[keycloak-user] ODP: Session cookie settings overwritten by undertow keycloak adapter
Goworek Krzysztof INNE
Krzysztof.Goworek at ingbank.pl
Mon Jan 2 08:51:30 EST 2017
Created https://issues.jboss.org/browse/KEYCLOAK-4141
Od: Stian Thorgersen [mailto:sthorger at redhat.com]
Wysłano: 2 stycznia 2017 13:31
Do: Goworek Krzysztof INNE <Krzysztof.Goworek at ingbank.pl>
DW: keycloak-user at lists.jboss.org
Temat: Re: [keycloak-user] Session cookie settings overwritten by undertow keycloak adapter
Seems broken IMO. Can you create a JIRA?
On 22 December 2016 at 13:10, Goworek Krzysztof INNE <Krzysztof.Goworek at ingbank.pl<mailto:Krzysztof.Goworek at ingbank.pl>> wrote:
Hello all,
I am developing a web application using Keycloak on JBoss EAP7 (Wildfly 10, Undertow). We have migrated recently from EAP6.4 and now I’ve got several issues to solve.
One of them is session cookie configuration in web.xml which used to work, but now is completely ignored.
After further investigation it looks that keycloak-undertow-adapter module is overwriting existing settings with uninitialized configuration object (). All of this is done in KeycloakServletExtension class (https://github.com/keycloak/keycloak/blob/master/adapters/oidc/undertow/src/main/java/org/keycloak/adapters/undertow/KeycloakServletExtension.java#L179), lines 177-179 on master.
Can somebody tell me whether this is a bug or maybe this was done on purpose? Can I in any way reconfigure these settings somehow later?
From the code it does not seem to read any configuration values, it just sets cookie path basing on context path and leaves the rest fields uninitialized. I would expect it sets the path and copies the rest from “servletSessionConfig” field.
Am I missing something?
Krzysztof
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list