[keycloak-user] 500 HTTP Response Code Usage

Josh Cain jcain at redhat.com
Thu Dec 14 09:34:05 EST 2017 

Nah, did some cursory testing and took at look at the PR.  Looks like
you got the ones we were observing.

Stian++ !

Josh Cain
Senior Software Applications Engineer, RHCE
Red Hat North America
jcain at redhat.com IRC: jcain

On 12/12/2017 04:47 AM, Stian Thorgersen wrote:
> Hi Josh,
> 
> You're right Keycloak used to return 500 a lot of requests. This has been
> fixed in https://issues.jboss.org/browse/KEYCLOAK-5567. There may still be
> some individual codes that is not quite right, but in general this should
> be a big improvement to what we had before. If you find any codes that are
> wrong in 3.4.1+ PRs would be more than welcome :)
> 
> On 11 December 2017 at 21:34, Josh Cain <jcain at redhat.com> wrote:
> 
>> Hi all,
>>
>> I'm having some issues in which Keycloak throws 500 responses for what,
>> IMHO, should be a non-500 HTTP status code.  For instance, take the
>> following request:
>>
>> http://localhost:8080/auth/realms/master/protocol/saml/clients/null
>>
>> Keycloak returns a HTTP Status code of 500, with a text error message
>> that says "Client not found."  Seems like a textbook case for a HTTP 404
>> response code.
>>
>> The reason I ask is that we were hoping to use status codes for some
>> monitoring and even traffic shaping + health analysis type things and
>> have found them unreliable as an indicator of server function/health.
>> Instead, 500's are also used when clients behave poorly (as in the
>> example above) and do things like request non-existent clients, use bad
>> parameters, or the like.  Shouldn't this classification of errors use
>> 4XX response codes?
>>
>> Is the team open to cleaning these up?  Happy to help out with some PR's.
>>
>> --
>> Josh Cain
>> Senior Software Applications Engineer, RHCE
>> Red Hat North America
>> jcain at redhat.com IRC: jcain
>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20171214/5e78c68d/attachment.bin

More information about the keycloak-user mailing list