<div dir="ltr">Thanks Scott for replying. We don't use an adapter. We have an Angular app that makes HTTP calls to backend services. All of our services are behind a Keycloak Security Proxy. <div><br></div><div>We are migrating away from Oracle OAM to Keycloak, and with Oracle navigating to the logout link was sufficient. I assumed the same would be for Keycloak. </div><div><br></div><div>I initially thought this might be the bug: <a href="https://issues.jboss.org/browse/KEYCLOAK-3311">https://issues.jboss.org/browse/KEYCLOAK-3311</a></div><div><br></div><div>However, after looking at the logs in Keycloak when I click the Logout button in our app I see the following errors.</div><div><br></div><div>
<p class="gmail-p1"><span class="gmail-s1">18</span><span class="gmail-s2">:</span><span class="gmail-s1">55</span><span class="gmail-s2">:</span><span class="gmail-s1">10</span><span class="gmail-s2">,</span><span class="gmail-s1">630</span><span class="gmail-s2"> WARN [org.jboss.resteasy.resteasy_jaxrs.i18n] (</span><span class="gmail-s3">default</span><span class="gmail-s2"> task-</span><span class="gmail-s1">11</span><span class="gmail-s2">) RESTEASY002130: </span><span class="gmail-s4">Failed</span><span class="gmail-s2"> to parse request.: javax.ws.rs.core.</span><span class="gmail-s4">UriBuilderException</span><span class="gmail-s2">: RESTEASY003330: </span><span class="gmail-s4">Failed</span><span class="gmail-s2"> to create URI: </span><span class="gmail-s3">null</span></p><p class="gmail-p1"><span class="gmail-s3">
</span></p><ol class="gmail-ol1">
<li class="gmail-li1"><span class="gmail-s1"></span><span class="gmail-s2">Caused</span><span class="gmail-s3"> </span><span class="gmail-s4">by</span><span class="gmail-s3">: javax.ws.rs.core.</span><span class="gmail-s2">UriBuilderException</span><span class="gmail-s3">: RESTEASY003280: empty host name</span></li>
<li class="gmail-li1"><span class="gmail-s5"></span><span class="gmail-s3"> at org.jboss.resteasy.specimpl.</span><span class="gmail-s2">ResteasyUriBuilder</span><span class="gmail-s3">.buildString(</span><span class="gmail-s2">ResteasyUriBuilder</span><span class="gmail-s3">.java:</span><span class="gmail-s6">540</span><span class="gmail-s3">)</span></li>
<li class="gmail-li2"><span class="gmail-s7"></span><span class="gmail-s8"> at org.jboss.resteasy.specimpl.</span><span class="gmail-s9">ResteasyUriBuilder</span><span class="gmail-s8">.buildFromValues(</span><span class="gmail-s9">ResteasyUriBuilder</span><span class="gmail-s8">.java:</span><span class="gmail-s10">743</span><span class="gmail-s8">)</span></li>
</ol><p class="gmail-p1"><span class="gmail-s3"><br></span></p><p class="gmail-p1"><span class="gmail-s3">Perhaps it is a combination of the Keycloak Security Proxy and some misconfiguration? I'm not really sure at this moment.</span></p><p class="gmail-p1">Is my assumption correct that we do not need an adapter for oidc logout?</p></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Sep 21, 2016 at 1:29 PM, Scott Rossillo <span dir="ltr"><<a href="mailto:srossillo@smartling.com" target="_blank">srossillo@smartling.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word">Which adapter are you using?<div><br><div>
<div style="color:rgb(0,0,0);letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;word-wrap:break-word"><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">Scott Rossillo</div><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">Smartling | Senior Software Engineer</div><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><a href="mailto:srossillo@smartling.com" target="_blank">srossillo@smartling.com</a></div><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">
</div>
</div></div><br><div><blockquote type="cite"><span class=""><div>On Sep 21, 2016, at 2:03 PM, Sean Schade <<a href="mailto:sean.schade@drillinginfo.com" target="_blank">sean.schade@drillinginfo.com</a>> wrote:</div><br></span><div><span class=""><div dir="ltr">We are having an issue where our browser application will initiate a logout, but after redirecting back to the application the user is not taken to the login screen. It appears the user is still logged in, and can fully access the application. I can see the session removed in Keycloak Admin UI. However, it appears the cookie never gets invalidated. Here is the redirect URL we use. Are we missing some configuration step in the client? I have standard flow, implicit flow, and direct access grants enabled. Valid redirect URIs, Base URL, and web origins are all configured in the client. Admin URL is not set as we are relying only on browser logout.<br><div><br></div><div><pre style="font-family:consolas,"liberation mono",courier,monospace;font-size:12px;margin-top:0px;margin-bottom:0px;color:rgb(51,51,51);line-height:18px"><div style="padding-left:10px;min-height:18px"><span style="color:rgb(221,17,68)"><a href="https://auth.dev.drillinginfo.com/auth/realms/dev/protocol/openid-connect/logout?redirect_uri=https%3A%2F%2Fapp.dev.drillinginfo.com/gallery/" target="_blank">https://auth.dev.drillinginfo.<wbr>com/auth/realms/dev/protocol/<wbr>openid-connect/logout?<wbr>redirect_uri=https%3A%2F%<wbr>2Fapp.dev.drillinginfo.com/<wbr>gallery/</a></span></div></pre></div></div></span>
______________________________<wbr>_________________<br>keycloak-user mailing list<br><a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br><a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/<wbr>mailman/listinfo/keycloak-user</a></div></blockquote></div><br></div></div></blockquote></div><br></div>