Cannot log out a non-Keycloak authentication

prashantch80 · December 16, 2021, 3:29pm

I have spring boot application with embedded UI angular application. Application is using keycloak spring boot adapter.

I am getting exception below from my application, if I logout after access token expired.

2021-Dec-16 14:18:17.992 WARN [https-jsse-nio-8080-exec-5] o.k.a.s.a.KeycloakLogoutHandler - Cannot log out a non-Keycloak authentication: org.springframework.security.authentication.AnonymousAuthenticationToken@cf204d47: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffed504: RemoteIpAddress: 127.0.0.1; SessionId: F1B069D9C731DF372D3B5E74364F0417; Granted Authorities: ROLE_ANONYMOUS

My settings

Access Token Lifespan - 1 Minutes
SSO Session Idle - 5 Minutes

If I logout before access token lifespan it works fine.

On logout from UI I clears the refresh token and access token from ui app and call the logout which calls the request.logout() and forward to the logout page. on calling logout I am getting exception above.

If I click on login link , It directly opens the application.

Topic		Replies	Views
Keycloak token still is valid after logout (spring boot) Securing applications	4	7556	November 13, 2021
Sso idle timeout/logout Securing applications	0	703	June 23, 2020
Spring security - logout from Keycloak not propagated Securing applications	1	1575	August 4, 2020
Logout spring boot 3 Getting advice	0	1995	March 3, 2023
Spring Security Keycloak Adapter cannot handle single sign-out when logout from another tab in browser Securing applications authentication , oidc	6	7308	May 9, 2024

Cannot log out a non-Keycloak authentication

Related Topics