5:12 a.m.
Hi
I have 2 bearer rest layers (A,B): A calls B. In front I have an angular
web layer calling A -> B.
What is the best practices to handle "Token is not active" when user sits
in front idle and token becomes inactive, http session still valid but KC
token expired? If B reaches token not active, on the call from A to B -
how would I propagate this to the front layer?
A has to consume the ValidationException from B and notify front layer to
auto logout or prompt the user with a message saying 'your session
expired, please login' or automatically throw the user into the login
prompt in front.
For this scenario above, anyone share some thoughts?
Thanks
5:17 a.m.
Forgot to mention that the angular piece is under keycloak.js and so this
may be able to expire the session before A or B 's token becomes inactive?
Overall am trying to see how others handle this , as I think this is a
regular web/rest scenario that I am not the only one doing it.
Hoping to get some help from whoever.
Thanks
Hi
I have 2 bearer rest layers (A,B): A calls B. In front I have an angular
web layer calling A -> B.
What is the best practices to handle "Token is not active" when user sits
in front idle and token becomes inactive, http session still valid but KC
token expired? If B reaches token not active, on the call from A to B -
how would I propagate this to the front layer?
A has to consume the ValidationException from B and notify front layer to
auto logout or prompt the user with a message saying 'your session
expired, please login' or automatically throw the user into the login
prompt in front.
For this scenario above, anyone share some thoughts?
Thanks
5:36 a.m.
I would think that the front end would block or re-new the token and send
into the call a valid token to the bearer call.
I am passing the token extracted from the front-end into the header to the
bearer rest call. So does keycloak.js re-issuing a new valid token if the
existing one expired? Currently it does not since I am seeing
VerificationException on the bearer rest layer.
thoughts???
Forgot to mention that the angular piece is under keycloak.js and so
this
may be able to expire the session before A or B 's token becomes inactive?
Overall am trying to see how others handle this , as I think this is a
regular web/rest scenario that I am not the only one doing it.
Hoping to get some help from whoever.
Thanks
> Hi
> I have 2 bearer rest layers (A,B): A calls B. In front I have an angular
> web layer calling A -> B.
>
> What is the best practices to handle "Token is not active" when user
> sits
> in front idle and token becomes inactive, http session still valid but
> KC
> token expired? If B reaches token not active, on the call from A to B -
> how would I propagate this to the front layer?
> A has to consume the ValidationException from B and notify front layer
> to
> auto logout or prompt the user with a message saying 'your session
> expired, please login' or automatically throw the user into the login
> prompt in front.
>
> For this scenario above, anyone share some thoughts?
> Thanks
>
7:57 a.m.
Yes the frontend should provide the refreshed token, how does your angular
code works ? Have you seen the example here :
https://github.com/keycloak/keycloak/blob/master/examples/demo-template/a...
?
On Thu, Dec 22, 2016 at 12:36 PM, java_os <java(a)neposoft.com> wrote:
I would think that the front end would block or re-new the token and
send
into the call a valid token to the bearer call.
I am passing the token extracted from the front-end into the header to the
bearer rest call. So does keycloak.js re-issuing a new valid token if the
existing one expired? Currently it does not since I am seeing
VerificationException on the bearer rest layer.
thoughts???
> Forgot to mention that the angular piece is under keycloak.js and so this
> may be able to expire the session before A or B 's token becomes
inactive?
> Overall am trying to see how others handle this , as I think this is a
> regular web/rest scenario that I am not the only one doing it.
> Hoping to get some help from whoever.
> Thanks
>
>> Hi
>> I have 2 bearer rest layers (A,B): A calls B. In front I have an angular
>> web layer calling A -> B.
>>
>> What is the best practices to handle "Token is not active" when user
>> sits
>> in front idle and token becomes inactive, http session still valid but
>> KC
>> token expired? If B reaches token not active, on the call from A to B -
>> how would I propagate this to the front layer?
>> A has to consume the ValidationException from B and notify front layer
>> to
>> auto logout or prompt the user with a message saying 'your session
>> expired, please login' or automatically throw the user into the login
>> prompt in front.
>>
>> For this scenario above, anyone share some thoughts?
>> Thanks
>>
>
>
>
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
2910
days inactive
2922
days old
3 comments
2 participants
participants (2)
-
java_os -
Sebastien Blanc