Enhancement JIRA created: KEYCLOAK-4097
~Dan
Fra: Stian Thorgersen [mailto:sthorger@redhat.com]
Sendt: onsdag 14. desember 2016 06.47
Til: Dan Østerberg <dan(a)ren.no>
Kopi: keycloak-user(a)lists.jboss.org
Emne: Re: [keycloak-user] Login multiple times
I'd say it's a limitation, but something we can probably improve on in 3.x as
we're planning to create a separate login session that is used during authentication.
This would be backed by a cookie that would make sure the current flow would be shared
cross multiple tabs. Could you create a JIRA enhancement request for this please?
On 6 December 2016 at 11:35, Dan Østerberg <dan@ren.no<mailto:dan@ren.no>>
wrote:
Hi,
It's possible (and sometimes likely) to have multiple browser tabs or windows showing
the login screen for the same realm. This could for example happen after working with
different systems in different tabs, and then timing out the whole SSO session. If the
user then logs in from both / all tabs, then the last login will seemingly win, destroy
all the other sessions (rather than all of them contributing to the same session). This
implies that the other tabs will not have a valid session, and e.g. fetching a new access
token will fail.
Is this a bug, a limitation, or is it intentional? And what's the recommended approach
for dealing with this issue?
~Dan
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user