Re: [keycloak-dev] Cancel button on login form
On 12/11/2013 2:27 PM, Stian Thorgersen wrote:
I added a cancel button to the login form. It results in a redirect
to "<redirect_uri>?error=access_denied".
Problem with it is that it doesn't make sense for all applications to have it. This
mainly applies to applications that require a login, for example the admin console.
Question is what do we do for those? Some alternatives:
This is not a problem IMO. Let the application decide how it wants to
handle a cancel.
* Add an optional query param to login that disables it
(.../tokens/login?nocancel)
* Add a config option to the app that's set through admin console
* Leave it and make the app show a sensible error message - "You're required to
login blah blah, click here to login"
or
* redirect to "<redirect_uri>?error=cancelled"
or
* redirect to "<redirect_uri>?cancelled=true"
or from openid connect
* redirect to "<redirect_uri>?error=interaction_required"
Admin console would see this and just redirect back to the login page.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com