[keycloak-user] Impersonate user feature stop working after 3.2.0.Final
_ JnMlMe _
jnmlme at outlook.com
Tue Dec 5 05:30:51 EST 2017
Hi,
I also have an issue with Impersonate function due to the AUTH_SESSION_ID cookie.
It looks like after a impersonate login and a logout, the session cookie AUTH_SESSION_ID is still "alive", and forbid our managers to impersonate again (the login form is displayed instead).
The only way to fix this isse is to clear by hand this cookie.
On classic authentication, the behaviour is the same (the cookie is not remove at the end of the session/logout), but it doesn't forbid the users to login again.
For me, it seems to be a keycloak issue.
Regards,
________________________________
De : keycloak-user-bounces at lists.jboss.org <keycloak-user-bounces at lists.jboss.org> de la part de Stian Thorgersen <sthorger at redhat.com>
Envoyé : vendredi 1 décembre 2017 09:12
À : Diego Diez
Cc : keycloak-user
Objet : Re: [keycloak-user] Impersonate user feature stop working after 3.2.0.Final
I can't reproduce this, please try with the latest release 3.4.1 and if you
can give us exact steps on how to reproduce create a bug in JIRA.
On 30 November 2017 at 20:22, Diego Diez <diegodiez.ddr at gmail.com> wrote:
> It has something to do with the cookies.
> I can impersonate a user the first time I try (without any cookies yet for
> the browser session).
> If I try again after doing log out, the login form is always shown, even
> after impersonate another user.
> The only way I found to impersonate a user again is clearing the cookies
> for the keycloak server.
>
> I hope this info is useful in order to reproduce the problem.
>
>
> El 29 nov. 2017 10:13 p. m., "Diego Diez" <diegodiez.ddr at gmail.com>
> escribió:
>
>> After clicking the button I can see the account of the impersonated user,
>> but the SSO doesn't seem to work.
>>
>> When I go to another app, the login form is prompt again instead of a new
>> redirect with the user logged in to the app automatically.
>>
>> That's the issue I meant in the first place. Sorry for the lack of
>> details.
>>
>> PD: the app I used to reproduce the problem was secured using the spring
>> security adapter for spring boot
>>
>> El 29 nov. 2017 9:33 p. m., "Stian Thorgersen" <sthorger at redhat.com>
>> escribió:
>>
>> Oh and we do have tests as well for it ;)
>>
>> On 29 November 2017 at 21:33, Stian Thorgersen <sthorger at redhat.com>
>> wrote:
>>
>>> Just tried it here and works just fine for me.
>>>
>>> On 29 November 2017 at 18:24, Diego Diez <diegodiez.ddr at gmail.com>
>>> wrote:
>>>
>>>> Hi Keycloak Community,
>>>>
>>>>
>>>> After successfully upgrade our servers from keycloak 2.5.4.Final to
>>>> 3.4.0.Final, we have notice that the impersonation feature isn't
>>>> working anymore.
>>>>
>>>> We have tested other versions with a vanilla install and the first
>>>> version with this problem is 3.2.0.Final.
>>>>
>>>> Are you experiencing this problem? Impersonation is a quite useful
>>>> feature to us, so any workaround until next release would be great.
>>>>
>>>>
>>>> Regards,
>>>>
>>>> Diego Díez
>>>> _______________________________________________
>>>> keycloak-user mailing list
>>>> keycloak-user at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
keycloak-user Info Page - JBoss<https://lists.jboss.org/mailman/listinfo/keycloak-user>
lists.jboss.org
To see the collection of prior postings to the list, visit the keycloak-user Archives. Using keycloak-user: To post a message to all the list members ...
>>>
>>>
>>>
>>
>>
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
keycloak-user Info Page - JBoss<https://lists.jboss.org/mailman/listinfo/keycloak-user>
lists.jboss.org
To see the collection of prior postings to the list, visit the keycloak-user Archives. Using keycloak-user: To post a message to all the list members ...
More information about the keycloak-user
mailing list