Re: [keycloak-user] Create user in one realm, delete it from different one

Wednesday, 5 October 2016

I would like to correct the step 4 - authenticate to realm2 using different
client and service account

But the behavior is still the same - I'm able to delete a user creted for
realm1 when using realm2.

On Wed, Oct 5, 2016 at 1:22 PM, Bystrik Horvath <bystrik.horvath(a)gmail.com&gt;
wrote:

...
 Dear members,

 I currently use Keycloak 1.9.3 and came to very strange behavior. My case
 is following:
 1.) authenticate to realm1 using a client with service account
 2.) create an user in realm1
 3.) retrieve the created user to get its UID
 4.) authenticate to realm2 using the same client and same service account
 5.) delete the user in realm2 using the mentioned UID without error

 Analyzing the code I found that the class UserCacheSession does not check
 in this case the realm in the method getUserById(String id, RealmModel
 realm). When I restart Keycloak after step 3 and execute the steps 4 and
 5 afterwards, the case finishes with error (which I found ok).

 Is my case somehow wrong or could it be a real issue?

 Best regards,
 Bystrik

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

Re: [keycloak-user] Create user in one realm, delete it from different one