[keycloak-dev] [keycloak-gatekeeper] Rationale behind merged PR#440
BIDON Frederic
fredbi at yahoo.com
Sat Dec 15 06:39:40 EST 2018
TL;DR: PR#440 did break the way the redirection/state handling use to work. Need at least some explanation to get to work again with this.
I had implemented the final landing page using encoded state, and accomodate the way leycloak-gatekeeper used to work.
I understand that now, setting the state for further checks by the client at the end of the sequence of redirection is no more possible.
Further, to control the final landing page, we must now use a special "request_uri" cookie...
Am I assuming correctly?
Another remark: I cannot find the associated JIRA 8984 so it is difficult to grasp the background of this change.
The closest I could find is KEYCLOAK-8856, but no mention there of the strategy adopted with this PR.
Could someone shed some light on this change?
Frédéric
More information about the keycloak-dev
mailing list