Re: [keycloak-user] backchannel logout, Logout-all-sessions as user
HI,
Many Thanks for reply!
The issue is that I've created EventListener in order to do some audit
logging from caught events. So , for example when user performs
frontend/browser login/logout actions, corresponding
events(EventType.LOGIN/LOGOUT) are sent, so I can log that info to my audit
log. However, on 'Mange account '-> 'Sessions' I can 'Log out
all
sessions' and this action does not send any event, so I'm not able to log
via my EventListener anything.
So, the lack of event is done by purpose, or do you plan maybe to introduce
it?
Kind Regards!
2017-06-01 18:15 GMT+02:00 Bill Burke <bburke(a)redhat.com>:
backchannel logouts require authenticated and authorized requests.
So
what's the problem? don't understand
On 6/1/17 10:29 AM, Jan Bartosz wrote:
> Hi,
>
> My concern is about logging 'logout-all-sessions' action as a user. I see
> AdminEvent is raised in case admin invokes it.
> I assume it was done by purpose - is there some rule/specification
behind,
> like "backchannel logouts shouldn't be exposed to the outside world"?
> Is there a way I can create some provider/broker/... maybe aspect, or
> extend some behaviour to catch this backchannel-logout?
>
> Many Thanks in advance!
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user