Hello,
The error registers as follow in the Keycloak log. Any suggestions?
Event type: REGISTER_ERROR
Error: different_user_authenticated
13:07:05,127 WARN [org.keycloak.events] (default task-50) type=REGISTER_ERROR,
realmId=1177, clientId=demo-app, userId=a0994120-e9cd-4ae5-b6b9-e92dc3bf8206,
ipAddress=172.30.181.189, error=different_user_authenticated,
identity_provider=idp_acctest, register_method=broker, consent=no_consent_required,
previous_user=d0cae6fa-caa8-4d51-b4df-0711179ff360,
identity_provider_identity=7fecc1f8-87d3-420b-a2b0-df239c5cee78,
code_id=e14dbf6d-7a69-4842-a54f-cd02552aab47,
username=7fecc1f8-87d3-420b-a2b0-df239c5cee78
Kind regards
--
Marco
On 9 Mar 2018, at 11:14, Marek Posolda <mposolda(a)redhat.com>
wrote:
Hi,
could you try to upgrade to latest version 3.4.3 and see if the issue is still here for
your scenario?
Marek
On 09/03/18 10:51, Marco de Luca wrote:
> Scenario:
>
> We are using keycloak OIDC to create id-token/UserInfo för our applications. IdP is
provided by an external SAML IdP.
>
> We want Keycloak to provide SSO between all applications (clients) using the Keycloak
server (3.4.1).
>
>
> Problem:
>
> When the first application “A” uses Keycloak to authenticate the user everything is
OK. When application “B” (using the same browser) uses Keycloak to authenticate the user
an error occurs. “We're sorry ...You are already authenticated as different user
‘xx' in this session. Please logout first.” (DIFFERENT_USER_AUTHENTICATED)
>
> The current configuration uses the IdP “Subject.NameID” as username
(preferred_username).
>