<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Hi,<br>
<br>
I've just tried with latest Keycloak on Wildfly but did not see
same behaviour. Do you have admin URL set in Keycloak admin
console for your application? How are you doing logout in your
application? Are you using httpServletRequest.logout() or are you
directly logout by access to logoutURL like our demo example
applications are doing? <br>
<br>
Marek<br>
<br>
On 28.1.2015 10:38, Christoph Machnik wrote:<br>
</div>
<blockquote
cite="mid:9656B9D10BC6124A88D5E27DD02422855BC473BC@EX-TT-AC-01.traveltainment.int"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<style id="owaParaStyle" type="text/css">P {margin-top:0;margin-bottom:0;}</style>
<div style="direction: ltr;font-family: Tahoma;color:
#000000;font-size: 10pt;">Hi all,<br>
<br>
I have a web-application with keycloak. When a user have to log
in this user becomes the rights to see the following pages or
not. When this user loggs out an a other user loggs in with
other rights to see the following pages or not, he becomes the
same rights as the first user that logged in. <br>
In the example i log in with support and just can see the
support page in the application, when i logg out an log in with
admin i just can see the support page and not the admin page,
even though i have the admin role. When i restart the server and
first log in as admin i can see the admin- and the support page.
When i log out and now log in with support i have the support
rule, but nevertheless i can see the admin- and support page.<br>
<br>
Is there any mistake in int web.xml file ? (following):<br>
<br>
<?xml version="1.0" encoding="UTF-8"?><br>
<web-app xmlns=<a class="moz-txt-link-rfc2396E" href="http://java.sun.com/xml/ns/javaee">"http://java.sun.com/xml/ns/javaee"</a><br>
xmlns:xsi=<a class="moz-txt-link-rfc2396E" href="http://www.w3.org/2001/XMLSchema-instance">"http://www.w3.org/2001/XMLSchema-instance"</a><br>
xsi:schemaLocation=<a class="moz-txt-link-rfc2396E" href="http://java.sun.com/xml/ns/javaeehttp://java.sun.com/xml/ns/javaee/web-app_3_0.xml">"http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_3_0.xml"</a><br>
version="3.0"><br>
<br>
<module-name>TestWebApp</module-name><br>
<br>
<security-constraint><br>
<web-resource-collection><br>
<web-resource-name>Admins</web-resource-name><br>
<url-pattern>/views/admin/*</url-pattern><br>
</web-resource-collection><br>
<auth-constraint><br>
<role-name>admin</role-name><br>
</auth-constraint><br>
</security-constraint><br>
<security-constraint><br>
<web-resource-collection><br>
<web-resource-name>Support</web-resource-name><br>
<url-pattern>/views/support/*</url-pattern><br>
</web-resource-collection><br>
<auth-constraint><br>
<role-name>admin</role-name><br>
<role-name>support</role-name><br>
</auth-constraint><br>
</security-constraint><br>
<br>
<login-config><br>
<auth-method>KEYCLOAK</auth-method><br>
<realm-name>test</realm-name><br>
</login-config><br>
<br>
<security-role><br>
<role-name>admin</role-name><br>
</security-role><br>
<security-role><br>
<role-name>support</role-name><br>
</security-role><br>
<br>
</web-app><br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
keycloak-user mailing list
<a class="moz-txt-link-abbreviated" href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-user">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
</blockquote>
<br>
</body>
</html>