some of it are closed immediately. I assumed the remaining instances would be closed when the user sessions end after the configured lifetime. So I executed a load test to have some hundred (virtual) users login to the application, resulting in several thousand instances of my UserLookupProvider. After letting the system run for a night (so all sessions are timed out), none of the remaining instances had been closed.
Question: Is this a problem in Keycloak? Or is there some other mechanism for cleanup that will eventually close the stateful beans? Can there be something in my provider that prevents Keycloak from closing it?
Thanks for your help!