[keycloak-dev] Problem with Keycloak 1.8.0.CR1 and Deltaspike
Christian Beikov
christian.beikov at gmail.com
Wed Jan 20 12:17:08 EST 2016
Hello,
we have a problem since Keycloak 1.8.0.CR1 that we didn't have in
1.1.0.Final.
The problem appears when accessing a secured JSF page that uses
DeltaSpike. DeltaSpike redirects the initial request to append a query
param to the path called "dswid". When accesing a secured page, the
Keycloak adapter also does some redirects and adds the redirect uri,
this time the one already including the dswid, into the client session,
but redirects the browser to a URL that includes a redirect uri that
does not contain the dswid. The authentication process fails here:
https://github.com/keycloak/keycloak/blob/1.8.0.CR1/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java#L231
Since it worked earlier, I guess this is a bug. The actual problem is
the mismatch between the redirect uri stored in the session and the
redirect uri returned to the browser. Hope you can fix this for 1.8.0.Final
Regards,
Christian
More information about the keycloak-dev
mailing list