<div dir="ltr">I agree it should either show a page is no longer valid message or redirect back to origin as you're suggesting. The latter is the best, but we need to be able to identify that's actually what should be done. I tried with Google and it actually didn't work for me, it showed me the password page again.</div><div class="gmail_extra"><br><div class="gmail_quote">On 7 April 2016 at 13:47, Libor Krzyzanek <span dir="ltr"><<a href="mailto:lkrzyzan@redhat.com" target="_blank">lkrzyzan@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word">Hi,<div>when user successfully logs in (either after registration or login) then hitting back button shows KC page (login/registration) again.</div><div><br></div><div>This looks to be a bug to me because user is logged in and should be allowed to do only logout. No login or registration.</div><div><br></div><div>I tried how <a href="http://google.com" target="_blank">google.com</a> behaves and when you successfully logs in then hitting back button is handled correctly - their sso realize that you’re logged in and then user is redirected to requested page. No login page.</div><div><br></div><div>I think KC should follow same behavior.</div><div><br></div><div>Jira for login flow: <a href="https://issues.jboss.org/browse/KEYCLOAK-2768" target="_blank">https://issues.jboss.org/browse/KEYCLOAK-2768</a></div><div>Jira for reg. flow: <a href="https://issues.jboss.org/browse/KEYCLOAK-2740" target="_blank">https://issues.jboss.org/browse/KEYCLOAK-2740</a></div><div><br></div><div>Thanks,</div><div><br><div>
<div style="color:rgb(0,0,0);letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;word-wrap:break-word">Libor Krzyžanek</div><div style="color:rgb(0,0,0);letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;word-wrap:break-word">Principal Software Engineer<br>Red Hat Developers | Engineering</div>
</div>
<br></div></div><br>_______________________________________________<br>
keycloak-dev mailing list<br>
<a href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br></blockquote></div><br></div>