[keycloak-user] Impersonate user feature stop working after 3.2.0.Final
Stian Thorgersen
sthorger at redhat.com
Tue Dec 5 09:23:13 EST 2017
Please create a JIRA and include steps to reproduce
On 5 December 2017 at 11:30, _ JnMlMe _ <jnmlme at outlook.com> wrote:
> Hi,
>
> I also have an issue with Impersonate function due to the AUTH_SESSION_ID
> cookie.
>
> It looks like after a impersonate login and a logout, the session cookie
> AUTH_SESSION_ID is still "alive", and forbid our managers to impersonate
> again (the login form is displayed instead).
> The only way to fix this isse is to clear by hand this cookie.
>
> On classic authentication, the behaviour is the same (the cookie is not
> remove at the end of the session/logout), but it doesn't forbid the users
> to login again.
>
> For me, it seems to be a keycloak issue.
>
> Regards,
>
>
>
>
>
> ________________________________
> De : keycloak-user-bounces at lists.jboss.org <keycloak-user-bounces at lists.
> jboss.org> de la part de Stian Thorgersen <sthorger at redhat.com>
> Envoyé : vendredi 1 décembre 2017 09:12
> À : Diego Diez
> Cc : keycloak-user
> Objet : Re: [keycloak-user] Impersonate user feature stop working after
> 3.2.0.Final
>
> I can't reproduce this, please try with the latest release 3.4.1 and if you
> can give us exact steps on how to reproduce create a bug in JIRA.
>
> On 30 November 2017 at 20:22, Diego Diez <diegodiez.ddr at gmail.com> wrote:
>
> > It has something to do with the cookies.
> > I can impersonate a user the first time I try (without any cookies yet
> for
> > the browser session).
> > If I try again after doing log out, the login form is always shown, even
> > after impersonate another user.
> > The only way I found to impersonate a user again is clearing the cookies
> > for the keycloak server.
> >
> > I hope this info is useful in order to reproduce the problem.
> >
> >
> > El 29 nov. 2017 10:13 p. m., "Diego Diez" <diegodiez.ddr at gmail.com>
> > escribió:
> >
> >> After clicking the button I can see the account of the impersonated
> user,
> >> but the SSO doesn't seem to work.
> >>
> >> When I go to another app, the login form is prompt again instead of a
> new
> >> redirect with the user logged in to the app automatically.
> >>
> >> That's the issue I meant in the first place. Sorry for the lack of
> >> details.
> >>
> >> PD: the app I used to reproduce the problem was secured using the spring
> >> security adapter for spring boot
> >>
> >> El 29 nov. 2017 9:33 p. m., "Stian Thorgersen" <sthorger at redhat.com>
> >> escribió:
> >>
> >> Oh and we do have tests as well for it ;)
> >>
> >> On 29 November 2017 at 21:33, Stian Thorgersen <sthorger at redhat.com>
> >> wrote:
> >>
> >>> Just tried it here and works just fine for me.
> >>>
> >>> On 29 November 2017 at 18:24, Diego Diez <diegodiez.ddr at gmail.com>
> >>> wrote:
> >>>
> >>>> Hi Keycloak Community,
> >>>>
> >>>>
> >>>> After successfully upgrade our servers from keycloak 2.5.4.Final to
> >>>> 3.4.0.Final, we have notice that the impersonation feature isn't
> >>>> working anymore.
> >>>>
> >>>> We have tested other versions with a vanilla install and the first
> >>>> version with this problem is 3.2.0.Final.
> >>>>
> >>>> Are you experiencing this problem? Impersonation is a quite useful
> >>>> feature to us, so any workaround until next release would be great.
> >>>>
> >>>>
> >>>> Regards,
> >>>>
> >>>> Diego Díez
> >>>> _______________________________________________
> >>>> keycloak-user mailing list
> >>>> keycloak-user at lists.jboss.org
> >>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
> keycloak-user Info Page - JBoss<https://lists.jboss.org/
> mailman/listinfo/keycloak-user>
> lists.jboss.org
> To see the collection of prior postings to the list, visit the
> keycloak-user Archives. Using keycloak-user: To post a message to all the
> list members ...
>
>
>
> >>>
> >>>
> >>>
> >>
> >>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
> keycloak-user Info Page - JBoss<https://lists.jboss.org/
> mailman/listinfo/keycloak-user>
> lists.jboss.org
> To see the collection of prior postings to the list, visit the
> keycloak-user Archives. Using keycloak-user: To post a message to all the
> list members ...
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
More information about the keycloak-user
mailing list