[keycloak-user] how to intercept/flow: VerificationException: Token is not active
java_os
java at neposoft.com
Thu Dec 22 06:36:58 EST 2016
I would think that the front end would block or re-new the token and send
into the call a valid token to the bearer call.
I am passing the token extracted from the front-end into the header to the
bearer rest call. So does keycloak.js re-issuing a new valid token if the
existing one expired? Currently it does not since I am seeing
VerificationException on the bearer rest layer.
thoughts???
> Forgot to mention that the angular piece is under keycloak.js and so this
> may be able to expire the session before A or B 's token becomes inactive?
> Overall am trying to see how others handle this , as I think this is a
> regular web/rest scenario that I am not the only one doing it.
> Hoping to get some help from whoever.
> Thanks
>
>> Hi
>> I have 2 bearer rest layers (A,B): A calls B. In front I have an angular
>> web layer calling A -> B.
>>
>> What is the best practices to handle "Token is not active" when user
>> sits
>> in front idle and token becomes inactive, http session still valid but
>> KC
>> token expired? If B reaches token not active, on the call from A to B -
>> how would I propagate this to the front layer?
>> A has to consume the ValidationException from B and notify front layer
>> to
>> auto logout or prompt the user with a message saying 'your session
>> expired, please login' or automatically throw the user into the login
>> prompt in front.
>>
>> For this scenario above, anyone share some thoughts?
>> Thanks
>>
>
>
>
More information about the keycloak-user
mailing list