Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Check SSO not working

See original GitHub issue

I’m trying to use

await keycloak.init({
     config: {
     url: 'url',
     realm: 'realm',
     clientId: clientId'
   },
   initOptions: {
      onLoad: 'check-sso',
      checkLoginIframe: false
   }
});

But it is still being redirected to login.

http://localhost:4200/#error=login_required&state=67f53f12-206c-44b9-83be-7eef7c982ce4

It also doesn’t work with the example provided.

Issue Analytics

State:
Created 6 years ago
Comments:7 (2 by maintainers)

Top GitHub Comments

1reaction

mauriciovigolocommented, Mar 8, 2018

Hello @bpalermo,

Besides using onLoad: 'check-sso' you have to specify what url patterns must be excluded from the bearer interceptor, using the bearerExcludedUrls property.

So if you want to exclude the pages ending with main you have to use it:

await keycloak.init({
  config: {
    url: 'url',
    realm: 'realm',
    clientId: 'clientId'
  },
  initOptions: {
    onLoad: 'check-sso',
    checkLoginIframe: false
  },
  bearerExcludedUrls: [
    'main$'
  ]
});

The reason it redirects to the login page is that the KeycloakBearerInterceptor sends a request to renew the token and as the user is not authenticated it will be redirected to the login page.

About your comment:

Maybe provide a way to not register ‘KeycloakBearerInterceptor’ automatically.

In the next major version I will think about it. I will also improve the documentation to clarify some aspects of the library.

Thanks!

0reactions

Rebaiahmedcommented, Jun 17, 2020

Hello @bpalermo,

Besides using onLoad: 'check-sso' you have to specify what url patterns must be excluded from the bearer interceptor, using the bearerExcludedUrls property.

So if you want to exclude the pages ending with main you have to use it:
await keycloak.init({
  config: {
    url: 'url',
    realm: 'realm',
    clientId: 'clientId'
  },
  initOptions: {
    onLoad: 'check-sso',
    checkLoginIframe: false
  },
  bearerExcludedUrls: [
    'main$'
  ]
});
The reason it redirects to the login page is that the KeycloakBearerInterceptor sends a request to renew the token and as the user is not authenticated it will be redirected to the login page.

About your comment:

Maybe provide a way to not register ‘KeycloakBearerInterceptor’ automatically.

In the next major version I will think about it. I will also improve the documentation to clarify some aspects of the library.

Thanks!