[keycloak-dev] screencasts all updated

Stian Thorgersen stian at redhat.com
Mon Sep 8 09:30:29 EDT 2014


Actually it seems we have two problems:

a) idletimeout plugin - this causes the logout if you have multiple tabs open. With the SSO idle timeout feature this is not needed, so we should just remove it to fix this issue

b) issue with sso idle timeout - I tried setting the SSO idle timeout to a low number (30 seconds), with access token lifespan lower (5 seconds) and was continuously browsing. After 1 min or two I was logged out, even though I was continuously doing requests (and network log shows it was doing refreshing the token)

----- Original Message -----
> From: "Bill Burke" <bburke at redhat.com>
> To: "Stian Thorgersen" <stian at redhat.com>
> Cc: keycloak-dev at lists.jboss.org
> Sent: Monday, 8 September, 2014 3:05:47 PM
> Subject: Re: [keycloak-dev] screencasts all updated
> 
> 
> 
> On 9/8/2014 8:37 AM, Stian Thorgersen wrote:
> >
> >
> > ----- Original Message -----
> >> From: "Bill Burke" <bburke at redhat.com>
> >> To: "Stian Thorgersen" <stian at redhat.com>
> >> Cc: keycloak-dev at lists.jboss.org
> >> Sent: Monday, 8 September, 2014 2:29:59 PM
> >> Subject: Re: [keycloak-dev] screencasts all updated
> >>
> >>
> >>
> >> On 9/8/2014 4:00 AM, Stian Thorgersen wrote:
> >>>
> >>>
> >>> ----- Original Message -----
> >>>> From: "Bill Burke" <bburke at redhat.com>
> >>>> To: keycloak-dev at lists.jboss.org
> >>>> Sent: Friday, 5 September, 2014 10:34:22 PM
> >>>> Subject: [keycloak-dev] screencasts all updated
> >>>>
> >>>> man I hate doing screencasts, but they are finally updated.  It really
> >>>> needed to be done as they were not in sync with the current version of
> >>>> keycloak.  I haven't linked them yet though.  I'll do that when we
> >>>> release.
> >>>
> >>> Nice - next time I can pitch in and do a few ;)
> >>>
> >>>>
> >>>> One thing that drove me crazy was that I kept on getting logged out of
> >>>> the admin console sporadically.  Gotta figure out what is going wrong
> >>>> here.
> >>>
> >>> Did you have multiple tabs open? We have a timer that logs you out after
> >>> 300 seconds of inactivity. Problem is that if you have two tabs open with
> >>> the admin console, one you're actively using and another in the
> >>> background, the background tab will end up logging you out after 300
> >>> seconds.
> >>>
> >>
> >> That might be it.
> >>
> >>> We can either remove this altogether (my preferred option) and let the
> >>> SSO
> >>> idle timeout deal with it, or we could make sure your only logged out if
> >>> there's no activity to the console (can have tabs write a timestamp to
> >>> html5 storage periodically and check this before logging out).
> >>>
> >>
> >> Or just have the timer download the SSO idle timeout.
> >
> > Not sure I follow. Wouldn't that just change the timeout value, but still
> > leave an inactive tab able to logout all tabs?
> >
> 
> Actually, are you sure that is it?  I thought the timer was for the
> timeout warning, not for anything else?  I'm not even seeing the warning.
> 
> 
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> 


More information about the keycloak-dev mailing list