[keycloak-user] Keycloak SAML Brokering, reusing login of another SAML application?
Hynek Mlnarik
hmlnarik at redhat.com
Fri Oct 6 14:59:08 EDT 2017
If step 1 completely bypasses Keycloak, then the question is not
whether Keycloak maintains the session for different clients but
whether ADFS does. Brokering Keycloak acts just as any other client
(a.k.a. relying party in ADFS) from perspective of ADFS.
--Hynek
On Fri, Oct 6, 2017 at 5:38 PM, Jason Spittel <jasonspittel at yahoo.com> wrote:
> Even in the case that SP app from step 1 was not through Keycloak?
>
> --------------------------------------------
> On Wed, 10/4/17, Hynek Mlnarik <hmlnarik at redhat.com> wrote:
>
> Subject: Re: [keycloak-user] Keycloak SAML Brokering, reusing login of another SAML application?
> To: "Jason Spittel" <jasonspittel at yahoo.com>
> Cc: "Keycloak-user" <keycloak-user at lists.jboss.org>
> Received: Wednesday, October 4, 2017, 1:27 PM
>
> Yes. Keycloak supports this
> scenario regardless of brokering - this is
> basic single sign on scenario.
>
> --Hynek
>
> On
> Wed, Oct 4, 2017 at 7:45 PM, Jason Spittel <jasonspittel at yahoo.com>
> wrote:
> > Does Keycloak, in SAML brokering
> mode, support the following scenario?
> >
> 1. User logs into SP app 1.
> > 2. User
> does not close browser but accesses SP app 2 (through
> Keycloak brokering).3. Will Keycloak recognize
> authentication that user has done for step 1?
> > In this case the IdP Keycloak is brokering
> to is AzureAD.
> > Thanks,
> > Jason
> >
> _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>
> --
>
> --Hynek
>
--
--Hynek
More information about the keycloak-user
mailing list