I guess I'm stating the obvious, but the cancel button should take you back to where you were before being challenged by the login screen. To the extent that is possible, the cancel button should stay. We should never rely on the back button.

I just tried it on our demo and recreated the 400 error. We should fix this if possible.

On 10/9/2014 12:18 PM, Alarik Myrin wrote:

At least with the Wildfly adapter, clicking cancel gets you a HTTP 400 -- Bad Request on your protected resource, and doing something more graceful would take some thinking.

It's not clear to me what *should* happen when clicking cancel. Users in a browser have a back button, or a button to close the tab, and they can always use that to get out of the login screen.

Maybe the cancel button should just be removed?

Alarik
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user