<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div class="">Why not just kick off the backchannel logout requests sent by Keycloak asynchronously? The logout requesting app can’t do anything if they fail anyway.</div><br class=""><div class="">
<div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class="">Scott Rossillo</div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class="">Smartling | Senior Software Engineer</div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><a href="mailto:srossillo@smartling.com" class="">srossillo@smartling.com</a></div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class="">
</div>
</div></div><br class=""><div><blockquote type="cite" class=""><div class="">On Feb 11, 2016, at 11:57 AM, Marek Posolda <<a href="mailto:mposolda@redhat.com" class="">mposolda@redhat.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div class="">Few things, which we can possibly do:<br class=""><br class="">- Currently when application initiates logout through <br class="">servletRequest.logout , it sends request to Keycloak logout endpoint. <br class="">This endpoint then sends backchannel request to all logged clients with <br class="">registered admin URL. I think we can improve here and not send request <br class="">to the original application, which initiated logout.<br class=""><br class="">For example: When product-portal application initiates logout through <br class="">servletRequest.logout, the adapter itself should be already able to do <br class="">all logout actions on it's side (invalidate httpSession etc) and there <br class="">is no need to send another request from keycloak to product-portal to <br class="">logout same httpSession.<br class=""><br class="">- Backchannel logout requests send by Keycloak (ResourceAdminManager) <br class="">could be send in parallel. Currently they are send sequentially, which <br class="">is not very optimal.<br class=""><br class="">WDYT?<br class=""><br class="">Marek<br class="">_______________________________________________<br class="">keycloak-dev mailing list<br class=""><a href="mailto:keycloak-dev@lists.jboss.org" class="">keycloak-dev@lists.jboss.org</a><br class="">https://lists.jboss.org/mailman/listinfo/keycloak-dev<br class=""></div></div></blockquote></div><br class=""></body></html>