[keycloak-user] SSO between apps with different protocol

Rafael T. C. Soares rsoares at redhat.com
Thu Jun 2 09:06:35 EDT 2016


___
Rafael T. C. Soares

On 06/02/2016 02:43 AM, Stian Thorgersen wrote:
>
>
> On 2 June 2016 at 04:13, Rafael T. C. Soares <rsoares at redhat.com 
> <mailto:rsoares at redhat.com>> wrote:
>
>     Hi!
>
>     Please ignore my last question.
>
>     It worked fine. Keycloak checks the existence of a Session for the
>     user logged in the first app. Obviously the SSO will happen if I
>     try to access the other app using the same Browser Session.
>     Additionally I suppose both apps have to be under the same realm.
>     Makes sense?
>
>
> Yes, the SSO session is bound to one realm and browser session
>
>
>     BTW, is it possible to disable Single Sign out for a specific
>     client app?
>
>
> Not sure what you mean about disabling single sign out? Do you want to 
> client to have access after the user has logged-out? If so you can use 
> offline tokens if you are using OpenID Connect
For example In my scenario If the user logout from the second app 
(sharing the same browser session and realm) it should be logged out 
only from that app (2nd). But should remain logged in the 1st one. Does 
it makes sense? Is that possible?
>
>
>     ___
>     Rafael T. C. Soares
>
>     On 06/01/2016 07:26 PM, Rafael T. C. Soares wrote:
>>     Hi!
>>
>>     I have one common realm (eg: demo-realm) with two client apps
>>     under it:
>>
>>      - 1st app using SAML protocol - hosted in app srv 1 (tomcat)
>>      - 2nd app using Keycloak default OpenID Connect - hosted in app
>>     srv 2 (JBoss EAP)
>>
>>     What I need to do in order to enable SSO between these both apps?
>>
>>     I tried log in in the 1st one and them tried to access the 2nd
>>     one, but the SSO does not works :-/
>>
>>     -- 
>>     ___
>>     Rafael T. C. Soares
>
>
>     _______________________________________________
>     keycloak-user mailing list
>     keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
>     https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160602/0323a49f/attachment.html 


More information about the keycloak-user mailing list