Re: [keycloak-dev] redirects vs. javascript logins

We can still support a similar experience though. With the combination of customizable forms and iframe/popup we can still allow developers to integrate the forms into applications. ----- Original Message ----- > From: "Stian Thorgersen" <stian(a)redhat.com&gt; > To: "Bill Burke" <bburke(a)redhat.com&gt; > Cc: keycloak-dev(a)lists.jboss.org > Sent: Friday, 26 July, 2013 9:48:55 AM > Subject: Re: [keycloak-dev] redirects vs. javascript logins > > Yes, I don't know why I missed that. As you say login and logout has to be > done through redirects as long as HttpOnly is set on the cookie. > > EventJuggler simply links to the login page, but logout is a XHR and as you > say that would have to be a redirect as well. > > ----- Original Message ----- >> From: "Bill Burke" <bburke(a)redhat.com&gt; >> To: keycloak-dev(a)lists.jboss.org >> Sent: Thursday, 25 July, 2013 5:57:56 PM >> Subject: [keycloak-dev] redirects vs. javascript logins >> >> To do SSO, keycloak server sets a session cookie so that the user >> doesn't have to relogin if the cookie is set. This will have issues >> with the custom login, like the way the Event Juggler app works. >> Correct me if I'm wrong, but for Event Juggler, the login page is hosted >> at the Event Juggler website? And the app would do an HTTP invocation >> to obtain the token, correct? >> >> The problem with this approach is that we wouldn't be able to set the >> login session cookie as all cookies will be HttpOnly and not accessible >> via javascript (due to security issues). So, SSO would not work, and >> the user would have to relogin for each additional site they visited. >> -- >> Bill Burke >> JBoss, a division of Red Hat >> http://bill.burkecentral.com >> _______________________________________________ >> keycloak-dev mailing list >> keycloak-dev(a)lists.jboss.org >> https://lists.jboss.org/mailman/listinfo/keycloak-dev >> > _______________________________________________ > keycloak-dev mailing list > keycloak-dev(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-dev >