[keycloak-user] keycloak.js - page reloads itself when logged in

Andy Yar andyyar66 at gmail.com
Thu Sep 8 08:07:54 EDT 2016


Yes, I did - Web Origins: http://localhost:4200. Thats where my dev server
runs. When I change the origin in the Keycloak admin console to something
different I can't even log in due to CORS errors. So I guess this setting
is correct.

Setting a really short max SSO session TTL results in both cookie checks
(quiet Chrome and page reloading Firefox/Edge) detecting the tokens'
validity and redirecting to the login page.

My other observation, when I perform a SSO logout in Keycloak the app
running in Chrome doesn't log me out after its quiet cookie check. In
Firefox/Edge it detects the SSO logout correctly during the horrible cookie
checking page reload.

On Thu, Sep 8, 2016 at 7:39 AM, Stian Thorgersen <sthorger at redhat.com>
wrote:

> Did you add correct origins for your app in the Keycloak admin console?
>
> On 7 September 2016 at 16:30, Andy Yar <andyyar66 at gmail.com> wrote:
>
>> Hello,
>> I've tried running https://github.com/keycloak/ke
>> ycloak/tree/master/examples/demo-template/angular2-product-app app on
>> localhost against my Keycloak instance. The page reloading issue caused by
>> iFrame checks was present too.
>>
>> The only significant change I made to the demo app was replacing the
>> keycloak.json with mine. The difference is using a non-localhost URL:
>> "auth-server-url": "http://<serverURL>:8080/sso". CORS comes to mind.
>>
>>
>> On Tue, Sep 6, 2016 at 2:43 PM, Andy Yar <andyyar66 at gmail.com> wrote:
>>
>>> I've spent some time in Firefox's debugger and found out that the
>>> redirect occurs right after the window.postMessage() is called in the
>>> checkLoginFrame function.
>>>
>>> The demo project code seems to be in line with my code. Might try it's
>>> runtime behavior later.
>>>
>>> On Tue, Sep 6, 2016 at 8:19 AM, Marek Posolda <mposolda at redhat.com>
>>> wrote:
>>>
>>>> On 01/09/16 23:34, Andy Yar wrote:
>>>>
>>>> Hello,
>>>> I've created a template of a Angular based app using keycloak.js lib.
>>>> After a successful login the app/page periodically reloads itself. I guess
>>>> it's because of the iFrame session check being set to 5sec interval
>>>> (requesting url: <base_url>/#state=<hash>&code=<hash>).
>>>>
>>>> That's strange... IFrame is supposed to just check the cookie, not to
>>>> do any reload.
>>>>
>>>> Maybe take a look at our angular examples and see if you do something
>>>> differently? See https://github.com/keycloak/ke
>>>> ycloak/tree/master/examples/demo-template/angular-product-app . Note
>>>> the angular.bootstrap called after Keycloak authentication is fully
>>>> finished.
>>>>
>>>> Marek
>>>>
>>>>
>>>> This happens in latest Firefox and Edge. Chrome seems to handle these
>>>> reloads quietly.
>>>>
>>>> Is this intended?
>>>>
>>>> Thanks
>>>>
>>>>
>>>> _______________________________________________
>>>> keycloak-user mailing listkeycloak-user at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>
>>>>
>>>>
>>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160908/6254e1db/attachment.html 


More information about the keycloak-user mailing list