That's true. It shares the cookie which does not have set httpOnly to true.
It's obviously an IE fail, however, I need a workaround for that :)
Do you have any idea how to solve this?
Am 16. Dezember 2016 um 15:14 schrieb Stian Thorgersen <sthorger(a)redhat.com>:
... Doesn't
On 16 December 2016 at 15:13, Stian Thorgersen <sthorger(a)redhat.com> wrote:
Does sound like IE actually creates a clean new session as it's sharing some cookies.
On 16 December 2016 at 13:10, Michael Gerber <gerbermichi(a)me.com> wrote:
Hi,
I am using Windows 7 and Internet Explorer 11.
IE can create a new window with a new session. It should be possible to work with two
different users in this two windows. However, the second login logs the older user out,
because of the KEYCLOAK_SESSION cookie which is stored in the
"C:\Users\{username}\AppData\Roaming\Microsoft\Windows\Cookies" directory. The
problem is, that this cookie is not set to httpOnly.
Is this a known bug? Or can I solve this problem?
kind regards
Michael
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev