Re: [keycloak-user] Authentication flow wrong behaviour using custom Authenticator Implementation

Another helpulf element in order to reproduce this use case is that this behaviour occurs only when i set my CustomUserFederation Provider... Now i d like to know:What is the right value the UserModel validateAndProxy(RealmModel realm, UserModel local) of UserFederationProvider has to return when:1) user is present on my custom db but password is wrong2) user doesn't exist Maybe the problem could be there.Thanks Il Mercoledì 18 Novembre 2015 14:09, alex orl <alex_orl1079(a)yahoo.it&gt; ha scritto: Working on 1.5.0 keycloak final version i catched a bug related to consecutive logins.My use case was: Configuration: 1) I've created a new realm, say "TestRealm"2) I've created 1 role: "testRole"3) I've created 2 users: "userTest1" and "userTest2"4) In the role mapping tab of each user i've assigned "testRole" to both of them5) In the credential tab of each user i've changed their pwd Use case:1) I try to access the account application from: https://localhost:8444/auth/realms/TestRealm/account/2) I insert username: userTest1                pwd: (a wrong password) Login page displays a tooltip saying "invalid username or password" 3) Withouth any page refreshing i try to login again with second user:             username: userTest2:             pwd: (whatever right or wrong password) Keycloak catch an exception:The page displays:                                We're sorry ...                                Invalid username or password.                                 << Back to Application Now i'm testing keycloak 1.6.1 final. I realize that bug is solved but only using the standard org.keycloak.authentication.authenticators.browser.UsernamePasswordForm. Making Reference to chapter 33 of keycloak 1.6.1 reference guide, i developed my custom Authenticator. As Proof of Concepts i simply copied the UserPassworfForm code implementing a CustomUserPasswordForm.I ve implemented CustomUserPasswordFormFactory.I  tested again the previous use case in debug mode and i catched again the same error as in the 1.5.0 version. In particular i realize that on the second login attempt the execution flow starts from the: UserFederationManager. validateAndProxyUser(RealmModel realm, UserModel user) methodwhen the right flow should begin from the action method of my CustomUserPasswordForm.Was this use case missed? Or am i doing something wrong?Thanks a lot.