[keycloak-user] SSO between apps with different protocol
Stian Thorgersen
sthorger at redhat.com
Thu Jun 2 01:43:45 EDT 2016
On 2 June 2016 at 04:13, Rafael T. C. Soares <rsoares at redhat.com> wrote:
> Hi!
>
> Please ignore my last question.
>
> It worked fine. Keycloak checks the existence of a Session for the user
> logged in the first app. Obviously the SSO will happen if I try to access
> the other app using the same Browser Session. Additionally I suppose both
> apps have to be under the same realm. Makes sense?
>
Yes, the SSO session is bound to one realm and browser session
>
> BTW, is it possible to disable Single Sign out for a specific client app?
>
Not sure what you mean about disabling single sign out? Do you want to
client to have access after the user has logged-out? If so you can use
offline tokens if you are using OpenID Connect
>
> ___
> Rafael T. C. Soares
>
> On 06/01/2016 07:26 PM, Rafael T. C. Soares wrote:
>
> Hi!
>
> I have one common realm (eg: demo-realm) with two client apps under it:
>
> - 1st app using SAML protocol - hosted in app srv 1 (tomcat)
> - 2nd app using Keycloak default OpenID Connect - hosted in app srv 2
> (JBoss EAP)
>
> What I need to do in order to enable SSO between these both apps?
>
> I tried log in in the 1st one and them tried to access the 2nd one, but
> the SSO does not works :-/
>
> --
> ___
> Rafael T. C. Soares
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160602/384a6c6d/attachment.html
More information about the keycloak-user
mailing list