[keycloak-user] How to logout
Ryan Slominski
ryans at jlab.org
Mon Aug 20 16:31:58 EDT 2018
I need the Wildfly client adapter because database lookups are provided by the server.
I think I've found a JIRA related to the logout issue:
https://issues.jboss.org/browse/KEYCLOAK-2939
Taking a cue from the issue ticket above I noticed that if I create my own hidden iframe and navigate to the keycloak logout URL from within it then the logout works. Using a XMLHttpRequest (AJAX) request to the logout URL wasn't working, but the hidden iframe does. Weird. Must be something to do with cross-site scripting / cookies?
----- Original Message -----
From: "Stan Silvert" <ssilvert at redhat.com>
To: "Ryan Slominski" <ryans at jlab.org>
Cc: "keycloak-user" <keycloak-user at lists.jboss.org>
Sent: Monday, August 20, 2018 2:34:17 PM
Subject: Re: [keycloak-user] How to logout
On 8/20/2018 9:27 AM, Ryan Slominski wrote:
> I'm starting to wonder if the Wildfly client adapter is implemented all wrong. Doesn't it make more sense to have the state maintained in the web browser using the JavaScript client (since only the browser can really know the state) and then having a stateless server that uses bearer tokens to determine if web service requests are authenticated and authorized? There should be no JSESSIONID at all.
I don't think that makes sense. If you want everything handled in the
browser then you can use the javascript adapter.
If you absolutely need to know the Keycloak session state without making
a server request then javascript adapter would be the solution. In that
case, you wouldn't use the WildFly adapter at all.
More information about the keycloak-user
mailing list