[keycloak-dev] Sessions in admin console

Bill Burke bburke at redhat.com
Wed Mar 12 14:55:53 EDT 2014


Ya know.  They way it works is kinda silly.  A Logout should probably 
set a notBefore policy too.

On 3/12/2014 2:02 PM, Bill Burke wrote:
>
>
> On 3/12/2014 12:46 PM, Stian Thorgersen wrote:
>> It's really nice to see logged in users, and to be able to manage sessions through the admin console. I've spotted a few issues though:
>>
>> * Logout All (realm/sessions) or Logout specific user (realm/applications/app) doesn't seem to work - only thing I could do to actually logout a user was to set the not before
>> * Users/sessions for users logged in to admin console or account doesn't work
>
> View the wildfly console.  You *are* being logged out, but your identity
> token is still active so when you get redirected to recreate the totem,
> you get relogged in.  The logout button in admin console can't change
> the user's cookies.
>
> Maybe instead of logout call it "Invalidate SEssion"  or "Logout Session"?
>
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
>

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com


More information about the keycloak-dev mailing list