Re: [keycloak-user] Assign Role Fails Just After Creating the Role

Hi Stian, We have this in production is there any intermediary fix that we can do or any workaround? Regards, Malmi On Fri, Feb 5, 2016 at 2:11 PM, Stian Thorgersen <sthorger(a)redhat.com&gt; wrote: > Confirmed this bug https://issues.jboss.org/browse/KEYCLOAK-2458 > > On 5 February 2016 at 06:53, Malmi Samarasinghe <malmi.suh(a)gmail.com&gt; > wrote: > >> Hi Stian/Bill, >> >> I just wanted to highlight that this issue only occurred when realm >> cache enabled option is ON. >> >> Regards, >> Malmi >> >> On Thu, Feb 4, 2016 at 8:38 PM, Malmi Samarasinghe <malmi.suh(a)gmail.com&gt; >> wrote: >> >>> Hi Stian >>> >>> I have multiple threads creating different roles. Basically one thread >>> will execute all three apis one after another. >>> >>> Regards, >>> Malmi >>> >>> On Thu, Feb 4, 2016 at 5:23 PM, Stian Thorgersen <sthorger(a)redhat.com&gt; >>> wrote: >>> >>>> When you say method1 is executed in multiple threads, do you mean one >>>> thread creates the role and another retrieves it? Or do you have multiple >>>> threads creating different roles? >>>> >>>> On 4 February 2016 at 12:31, Malmi Samarasinghe <malmi.suh(a)gmail.com&gt; >>>> wrote: >>>> >>>>> Hi Bill, >>>>> >>>>> Please find the work flow that we have implemented >>>>> create user : POST : admin/realms/{realm}/users >>>>> >>>>> *Method1* wrapps the following API calls >>>>> Create Realm role : POST : admin/realms/{realm}/roles >>>>> Retrieve Role : GET : admin/realms/{realm}/roles/{roleName} >>>>> Assign Role : POST : >>>>> admin/realms/leapset/users/{0}/role-mappings/realm >>>>> >>>>> Same for the client roles as well. >>>>> >>>>> *Method1 *is executed in multiple threads and assign reams role API >>>>> starts failing with 404 (keycloak log states role not found) >>>>> >>>>> Regards, >>>>> Malmi >>>>> >>>>> On Thu, Feb 4, 2016 at 9:00 AM, Bill Burke <bburke(a)redhat.com&gt; wrote: >>>>> >>>>>> Can you give me what REST invocations you are doing? How do you find >>>>>> the role? How do you create the role? etc... >>>>>> >>>>>> On 2/3/2016 9:45 PM, Malmi Samarasinghe wrote: >>>>>> >>>>>> Hi Bill, >>>>>> >>>>>> We tried the above fix on top of 1.7.0 by applying the changes from >>>>>> the commits attached to the >>>>>> <https://issues.jboss.org/browse/KEYCLOAK-2327> >>>>>> https://issues.jboss.org/browse/KEYCLOAK-2327 and deployed, and it >>>>>> seems to have the same issue. If you have any further update on this please >>>>>> let us know. >>>>>> >>>>>> Regards, >>>>>> Malmi >>>>>> >>>>>> On Mon, Feb 1, 2016 at 4:02 PM, Stian Thorgersen < >>>>>> sthorger(a)redhat.com&gt; wrote: >>>>>> >>>>>>> This could be related to >>>>>>> <https://issues.jboss.org/browse/KEYCLOAK-2327> >>>>>>> https://issues.jboss.org/browse/KEYCLOAK-2327. >>>>>>> >>>>>>> It's already fixed in master, so if you can try it out that would >>>>>>> be great. We should also have a 1.8.1.Final release this week with the fix >>>>>>> in as well. >>>>>>> >>>>>>> On 30 January 2016 at 05:16, Malmi Samarasinghe < >>>>>>> <malmi.suh@gmail.com&gt;malmi.suh(a)gmail.com&gt; wrote: >>>>>>> >>>>>>>> Hi Bill, >>>>>>>> >>>>>>>> We are using keycloak 1.7.0 and rdbms (mysql) >>>>>>>> >>>>>>>> Regards, >>>>>>>> Malmi Samarasinghe >>>>>>>> On Jan 29, 2016 7:41 PM, "Bill Burke" < <bburke(a)redhat.com&gt; >>>>>>>> bburke(a)redhat.com&gt; wrote: >>>>>>>> >>>>>>>>> Which version of keycloak? RDBMS or Mongo? >>>>>>>>> >>>>>>>>> On 1/29/2016 12:35 AM, Malmi Samarasinghe wrote: >>>>>>>>> >>>>>>>>> Hi Everyone, >>>>>>>>> >>>>>>>>> In my application we create retrieve and assign role subsequently >>>>>>>>> and it seems that even for a small load (2-3 threads) with realm cache >>>>>>>>> enabled option, assign realm role call fails due to role not exist error >>>>>>>>> and 404 is returned from keycloak. >>>>>>>>> >>>>>>>>> With the realm cache disabled option the load works fine. >>>>>>>>> >>>>>>>>> Please get back to me if you have any information on any other >>>>>>>>> option we can follow to get this issue sorted or on what action the realm >>>>>>>>> cache will be persisted to DB. >>>>>>>>> >>>>>>>>> Regards, >>>>>>>>> Malmi >>>>>>>>> >>>>>>>>> >>>>>>>>> _______________________________________________ >>>>>>>>> keycloak-user mailing listkeycloak-user@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> Bill Burke >>>>>>>>> JBoss, a division of Red Hathttp://bill.burkecentral.com >>>>>>>>> >>>>>>>>> >>>>>>>>> _______________________________________________ >>>>>>>>> keycloak-user mailing list >>>>>>>>> keycloak-user(a)lists.jboss.org >>>>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user >>>>>>>>> >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> keycloak-user mailing list >>>>>>>> keycloak-user(a)lists.jboss.org >>>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user >>>>>>>> >>>>>>> >>>>>>> >>>>>> >>>>>> -- >>>>>> Bill Burke >>>>>> JBoss, a division of Red Hathttp://bill.burkecentral.com >>>>>> >>>>>> >>>>> >>>> >>> >> >