[keycloak-user] keycloak.js - page reloads itself when logged in
Stian Thorgersen
sthorger at redhat.com
Thu Sep 8 08:50:07 EDT 2016
Just spotted you're using the Angular2 example. I've got no clue about that
one. It was community contributed and we've not had any experience with
Angular2 ourselves.
Please try if you're getting similar behavior with Angular 1 example.
There should be no page reload on the cookie check. It's just a window
postMessage and it doesn't do anything that should cause the page to reload.
On 8 September 2016 at 14:07, Andy Yar <andyyar66 at gmail.com> wrote:
> Yes, I did - Web Origins: http://localhost:4200. Thats where my dev
> server runs. When I change the origin in the Keycloak admin console to
> something different I can't even log in due to CORS errors. So I guess this
> setting is correct.
>
> Setting a really short max SSO session TTL results in both cookie checks
> (quiet Chrome and page reloading Firefox/Edge) detecting the tokens'
> validity and redirecting to the login page.
>
> My other observation, when I perform a SSO logout in Keycloak the app
> running in Chrome doesn't log me out after its quiet cookie check. In
> Firefox/Edge it detects the SSO logout correctly during the horrible cookie
> checking page reload.
>
> On Thu, Sep 8, 2016 at 7:39 AM, Stian Thorgersen <sthorger at redhat.com>
> wrote:
>
>> Did you add correct origins for your app in the Keycloak admin console?
>>
>> On 7 September 2016 at 16:30, Andy Yar <andyyar66 at gmail.com> wrote:
>>
>>> Hello,
>>> I've tried running https://github.com/keycloak/ke
>>> ycloak/tree/master/examples/demo-template/angular2-product-app app on
>>> localhost against my Keycloak instance. The page reloading issue caused by
>>> iFrame checks was present too.
>>>
>>> The only significant change I made to the demo app was replacing the
>>> keycloak.json with mine. The difference is using a non-localhost URL:
>>> "auth-server-url": "http://<serverURL>:8080/sso". CORS comes to mind.
>>>
>>>
>>> On Tue, Sep 6, 2016 at 2:43 PM, Andy Yar <andyyar66 at gmail.com> wrote:
>>>
>>>> I've spent some time in Firefox's debugger and found out that the
>>>> redirect occurs right after the window.postMessage() is called in the
>>>> checkLoginFrame function.
>>>>
>>>> The demo project code seems to be in line with my code. Might try it's
>>>> runtime behavior later.
>>>>
>>>> On Tue, Sep 6, 2016 at 8:19 AM, Marek Posolda <mposolda at redhat.com>
>>>> wrote:
>>>>
>>>>> On 01/09/16 23:34, Andy Yar wrote:
>>>>>
>>>>> Hello,
>>>>> I've created a template of a Angular based app using keycloak.js lib.
>>>>> After a successful login the app/page periodically reloads itself. I guess
>>>>> it's because of the iFrame session check being set to 5sec interval
>>>>> (requesting url: <base_url>/#state=<hash>&code=<hash>).
>>>>>
>>>>> That's strange... IFrame is supposed to just check the cookie, not to
>>>>> do any reload.
>>>>>
>>>>> Maybe take a look at our angular examples and see if you do something
>>>>> differently? See https://github.com/keycloak/ke
>>>>> ycloak/tree/master/examples/demo-template/angular-product-app . Note
>>>>> the angular.bootstrap called after Keycloak authentication is fully
>>>>> finished.
>>>>>
>>>>> Marek
>>>>>
>>>>>
>>>>> This happens in latest Firefox and Edge. Chrome seems to handle these
>>>>> reloads quietly.
>>>>>
>>>>> Is this intended?
>>>>>
>>>>> Thanks
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> keycloak-user mailing listkeycloak-user at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>
>>>>>
>>>>>
>>>>
>>>
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160908/fa3fdbf2/attachment.html
More information about the keycloak-user
mailing list