Fedora Account System
Red Hat Associate
Red Hat Customer
When attempting to access the second tenant, the user should be prompted to log in again since the second tenant is secured with different OIDC configuration (e.g., with a different Keycloak realm). The underlying issue is a bug in OidcSessionTokenStore when determining if a cached token should be used or not. This logic needs to be updated to take into account the new "provider-url" option in addition to the "realm" option.
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform Via RHSA-2024:3583 https://access.redhat.com/errata/RHSA-2024:3583
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9 Via RHSA-2024:3581 https://access.redhat.com/errata/RHSA-2024:3581
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 Via RHSA-2024:3580 https://access.redhat.com/errata/RHSA-2024:3580