I am not sure if this is the appropriate way to post a Keycloak question. If it is not, I apologize. I have sent up a Wildfly JSP application (confidential) and a Wildfly REST API application (bearer-only) to use Keycloak Alpha 3. The Keycloak, JSP, and REST API applications are each running in a different Wildfly server on the same machine. Everything seems to work except the sign-off. It appears to work and there is no error, but in actuality the sign-off doesn't work. When the logout URL redirects back to the homepage (not secure) and I click the link to the get Countries JSP page (secured) again, it still shows me the country list without redirecting me to the Keycloak login page. I set @NoCahe on the JAX-RS endpoints in the API application and in the JSP app I put: <head> <% response.setHeader("Cache-Control", "no-cache"); response.setHeader("Pragma", "no-cache"); response.setDateHeader("Expires", 0); %> <title>Country List</title> </head> I use: <% String logoutUri = KeycloakUriBuilder.fromUri("http://localhost:6080/auth/rest/realms/MyRealm/tokens/logout") .queryParam("redirect_uri", "http://localhost:8080/MyAppJSP").build("MyRealm").toString(); %> to create the log-off URL. Also, if I go into the Keycloak Admin as "admin" and force log-off the user, it doesn't work either. Is there some setting I am missing in the JSP. I turned off all the caching I know about in Chrome and Wildfly. I am not sure this is a Keycloak problem or my ignorance of Wildfly and JSP. Any help is greatly appreciated. Cheers, A. Kevin Bailey _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user