Hallo,we have noticed a strange behaviour in our Keycloak setup:After a while, some users lose one of their assigned realm roles, without anyone actually requesting this from the keycloak server (We see no admin events who can explain this behaviour).Could it be that something is wrong in some cache implementation or an in issue in concurrency?When I make a dump of the database, the role can also no longer be found there in the user export, so it actually gets removed from there as well.One specific thing we do, is managing the realm settings using the admin REST API, which PUTs the realm config JSON every X minutes (X is currently 5 to 2 minutes), so the PUT call happens a lot (I can see it in the admin events).To exclude this as possible culprit, I've disable this constant updating of the realm. I'll send an update wether this has had any impact, but either way, the issue should not occur.Has anyone already encountered this issue?I can provide you with more config of the keycloak server and realm if required... We are one 1.6.0Could you help me with enabling the correct logging, so I might be able to trace where the problem occurs or see what causes the drop of a realm role on a user (His other realms roles remain untouched...)Currently I am not able to reproduce this with a testcase, it just occurs from time to time on a test platform, so I did not create a JIRA ticket yetTnx,Johan HeylenDNS Belgium
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user