[KEYCLOAK-6286] Java adapters for RH-SSO 7.1 doen't remove "session_state" from URL after login to RH-SSO 7.2 - JBoss Issue Tracker

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Done
Affects Version/s: 3.4.2.Final, 3.4.3.Final
Fix Version/s: 4.0.0.Beta1
Component/s: Adapters
Labels:
- kc4

Sprint:
Keycloak Sprint 1
Story Points:
3
Docs QE Status:
NEW
QE Status:
NEW

Description

This is a backward compatibility issue when using old adapter (2.5.15) with new server (3.4.3).

It's basically the same behaviour as in ~~KEYCLOAK-6171~~.

Gliffy Diagrams

Attachments

Issue Links

is caused by

KEYCLOAK-4478 OIDC auth response lacks session_state in some cases

Closed

is related to

KEYCLOAK-6171 Node.js adapter doesn't remove "session_state" from URL after login

Closed

KEYCLOAK-6312 OIDC code contains session_state in redirect URI, causing redirection to client to throw "403 Forbidden".

Closed

Activity

People

Assignee:

Marek Posolda

Reporter:

Václav Muzikář

Votes:

0 Vote for this issue

Watchers:

6 Start watching this issue

Dates

Created:

16/Jan/18 10:14 AM

Updated:

23/Mar/18 3:24 AM

Resolved:

25/Jan/18 8:42 AM