[keycloak-dev] Sessions in admin console
Bill Burke
bburke at redhat.com
Wed Mar 12 14:55:53 EDT 2014
Ya know. They way it works is kinda silly. A Logout should probably
set a notBefore policy too.
On 3/12/2014 2:02 PM, Bill Burke wrote:
>
>
> On 3/12/2014 12:46 PM, Stian Thorgersen wrote:
>> It's really nice to see logged in users, and to be able to manage sessions through the admin console. I've spotted a few issues though:
>>
>> * Logout All (realm/sessions) or Logout specific user (realm/applications/app) doesn't seem to work - only thing I could do to actually logout a user was to set the not before
>> * Users/sessions for users logged in to admin console or account doesn't work
>
> View the wildfly console. You *are* being logged out, but your identity
> token is still active so when you get redirected to recreate the totem,
> you get relogged in. The logout button in admin console can't change
> the user's cookies.
>
> Maybe instead of logout call it "Invalidate SEssion" or "Logout Session"?
>
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list