1:47 p.m.
Hello,
I am running keycloak behind an reverse proxy. After I log in, when
visiting the keycloak admin, the page refreshes every 5 seconds. It
appears to be because my session cookie does not match the expected
KEYCLOAK_SESSION value in the server response.
When I monitor the traffic between the browser and keycloak, the cookie
sent to keycloak matches the cookie in the response.
When I put a breakpoint in the login.status.iframe.html getCookie() method,
I see the desired cookie with the incorrect name
"!Proxy!clusterProxyKEYCLOAK_SESSION", and I sometimes see a an invalid
cookie with the correct name "KEYCLOAK_SESSION".
example:
"
!Proxy!clusterProxyKEYCLOAK_SESSION=master/127ff890-6fde-47f5-8a81-039c67d0a261/c7b9427b-eb59-4b2a-8b3c-f8436c130613"
Does anyone know what is happening here?
--
*Colin Ritchie **|* *Engineering Manager* *|* *Tasktop Technologies*
5:27 a.m.
Looks like your reverse proxy is for some reason messing with the cookies
On 14 November 2016 at 20:47, Colin Ritchie <colin.ritchie(a)tasktop.com>
wrote:
Hello,
I am running keycloak behind an reverse proxy. After I log in, when
visiting the keycloak admin, the page refreshes every 5 seconds. It
appears to be because my session cookie does not match the expected
KEYCLOAK_SESSION value in the server response.
When I monitor the traffic between the browser and keycloak, the cookie
sent to keycloak matches the cookie in the response.
When I put a breakpoint in the login.status.iframe.html getCookie() method,
I see the desired cookie with the incorrect name
"!Proxy!clusterProxyKEYCLOAK_SESSION", and I sometimes see a an invalid
cookie with the correct name "KEYCLOAK_SESSION".
example:
"
!Proxy!clusterProxyKEYCLOAK_SESSION=master/127ff890-6fde-
47f5-8a81-039c67d0a261/c7b9427b-eb59-4b2a-8b3c-f8436c130613"
Does anyone know what is happening here?
--
*Colin Ritchie **|* *Engineering Manager* *|* *Tasktop Technologies*
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
4:17 p.m.
Thanks Stian. You were right, although there were 2 issues. The proxy was
messing with the cookies, and I have resolved this. But I am still
periodically seeing issues when we are testing multiple different keycloak
installs from the same browser - sometimes there are multiple session
cookies, and I end up having to clear out all of them to get Keycloak to
start working again. I have not been able to reproduce this consistently
yet, though.
On Tue, Nov 15, 2016 at 3:27 AM, Stian Thorgersen <sthorger(a)redhat.com>
wrote:
Looks like your reverse proxy is for some reason messing with the
cookies
On 14 November 2016 at 20:47, Colin Ritchie <colin.ritchie(a)tasktop.com>
wrote:
> Hello,
>
> I am running keycloak behind an reverse proxy. After I log in, when
> visiting the keycloak admin, the page refreshes every 5 seconds. It
> appears to be because my session cookie does not match the expected
> KEYCLOAK_SESSION value in the server response.
>
> When I monitor the traffic between the browser and keycloak, the cookie
> sent to keycloak matches the cookie in the response.
>
> When I put a breakpoint in the login.status.iframe.html getCookie()
> method,
> I see the desired cookie with the incorrect name
> "!Proxy!clusterProxyKEYCLOAK_SESSION", and I sometimes see a an invalid
> cookie with the correct name "KEYCLOAK_SESSION".
>
> example:
> "
> !Proxy!clusterProxyKEYCLOAK_SESSION=master/127ff890-6fde-47f
> 5-8a81-039c67d0a261/c7b9427b-eb59-4b2a-8b3c-f8436c130613"
>
> Does anyone know what is happening here?
>
> --
> *Colin Ritchie **|* *Engineering Manager* *|* *Tasktop Technologies*
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
--
*Colin Ritchie **|* *Engineering Manager* *|* *Tasktop Technologies*
3424
days inactive
3431
days old
2 comments
2 participants
participants (2)
-
Colin Ritchie -
Stian Thorgersen