On 2 June 2016 at 15:06, Rafael T. C. Soares <rsoares(a)redhat.com> wrote:
___
Rafael T. C. Soares
On 06/02/2016 02:43 AM, Stian Thorgersen wrote:
On 2 June 2016 at 04:13, Rafael T. C. Soares <rsoares(a)redhat.com> wrote:
> Hi!
>
> Please ignore my last question.
>
> It worked fine. Keycloak checks the existence of a Session for the user
> logged in the first app. Obviously the SSO will happen if I try to access
> the other app using the same Browser Session. Additionally I suppose both
> apps have to be under the same realm. Makes sense?
>
Yes, the SSO session is bound to one realm and browser session
>
> BTW, is it possible to disable Single Sign out for a specific client app?
>
Not sure what you mean about disabling single sign out? Do you want to
client to have access after the user has logged-out? If so you can use
offline tokens if you are using OpenID Connect
For example In my scenario If the user logout from the second app (sharing
the same browser session and realm) it should be logged out only from that
app (2nd). But should remain logged in the 1st one. Does it makes sense? Is
that possible?
Not really. It's SSO and all apps are using the same SSO session. In either
case it's not really supported.
>
> ___
> Rafael T. C. Soares
>
> On 06/01/2016 07:26 PM, Rafael T. C. Soares wrote:
>
> Hi!
>
> I have one common realm (eg: demo-realm) with two client apps under it:
>
> - 1st app using SAML protocol - hosted in app srv 1 (tomcat)
> - 2nd app using Keycloak default OpenID Connect - hosted in app srv 2
> (JBoss EAP)
>
> What I need to do in order to enable SSO between these both apps?
>
> I tried log in in the 1st one and them tried to access the 2nd one, but
> the SSO does not works :-/
>
> --
> ___
> Rafael T. C. Soares
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>