Can you please report a new issue? The original issue was fixed, but there's another issue when brute force protection is enabled. The test from the original issue doesn't enable brute force protection.

On 11 March 2016 at 08:49, Lohitha Chiranjeewa <kalc04@gmail.com> wrote:

Stian just FYI, apparently this is not fixed despite the ticket getting closed.

I had a brief look at the code, and it seems if the "username" is present and the "enabled" parameter is set to true in the request payload, a NullPointerException still gets thrown.
if (rep.isEnabled() != null && rep.isEnabled()) {
    UsernameLoginFailureModel failureModel = session.sessions().getUserLoginFailure(realm, rep.getUsername().toLowerCase());
    if (failureModel != null) {
        failureModel.clearFailures();
    }
}
This is in org.keycloak.services.resources.admin.UsersResource class.
Regards,
Lohitha.
On Mon, Jan 18, 2016 at 11:51 AM, Lohitha Chiranjeewa <kalc04@gmail.com> wrote:
JIRA logged here: https://issues.jboss.org/browse/KEYCLOAK-2334

Regards,
Lohitha

On Fri, Jan 15, 2016 at 9:12 PM, Stian Thorgersen <sthorger@redhat.com> wrote:
Yes please

On 15 January 2016 at 04:42, Lohitha Chiranjeewa <kalc04@gmail.com> wrote:
Hi,

Refer title for the bug. This seems to have been introduced after 1.2.0.Final because in that version we didn't have this problem. Failure happens in 1.7.0.Final. Checked the logs and there's a NullPointerException thrown.

Shall I create a JIRA?

Regards,
Lohitha.

_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user