[keycloak-dev] openid-connect/login-status-iframe.html caching in browser and on CDN

Bill Burke bburke at redhat.com
Thu Nov 26 20:21:35 EST 2015



On 11/26/2015 9:26 AM, Stian Thorgersen wrote:
> It can be cached. The contents is only the html for the iframe and
> doesn't check if user is logged in. The check if a user is logged in is
> done by javascript, which reads the value of the session state cookie.
>

Yeah, you're right sorry...funny cuz I implemented this stuff too...


-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com


More information about the keycloak-dev mailing list