[keycloak-dev] "You are already logged-in" issue
Vlasta Ramik
vramik at redhat.com
Thu Jun 13 08:51:40 EDT 2019
Hi,
I'm working on https://issues.jboss.org/browse/KEYCLOAK-5179 See if
message "You are already logged-in" can be avoided during authentication.
In current state we discard the RootAuthenticationSession when user
successfully finishes the authentication. In that moment we loose all
the information stored in AuthenticationSession(s) for other tab(s) and
in some cases we do not know where to redirect the user. To solve this
issue there seems to be 2 possibilities.
1. Do not remove RootAuthenticationSession once the user finishes the
authentication. Instead we can remove just AuthenticationSession
associated with the specific tab from the RootAuthenticationSession and
the RootAuthenticationSession would be deleted together with last
AuthenticationSession from it.
2. Add and pass redirect_uri parameter to login flow. With the parameter
we'd always have an information where it should be redirected in case
the authentication was successfully finished in other tab.
With solution #1 it'd increase the memory as it keeps
RootAuthenticationSession alive till all tabs are alive.
Solution #2 keeps current behavior regarding the authentication sessions
but it slightly increases the length of uris.
wdyt?
More information about the keycloak-dev
mailing list