[keycloak-dev] Cookie token storage for Spring Security

Sjoerd Cranen sjoerd.cranen at teampicnic.com
Sun Jul 2 11:44:52 EDT 2017

I've submitted https://issues.jboss.org/browse/KEYCLOAK-5130 for this. If
the bug report is accepted, I'll be happy to open a PR with a solution.

Answering one of my own questions: the peculiar cookie path I mentioned in
my original post is already described in KEYCLOAK-4342.

On Fri, Jun 23, 2017 at 6:08 PM, Konstantin Gribov <grossws at gmail.com>

> On Fri, Jun 23, 2017 at 4:46 PM Sjoerd Cranen <
> sjoerd.cranen at teampicnic.com> wrote:
>> One thing I'm wondering is why the cookie path for the adapter state
>> cookie
>> is always set to the context root in CookieTokenStore. In particular, it
>> would seem that if I change the Spring Security adapter in a
>> straightforward way to store the cookies, the cookie would always be set
>> on
>> "/sso", which would not be very useful.
> Same applies for Jetty adapter. But it doesn't work now (see
> KEYCLOAK-2514).
> --
> Best regards,
> Konstantin Gribov

More information about the keycloak-dev mailing list