[keycloak-user] Admin REST API Get Users (and search) returns enabled user ("enabled":true) after "Max Login Failures" exceeded

[Juraj Janosik]

OK.
Then in this case I can report inconsistency in displaying of value of
parameter "enabled" between
following two admin REST API requests:
1. GET /admin/realms/{realm}/users/{id} => "enabled":false

2.1 GET /admin/realms/{realm}/users => "enabled":true
2.2 GET /admin/realms/{realm}/users?search={string} => "enabled":true

And in GUI Admin console is user disabled after Max Login Failure attempts.

Thanks.
Juraj

2016-04-07 15:48 GMT+02:00 Stian Thorgersen <sthorger at redhat.com>:

> User#enabled is only used for users that are manually disabled by admin
> and not for user temporarily disabled by brute force protection, so this is
> expected behavior.
>
> On 7 April 2016 at 14:18, Juraj Janosik <juraj.janosik77 at gmail.com> wrote:
>
>> Hi,
>>
>> is the following issue known in the community? (see description below)
>>
>> *Prerequisities:*
>> 1. Keycloak 1.9.1.Final, CentOS7, Oracle12c
>> 2. User disabled after "Max Login Failure" attempts.
>>
>> *Observed behavior:*
>> 1. User displayed correctly as disabled ("enabled":false) via Get
>> Representation of the user
>> GET /admin/realms/{realm}/users/{id}
>>
>> 2. User displayed correctly as disabled ("disabled":true) via
>> GET
>> /admin/realms/{realm}/attack-detection/brute-force/usernames/{username}
>>
>> 3. User displayed not correctly ("enabled":true) via Get users (list of
>> all users and search)
>> GET /admin/realms/{realm}/users
>> GET /admin/realms/{realm}/users?search={string}
>>
>> Thanks a lot.
>>
>> Best Regards,
>> Juraj
>>
>>
>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160408/b05279ff/attachment-0001.html