[keycloak-dev] Oidc bug?

Bill Burke bburke at redhat.com
Mon Apr 27 09:48:29 EDT 2015


What kind of web app is it?  Is it a servlet app using our adapter?

On 4/27/2015 5:52 AM, Raghu Prabhala wrote:
> It is a Client application (confidential) running on a different host.
> Was trying out the basic flow using the same id multiple times.  Opened
> up  IE browser, accessed the client application which invoked the OIDC
> basic flow, retrieving auth code, followed by tokens and finally user
> info. On successful retrieval of all that information, opened another
> tab instance of the browser and once again accessed the web application
> and the oidc flow followed. Did that with a few tab instances. Finally
> closed all the instances of the browser (didn't logoff from KC in any
> instance).
>
> Then started another cycle of the same process and then ran into that
> issue. It appears that when you login multiple times (around 8-10) to KC
> using the same user id in quick intervals without logging off, the issue
> occurs. Will continue to do some more testing today and hopefully can
> nail the behavior.
>
> Is there any configuration that will help me gather detailed logs?
>
>
>
> ------------------------------------------------------------------------
> *From:* Bill Burke <bburke at redhat.com>
> *To:* keycloak-dev at lists.jboss.org
> *Sent:* Friday, April 24, 2015 6:40 PM
> *Subject:* Re: [keycloak-dev] Oidc bug?
>
> What kind of app?  Login and logout 3 or 4 times?  Same user or
> different users?
>
>
>
> On 4/24/2015 4:44 PM, Raghu Prabhala wrote:
>  > Bill,
>  >
>  > Sometime back I mentioned to you that I used to get a "connect
> refused" from KC when I tried the token end point.
>  >
>  > I think I am able to simulate it more often using 1.2 beta release -
> it happens randomly if you follow the below steps
>  > 1) open up browser and try the basic flow 3 or 4 times. Then close
> the browser
>  > 2) repeat the above 3 or 4 times and you may see the issue
>  >
>  > I believe it is due to the sessions KC creates.  Clearing the session
> from admin gui will address the issue.
>  >
>  > Unfortunately the logs do not show anything - is there any
> configuration that will help me gather more info?
>  >
>  > Thanks
>  > Raghu
>  >
>  > Sent from my iPhone
>
>  > _______________________________________________
>  > keycloak-dev mailing list
>  > keycloak-dev at lists.jboss.org <mailto:keycloak-dev at lists.jboss.org>
>  > https://lists.jboss.org/mailman/listinfo/keycloak-dev
>  >
>
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com <http://bill.burkecentral.com/>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org <mailto:keycloak-dev at lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
>
>

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com


More information about the keycloak-dev mailing list