Hi bill,
Keycloack will be merged with picketlink as one product/module in eap 7?
Plan is to productize about the same time as EAP7.
On 3/10/2015 5:27 AM, Chen Keong Yap wrote:
hi bill,
thanks for the update. btw, can you advise when redhat will put keycloak
into jboss eap roadmap?
On Tue, Mar 10, 2015 at 2:02 AM, Bill Burke <bburke@redhat.com
<mailto:bburke@redhat.com>> wrote:
I fixed some bugs around logout in 1.2, master git, but we're not
releasing this for a few weeks. I don't know if that is your
problem or not. I have not yet been able to take the time to
reproduce your problems on 1.1 yet.
On 3/8/2015 9:53 PM, Chen Keong Yap wrote:
hi bill,
can you advise regarding the global sign out issue?
On Thu, Mar 5, 2015 at 9:29 AM, Chen Keong Yap
<chenkeong.yap@izeno.com <mailto:chenkeong.yap@izeno.com>
<mailto:chenkeong.yap@izeno.__com
<mailto:chenkeong.yap@izeno.com>>> wrote:
hi bill,
Thanks for the solution given and it has resolved the first
issue
( login to the app via pl sp filter but the login session
cannot be
seen in keycloak admin console)
However now there are few more issues with single sign out.
a) When i click on the global logout link
(http://localhost:8080/__employee/?GLO=true
<http://localhost:8080/employee/?GLO=true>), the page just did a
self
refresh and it's not redirected to keycloak login page. I
can see
the keycloak session was gone from the keycloak admin
console but
the sample employee session still there.
b) When i click on the local logout link
(http://localhost:8080/__employee/?LLO=true
<http://localhost:8080/employee/?LLO=true>), the page just did a
self
refresh and it's not redirected to keycloak login page. I
can see
the keycloak session still in the keycloak admin console
but the
sample employee session still there.
c) When i click on the logout link
(http://localhost:8080/__employee/logout.jsp
<http://localhost:8080/employee/logout.jsp>), the page just did a
self refresh and it's not redirected to keycloak login page. I
noticed the keycloak session still in the keycloak admin
console but
the sample employee session still there. Just wondering do
i need to
implement session.invalidate() in the logout,jsp but how to
invalidate the keycloak session?
On Wed, Mar 4, 2015 at 11:12 PM, Bill Burke
<bburke@redhat.com <mailto:bburke@redhat.com>
<mailto:bburke@redhat.com <mailto:bburke@redhat.com>>> wrote:
Ok, I may have diagnosed the problem. Go to the admin
console.
Go to the definition of your application. Look at the
Admin
Url. Does it have a "/" at the end of the URL? If
not, add a
'/' at the end of this.
i.e.
http://somhere.com/app/
If that solves the issue, let me know and I'll explain
what is
going on. FYI, I ran into the same problem running the
SAML
example in the distro and this fixed the problem.
On 3/4/2015 9:07 AM, Chen Keong Yap wrote:
Hi bill,
If i understand from you correctly,
PL SAML SP and keycloak adapters are the same and
referring
to below items.
Tomcat 6, 7, 8
Jetty 8, 9
EAP 6.x
Wildfly
Node.js
Browser Javascript adapter.
So far i have tested PL SAML SP filter using the
following
libs and it
got the same 2 issues that was mentioned in the
previous email.
Picketlink lib : Picketlink 2.70 cr2, picketlink 2.5.3
(commercial)
keycloak lib : keycloak 1.1.0 final, keycloak 1.1.0
beta 2
On Mar 4, 2015 9:44 PM, "Bill Burke"
<bburke@redhat.com <mailto:bburke@redhat.com>
<mailto:bburke@redhat.com <mailto:bburke@redhat.com>>
<mailto:bburke@redhat.com
<mailto:bburke@redhat.com> <mailto:bburke@redhat.com
<mailto:bburke@redhat.com>>>> wrote:
Our testsuite uses PL SAML SP, not the filter
though,
and it works
fine. I'd have to recreate the problem using
the PL
SAML SP filter.
On 3/4/2015 8:04 AM, Chen Keong Yap wrote:
Hi bill,
Yup. I have configured the app in keycloak
admin
console. However i
encountered 2 issues.
First issue is that i was able to login to
the app
via pl sp
filter but
the login session cannot be seen in
keycloak admin
console
Second issue is that global logout was not
working
and the
landing page
just did a self refresh.
On Mar 4, 2015 8:55 PM, "Bill Burke"
<bburke@redhat.com <mailto:bburke@redhat.com>
<mailto:bburke@redhat.com <mailto:bburke@redhat.com>>
<mailto:bburke@redhat.com
<mailto:bburke@redhat.com> <mailto:bburke@redhat.com
<mailto:bburke@redhat.com>>>
<mailto:bburke@redhat.com
<mailto:bburke@redhat.com>
<mailto:bburke@redhat.com
<mailto:bburke@redhat.com>> <mailto:bburke@redhat.com
<mailto:bburke@redhat.com>
<mailto:bburke@redhat.com
<mailto:bburke@redhat.com>>>>> wrote:
You can still use the PL Filter SP. Just
configure the
application
in the admin console to use SAML.
On 3/3/2015 11:36 PM, Chen Keong Yap
wrote:
Hi bill,
the existing adapters cannot
support jboss
eap 5.0.2 and
websphere 8.5
and we are not allowed to use
keycloak proxy.
can you suggest any other alternative
similar to
picketlink sp
filter?
On Tue, Mar 3, 2015 at 11:45 PM,
Bill Burke
<bburke@redhat.com
<mailto:bburke@redhat.com> <mailto:bburke@redhat.com
<mailto:bburke@redhat.com>>
<mailto:bburke@redhat.com
<mailto:bburke@redhat.com> <mailto:bburke@redhat.com
<mailto:bburke@redhat.com>>>
<mailto:bburke@redhat.com
<mailto:bburke@redhat.com>
<mailto:bburke@redhat.com
<mailto:bburke@redhat.com>> <mailto:bburke@redhat.com
<mailto:bburke@redhat.com>
<mailto:bburke@redhat.com <mailto:bburke@redhat.com>>>>
<mailto:bburke@redhat.com
<mailto:bburke@redhat.com>
<mailto:bburke@redhat.com
<mailto:bburke@redhat.com>> <mailto:bburke@redhat.com
<mailto:bburke@redhat.com>
<mailto:bburke@redhat.com <mailto:bburke@redhat.com>>>
<mailto:bburke@redhat.com
<mailto:bburke@redhat.com>
<mailto:bburke@redhat.com
<mailto:bburke@redhat.com>> <mailto:bburke@redhat.com
<mailto:bburke@redhat.com>
<mailto:bburke@redhat.com
<mailto:bburke@redhat.com>>>>>> wrote:
There is no Keycloak SP
filter. We
have various
adapters
for different
platforms that hook into servlet
security to make
integration seamless:
Tomcat 6, 7, 8
Jetty 8, 9
EAP 6.x
Wildfly
Node.js
Browser Javascript adapter.
On 3/2/2015 10:22 PM, Chen
Keong Yap
wrote:
> Hi,
>
> Please share some lights for
implementing
Keycloak sp
filter which is
> similar to picketlink sp
filter.
>
>
org.picketlink.identity.________federation.web.filters.________SPFilter
>
>
>
_______________________________________________________
> keycloak-user mailing list
>
keycloak-user@lists.jboss.org <mailto:keycloak-user@lists.jboss.org>
<mailto:keycloak-user@lists.__jboss.org
<mailto:keycloak-user@lists.jboss.org>>
<mailto:keycloak-user@lists.
<mailto:keycloak-user@lists.>____jboss.org <http://jboss.org>
<mailto:keycloak-user@lists.__jboss.org
<mailto:keycloak-user@lists.jboss.org>>>
<mailto:keycloak-user@lists
<mailto:keycloak-user@lists>.
<mailto:keycloak-user@lists
<mailto:keycloak-user@lists>.>______jboss.org <http://jboss.org>
<http://jboss.org>
<mailto:keycloak-user@lists.
<mailto:keycloak-user@lists.>____jboss.org <http://jboss.org>
<mailto:keycloak-user@lists.__jboss.org
<mailto:keycloak-user@lists.jboss.org>>>>
<mailto:keycloak-user@lists
<mailto:keycloak-user@lists>
<mailto:keycloak-user@lists
<mailto:keycloak-user@lists>>.
<mailto:keycloak-user@lists
<mailto:keycloak-user@lists>
<mailto:keycloak-user@lists
<mailto:keycloak-user@lists>>.>________jboss.org <http://jboss.org>
<http://jboss.org> <http://jboss.org>
<mailto:keycloak-user@lists
<mailto:keycloak-user@lists>.
<mailto:keycloak-user@lists
<mailto:keycloak-user@lists>.>______jboss.org <http://jboss.org>
<http://jboss.org>
<mailto:keycloak-user@lists.
<mailto:keycloak-user@lists.>____jboss.org <http://jboss.org>
<mailto:keycloak-user@lists.__jboss.org
<mailto:keycloak-user@lists.jboss.org>>>>>
>
https://lists.jboss.org/________mailman/listinfo/keycloak-user
<https://lists.jboss.org/______mailman/listinfo/keycloak-user>
<https://lists.jboss.org/______mailman/listinfo/keycloak-user
<https://lists.jboss.org/____mailman/listinfo/keycloak-user>__>
<https://lists.jboss.org/______mailman/listinfo/keycloak-user
<https://lists.jboss.org/____mailman/listinfo/keycloak-user>
<https://lists.jboss.org/____mailman/listinfo/keycloak-user
<https://lists.jboss.org/__mailman/listinfo/keycloak-user>__>__>
<https://lists.jboss.org/______mailman/listinfo/keycloak-user
<https://lists.jboss.org/____mailman/listinfo/keycloak-user>
<https://lists.jboss.org/____mailman/listinfo/keycloak-user
<https://lists.jboss.org/__mailman/listinfo/keycloak-user>__>
<https://lists.jboss.org/____mailman/listinfo/keycloak-user
<https://lists.jboss.org/__mailman/listinfo/keycloak-user>
<https://lists.jboss.org/__mailman/listinfo/keycloak-user
<https://lists.jboss.org/mailman/listinfo/keycloak-user>__>__>__>
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org <mailto:keycloak-user@lists.jboss.org>
<mailto:keycloak-user@lists.__jboss.org
<mailto:keycloak-user@lists.jboss.org>>
<mailto:keycloak-user@lists.
<mailto:keycloak-user@lists.>____jboss.org <http://jboss.org>
<mailto:keycloak-user@lists.__jboss.org
<mailto:keycloak-user@lists.jboss.org>>>
<mailto:keycloak-user@lists
<mailto:keycloak-user@lists>.
<mailto:keycloak-user@lists
<mailto:keycloak-user@lists>.>______jboss.org <http://jboss.org>
<http://jboss.org>
<mailto:keycloak-user@lists.
<mailto:keycloak-user@lists.>____jboss.org <http://jboss.org>
<mailto:keycloak-user@lists.__jboss.org
<mailto:keycloak-user@lists.jboss.org>>>>
<mailto:keycloak-user@lists
<mailto:keycloak-user@lists>
<mailto:keycloak-user@lists
<mailto:keycloak-user@lists>>.
<mailto:keycloak-user@lists
<mailto:keycloak-user@lists>
<mailto:keycloak-user@lists
<mailto:keycloak-user@lists>>.>________jboss.org <http://jboss.org>
<http://jboss.org> <http://jboss.org>
<mailto:keycloak-user@lists
<mailto:keycloak-user@lists>.
<mailto:keycloak-user@lists
<mailto:keycloak-user@lists>.>______jboss.org <http://jboss.org>
<http://jboss.org>
<mailto:keycloak-user@lists.
<mailto:keycloak-user@lists.>____jboss.org <http://jboss.org>
<mailto:keycloak-user@lists.__jboss.org
<mailto:keycloak-user@lists.jboss.org>>>>>
https://lists.jboss.org/________mailman/listinfo/keycloak-user
<https://lists.jboss.org/______mailman/listinfo/keycloak-user>
<https://lists.jboss.org/______mailman/listinfo/keycloak-user
<https://lists.jboss.org/____mailman/listinfo/keycloak-user>__>
<https://lists.jboss.org/______mailman/listinfo/keycloak-user
<https://lists.jboss.org/____mailman/listinfo/keycloak-user>
<https://lists.jboss.org/____mailman/listinfo/keycloak-user
<https://lists.jboss.org/__mailman/listinfo/keycloak-user>__>__>
<https://lists.jboss.org/______mailman/listinfo/keycloak-user
<https://lists.jboss.org/____mailman/listinfo/keycloak-user>
<https://lists.jboss.org/____mailman/listinfo/keycloak-user
<https://lists.jboss.org/__mailman/listinfo/keycloak-user>__>
<https://lists.jboss.org/____mailman/listinfo/keycloak-user
<https://lists.jboss.org/__mailman/listinfo/keycloak-user>
<https://lists.jboss.org/__mailman/listinfo/keycloak-user
<https://lists.jboss.org/mailman/listinfo/keycloak-user>__>__>__>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com