<html><head></head><body><div style="color:#000; background-color:#fff; font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif;font-size:13px"><div id="yui_3_16_0_1_1447851021952_2261">Working on 1.5.0 keycloak final version i catched a bug related to consecutive logins.</div><div id="yui_3_16_0_1_1447851021952_2261">My use case was:</div><div id="yiv2696383680yui_3_16_0_1_1446812363116_2362" class=""><br></div><div id="yiv2696383680yui_3_16_0_1_1446812363116_2362" class="">Configuration:<br></div><div id="yiv2696383680yui_3_16_0_1_1446812363116_2362" class="">1) I've created a new realm, say "TestRealm"</div><div id="yiv2696383680yui_3_16_0_1_1446812363116_2362" class="">2) I've created 1 role: "testRole"</div><div id="yiv2696383680yui_3_16_0_1_1446812363116_2362" class="">3) I've created 2 users: "userTest1" and "userTest2"</div><div id="yiv2696383680yui_3_16_0_1_1446812363116_2362" class="">4) In the role mapping tab of each user i've assigned "testRole" to both of them</div><div id="yiv2696383680yui_3_16_0_1_1446812363116_2362" class="">5) In the credential tab of each user i've changed their pwd</div><div id="yiv2696383680yui_3_16_0_1_1446812363116_2362" class=""><br id="yui_3_16_0_1_1447851021952_2556" class=""></div><div id="yiv2696383680yui_3_16_0_1_1446812363116_2362" class="">Use case:</div><div id="yiv2696383680yui_3_16_0_1_1446812363116_2362" class="">1) I try to access the account application from: <a rel="nofollow" target="_blank" href="https://localhost:8444/auth/realms/PROVA/account/" id="yiv2696383680yui_3_16_0_1_1446812363116_2471" style="color: rgb(25, 106, 212); background-color: rgb(255, 255, 255);" class="">https://localhost:8444/auth/realms/TestRealm/account/</a></div><div id="yiv2696383680yui_3_16_0_1_1446812363116_2362" class="">2) I insert username: userTest1</div><div id="yiv2696383680yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""> pwd: (a wrong password)</div><div id="yiv2696383680yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><br id="yui_3_16_0_1_1447851021952_2564" class=""></div><div id="yiv2696383680yui_3_16_0_1_1446812363116_2362" dir="ltr" class="">Login page displays a tooltip saying "invalid username or password"</div><div id="yiv2696383680yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><br id="yui_3_16_0_1_1447851021952_2568" class=""></div><div id="yiv2696383680yui_3_16_0_1_1446812363116_2362" dir="ltr" class="">3) Withouth any page refreshing i try to login again with second user:</div><div id="yiv2696383680yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""> username: userTest2:</div><div id="yiv2696383680yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""> pwd: (whatever right or wrong password)</div><div id="yiv2696383680yui_3_16_0_1_1446812363116_2362" dir="ltr" class=""><br id="yui_3_16_0_1_1447851021952_2574" class=""></div><div id="yiv2696383680yui_3_16_0_1_1446812363116_2362" dir="ltr" class="">Keycloak catch an exception:</div><div id="yiv2696383680yui_3_16_0_1_1446812363116_2362" dir="ltr" class="">The page displays:</div><div id="yiv2696383680kc-container" class=""><div id="yiv2696383680kc-container-wrapper" class=""><div id="yiv2696383680kc-header" class=""><div id="yiv2696383680kc-header-wrapper" class=""> We're <span id="yiv2696383680yui_3_16_0_1_1446812363116_2679" class="" style="font-weight: 700;">sorry</span> ...</div></div><div id="yiv2696383680kc-feedback-placeholder" class=""><div id="yiv2696383680kc-feedback-placeholder-wrapper" class=""></div></div><div id="yiv2696383680kc-content" class=""><div id="yiv2696383680kc-content-wrapper" class=""><div id="yiv2696383680kc-form" class=""><div id="yiv2696383680kc-form-wrapper" class=""><div id="yiv2696383680kc-error-message" class=""><div class="" id="yiv2696383680yui_3_16_0_1_1446812363116_2688"> Invalid username or password.</div><div dir="ltr" id="yiv2696383680yui_3_16_0_1_1446812363116_2690" class=""> << Back to Application</div><div dir="ltr" id="yiv2696383680yui_3_16_0_1_1446812363116_2690" class=""><br></div><div dir="ltr" id="yiv2696383680yui_3_16_0_1_1446812363116_2690" class=""><br></div><div dir="ltr" id="yiv2696383680yui_3_16_0_1_1446812363116_2690" class="">Now i'm testing keycloak 1.6.1 final.</div><div dir="ltr" id="yiv2696383680yui_3_16_0_1_1446812363116_2690" class=""><br></div><div dir="ltr" id="yiv2696383680yui_3_16_0_1_1446812363116_2690" class="">I realize that bug is solved but only using the standard org.keycloak.authentication.authenticators.browser.UsernamePasswordForm.</div><div dir="ltr" id="yiv2696383680yui_3_16_0_1_1446812363116_2690" class=""><br></div><div dir="ltr" id="yiv2696383680yui_3_16_0_1_1446812363116_2690" class="">Making Reference to chapter 33 of keycloak 1.6.1 reference guide, i developed my custom Authenticator. As Proof of Concepts i simply copied the UserPassworfForm code implementing a CustomUserPasswordForm.</div><div dir="ltr" id="yiv2696383680yui_3_16_0_1_1446812363116_2690" class="">I ve implemented CustomUserPasswordFormFactory.</div><div dir="ltr" id="yiv2696383680yui_3_16_0_1_1446812363116_2690" class="">I tested again the previous use case in debug mode and i catched again the same error as in the 1.5.0 version.</div><div dir="ltr" id="yiv2696383680yui_3_16_0_1_1446812363116_2690" class=""><br></div><div dir="ltr" id="yiv2696383680yui_3_16_0_1_1446812363116_2690" class="">In particular i realize that on the second login attempt the execution flow starts from the: UserFederationManager. validateAndProxyUser(RealmModel realm, UserModel user) method</div><div dir="ltr" id="yiv2696383680yui_3_16_0_1_1446812363116_2690" class="">when the right flow should begin from the action method of my CustomUserPasswordForm.</div><div dir="ltr" id="yiv2696383680yui_3_16_0_1_1446812363116_2690" class="">Was this use case missed? Or am i doing something wrong?</div><div dir="ltr" id="yiv2696383680yui_3_16_0_1_1446812363116_2690" class="">Thanks a lot.</div><div dir="ltr" id="yiv2696383680yui_3_16_0_1_1446812363116_2690" class=""><br></div><div dir="ltr" id="yiv2696383680yui_3_16_0_1_1446812363116_2690" class=""><div dir="ltr" id="yiv2696383680yui_3_16_0_1_1446812363116_2690" class=""><br></div></div></div></div></div></div></div></div></div></div></body></html>