Hey Bruno, it seems Bill pushed already some LDAP changes last night and migrated LDAP FederationProvider to UserStorage SPI. Do you have an opportunity to retry with latest master? If it can be still reproduced, then you can create JIRA for 2.4.1 fix version. We already have bunch of LDAP related issues planned for that version, so this can be possibly another one to address. Marek On 14/11/16 20:21, Bruno Oliveira wrote: > Good morning, I believe I found a bug while playing with LDAP Federation > provider. But before file any Jira, I would like to confirm. > > Steps to reproduce: > > 1. Just follow all the steps described here https://github.com/keycloak/keycloak/tree/master/examples/ldap > 2. Change the federation provider to read-only mode > 3. Synchronize all users > 4. Delete all the roles associated with LDAP (For example: ldap-user, > ldap-admin) > 5. Now go to "Users" > "Edit" > 6. Click on "Role Mappings" > > You might get an exception like this: https://gist.github.com/abstractj/19eb8e5f25fee3b469110246066ecd08 > > Is this a bug? > > > -- > > abstractj > PGP: 0x84DC9914 > _______________________________________________ > keycloak-dev mailing list > keycloak-dev(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-dev

On 16/11/16 14:16, Bruno Oliveira wrote: > Hi Marek, > > After rebase against master and go to "Users > Edit" I get: > > "Resource not found... > We could not find the resource you are looking for. Please make sure the URL you entered is correct." > > I can be wrong, but I believe that if a role is associated to some user, > admin should not be able to delete it. > > Or, if we would like to remove roles, even if they have users associated > to this, user should be displayed without these roles. +1 Currently when role is deleted, we update all the users and remove the role mapping from them. If there is an exception for this scenario with LDAP, it is likely a bug. Btv. the "Resource not found..." is often shown in admin console when you have stale browser cache. Couldn't that be the case? Marek > > Does it make sense? I can file a jira if we agree on that. > > > On 2016-11-15, Marek Posolda wrote: >> Hey Bruno, >> >> it seems Bill pushed already some LDAP changes last night and migrated LDAP >> FederationProvider to UserStorage SPI. Do you have an opportunity to retry >> with latest master? If it can be still reproduced, then you can create JIRA >> for 2.4.1 fix version. We already have bunch of LDAP related issues planned >> for that version, so this can be possibly another one to address. >> >> Marek >> >> On 14/11/16 20:21, Bruno Oliveira wrote: >>> Good morning, I believe I found a bug while playing with LDAP Federation >>> provider. But before file any Jira, I would like to confirm. >>> >>> Steps to reproduce: >>> >>> 1. Just follow all the steps described here https://github.com/keycloak/keycloak/tree/master/examples/ldap >>> 2. Change the federation provider to read-only mode >>> 3. Synchronize all users >>> 4. Delete all the roles associated with LDAP (For example: ldap-user, >>> ldap-admin) >>> 5. Now go to "Users" > "Edit" >>> 6. Click on "Role Mappings" >>> >>> You might get an exception like this: https://gist.github.com/abstractj/19eb8e5f25fee3b469110246066ecd08 >>> >>> Is this a bug? >>> >>> >>> -- >>> >>> abstractj >>> PGP: 0x84DC9914 >>> _______________________________________________ >>> keycloak-dev mailing list >>> keycloak-dev(a)lists.jboss.org >>> https://lists.jboss.org/mailman/listinfo/keycloak-dev >> > -- > > abstractj > PGP: 0x84DC9914

I've reproduced the "Resource not found" in latest master. Should be fixed now. Marek On 16/11/16 14:16, Bruno Oliveira wrote: > After rebase against master and go to "Users > Edit" I get: > > "Resource not found... > We could not find the resource you are looking for. Please make sure the URL you entered is correct." _______________________________________________ keycloak-dev mailing list keycloak-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-dev