On 2 June 2016 at 15:06, Rafael T. C. Soares <rsoares@redhat.com> wrote:

___
Rafael T. C. Soares
On 06/02/2016 02:43 AM, Stian Thorgersen wrote:


On 2 June 2016 at 04:13, Rafael T. C. Soares <rsoares@redhat.com> wrote:
Hi!

Please ignore my last question.

It worked fine. Keycloak checks the existence of a Session for the user logged in the first app. Obviously the SSO will happen if I try to access the other app using the same Browser Session. Additionally I suppose  both apps have to be under the same realm. Makes sense?

Yes, the SSO session is bound to one realm and browser session
 

BTW, is it possible to disable Single Sign out for a specific client app?

Not sure what you mean about disabling single sign out? Do you want to client to have access after the user has logged-out? If so you can use offline tokens if you are using OpenID Connect
For example In my scenario If the user logout from the second app (sharing the same browser session and realm) it should be logged out only from that app (2nd). But should remain logged in the 1st one. Does it makes sense? Is that possible?

Not really. It's SSO and all apps are using the same SSO session. In either case it's not really supported.
 

 

___
Rafael T. C. Soares
On 06/01/2016 07:26 PM, Rafael T. C. Soares wrote:
Hi!

I have one common realm (eg: demo-realm) with two client apps under it:

 - 1st app using SAML protocol - hosted in app srv 1 (tomcat)
 - 2nd app using Keycloak default OpenID Connect - hosted in app srv 2 (JBoss EAP)

What I need to do in order to enable SSO between these both apps?

I tried log in in the 1st one and them tried to access the 2nd one, but the SSO does not works :-/

-- 
___
Rafael T. C. Soares


_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user