[keycloak-user] Login multiple times

Dan Østerberg dan at ren.no
Fri Dec 16 05:19:51 EST 2016


Enhancement JIRA created: KEYCLOAK-4097

~Dan

Fra: Stian Thorgersen [mailto:sthorger at redhat.com]
Sendt: onsdag 14. desember 2016 06.47
Til: Dan Østerberg <dan at ren.no>
Kopi: keycloak-user at lists.jboss.org
Emne: Re: [keycloak-user] Login multiple times

I'd say it's a limitation, but something we can probably improve on in 3.x as we're planning to create a separate login session that is used during authentication. This would be backed by a cookie that would make sure the current flow would be shared cross multiple tabs. Could you create a JIRA enhancement request for this please?

On 6 December 2016 at 11:35, Dan Østerberg <dan at ren.no<mailto:dan at ren.no>> wrote:
Hi,

It's possible (and sometimes likely) to have multiple browser tabs or windows showing the login screen for the same realm. This could for example happen after working with different systems in different tabs, and then timing out the whole SSO session. If the user then logs in from both / all tabs, then the last login will seemingly win, destroy all the other sessions (rather than all of them contributing to the same session). This implies that the other tabs will not have a valid session, and e.g. fetching a new access token will fail.

Is this a bug, a limitation, or is it intentional? And what's the recommended approach for dealing with this issue?

~Dan
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user



More information about the keycloak-user mailing list