[keycloak-dev] Cookie token storage for Spring Security

[Sjoerd Cranen]

Confirmation per e-mail is enough, just following the dev guidelines from
the readme ;-) I've opened a PR. It includes a workaround for KEYCLOAK-4342
so the solution can at least be tested. If the workaround is considered
good enough I'll open a separate PR for it.

Cheers,
Sjoerd

On Mon, Jul 3, 2017 at 8:29 AM, Sebastien Blanc <sblanc at redhat.com> wrote:

> Hi Sjoerd,
>
> You don't to wait for the ticket to be accepted, just send your PR ;)
>
> Is KEYCLOAK-4342 blocking you KEYCLOAK-5130 ? If you know how to fix it
> you can also send a PR for this one.
>
> Seb
>
>
>
> On Sun, Jul 2, 2017 at 5:44 PM, Sjoerd Cranen <
> sjoerd.cranen at teampicnic.com> wrote:
>
>> I've submitted https://issues.jboss.org/browse/KEYCLOAK-5130 for this. If
>> the bug report is accepted, I'll be happy to open a PR with a solution.
>>
>> Answering one of my own questions: the peculiar cookie path I mentioned in
>> my original post is already described in KEYCLOAK-4342.
>>
>> On Fri, Jun 23, 2017 at 6:08 PM, Konstantin Gribov <grossws at gmail.com>
>> wrote:
>>
>> > On Fri, Jun 23, 2017 at 4:46 PM Sjoerd Cranen <
>> > sjoerd.cranen at teampicnic.com> wrote:
>> >
>> >> One thing I'm wondering is why the cookie path for the adapter state
>> >> cookie
>> >> is always set to the context root in CookieTokenStore. In particular,
>> it
>> >> would seem that if I change the Spring Security adapter in a
>> >> straightforward way to store the cookies, the cookie would always be
>> set
>> >> on
>> >> "/sso", which would not be very useful.
>> >>
>> > Same applies for Jetty adapter. But it doesn't work now (see
>> > KEYCLOAK-2514).
>> >
>> > --
>> >
>> > Best regards,
>> > Konstantin Gribov
>> >
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
>
>