[keycloak-user] keycloak.js - page reloads itself when logged in

Stian Thorgersen sthorger at redhat.com
Fri Sep 9 05:04:16 EDT 2016 

Are you getting the same behavior from the admin console? It's Angular and
uses keycloak.js.

On 9 September 2016 at 10:41, Andy Yar <andyyar66 at gmail.com> wrote:

> In my case the original AngularJS demo acts in the same way as the
> Angular2 one.
>
> On Thu, Sep 8, 2016 at 3:48 PM, Andy Yar <andyyar66 at gmail.com> wrote:
>
>> Ok, will check the original AngularJS demo for that harmless
>> window.postMessage().
>>
>> Thanks for your effort!
>>
>> On Thu, Sep 8, 2016 at 2:50 PM, Stian Thorgersen <sthorger at redhat.com>
>> wrote:
>>
>>> Just spotted you're using the Angular2 example. I've got no clue about
>>> that one. It was community contributed and we've not had any experience
>>> with Angular2 ourselves.
>>>
>>> Please try if you're getting similar behavior with Angular 1 example.
>>>
>>> There should be no page reload on the cookie check. It's just a window
>>> postMessage and it doesn't do anything that should cause the page to reload.
>>>
>>> On 8 September 2016 at 14:07, Andy Yar <andyyar66 at gmail.com> wrote:
>>>
>>>> Yes, I did - Web Origins: http://localhost:4200. Thats where my dev
>>>> server runs. When I change the origin in the Keycloak admin console to
>>>> something different I can't even log in due to CORS errors. So I guess this
>>>> setting is correct.
>>>>
>>>> Setting a really short max SSO session TTL results in both cookie
>>>> checks (quiet Chrome and page reloading Firefox/Edge) detecting the tokens'
>>>> validity and redirecting to the login page.
>>>>
>>>> My other observation, when I perform a SSO logout in Keycloak the app
>>>> running in Chrome doesn't log me out after its quiet cookie check. In
>>>> Firefox/Edge it detects the SSO logout correctly during the horrible cookie
>>>> checking page reload.
>>>>
>>>> On Thu, Sep 8, 2016 at 7:39 AM, Stian Thorgersen <sthorger at redhat.com>
>>>> wrote:
>>>>
>>>>> Did you add correct origins for your app in the Keycloak admin console?
>>>>>
>>>>> On 7 September 2016 at 16:30, Andy Yar <andyyar66 at gmail.com> wrote:
>>>>>
>>>>>> Hello,
>>>>>> I've tried running https://github.com/keycloak/ke
>>>>>> ycloak/tree/master/examples/demo-template/angular2-product-app app
>>>>>> on localhost against my Keycloak instance. The page reloading issue caused
>>>>>> by iFrame checks was present too.
>>>>>>
>>>>>> The only significant change I made to the demo app was replacing the
>>>>>> keycloak.json with mine. The difference is using a non-localhost URL:
>>>>>> "auth-server-url": "http://<serverURL>:8080/sso". CORS comes to mind.
>>>>>>
>>>>>>
>>>>>> On Tue, Sep 6, 2016 at 2:43 PM, Andy Yar <andyyar66 at gmail.com> wrote:
>>>>>>
>>>>>>> I've spent some time in Firefox's debugger and found out that the
>>>>>>> redirect occurs right after the window.postMessage() is called in the
>>>>>>> checkLoginFrame function.
>>>>>>>
>>>>>>> The demo project code seems to be in line with my code. Might try
>>>>>>> it's runtime behavior later.
>>>>>>>
>>>>>>> On Tue, Sep 6, 2016 at 8:19 AM, Marek Posolda <mposolda at redhat.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> On 01/09/16 23:34, Andy Yar wrote:
>>>>>>>>
>>>>>>>> Hello,
>>>>>>>> I've created a template of a Angular based app using keycloak.js
>>>>>>>> lib. After a successful login the app/page periodically reloads itself. I
>>>>>>>> guess it's because of the iFrame session check being set to 5sec interval
>>>>>>>> (requesting url: <base_url>/#state=<hash>&code=<hash>).
>>>>>>>>
>>>>>>>> That's strange... IFrame is supposed to just check the cookie, not
>>>>>>>> to do any reload.
>>>>>>>>
>>>>>>>> Maybe take a look at our angular examples and see if you do
>>>>>>>> something differently? See https://github.com/keycloak/ke
>>>>>>>> ycloak/tree/master/examples/demo-template/angular-product-app .
>>>>>>>> Note the angular.bootstrap called after Keycloak authentication is fully
>>>>>>>> finished.
>>>>>>>>
>>>>>>>> Marek
>>>>>>>>
>>>>>>>>
>>>>>>>> This happens in latest Firefox and Edge. Chrome seems to handle
>>>>>>>> these reloads quietly.
>>>>>>>>
>>>>>>>> Is this intended?
>>>>>>>>
>>>>>>>> Thanks
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> keycloak-user mailing listkeycloak-user at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> keycloak-user mailing list
>>>>>> keycloak-user at lists.jboss.org
>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>
>>>>>
>>>>>
>>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160909/2b5974ca/attachment.html

More information about the keycloak-user mailing list