[keycloak-dev] BRMS Good news/ Bad news
Bill Burke
bburke at redhat.com
Thu Oct 30 19:59:17 EDT 2014
Meh, figured out one of the problems. Uberfire is invalidating the
session before calling HttpServletRequest.logout(). Keycloak adapter is
storing information in session so can't communicate with auth server to
perform user session logout.
On 10/30/2014 7:47 PM, Stan Silvert wrote:
> On 10/30/2014 7:34 PM, Bill Burke wrote:
>> Worse than that for BRMS. BRMS logout from their console doesn't work
>> with Keycloak enabled...
> You win.
>>
>> On 10/30/2014 6:58 PM, Stan Silvert wrote:
>>> On 10/30/2014 6:38 PM, Bill Burke wrote:
>>>> Looked into security JBoss BRMS 6.0.2 with Keycloak.
>>>>
>>>> Good news is that I can secure brms console login just by installing the
>>>> keycloak adapter and turning it on in the WAR of BRMS. Bad news is that
>>>> keycloak initiated logout doesn't work that great. It just disables the
>>>> console.
>>>>
>>> Yea, we're going to have the same problem with the EAP Console, except
>>> it's even worse because there is no WAR at all. It will require some
>>> special logic in the console.
>>> _______________________________________________
>>> keycloak-dev mailing list
>>> keycloak-dev at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list