Back channel is better, but for some apps it's not possible (for example
client-side/JavaScript).
----- Original Message -----
From: "Scott Rossillo" <srossillo(a)smartling.com>
To: "keycloak-dev" <keycloak-dev(a)lists.jboss.org>
Sent: Friday, 8 May, 2015 8:31:09 PM
Subject: [keycloak-dev] Back channel logout vs. browser redirect
Hi,
When developing adapters, is there any benefit to using a browser redirect
for logout vs calling:
KeycloakDeployment deployment = // get deployment
RefreshableKeycloakSecurityContext session = // get session
session.logout(deployment);
The main reason I ask is that both accomplish the same goal but the back
channel method is actually better for integration with Spring Security.
Am I losing anything by using the back channel logout method?
Best,
Scott
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev