<html><head></head><body><div style="color:#000; background-color:#fff; font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif;font-size:13px"><div id="yui_3_16_0_1_1446812363116_2362">Hi to all.</div><div id="yui_3_16_0_1_1446812363116_2362">Probably i catched a bug in the keycloak authentication flow.</div><div id="yui_3_16_0_1_1446812363116_2362">This is my user case:</div><div id="yui_3_16_0_1_1446812363116_2362">Configuration:</div><div id="yui_3_16_0_1_1446812363116_2362">1) I've created a new realm, say "TestRealm"</div><div id="yui_3_16_0_1_1446812363116_2362">2) I've created 1 role: "testRole"</div><div id="yui_3_16_0_1_1446812363116_2362">3) I've created 2 users: "userTest1" and "userTest2"</div><div id="yui_3_16_0_1_1446812363116_2362">4) In the role mapping tab of each user i've assigned "testRole" to both of them</div><div id="yui_3_16_0_1_1446812363116_2362">5) In the credential tab of each user i've changed their pwd</div><div id="yui_3_16_0_1_1446812363116_2362"><br></div><div id="yui_3_16_0_1_1446812363116_2362">Use case:</div><div id="yui_3_16_0_1_1446812363116_2362">1) I try to access the account application from:&nbsp;<a href="https://localhost:8444/auth/realms/PROVA/account/" id="yui_3_16_0_1_1446812363116_2471" style="background-color: rgb(255, 255, 255);">https://localhost:8444/auth/realms/TestRealm/account/</a></div><div id="yui_3_16_0_1_1446812363116_2362">2) I insert username: userTest1</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; pwd: (a wrong password)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr"><br></div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr">Login page displays a tooltip saying "invalid username or password"</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr"><br></div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr">3) Withouth any page refreshing i try to login again with second user:</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;username: userTest2:</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;pwd: (whatever right or wrong password)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr"><br></div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr">Keycloak catch an exception:</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr">The page displays:</div><div id="kc-container" class="">
        <div id="kc-container-wrapper" class="">

            <div id="kc-header" class="">
                <div id="kc-header-wrapper" class="">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; &nbsp; &nbsp; We're <strong id="yui_3_16_0_1_1446812363116_2679" class="">sorry</strong> ...
</div>
            </div>

                <div id="kc-feedback-placeholder" class="">
                    <div id="kc-feedback-placeholder-wrapper" class=""></div>
                </div>


            <div id="kc-content" class="">
                <div id="kc-content-wrapper" class="">
                    <div id="kc-form" class="">
                        <div id="kc-form-wrapper" class="">
        <div id="kc-error-message" class="">
            <div class="" id="yui_3_16_0_1_1446812363116_2688">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Invalid username or password.</div>
                <div dir="ltr" id="yui_3_16_0_1_1446812363116_2690" class="">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&lt;&lt; Back to Application</div>
        </div>
                        </div>
                    </div>

                </div>
            </div>
        </div></div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr"><br></div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr">Keycloak console displays this exception:</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class="">13:35:27,343 WARN &nbsp;[org.keycloak.events] (default task-62) type=LOGIN_ERROR, realmId=44cefb3e-1b9e-4eb0-9cfe-267e0153b0de, clientId=account, userId=5c9afd4e-74f4-4c51-9015-d9d4a7ef883f, ipAddress=127.0.0.1, error=invalid_user_credentials, auth_method=openid-connect, auth_type=code, redirect_uri=https://localhost:8444/auth/realms/PROVA/account/login-redirect, code_id=2920658d-1137-4caa-a2a2-0c530555b81d, username=userTest</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class="">13:35:33,818 ERROR [org.keycloak.authentication.AuthenticationProcessor] (default task-72) failed authentication: USER_CONFLICT: org.keycloak.authentication.AuthenticationFlowException</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3137">        </span>at org.keycloak.authentication.AuthenticationProcessor.setAutheticatedUser(AuthenticationProcessor.java:203)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3140">        </span>at org.keycloak.authentication.AuthenticationProcessor$Result.setUser(AuthenticationProcessor.java:332)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3143">        </span>at org.keycloak.authentication.authenticators.browser.AbstractUsernameFormAuthenticator.validateUser(AbstractUsernameFormAuthenticator.java:129)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3146">        </span>at org.keycloak.authentication.authenticators.browser.UsernamePasswordForm.validateForm(UsernamePasswordForm.java:41)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3149">        </span>at org.keycloak.authentication.authenticators.browser.UsernamePasswordForm.action(UsernamePasswordForm.java:34)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3152">        </span>at org.keycloak.authentication.DefaultAuthenticationFlow.processAction(DefaultAuthenticationFlow.java:62)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3155">        </span>at org.keycloak.authentication.DefaultAuthenticationFlow.processAction(DefaultAuthenticationFlow.java:54)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3158">        </span>at org.keycloak.authentication.AuthenticationProcessor.authenticationAction(AuthenticationProcessor.java:692)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3161">        </span>at org.keycloak.services.resources.LoginActionsService.processFlow(LoginActionsService.java:307)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3164">        </span>at org.keycloak.services.resources.LoginActionsService.processAuthentication(LoginActionsService.java:288)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3167">        </span>at org.keycloak.services.resources.LoginActionsService.authenticateForm(LoginActionsService.java:334)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3170">        </span>at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3173">        </span>at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3176">        </span>at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3179">        </span>at java.lang.reflect.Method.invoke(Method.java:497)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3182">        </span>at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:137)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3185">        </span>at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:296)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3188">        </span>at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:250)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3191">        </span>at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:140)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3194">        </span>at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:103)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3197">        </span>at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:356)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3200">        </span>at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:179)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3203">        </span>at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:220)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3206">        </span>at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3209">        </span>at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3212">        </span>at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3215">        </span>at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:86)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3218">        </span>at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3221">        </span>at org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:59)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3224">        </span>at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3227">        </span>at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3230">        </span>at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3233">        </span>at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3236">        </span>at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3239">        </span>at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3242">        </span>at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3245">        </span>at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3248">        </span>at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3251">        </span>at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3254">        </span>at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3257">        </span>at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3260">        </span>at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3263">        </span>at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:72)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3266">        </span>at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3269">        </span>at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3272">        </span>at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3275">        </span>at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3278">        </span>at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3281">        </span>at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3284">        </span>at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:282)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3287">        </span>at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:261)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3290">        </span>at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:80)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3293">        </span>at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:172)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3296">        </span>at io.undertow.server.Connectors.executeRootHandler(Connectors.java:199)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3299">        </span>at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:774)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3302">        </span>at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3305">        </span>at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><span class="" style="white-space:pre-wrap;" id="yui_3_16_0_1_1446812363116_3308">        </span>at java.lang.Thread.run(Thread.java:745)</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><br id="yui_3_16_0_1_1446812363116_3311" class=""></div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class="">13:35:33,819 WARN &nbsp;[org.keycloak.events] (default task-72) type=LOGIN_ERROR, realmId=44cefb3e-1b9e-4eb0-9cfe-267e0153b0de, clientId=account, userId=null, ipAddress=127.0.0.1, error=invalid_user_credentials, auth_method=openid-connect, auth_type=code, redirect_uri=https://localhost:8444/auth/realms/PROVA/account/login-redirect, code_id=2920658d-1137-4caa-a2a2-0c530555b81d, username=userTest2</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><br></div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><br></div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr">I experienced this error while debugging my custom user federation provider. So i tried to replicate it with a clean situation like described in the use case above.</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr">Debugging my userfederation provider i could realize the real authentication flow:</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr"><br></div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr">When userTest1 logs in the flow starts from:</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr"><br></div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr">UsernamePasswordForm.action() ---&gt; validateUser ---&gt; &nbsp;----&gt; UserFederationProvider.isValid() ----&gt; ... ... ... ---&gt; UsernamePasswordForm.validatePassword() ----&gt; authenticate&nbsp;<br></div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr"><br></div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr">When userTest2 logs in after userTest1 failure the flow starts from the UserFederationProvider.isValid():</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr"><br></div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr">UserFederationProvider.isValid() (the AuthenticationFlowContext user is still userTest1 )---&gt; ... ----&gt; UsernamePasswordForm.action() ---&gt; validateUser ---&gt; &nbsp;----&gt; UserFederationProvider.isValid() ----&gt; ... ... ... ---&gt;Exception on Context.set(user).<br></div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr">It seems like Context is not cleaned after the first wrong login attempt, bringing with itself the userTest1 user object on the second one. So when keycloak tries to set the new user object catches a USERCONFLICT exception.</div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr"><br></div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr"><br></div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr"><br></div><div id="yui_3_16_0_1_1446812363116_2362" dir="ltr"><br></div></div></body></html>