Why do you need to create session when accessing a public resource ?
On Thu, Dec 28, 2017 at 6:01 PM, Michalis Siochos <msiochos(a)gmail.com>
wrote:
Hi All,
I'm evaluating keycloak and identifying the possibility to provide SSO
services on non protected (public) pages.
Assume the following environment:
Portal 1
-
https://site1.example.com/public
-
https://site1.example.com/protected
Portal 2
-
https://site2.example.com/public
-
https://site2.example.com/protected
/protected is the restricted area of the portal, that only logged in
users may access
/public is the public area where both logged in and anonymous users may
navigate
I'm trying to achieve the following
- User logs in @
https://site1.example.com
- SSO session and site1 session are created
- User goes to public area of site2,
https://site2.example.com/public
- User is automatically logged in (site2 session is created)
It seems that the above is not possible with OIDC / SAML since the user
has to land on a protected page to initiate federation, or perform an
action (e.g. click a button).
Any other thoughts, feedback?
Thanks in advance,
Michalis
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user