Keycloak-令牌过期后在Ajax调用中获取401 [英] Keycloak - Getting 401 in Ajax calls after token expired

问题描述

我正在使用Keycloak 3.4.3服务器和3.4.3 springboot适配器.使用以下json配置通过Java适配器完成登录:

I'm using keycloak 3.4.3 Server and 3.4.3 springboot adapter. The login is done with the Java Adapter using the following json configurations:

{
  "realm": "real name",
  "auth-server-url": "http://172.21.34.65/auth",
  "ssl-required": "external",
  "resource": "appName",
  "public-client": true,
  "use-resource-role-mappings": true
}

使用非ajax调用刷新令牌，但是当请求包含标头X-Requested-With:XMLHttpRequest时，不会刷新令牌.我的配置有问题吗?还是这是正常现象?我需要在ajax调用之前使用JS适配器刷新令牌吗?

The token is refreshed with non ajax calls but when the request contains the header X-Requested-With: XMLHttpRequest the token is not refreshed. Is there a problem with my config or is this the normal behavior and I need to use the JS adapter to refresh the token before the ajax calls?

推荐答案

对我来说，一个丑陋的解决方案是嵌入一个不可见的自动重装iframe，该iframe会导致令牌刷新.但这是另一个问题的根源:有时，登录到keycloak之后的重定向会导致iframe网址，而不是所需的网址. 我还没有找到令人满意的解决方案.

For me an ugly solution was to embed an invisible self-reloading iframe that causes the token refresh. But that is the source of another problem: sometimes the redirect after logging into keycloak leads to the iframe url rather than the desired one. I haven't found a satisfying solution yet.

这篇关于Keycloak-令牌过期后在Ajax调用中获取401的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！