Keycloak session last access is not updated - OIDC Java EE

akasprzyk · January 10, 2024, 12:29pm

Hello, I am working on configuring the OIDC protocol for our Java EE application. I am using Keycloak 21.1.2 version. The first impression is really possitive but now I am struggeling with one thing. I thought that Keycloak session and token will be updated by the adapter after updating the HttpSession but it does not happen. My solution for it is updating/refreshing the session/token by REST API and then “Last Access” of the session is updated but I feel it is not the best solution.

Maybe I missed something in configuration (refreshing tokens is enabled). Any suggestions?

Regards,
Adrian

akasprzyk · January 11, 2024, 8:19am

okay, solved by replacing the REST API call with this code:

RefreshableKeycloakSecurityContext refreshableKeycloakSecurityContext = (RefreshableKeycloakSecurityContext) ((KeycloakPrincipal) request.getUserPrincipal()).getKeycloakSecurityContext();
refreshableKeycloakSecurityContext.refreshExpiredToken(false);

Topic		Replies	Views
Renewing token with different information Getting advice authentication , oidc	1	605	May 27, 2020
Can the OIDC refresh token request optionally return a new refresh token? Getting advice oidc	0	764	November 15, 2019
Can the OIDC refresh token request optionally return a new refresh token? Getting advice oidc	0	370	November 15, 2019
Persistence of Tokens	2	5325	January 16, 2020
Keycloak server issuing already expired tokens Securing applications oidc	6	5278	November 8, 2023

Keycloak session last access is not updated - OIDC Java EE

Related Topics