[keycloak-user] Keycloak Adapter Set/Remove Cookies Depending on Path

Sarp Kaya akaya at expedia.com
Wed Jun 22 22:06:52 EDT 2016


According to this code:
<https://github.com/keycloak/keycloak/blob/master/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/CookieTokenStore.java#L100><https://github.com/keycloak/keycloak/blob/master/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/CookieTokenStore.java#L100>https://github.com/keycloak/keycloak/blob/master/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/CookieTokenStore.java#L100

The cookie is only reset at the place where the logout path is. For instance:

Applications serve at /foo/app and /bar/app
And logout path is just /logout

In that case that won't work because cookiePath for removeCookie would be /logout.

The problem is the user is still logged in within the period of Access Token Lifespan.

It doesn't make sense to have different logout URL for each application as such /bar/logout and /foo/logout .

Is there a way to just keep single logout which logs out the user for each application?

Thanks,
Sarp Kaya
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160623/fe5ad8f7/attachment.html 


More information about the keycloak-user mailing list