Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-2656

KC_RESTART cookie + http2 prevent login with Chrome Browser

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Minor
    • Resolution: Rejected
    • 1.9.0.Final
    • None
    • None
    • None
    • Hide

      Restart Chrome browser. Enable http2 in Wildfly. Use https to access the server. Go to a page which causes a redirect to the authentication page. Log in. A redirect occurs and the page gets displayed. Then log out. Go to the authentication page again, type username, password and klick login button. Nothing happens.
      Open developer tool window, delete KC_RESTART cookie, klick login button again and the redirect succeeds.
      This can be reproduced on both Linux and Windows with the latest Chrome browser.

      Show
      Restart Chrome browser. Enable http2 in Wildfly. Use https to access the server. Go to a page which causes a redirect to the authentication page. Log in. A redirect occurs and the page gets displayed. Then log out. Go to the authentication page again, type username, password and klick login button. Nothing happens. Open developer tool window, delete KC_RESTART cookie, klick login button again and the redirect succeeds. This can be reproduced on both Linux and Windows with the latest Chrome browser.

    Description

      Only a single login with Chrome is possible. On the second try, klicking the login button has no effect. Firefox, Safari, Konqueror all behave propery.

      This problem only occurs if http2 is enabled in the server. (http2="true" in Wildfly standalone.xml). If http2 is set to false, Chrome behaves properly and shows no issues with the authentication page.

      If I am stuck on the authentication pages in http2 mode, deletion of the KC_RESTART cookie helps. Once that cookie is deleted, the login button works again once.

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              skat_jira Stefan Katerkamp (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: