[keycloak-user] External Role to Role Mapper
Adam Keily
adam.keily at adelaide.edu.au
Thu Apr 20 01:48:02 EDT 2017
Found this and thought it may have been resolved in 2.5.5. Upgraded and tested again but Role mappings are still not being updated correctly.
https://issues.jboss.org/browse/KEYCLOAK-4378?jql=project%20%3D%20keycloak%20and%20fixVersion%20%3D%202.5.4.Final
-----Original Message-----
From: keycloak-user-bounces at lists.jboss.org [mailto:keycloak-user-bounces at lists.jboss.org] On Behalf Of Adam Keily
Sent: Thursday, 20 April 2017 11:59 AM
To: keycloak-user <keycloak-user at lists.jboss.org>
Subject: [keycloak-user] External Role to Role Mapper
Hi All,
I'm running KC 2.5.1. In the following scenario. The role mapper 'External Role to Role' doesn't seem to work correctly.
I have two KC realms. Realm A is an IdP for Realm B. In the IdP config on realm B, I configure a External Role to Role mapper to map the role "Test".
During the first broker login of a user from Realm B to Realm A, the user is created and the role is mapped successfully.
If the role is removed from the user in Realm A, then the user signs in again from Realm B, the role is not re-added.
Similarly, the role is not added if there is an existing user in Realm A and they create a federation link with Realm B.
I have noticed an error though if I try to map to a non-existant role in Realm A.
Can anyone tell me if this is by design, resolved in a later release or an issue I should raise a JIRA about?
Thanks
Adam
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list