[keycloak-user] Session cookie settings overwritten by undertow keycloak adapter

Stian Thorgersen sthorger at redhat.com
Mon Jan 2 07:30:59 EST 2017


Seems broken IMO. Can you create a JIRA?

On 22 December 2016 at 13:10, Goworek Krzysztof INNE <
Krzysztof.Goworek at ingbank.pl> wrote:

> Hello all,
> I am developing a web application using Keycloak on JBoss EAP7 (Wildfly
> 10, Undertow). We have migrated recently from EAP6.4 and now I’ve got
> several issues to solve.
> One of them is session cookie configuration in web.xml which used to work,
> but now is completely ignored.
> After further investigation it looks that keycloak-undertow-adapter module
> is overwriting existing settings with uninitialized configuration object
> (). All of this is done in KeycloakServletExtension class (
> https://github.com/keycloak/keycloak/blob/master/adapters/
> oidc/undertow/src/main/java/org/keycloak/adapters/undertow/
> KeycloakServletExtension.java#L179), lines 177-179 on master.
>
> Can somebody tell me whether this is a bug or maybe this was done on
> purpose? Can I in any way reconfigure these settings somehow later?
> From the code it does not seem to read any configuration values, it just
> sets cookie path basing on context path and leaves the rest fields
> uninitialized. I would expect it sets the path and copies the rest from
> “servletSessionConfig” field.
> Am I missing something?
>
> Krzysztof
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user


More information about the keycloak-user mailing list