[keycloak-user] Keycloak SAML tomcat adapter and correct log-out

Leonid Rozenblyum lrozenblyum at gmail.com
Mon May 21 05:51:03 EDT 2018


Hello!

I'm using a keycloak tomcat SAML adapter and I have a question related to
?GLO=true way of logging-out (since Tomcat doesn't implement full JavaEE
stack, request.logout() is not the way to go, right?).

When I use GLO=true, my session inside the Keycloak is indeed invalidated
however the local session in Tomcat is not.

When I try session.invalidate() and then redirect to GLO=true, sometimes my
protected page still can be loaded.

Is there a robust documented way to do the logout with help of Keycloak
SAML tomcat adapter?

Thanks


More information about the keycloak-user mailing list