[keycloak-user] Logging out
Bill Burke
bburke at redhat.com
Mon Mar 24 17:16:31 EDT 2014
On 3/24/2014 5:10 PM, Dean Peterson wrote:
> Logging out seems unnecessarily complicated. I need to have a
> management url located in my application?
>
How else would we do it? We have to:
1. Reset the realm's login cookie at the keycloak server's domain
2. Invalidate each login session of each logged in application
#1 requires a redirect to the keycloak server. For #2 we invoke
k_logout on each managementUrl which invalidates the HttpSession.
> I use KeycloakUriBuilder to build the logout url and end up in the
> logoutApplication method of ResourceAdminManager. That is where I am at
> a loss. The application is expecting I have something in my app with a
> path that contains "k_logout". What should happen at that location?
> What code goes in the REST service at that location on my end?
>
> Also, if I do not fill out the "Admin" url inside keycloak, the
> managementUrl parameter comes back as an empty string instead of null.
> That causes an error because the if statement in the logoutApplication
> method only checks for null.
>
Keycloak server should check for empty string for managementUrl. That
is a bug.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-user
mailing list