<div dir="ltr">You probably haven't configured admin url for your client so the Keycloak server can't send backchannel logout to your serviceĀ </div><div class="gmail_extra"><br><div class="gmail_quote">On 2 February 2016 at 12:06, Andrey Saroul <span dir="ltr"><<a href="mailto:andrey.saroul@gmail.com" target="_blank">andrey.saroul@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>I'm using keycloak 1.7.0 with WildFly 9.0.2<br></div><div>I have rest service and Keycloak deployed on one the same machine.<br>Consider this scenario:<br></div><div>1) In browser i try to test my rest service (e.g. <a href="http://my-ip-address:8080/rest/test" target="_blank">http://my-ip-address:8080/rest/test</a>) secured under Keycloak<br></div><div>2) I got redirect to login page.<br></div><div>3) I enter my login and password.<br></div><div>4) I got some response from my rest service. That's Ok!<br></div><div>5) Then I go to Keycloak admin console, find my user and force session logout.<br></div><div>6) Then I try to access my rest service again by the same url, and NO redirect happens. Browser caches jsessionid cookie and don't know anything about user beeing logout.<br></div><div>It seems to my that during step #6 server should invalidate expired session cookie due to admin logout.<br></div><div>I considere that user after beeing logout will get redirect to login page again, and will not be able to access service with old jsessionid cookie.<br></div><div>Is this a bug, or could you help me explain what am i doing wrong?<br></div></div>
<br>_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br></blockquote></div><br></div>