<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">On 29/10/15 09:11, Marek Posolda wrote:<br>
</div>
<blockquote cite="mid:5631D49C.4050003@redhat.com" type="cite">
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
<div class="moz-cite-prefix">+1 for this. I might have already
created JIRA some months ago, but not sure. If you don't found,
create your own JIRA.<br>
<br>
Our javascript adapter keycloak.js already has support for this
(method "update" in keycloak.js), but java adapters don't have
it. <br>
<br>
Looks we may need to add the new option on adapter config (
keycloak.js ) for this. Not sure what should be it's default
value, 5 seconds?<br>
</div>
</blockquote>
Sorry, i meant keycloak.json in the last sentence about adapter
config.<br>
<br>
Marek<br>
<blockquote cite="mid:5631D49C.4050003@redhat.com" type="cite">
<div class="moz-cite-prefix"> <br>
Marek<br>
<br>
<br>
On 28/10/15 19:51, Benjamin Loy wrote:<br>
</div>
<blockquote
cite="mid:CACF9CVmr=TU0rw6aKdN4_O60RHaPP1_Q4iEhuKjjRusCF0e2dQ@mail.gmail.com"
type="cite">
<div dir="ltr">Hello all,
<div><br>
</div>
<div>We are using Keycloak in production and wanted to make a
change to it to handle tokens that are about to expire. We
have a number of services that rely on the bearer token sent
from our web servers for authentication. Users will land on
the web server, we verify their token is alive, and send
the bearer token to a service. Our issue is sometimes the
user has an extremely small amount of time left, the bearer
token expires by the time we do the security checks on the
services, and the request fails.</div>
<div><br>
</div>
<div>We are considering adding a minimum TTL
in RefreshableKeycloakSecurityContext that will refresh an
active token if it has less than a configurable amount of
time left before it expires. This will let us build a time
window that will prevent the token from expiring when
interacting with services under normal circumstances.</div>
<div><br>
</div>
<div>Would you be interested in our work on this or have any
interest to do this yourselves? I can create a Jira and a
pull request if you want us to implement this feature.</div>
<div><br>
</div>
<div>Thanks,</div>
<div><br>
</div>
<div>Ben</div>
<div><br>
</div>
<div><br>
</div>
</div>
<div dir="ltr">-- <br>
</div>
<div dir="ltr">
<blockquote>
<div>
<p><span>Benjamin Loy</span></p>
</div>
<div>
<p><span>Senior Software Engineer</span></p>
</div>
<div>
<p><a moz-do-not-send="true"
href="mailto:bloy@smartling.com">bloy@smartling.com</a><span> </span><span>|
o: (866) 707 6278</span></p>
</div>
<div><a moz-do-not-send="true"
href="http://www.smartling.com/"><span>smartling.com</span></a><span>
| </span><span>linkedIn</span><span> | </span><span><a
moz-do-not-send="true"
href="https://twitter.com/smartling"><span>@s</span>martling</a></span></div>
<div><br>
</div>
</blockquote>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
keycloak-dev mailing list
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-dev">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a></pre>
</blockquote>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
keycloak-dev mailing list
<a class="moz-txt-link-abbreviated" href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-dev">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a></pre>
</blockquote>
<br>
</body>
</html>