[keycloak-user] 500 HTTP Response Code Usage
Josh Cain
jcain at redhat.com
Mon Dec 11 15:34:35 EST 2017
Hi all,
I'm having some issues in which Keycloak throws 500 responses for what,
IMHO, should be a non-500 HTTP status code. For instance, take the
following request:
http://localhost:8080/auth/realms/master/protocol/saml/clients/null
Keycloak returns a HTTP Status code of 500, with a text error message
that says "Client not found." Seems like a textbook case for a HTTP 404
response code.
The reason I ask is that we were hoping to use status codes for some
monitoring and even traffic shaping + health analysis type things and
have found them unreliable as an indicator of server function/health.
Instead, 500's are also used when clients behave poorly (as in the
example above) and do things like request non-existent clients, use bad
parameters, or the like. Shouldn't this classification of errors use
4XX response codes?
Is the team open to cleaning these up? Happy to help out with some PR's.
--
Josh Cain
Senior Software Applications Engineer, RHCE
Red Hat North America
jcain at redhat.com IRC: jcain
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20171211/5979113b/attachment.bin
More information about the keycloak-user
mailing list