Elytron SSO does not track sessions of multiple applications

Solution Verified - Updated -

Issue

  • We've configured an Elytron realm on EAP 7 with SSO. We see that upon logout, the session is only invalidated for the application originally accessed during login. Also, if the session of that application expires, the SSO is lost and the client must login again in all other applications.
  • When using Elytron SSO, all participating sessions of an SSO entry are not invalidated upon manual invalidation of one participating session as with Undertow SSO.

Environment

  • JBoss Enterprise Application Platform (EAP)
    • 7.x
    • 8.x
  • Elytron

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content