[keycloak-user] Still active token after logout

ruiwp13 ruiwp_93 at hotmail.com
Tue Dec 6 05:20:00 EST 2016 

Hey Marek,

I get this on the log:

"[org.keycloak.services.managers.ResourceAdminManager] (default task-7) 
Cant logout {0}: no logged adapter sessions" the first time I call the
logout function. If I call the logout function again (the session in
keycloak has ended the first time) I get:

 "[org.keycloak.events] (default task-10) type=LOGOUT_ERROR,
realmId={realm}, clientId={clientname}, userId=null, ... "

Best Regards



Marek Posolda wrote
> On 05/12/16 16:09, ruiwp13 wrote:
>> How can I do it?
>> I don't have the package org.keycloak.services
> This is configured in logging subsystem in standalone.xml . You can try 
> to Google for "Wildfly logging" for more details.
> 
> Marek
>>
>>
>> Marek Posolda wrote
>>> Could you see something in the log if you enable logging for category
>>> "org.keycloak.services.managers.ResourceAdminManager" ?
>>>
>>> On 05/12/16 13:31, ruiwp13 wrote:
>>>> Thank you very much for your answer Marek.
>>>> Yes, I have set all to absolute paths.
>>>> I only have the admin and base URLs defined. Basically what it happens
>>>> is
>>>> that, if I push a not before revocation for all tokens it communicates
>>>> with
>>>> my jersey server and it invalidates all tokens immediatly and I get 401
>>>> when
>>>> I make a new request. But, when I make a logout through the
>>>> admin-client
>>>> library, it ends the session in keycloak but the token is still active
>>>> in
>>>> jersey. So, I think it is communicating with the server as the
>>>> revocation
>>>> works properly and when I change the admin URL and try the revocation
>>>> again
>>>> the tokens remain active. Is there any chance that this is a problem in
>>>> the
>>>> logout function? I am using the version 2.1.0 Final and I am logging
>>>> out
>>>> like this:
>>>>
>>>> kc.realm({realm}).users().get({user_id}).logout();
>>>>
>>>> Best Regards,
>>>> Rui Neves
>>>>
>>>>
>>>> Marek Posolda wrote
>>>>> If you set the "root URL" then all the other URLs must be relative to
>>>>> that URL. So if you rather prefer to set absolute paths in your other
>>>>> URLs, then don't set any "Root URL" at all. See the tooltip in admin
>>>>> console.
>>>>>
>>>>> Marek
>>>>>
>>>>> On 05/12/16 12:08, ruiwp13 wrote:
>>>>>> Hello,
>>>>>>
>>>>>> I am trying to log out of my application through keycloak but when I
>>>>>> call
>>>>>> the logout function for a certain user it does delete the user
>>>>>> session
>>>>>> in
>>>>>> keycloak but somehow the token is still active and I can access the
>>>>>> information. I have set a base and admin url as the absolute path to
>>>>>> my
>>>>>> application which is hosted in a server. Did I set this the right
>>>>>> way?
>>>>>> If
>>>>>> so, what is the problem?
>>>>>> By the way, if I set a root and base URL I get the path duplicated in
>>>>>> the
>>>>>> clients page.
>>>>>>
>>>>>> Best Regards,
>>>>>> Rui Neves
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> View this message in context:
>>>>>> http://keycloak-user.88327.x6.nabble.com/Still-active-token-after-logout-tp1766.html
>>>>>> Sent from the keycloak-user mailing list archive at Nabble.com.
>>>>>> _______________________________________________
>>>>>> keycloak-user mailing list
>>>>>>
>>>>> keycloak-user at .jboss
>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>> _______________________________________________
>>>>> keycloak-user mailing list
>>>>> keycloak-user at .jboss
>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>
>>>>
>>>>
>>>> --
>>>> View this message in context:
>>>> http://keycloak-user.88327.x6.nabble.com/Still-active-token-after-logout-tp1766p1773.html
>>>> Sent from the keycloak-user mailing list archive at Nabble.com.
>>>> _______________________________________________
>>>> keycloak-user mailing list
>>>>
>>> keycloak-user at .jboss
>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user at .jboss
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>>
>>
>>
>> --
>> View this message in context:
>> http://keycloak-user.88327.x6.nabble.com/Still-active-token-after-logout-tp1766p1781.html
>> Sent from the keycloak-user mailing list archive at Nabble.com.
>> _______________________________________________
>> keycloak-user mailing list
>> 

> keycloak-user at .jboss

>> https://lists.jboss.org/mailman/listinfo/keycloak-user
> 
> 
> _______________________________________________
> keycloak-user mailing list

> keycloak-user at .jboss

> https://lists.jboss.org/mailman/listinfo/keycloak-user





--
View this message in context: http://keycloak-user.88327.x6.nabble.com/Still-active-token-after-logout-tp1766p1798.html
Sent from the keycloak-user mailing list archive at Nabble.com.

More information about the keycloak-user mailing list