<html><head></head><body><div style="color:#000; background-color:#fff; font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif;font-size:13px"><div id="yui_3_16_0_1_1447851021952_11689">Another helpulf element in order to reproduce this use case is that this behaviour occurs only when i set my CustomUserFederation Provider...<br></div><div id="yui_3_16_0_1_1447851021952_11689">Now i d like to know:</div><div id="yui_3_16_0_1_1447851021952_11689" dir="ltr">What is the right value the UserModel validateAndProxy(RealmModel realm, UserModel local) of UserFederationProvider has to return when:</div><div id="yui_3_16_0_1_1447851021952_11689" dir="ltr">1) user is present on my custom db but password is wrong</div><div id="yui_3_16_0_1_1447851021952_11689" dir="ltr">2) user doesn't exist</div><div id="yui_3_16_0_1_1447851021952_11689" dir="ltr"><br></div><div id="yui_3_16_0_1_1447851021952_11689" dir="ltr">Maybe the problem could be there.</div><div id="yui_3_16_0_1_1447851021952_11689" dir="ltr">Thanks</div> <br><div class="qtdSeparateBR" id="yui_3_16_0_1_1447851021952_11853"><br><br></div><div class="yahoo_quoted" id="yui_3_16_0_1_1447851021952_11934" style="display: block;"> <div style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif; font-size: 13px;" id="yui_3_16_0_1_1447851021952_11933"> <div style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif; font-size: 16px;" id="yui_3_16_0_1_1447851021952_11932"> <div dir="ltr" id="yui_3_16_0_1_1447851021952_11940"><font size="2" face="Arial" id="yui_3_16_0_1_1447851021952_12040"> Il Mercoledì 18 Novembre 2015 14:09, alex orl <alex_orl1079@yahoo.it> ha scritto:<br></font></div> <br><br> <div class="y_msg_container" id="yui_3_16_0_1_1447851021952_11931"><div id="yiv5809325265"><div id="yui_3_16_0_1_1447851021952_11930"><div style="color:#000;background-color:#fff;font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif;font-size:13px;" id="yui_3_16_0_1_1447851021952_11929"><div id="yiv5809325265yui_3_16_0_1_1447851021952_2261">Working on 1.5.0 keycloak final version i catched a bug related to consecutive logins.</div><div id="yiv5809325265yui_3_16_0_1_1447851021952_2261">My use case was:</div><div id="yiv5809325265yui_3_16_0_1_1446812363116_2362" class="yiv5809325265"><br></div><div id="yiv5809325265yui_3_16_0_1_1446812363116_2362" class="yiv5809325265">Configuration:<br></div><div id="yiv5809325265yui_3_16_0_1_1446812363116_2362" class="yiv5809325265">1) I've created a new realm, say "TestRealm"</div><div id="yiv5809325265yui_3_16_0_1_1446812363116_2362" class="yiv5809325265">2) I've created 1 role: "testRole"</div><div id="yiv5809325265yui_3_16_0_1_1446812363116_2362" class="yiv5809325265">3) I've created 2 users: "userTest1" and "userTest2"</div><div id="yiv5809325265yui_3_16_0_1_1446812363116_2362" class="yiv5809325265">4) In the role mapping tab of each user i've assigned "testRole" to both of them</div><div id="yiv5809325265yui_3_16_0_1_1446812363116_2362" class="yiv5809325265">5) In the credential tab of each user i've changed their pwd</div><div id="yiv5809325265yui_3_16_0_1_1446812363116_2362" class="yiv5809325265"><br id="yiv5809325265yui_3_16_0_1_1447851021952_2556" class="yiv5809325265"></div><div id="yiv5809325265yui_3_16_0_1_1446812363116_2362" class="yiv5809325265">Use case:</div><div id="yiv5809325265yui_3_16_0_1_1446812363116_2362" class="yiv5809325265">1) I try to access the account application from: <a rel="nofollow" target="_blank" onclick="return theMainWindow.showLinkWarning(this)" href="https://localhost:8444/auth/realms/PROVA/account/" id="yiv5809325265yui_3_16_0_1_1446812363116_2471" style="color:rgb(25, 106, 212);background-color:rgb(255, 255, 255);" class="yiv5809325265">https://localhost:8444/auth/realms/TestRealm/account/</a></div><div id="yiv5809325265yui_3_16_0_1_1446812363116_2362" class="yiv5809325265">2) I insert username: userTest1</div><div id="yiv5809325265yui_3_16_0_1_1446812363116_2362" dir="ltr" class="yiv5809325265"> pwd: (a wrong password)</div><div id="yiv5809325265yui_3_16_0_1_1446812363116_2362" dir="ltr" class="yiv5809325265"><br id="yiv5809325265yui_3_16_0_1_1447851021952_2564" class="yiv5809325265"></div><div id="yiv5809325265yui_3_16_0_1_1446812363116_2362" dir="ltr" class="yiv5809325265">Login page displays a tooltip saying "invalid username or password"</div><div id="yiv5809325265yui_3_16_0_1_1446812363116_2362" dir="ltr" class="yiv5809325265"><br id="yiv5809325265yui_3_16_0_1_1447851021952_2568" class="yiv5809325265"></div><div id="yiv5809325265yui_3_16_0_1_1446812363116_2362" dir="ltr" class="yiv5809325265">3) Withouth any page refreshing i try to login again with second user:</div><div id="yiv5809325265yui_3_16_0_1_1446812363116_2362" dir="ltr" class="yiv5809325265"> username: userTest2:</div><div id="yiv5809325265yui_3_16_0_1_1446812363116_2362" dir="ltr" class="yiv5809325265"> pwd: (whatever right or wrong password)</div><div id="yiv5809325265yui_3_16_0_1_1446812363116_2362" dir="ltr" class="yiv5809325265"><br id="yiv5809325265yui_3_16_0_1_1447851021952_2574" class="yiv5809325265"></div><div id="yiv5809325265yui_3_16_0_1_1446812363116_2362" dir="ltr" class="yiv5809325265">Keycloak catch an exception:</div><div id="yiv5809325265yui_3_16_0_1_1446812363116_2362" dir="ltr" class="yiv5809325265">The page displays:</div><div id="yiv5809325265kc-container" class="yiv5809325265"><div id="yiv5809325265kc-container-wrapper" class="yiv5809325265"><div id="yiv5809325265kc-header" class="yiv5809325265"><div id="yiv5809325265kc-header-wrapper" class="yiv5809325265"> We're <span id="yiv5809325265yui_3_16_0_1_1446812363116_2679" class="yiv5809325265" style="font-weight:700;">sorry</span> ...</div></div><div id="yiv5809325265kc-feedback-placeholder" class="yiv5809325265"><div id="yiv5809325265kc-feedback-placeholder-wrapper" class="yiv5809325265"></div></div><div id="yiv5809325265kc-content" class="yiv5809325265"><div id="yiv5809325265kc-content-wrapper" class="yiv5809325265"><div id="yiv5809325265kc-form" class="yiv5809325265"><div id="yiv5809325265kc-form-wrapper" class="yiv5809325265"><div id="yiv5809325265kc-error-message" class="yiv5809325265"><div class="yiv5809325265" id="yiv5809325265yui_3_16_0_1_1446812363116_2688"> Invalid username or password.</div><div dir="ltr" id="yiv5809325265yui_3_16_0_1_1446812363116_2690" class="yiv5809325265"> << Back to Application</div><div dir="ltr" id="yiv5809325265yui_3_16_0_1_1446812363116_2690" class="yiv5809325265"><br></div><div dir="ltr" id="yiv5809325265yui_3_16_0_1_1446812363116_2690" class="yiv5809325265"><br></div><div dir="ltr" id="yiv5809325265yui_3_16_0_1_1446812363116_2690" class="yiv5809325265">Now i'm testing keycloak 1.6.1 final.</div><div dir="ltr" id="yiv5809325265yui_3_16_0_1_1446812363116_2690" class="yiv5809325265"><br></div><div dir="ltr" id="yiv5809325265yui_3_16_0_1_1446812363116_2690" class="yiv5809325265">I realize that bug is solved but only using the standard org.keycloak.authentication.authenticators.browser.UsernamePasswordForm.</div><div dir="ltr" id="yiv5809325265yui_3_16_0_1_1446812363116_2690" class="yiv5809325265"><br></div><div dir="ltr" id="yiv5809325265yui_3_16_0_1_1446812363116_2690" class="yiv5809325265">Making Reference to chapter 33 of keycloak 1.6.1 reference guide, i developed my custom Authenticator. As Proof of Concepts i simply copied the UserPassworfForm code implementing a CustomUserPasswordForm.</div><div dir="ltr" id="yiv5809325265yui_3_16_0_1_1446812363116_2690" class="yiv5809325265">I ve implemented CustomUserPasswordFormFactory.</div><div dir="ltr" id="yiv5809325265yui_3_16_0_1_1446812363116_2690" class="yiv5809325265">I tested again the previous use case in debug mode and i catched again the same error as in the 1.5.0 version.</div><div dir="ltr" id="yiv5809325265yui_3_16_0_1_1446812363116_2690" class="yiv5809325265"><br></div><div dir="ltr" id="yiv5809325265yui_3_16_0_1_1446812363116_2690" class="yiv5809325265">In particular i realize that on the second login attempt the execution flow starts from the: UserFederationManager. validateAndProxyUser(RealmModel realm, UserModel user) method</div><div dir="ltr" id="yiv5809325265yui_3_16_0_1_1446812363116_2690" class="yiv5809325265">when the right flow should begin from the action method of my CustomUserPasswordForm.</div><div dir="ltr" id="yiv5809325265yui_3_16_0_1_1446812363116_2690" class="yiv5809325265">Was this use case missed? Or am i doing something wrong?</div><div dir="ltr" id="yiv5809325265yui_3_16_0_1_1446812363116_2690" class="yiv5809325265">Thanks a lot.</div><div dir="ltr" id="yiv5809325265yui_3_16_0_1_1446812363116_2690" class="yiv5809325265"><br></div><div dir="ltr" id="yiv5809325265yui_3_16_0_1_1446812363116_2690" class="yiv5809325265"><div dir="ltr" id="yiv5809325265yui_3_16_0_1_1446812363116_2690" class="yiv5809325265"><br></div></div></div></div></div></div></div></div></div></div></div></div><br><br></div> </div> </div> </div></div></body></html>