[keycloak-user] Login timeout
Juraci Paixão Kröhling
juraci at kroehling.de
Wed Jul 15 09:37:10 EDT 2015
All,
When an user's session is timed out, the usual approach is to issue a
logout via the JavaScript adapter, which in turn will redirect the
browser to the login page at Keycloak.
The problem we are facing is that the user might not be active at this
time (the session has already timed out, after all), so, it might take a
while for the user to login again. If the user takes too long to login
again, Keycloak will display a login error, saying "Login timeout.
Please login again".
While I understand the technical aspects behind this, I think this is
problematic from the UXD perspective. Why should the user enter the same
valid login/password again, if the first ones were just fine?
As a "temporary" solution for Hawkular, we are *not* issuing a logout
via the JS adapter, but doing a "clearToken" and showing a modal with a
message like "Your session has timed out, login again", forcing the user
to click on a "Login" button, which will then redirect the user to the
login page. This is also not optimal from the UXD perspective, but at
least won't display an error message to the user.
As we can't possibly be the only ones with this (minor) problem, I'm
wondering if a set of redirects "in the background" couldn't solve the
technical issues, while keeping the login process "error free" from the
user's perspective. Or if we should indeed handle this situation on our
side.
For reference: https://issues.jboss.org/browse/HAWKULAR-444
- Juca.
More information about the keycloak-user
mailing list