I think in Keycloak 2.40 or 2.5.0 a bug was introduced in the User Federation pages
concerning the Bind Credential fields. The Bind Credential is fine in the Keycloak
database (COMPONENT_CONFIG table these days) and everything works fine except the
1/ Log in to Keycloak admin UI as an admin
2/ Go to a User Federation and select an LDAP user federation provider (assuming you have
one of course). You already notice that the value of the Bind Credential field has too few
3/ Now click on the ‘Test authentication’. This fails with 'Error! LDAP authentication
failed.' The issue is that the bind credential is wrong.
4/ However click on ‘Synchronize all users’ and this works just fine. So the bind
credential used here (the one in the database) is just fine.
5/ Now enter the correct bind credential in the Bind Credential field
6/ Test authentication now works fine
7/ Click Save
8/ Click Test authentication and it fails again, same as in step 3
I think the issue is with this admin page. It seems to do something with the bind
credentials it gets from the database. Maybe it wants to unhash it or something but it is
not hashed in the database at all (just plain text). Which maybe it is the real issue
Is this indeed a bug and if so shall I create a bug report for it?