[keycloak-dev] Cookie token storage for Spring Security

Sebastien Blanc sblanc at redhat.com
Mon Jul 3 02:29:07 EDT 2017


Hi Sjoerd,

You don't to wait for the ticket to be accepted, just send your PR ;)

Is KEYCLOAK-4342 blocking you KEYCLOAK-5130 ? If you know how to fix it you
can also send a PR for this one.

Seb



On Sun, Jul 2, 2017 at 5:44 PM, Sjoerd Cranen <sjoerd.cranen at teampicnic.com>
wrote:

> I've submitted https://issues.jboss.org/browse/KEYCLOAK-5130 for this. If
> the bug report is accepted, I'll be happy to open a PR with a solution.
>
> Answering one of my own questions: the peculiar cookie path I mentioned in
> my original post is already described in KEYCLOAK-4342.
>
> On Fri, Jun 23, 2017 at 6:08 PM, Konstantin Gribov <grossws at gmail.com>
> wrote:
>
> > On Fri, Jun 23, 2017 at 4:46 PM Sjoerd Cranen <
> > sjoerd.cranen at teampicnic.com> wrote:
> >
> >> One thing I'm wondering is why the cookie path for the adapter state
> >> cookie
> >> is always set to the context root in CookieTokenStore. In particular, it
> >> would seem that if I change the Spring Security adapter in a
> >> straightforward way to store the cookies, the cookie would always be set
> >> on
> >> "/sso", which would not be very useful.
> >>
> > Same applies for Jetty adapter. But it doesn't work now (see
> > KEYCLOAK-2514).
> >
> > --
> >
> > Best regards,
> > Konstantin Gribov
> >
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>


More information about the keycloak-dev mailing list