10:27 a.m.
Hey all,
I got a couple of problems with the e-mail verification required action.
1. If it's turned on in the realm settings ("login tab") and I change
the account e-mail (in "manage account"), I can't get back to the app.
2. While the (?) tooltip text in the realm settings clearly says
"Require the user to verify their email address the first time they
login.", the feature includes verification with each e-mail change
(not only the first login). If that's expected behavior, it would be
nice to have it more clear in the (?) tooltip text.
For 1., the steps to reproduce are:
1. Download latest KC, unzip it, start it.
2. Configure logged-in user (admin) e-mail (in "manage account") and
the Email realm settings. Make sure e-mail sending works.
3. Go to "manage account" and change your email.
4. Click "Back to Security Admin Console"
5. You should see the "EMAIL VERIFICATION" page
6. Click on the verification link in the e-mail
7. You should see the "YOU ARE ALREADY LOGGED IN" page, click on the
"« Back to Application" link. This brings you back to step 5. instead
of the admin console.
And this is the error itself, you will find yourself in an endless
loop defined by steps 5 - 7.
I can create a JIRA for that, just wanted to make sure this is a bug,
not a feature.
Thanks!
Viliam
4:10 a.m.
Hi Viliam!
Nice to see you back on Keycloak mailing lists :)
On 20/02/18 17:27, Viliam Rockai wrote:
Hey all,
I got a couple of problems with the e-mail verification required action.
1. If it's turned on in the realm settings ("login tab") and I change
the account e-mail (in "manage account"), I can't get back to the app.
2. While the (?) tooltip text in the realm settings clearly says
"Require the user to verify their email address the first time they
login.", the feature includes verification with each e-mail change
(not only the first login). If that's expected behavior, it would be
nice to have it more clear in the (?) tooltip text.
Yes, agree. We can probably
improve the tooltip.
I don't think we should change the logic. If email was changed, it
shouldn't be treated as verified anymore and should be re-verified IMO.
For 1., the steps to reproduce are:
1. Download latest KC, unzip it, start it.
2. Configure logged-in user (admin) e-mail (in "manage account") and
the Email realm settings. Make sure e-mail sending works.
3. Go to "manage account" and change your email.
4. Click "Back to Security Admin Console"
5. You should see the "EMAIL VERIFICATION" page
6. Click on the verification link in the e-mail
7. You should see the "YOU ARE ALREADY LOGGED IN" page, click on the
"« Back to Application" link. This brings you back to step 5. instead
of the admin console.
And this is the error itself, you will find yourself in an endless
loop defined by steps 5 - 7.
I can create a JIRA for that, just wanted to make sure this is a bug,
not a feature.
We did some fixes in 3.4.3, but it's possible that not for
everything.
Feel free to create JIRA.
Marek
Thanks!
Viliam
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
4:51 a.m.
Thanks a lot! I'm going to create JIRA issues.
On Fri, Feb 23, 2018 at 11:10 AM, Marek Posolda <mposolda(a)redhat.com> wrote:
Hi Viliam!
Nice to see you back on Keycloak mailing lists :)
On 20/02/18 17:27, Viliam Rockai wrote:
>
> Hey all,
>
> I got a couple of problems with the e-mail verification required action.
> 1. If it's turned on in the realm settings ("login tab") and I change
> the account e-mail (in "manage account"), I can't get back to the app.
> 2. While the (?) tooltip text in the realm settings clearly says
> "Require the user to verify their email address the first time they
> login.", the feature includes verification with each e-mail change
> (not only the first login). If that's expected behavior, it would be
> nice to have it more clear in the (?) tooltip text.
Yes, agree. We can probably improve the tooltip.
I don't think we should change the logic. If email was changed, it shouldn't
be treated as verified anymore and should be re-verified IMO.
>
>
> For 1., the steps to reproduce are:
> 1. Download latest KC, unzip it, start it.
> 2. Configure logged-in user (admin) e-mail (in "manage account") and
> the Email realm settings. Make sure e-mail sending works.
> 3. Go to "manage account" and change your email.
> 4. Click "Back to Security Admin Console"
> 5. You should see the "EMAIL VERIFICATION" page
> 6. Click on the verification link in the e-mail
> 7. You should see the "YOU ARE ALREADY LOGGED IN" page, click on the
> "« Back to Application" link. This brings you back to step 5. instead
> of the admin console.
>
> And this is the error itself, you will find yourself in an endless
> loop defined by steps 5 - 7.
>
> I can create a JIRA for that, just wanted to make sure this is a bug,
> not a feature.
We did some fixes in 3.4.3, but it's possible that not for everything. Feel
free to create JIRA.
Marek
>
>
> Thanks!
>
> Viliam
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
2500
days inactive
2503
days old
2 comments
2 participants
participants (2)
-
Marek Posolda -
Viliam Rockai