[keycloak-user] Conflicting logins with admin console

[Marek Posolda]

Hi,

I guess you're using same realm 'master' for both your application and 
admin console. Can you try to use different realm for your application 
and see if it helps? Also can you try to upgrade to latest Keycloak 
master and see if it helps?

Marek

On 14/06/17 01:56, Kyle Swensson wrote:
> Hello,
>
>
> (I have asked this question before to no avail, but the wording was poor so
> I want to rephrase it in hopes of getting more help)
>
> I am having an issue with conflicting logins from a user application and
> the keycloak admin console
>
> The issue arises when I authenticate on my user application as a basic
> user, using Tomcat. Then, I navigate to the Keycloak Admin Console login
> page on a different window. Despite being logged in as a basic user on my
> user application, I am still shown the empty login page for the keycloak
> admin console. After navigating to the Keycloak admin console login page,
> my session on my user application becomes broken, and I'm not sure why. At
> this point if I refresh the page containing my application I will find a
> 403 error in my console, however I can still access everything in my user
> application normally. Additionally, for some reason I can no longer log out
> from my session like i normally would (by hitting the authorization
> endpoint), when I try to log out nothing happens. The only way that I can
> get it out of this permanently logged in state is by going to "account" and
> manually ending all of the sessions for my user. It may be worth noting
> that I can also still log in to the admin console with a different user,
> and use the admin console as normal while this is happening. If I log onto
> the admin console while this is happening and look at all of the active
> sessions, I can see that there is indeed still an active session for the
> basic user using the user application. I assume that is the root of the
> problem, but I'm not sure what's causing this to happen.
>
> Setting the "Revoke Refresh Token" option in the keycloak admin console to
> ON does prevent this from happening, however it also makes the rest of my
> application become very buggy and slow so leaving that on isn't really a
> viable option.
>
> I'm wondering if this might be an actual bug with Keycloak, or if this is
> just being caused by some configuration error on my side. I am currently
> using Keycloak 2.3 for my application, but I have tried temporarily
> upgrading to Keycloak 3.1 and that didn't help the issue.
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user