[keycloak-user] keycloak.js - page reloads itself when logged in

Stian Thorgersen sthorger at redhat.com
Fri Sep 9 09:39:00 EDT 2016 

By the way I just tried the angular product example here and it works just
fine in Chrome and Firefox.

On 9 September 2016 at 11:04, Stian Thorgersen <sthorger at redhat.com> wrote:

> Are you getting the same behavior from the admin console? It's Angular and
> uses keycloak.js.
>
> On 9 September 2016 at 10:41, Andy Yar <andyyar66 at gmail.com> wrote:
>
>> In my case the original AngularJS demo acts in the same way as the
>> Angular2 one.
>>
>> On Thu, Sep 8, 2016 at 3:48 PM, Andy Yar <andyyar66 at gmail.com> wrote:
>>
>>> Ok, will check the original AngularJS demo for that harmless
>>> window.postMessage().
>>>
>>> Thanks for your effort!
>>>
>>> On Thu, Sep 8, 2016 at 2:50 PM, Stian Thorgersen <sthorger at redhat.com>
>>> wrote:
>>>
>>>> Just spotted you're using the Angular2 example. I've got no clue about
>>>> that one. It was community contributed and we've not had any experience
>>>> with Angular2 ourselves.
>>>>
>>>> Please try if you're getting similar behavior with Angular 1 example.
>>>>
>>>> There should be no page reload on the cookie check. It's just a window
>>>> postMessage and it doesn't do anything that should cause the page to reload.
>>>>
>>>> On 8 September 2016 at 14:07, Andy Yar <andyyar66 at gmail.com> wrote:
>>>>
>>>>> Yes, I did - Web Origins: http://localhost:4200. Thats where my dev
>>>>> server runs. When I change the origin in the Keycloak admin console to
>>>>> something different I can't even log in due to CORS errors. So I guess this
>>>>> setting is correct.
>>>>>
>>>>> Setting a really short max SSO session TTL results in both cookie
>>>>> checks (quiet Chrome and page reloading Firefox/Edge) detecting the tokens'
>>>>> validity and redirecting to the login page.
>>>>>
>>>>> My other observation, when I perform a SSO logout in Keycloak the app
>>>>> running in Chrome doesn't log me out after its quiet cookie check. In
>>>>> Firefox/Edge it detects the SSO logout correctly during the horrible cookie
>>>>> checking page reload.
>>>>>
>>>>> On Thu, Sep 8, 2016 at 7:39 AM, Stian Thorgersen <sthorger at redhat.com>
>>>>> wrote:
>>>>>
>>>>>> Did you add correct origins for your app in the Keycloak admin
>>>>>> console?
>>>>>>
>>>>>> On 7 September 2016 at 16:30, Andy Yar <andyyar66 at gmail.com> wrote:
>>>>>>
>>>>>>> Hello,
>>>>>>> I've tried running https://github.com/keycloak/ke
>>>>>>> ycloak/tree/master/examples/demo-template/angular2-product-app app
>>>>>>> on localhost against my Keycloak instance. The page reloading issue caused
>>>>>>> by iFrame checks was present too.
>>>>>>>
>>>>>>> The only significant change I made to the demo app was replacing the
>>>>>>> keycloak.json with mine. The difference is using a non-localhost URL:
>>>>>>> "auth-server-url": "http://<serverURL>:8080/sso". CORS comes to
>>>>>>> mind.
>>>>>>>
>>>>>>>
>>>>>>> On Tue, Sep 6, 2016 at 2:43 PM, Andy Yar <andyyar66 at gmail.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> I've spent some time in Firefox's debugger and found out that the
>>>>>>>> redirect occurs right after the window.postMessage() is called in the
>>>>>>>> checkLoginFrame function.
>>>>>>>>
>>>>>>>> The demo project code seems to be in line with my code. Might try
>>>>>>>> it's runtime behavior later.
>>>>>>>>
>>>>>>>> On Tue, Sep 6, 2016 at 8:19 AM, Marek Posolda <mposolda at redhat.com>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> On 01/09/16 23:34, Andy Yar wrote:
>>>>>>>>>
>>>>>>>>> Hello,
>>>>>>>>> I've created a template of a Angular based app using keycloak.js
>>>>>>>>> lib. After a successful login the app/page periodically reloads itself. I
>>>>>>>>> guess it's because of the iFrame session check being set to 5sec interval
>>>>>>>>> (requesting url: <base_url>/#state=<hash>&code=<hash>).
>>>>>>>>>
>>>>>>>>> That's strange... IFrame is supposed to just check the cookie, not
>>>>>>>>> to do any reload.
>>>>>>>>>
>>>>>>>>> Maybe take a look at our angular examples and see if you do
>>>>>>>>> something differently? See https://github.com/keycloak/ke
>>>>>>>>> ycloak/tree/master/examples/demo-template/angular-product-app .
>>>>>>>>> Note the angular.bootstrap called after Keycloak authentication is fully
>>>>>>>>> finished.
>>>>>>>>>
>>>>>>>>> Marek
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> This happens in latest Firefox and Edge. Chrome seems to handle
>>>>>>>>> these reloads quietly.
>>>>>>>>>
>>>>>>>>> Is this intended?
>>>>>>>>>
>>>>>>>>> Thanks
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> keycloak-user mailing listkeycloak-user at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> keycloak-user mailing list
>>>>>>> keycloak-user at lists.jboss.org
>>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160909/a91be525/attachment-0001.html

More information about the keycloak-user mailing list