[keycloak-user] Assign Role Fails Just After Creating the Role
Malmi Samarasinghe
malmi.suh at gmail.com
Fri Feb 5 03:57:20 EST 2016
Hi Stian,
We have this in production is there any intermediary fix that we can do or
any workaround?
Regards,
Malmi
On Fri, Feb 5, 2016 at 2:11 PM, Stian Thorgersen <sthorger at redhat.com>
wrote:
> Confirmed this bug https://issues.jboss.org/browse/KEYCLOAK-2458
>
> On 5 February 2016 at 06:53, Malmi Samarasinghe <malmi.suh at gmail.com>
> wrote:
>
>> Hi Stian/Bill,
>>
>> I just wanted to highlight that this issue only occurred when realm cache
>> enabled option is ON.
>>
>> Regards,
>> Malmi
>>
>> On Thu, Feb 4, 2016 at 8:38 PM, Malmi Samarasinghe <malmi.suh at gmail.com>
>> wrote:
>>
>>> Hi Stian
>>>
>>> I have multiple threads creating different roles. Basically one thread
>>> will execute all three apis one after another.
>>>
>>> Regards,
>>> Malmi
>>>
>>> On Thu, Feb 4, 2016 at 5:23 PM, Stian Thorgersen <sthorger at redhat.com>
>>> wrote:
>>>
>>>> When you say method1 is executed in multiple threads, do you mean one
>>>> thread creates the role and another retrieves it? Or do you have multiple
>>>> threads creating different roles?
>>>>
>>>> On 4 February 2016 at 12:31, Malmi Samarasinghe <malmi.suh at gmail.com>
>>>> wrote:
>>>>
>>>>> Hi Bill,
>>>>>
>>>>> Please find the work flow that we have implemented
>>>>> create user : POST : admin/realms/{realm}/users
>>>>>
>>>>> *Method1* wrapps the following API calls
>>>>> Create Realm role : POST : admin/realms/{realm}/roles
>>>>> Retrieve Role : GET : admin/realms/{realm}/roles/{roleName}
>>>>> Assign Role : POST : admin/realms/leapset/users/{0}/role-mappings/realm
>>>>>
>>>>> Same for the client roles as well.
>>>>>
>>>>> *Method1 *is executed in multiple threads and assign reams role API
>>>>> starts failing with 404 (keycloak log states role not found)
>>>>>
>>>>> Regards,
>>>>> Malmi
>>>>>
>>>>> On Thu, Feb 4, 2016 at 9:00 AM, Bill Burke <bburke at redhat.com> wrote:
>>>>>
>>>>>> Can you give me what REST invocations you are doing? How do you find
>>>>>> the role? How do you create the role? etc...
>>>>>>
>>>>>> On 2/3/2016 9:45 PM, Malmi Samarasinghe wrote:
>>>>>>
>>>>>> Hi Bill,
>>>>>>
>>>>>> We tried the above fix on top of 1.7.0 by applying the changes from
>>>>>> the commits attached to the
>>>>>> <https://issues.jboss.org/browse/KEYCLOAK-2327>
>>>>>> https://issues.jboss.org/browse/KEYCLOAK-2327 and deployed, and it
>>>>>> seems to have the same issue. If you have any further update on this please
>>>>>> let us know.
>>>>>>
>>>>>> Regards,
>>>>>> Malmi
>>>>>>
>>>>>> On Mon, Feb 1, 2016 at 4:02 PM, Stian Thorgersen <sthorger at redhat.com
>>>>>> > wrote:
>>>>>>
>>>>>>> This could be related to
>>>>>>> <https://issues.jboss.org/browse/KEYCLOAK-2327>
>>>>>>> https://issues.jboss.org/browse/KEYCLOAK-2327.
>>>>>>>
>>>>>>> It's already fixed in master, so if you can try it out that would be
>>>>>>> great. We should also have a 1.8.1.Final release this week with the fix in
>>>>>>> as well.
>>>>>>>
>>>>>>> On 30 January 2016 at 05:16, Malmi Samarasinghe <
>>>>>>> <malmi.suh at gmail.com>malmi.suh at gmail.com> wrote:
>>>>>>>
>>>>>>>> Hi Bill,
>>>>>>>>
>>>>>>>> We are using keycloak 1.7.0 and rdbms (mysql)
>>>>>>>>
>>>>>>>> Regards,
>>>>>>>> Malmi Samarasinghe
>>>>>>>> On Jan 29, 2016 7:41 PM, "Bill Burke" < <bburke at redhat.com>
>>>>>>>> bburke at redhat.com> wrote:
>>>>>>>>
>>>>>>>>> Which version of keycloak? RDBMS or Mongo?
>>>>>>>>>
>>>>>>>>> On 1/29/2016 12:35 AM, Malmi Samarasinghe wrote:
>>>>>>>>>
>>>>>>>>> Hi Everyone,
>>>>>>>>>
>>>>>>>>> In my application we create retrieve and assign role subsequently
>>>>>>>>> and it seems that even for a small load (2-3 threads) with realm cache
>>>>>>>>> enabled option, assign realm role call fails due to role not exist error
>>>>>>>>> and 404 is returned from keycloak.
>>>>>>>>>
>>>>>>>>> With the realm cache disabled option the load works fine.
>>>>>>>>>
>>>>>>>>> Please get back to me if you have any information on any other
>>>>>>>>> option we can follow to get this issue sorted or on what action the realm
>>>>>>>>> cache will be persisted to DB.
>>>>>>>>>
>>>>>>>>> Regards,
>>>>>>>>> Malmi
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> keycloak-user mailing listkeycloak-user at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> Bill Burke
>>>>>>>>> JBoss, a division of Red Hathttp://bill.burkecentral.com
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> keycloak-user mailing list
>>>>>>>>> keycloak-user at lists.jboss.org
>>>>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> keycloak-user mailing list
>>>>>>>> keycloak-user at lists.jboss.org
>>>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> --
>>>>>> Bill Burke
>>>>>> JBoss, a division of Red Hathttp://bill.burkecentral.com
>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160205/9c9fe43e/attachment.html
More information about the keycloak-user
mailing list