[keycloak-user] Client Id and Timeout
Stian Thorgersen
sthorger at redhat.com
Tue Jan 19 08:01:37 EST 2016
We could add a client_id param to the emails. Then if it all fails we can
use the clients base url.
On 15 January 2016 at 21:28, Travis De Silva <traviskds at gmail.com> wrote:
> irrespective of the theme, how would you provide a link to the user to
> redirect back to the application that they initiated the request in the
> first place.
>
> For example, they click on the forgot password link or the register new
> user link.
>
> KeyCloak sends them an email with a link. But they don't click it for
> awhile and then when they click it, it has expired. So we should be able to
> display an expired message and redirect them back to the login page. How
> can we handle this?
>
>
>
> On Sat, 16 Jan 2016 at 07:23 Bill Burke <bburke at redhat.com> wrote:
>
>> NO, you can't. This would create an open redirect probably and the
>> themes are supposed to be completely independent of the protocol.
>>
>>
>> On 1/15/2016 3:06 PM, Travis De Silva wrote:
>>
>> I can understand that. But without the client ID, we cannot redirect them
>> back to the login screen.
>>
>> Is there anyway where the redirect url can be sent as a query string
>> together with the code. That way, we can then pick the redirect url from
>> the query string and redirect the user back to the appropriate login screen.
>>
>>
>> On Thu, 14 Jan 2016 at 18:56 Stian Thorgersen <sthorger at redhat.com>
>> wrote:
>>
>>> Once the client session is removed (it's deleted at some point after the
>>> login has timed out) the client id is no longer available. We have to
>>> delete this session at some point as otherwise we'd be left with garbage
>>> from abandoned logins
>>>
>>> On 13 January 2016 at 21:27, Travis De Silva <traviskds at gmail.com>
>>> wrote:
>>>
>>>> Hi,
>>>>
>>>> For theming the login for different clients within a realm, we are
>>>> conditionally checking for the client ID in the freemarker templates and
>>>> then accordingly including sub freemarker templates. This is working
>>>> perfectly but the issue is for certain errors, such as "You took too long
>>>> to login. Login process starting from beginning.", the clientid becomes
>>>> null ( (sometimes).
>>>>
>>>> Is there anything I can do from the freemarker template to identify the
>>>> client id so I can then accordingly handle these errors?
>>>>
>>>> Cheers
>>>> Travis
>>>>
>>>>
>>>>
>>>> clientId=null
>>>>
>>>> _______________________________________________
>>>> keycloak-user mailing list
>>>> keycloak-user at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>
>>>
>>>
>>
>> _______________________________________________
>> keycloak-user mailing listkeycloak-user at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>>
>> --
>> Bill Burke
>> JBoss, a division of Red Hathttp://bill.burkecentral.com
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160119/fb8c88a1/attachment.html
More information about the keycloak-user
mailing list