Just spotted you're using the Angular2 example. I've got no clue about that one. It was community contributed and we've not had any experience with Angular2 ourselves.

Please try if you're getting similar behavior with Angular 1 example.

There should be no page reload on the cookie check. It's just a window postMessage and it doesn't do anything that should cause the page to reload.

On 8 September 2016 at 14:07, Andy Yar <andyyar66@gmail.com> wrote:
Yes, I did - Web Origins: http://localhost:4200. Thats where my dev server runs. When I change the origin in the Keycloak admin console to something different I can't even log in due to CORS errors. So I guess this setting is correct.

Setting a really short max SSO session TTL results in both cookie checks (quiet Chrome and page reloading Firefox/Edge) detecting the tokens' validity and redirecting to the login page.

My other observation, when I perform a SSO logout in Keycloak the app running in Chrome doesn't log me out after its quiet cookie check. In Firefox/Edge it detects the SSO logout correctly during the horrible cookie checking page reload.

On Thu, Sep 8, 2016 at 7:39 AM, Stian Thorgersen <sthorger@redhat.com> wrote:
Did you add correct origins for your app in the Keycloak admin console?

On 7 September 2016 at 16:30, Andy Yar <andyyar66@gmail.com> wrote:
Hello,
I've tried running https://github.com/keycloak/keycloak/tree/master/examples/demo-template/angular2-product-app app on localhost against my Keycloak instance. The page reloading issue caused by iFrame checks was present too.

The only significant change I made to the demo app was replacing the keycloak.json with mine. The difference is using a non-localhost URL: "auth-server-url": "http://<serverURL>:8080/sso". CORS comes to mind.


On Tue, Sep 6, 2016 at 2:43 PM, Andy Yar <andyyar66@gmail.com> wrote:
I've spent some time in Firefox's debugger and found out that the redirect occurs right after the window.postMessage() is called in the checkLoginFrame function.

The demo project code seems to be in line with my code. Might try it's runtime behavior later.

On Tue, Sep 6, 2016 at 8:19 AM, Marek Posolda <mposolda@redhat.com> wrote:
On 01/09/16 23:34, Andy Yar wrote:
Hello,
I've created a template of a Angular based app using keycloak.js lib. After a successful login the app/page periodically reloads itself. I guess it's because of the iFrame session check being set to 5sec interval (requesting url: <base_url>/#state=<hash>&code=<hash>).
 That's strange... IFrame is supposed to just check the cookie, not to do any reload.

Maybe take a look at our angular examples and see if you do something differently? See https://github.com/keycloak/keycloak/tree/master/examples/demo-template/angular-product-app . Note the angular.bootstrap called after Keycloak authentication is fully finished.

Marek

This happens in latest Firefox and Edge. Chrome seems to handle these reloads quietly.

Is this intended?

Thanks


_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user




_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user