4:35 a.m.
Hi,
It's possible (and sometimes likely) to have multiple browser tabs or windows showing
the login screen for the same realm. This could for example happen after working with
different systems in different tabs, and then timing out the whole SSO session. If the
user then logs in from both / all tabs, then the last login will seemingly win, destroy
all the other sessions (rather than all of them contributing to the same session). This
implies that the other tabs will not have a valid session, and e.g. fetching a new access
token will fail.
Is this a bug, a limitation, or is it intentional? And what's the recommended approach
for dealing with this issue?
~Dan
11:46 p.m.
I'd say it's a limitation, but something we can probably improve on in 3.x
as we're planning to create a separate login session that is used during
authentication. This would be backed by a cookie that would make sure the
current flow would be shared cross multiple tabs. Could you create a JIRA
enhancement request for this please?
On 6 December 2016 at 11:35, Dan Østerberg <dan(a)ren.no> wrote:
Hi,
It's possible (and sometimes likely) to have multiple browser tabs or
windows showing the login screen for the same realm. This could for example
happen after working with different systems in different tabs, and then
timing out the whole SSO session. If the user then logs in from both / all
tabs, then the last login will seemingly win, destroy all the other
sessions (rather than all of them contributing to the same session). This
implies that the other tabs will not have a valid session, and e.g.
fetching a new access token will fail.
Is this a bug, a limitation, or is it intentional? And what's the
recommended approach for dealing with this issue?
~Dan
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
4:19 a.m.
Enhancement JIRA created: KEYCLOAK-4097
~Dan
Fra: Stian Thorgersen [mailto:sthorger@redhat.com]
Sendt: onsdag 14. desember 2016 06.47
Til: Dan Østerberg <dan(a)ren.no>
Kopi: keycloak-user(a)lists.jboss.org
Emne: Re: [keycloak-user] Login multiple times
I'd say it's a limitation, but something we can probably improve on in 3.x as
we're planning to create a separate login session that is used during authentication.
This would be backed by a cookie that would make sure the current flow would be shared
cross multiple tabs. Could you create a JIRA enhancement request for this please?
On 6 December 2016 at 11:35, Dan Østerberg <dan@ren.no<mailto:dan@ren.no>>
wrote:
Hi,
It's possible (and sometimes likely) to have multiple browser tabs or windows showing
the login screen for the same realm. This could for example happen after working with
different systems in different tabs, and then timing out the whole SSO session. If the
user then logs in from both / all tabs, then the last login will seemingly win, destroy
all the other sessions (rather than all of them contributing to the same session). This
implies that the other tabs will not have a valid session, and e.g. fetching a new access
token will fail.
Is this a bug, a limitation, or is it intentional? And what's the recommended approach
for dealing with this issue?
~Dan
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org<mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
2713
days inactive
2723
days old
2 comments
2 participants
participants (2)
-
Dan Østerberg -
Stian Thorgersen