we are using keycloak 3.4.2 to try to integrate SSO behavior (via SAML). I configured two clients in the same realm; if user logins to clientA and he opens a new tab in the same browser and logins to clientB he is successfully automatically logged in.
But we are trying to integrate the following behavior: - from ipad user opens safari and goes to site A - he logins to site A successfully - from site A he clicks an "universal link" to open an app previously installed which is simply a webview to site B.
Current result is the user lands in the login page of the app.
Expected result is the user gets automatically logged in.
We are using iOS 11 for frontend. Both site A and site B have a backend side written in Java6.
Our idea was to reuse all cookies from site A to app with webview of site B by using an iOS widget "SFAuthenticationSession"; but once logged in the only cookie available is JSESSIONID which is not enough I think. In my tests when I am using only a browser with different tabs, for each different tab I have a different JSESSIONID so I expect to have a different JSESSIONID when I am landing to site B.
Our approach has been taken from current source code:
https://github.com/dvdhpkns/SFAuthenticationSession-example
So what can we do to accomplish our task ?
What are we missing ? Do we need any other tokens/cookie ? How to retrieve them ? And when ?
I hope I clearly explained issue, sorry but authentication issues are not my strong point.