[keycloak-user] Avoiding creating a new session when doing a prompt=login

John D. Ament john.d.ament at gmail.com
Thu Aug 24 06:05:43 EDT 2017


Hi Marek,

I'm on 3.2.0.

It could be that the actual session id is the same, but other aspects of
the session are being invalidated in this flow which ma explain what I'm
seeing.  I am seeing a new keycloak session/identity cookie coming back,
which seems to throw off the javascript adapter.

John

On Thu, Aug 24, 2017 at 5:34 AM Marek Posolda <mposolda at redhat.com> wrote:

> Which version are you using? I think that in Keycloak 3.2 it won't
> create new session, but connect to existing one. Feel free to create
> JIRA if it doesn't work in this version.
>
> Marek
>
> On 23/08/17 18:24, John D. Ament wrote:
> > Hi
> >
> > I have a use case where I need to prompt a user to enter credentials
> during
> > a sequence of events.  In this case, we're using keycloak's login screen
> to
> > capture the information and triggering it via the javascript adapter.
> > Doing a prompt=login has an unfortunate side effect that the existing
> > session gets rewritten.  This causes the adapter to begin failing, the
> > refresh token and access token are no longer valid.  It seems that
> there's
> > no way to reinitialize the iframe after this occurs, and I'm not sure
> > that's the best way to do it.
> >
> > Is there any way to have keycloak not create a new session in this flow?
> >
> > John
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>


More information about the keycloak-user mailing list