Hi,

sorry for late response. This might be some DB/transaction locking bug. Which DB type, version and JDBC driver are you using? Currently method deleteInvalidUser runs in separate transaction, which is maybe an issue...

Marek

On 18/11/15 01:39, alex orl wrote:
Hi to all.
Working on my custom user federation provider i'm facing up to a possible bug.
I used the last 1.6.1 final keycloak version.
In my legacy user database i have 3 users:
user1
user2
user3

I try to log into my secured application with all three users' credentials and all goes fine.
This way all three users are present inside the keycloak properties file so, if i open keycloak admin console and list all users by clicking on the "view all users" button, inside the user section, keycloak lists to me 
user1
user2
user3

Now i delete user3 from my legacy database, then i come back to the keycloak admin console in order to list users again.
After clicking the "view all users" button... nothing is listed and the page stucks in loading mode.

Debugging my code, after "view all users" click... my user federation provider executes the isValid() method for all the 3 users.
The isValid method returns true for user1
                                           true for user2
                                           false for the deleted user3
 
The last false value is returned to the
     UserModel validateAndProxy(RealmModel realm, UserModel local) 
method which will return a NULL UserModel object.

ValidateAndProxy method passes the ball to org.keycloak.models.UserFederationManager with its method:

protected UserModel validateAndProxyUser(RealmModel realm, UserModel user) {
        UserModel managed = managedUsers.get(user.getId());
        if (managed != null) {
            return managed;
        }
 
        UserFederationProvider link = getFederationLink(realmuser);
        if (link != null) {
            UserModel validatedProxyUser = link.validateAndProxy(realmuser);
            if (validatedProxyUser != null) {
                managedUsers.put(user.getId(), validatedProxyUser);
                return validatedProxyUser;
            } else {
                deleteInvalidUser(realmuser);
                return null;
            }
        }

The UserModel NULL value triggers the deleteInvalidUser(...) method. (row 135 of org.keycloak.models.UserFederationManager class). At this point nothing happens and keycloak console stays in loading state.

Am i wrong with anything? or is it a bug?
thanks


_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user