[keycloak-user] Login multiple times

Stian Thorgersen sthorger at redhat.com
Wed Dec 14 00:46:42 EST 2016


I'd say it's a limitation, but something we can probably improve on in 3.x
as we're planning to create a separate login session that is used during
authentication. This would be backed by a cookie that would make sure the
current flow would be shared cross multiple tabs. Could you create a JIRA
enhancement request for this please?

On 6 December 2016 at 11:35, Dan Østerberg <dan at ren.no> wrote:

> Hi,
>
> It's possible (and sometimes likely) to have multiple browser tabs or
> windows showing the login screen for the same realm. This could for example
> happen after working with different systems in different tabs, and then
> timing out the whole SSO session. If the user then logs in from both / all
> tabs, then the last login will seemingly win, destroy all the other
> sessions (rather than all of them contributing to the same session). This
> implies that the other tabs will not have a valid session, and e.g.
> fetching a new access token will fail.
>
> Is this a bug, a limitation, or is it intentional? And what's the
> recommended approach for dealing with this issue?
>
> ~Dan
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>


More information about the keycloak-user mailing list