[keycloak-dev] AdapterTokenStore change

Marek Posolda mposolda at redhat.com
Wed Oct 29 05:32:12 EDT 2014


Another change which worth mention on ML is AdapterTokenStore introduced 
for https://issues.jboss.org/browse/KEYCLOAK-702 .

* There is new option "token-store" in adapter-configuration with 
possible values "session" and "cookie" .

* Default value is "session", which means that info about authenticated 
user are saved in Adapter in HttpSession (same behaviour like it was before)

* Alternative "cookie" means that all token info is stored in cookie, 
which means that HttpSession is not created at all for particular 
application. It's alternative useful for stateless applications, which 
doesn't need HttpSession.

I've added AdapterTokenStore as an abstraction to handle 
saving/loading/removing this account info.

Everything is again backwards compatible (existing apps are still saving 
info in Http Session and are not affected at all, as default value is 
"session", which is used if nothing is specified in config)

Marek


More information about the keycloak-dev mailing list