[keycloak-user] Keycloak Adapter Set/Remove Cookies Depending on Path
Sarp Kaya
akaya at expedia.com
Wed Jun 22 22:06:52 EDT 2016
According to this code:
<https://github.com/keycloak/keycloak/blob/master/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/CookieTokenStore.java#L100><https://github.com/keycloak/keycloak/blob/master/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/CookieTokenStore.java#L100>https://github.com/keycloak/keycloak/blob/master/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/CookieTokenStore.java#L100
The cookie is only reset at the place where the logout path is. For instance:
Applications serve at /foo/app and /bar/app
And logout path is just /logout
In that case that won't work because cookiePath for removeCookie would be /logout.
The problem is the user is still logged in within the period of Access Token Lifespan.
It doesn't make sense to have different logout URL for each application as such /bar/logout and /foo/logout .
Is there a way to just keep single logout which logs out the user for each application?
Thanks,
Sarp Kaya
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160623/fe5ad8f7/attachment.html
More information about the keycloak-user
mailing list