1:22 p.m.
Dear members,
I currently use Keycloak 1.9.3 and came to very strange behavior. My case
is following:
1.) authenticate to realm1 using a client with service account
2.) create an user in realm1
3.) retrieve the created user to get its UID
4.) authenticate to realm2 using the same client and same service account
5.) delete the user in realm2 using the mentioned UID without error
Analyzing the code I found that the class UserCacheSession does not check
in this case the realm in the method getUserById(String id, RealmModel
realm). When I restart Keycloak after step 3 and execute the steps 4 and 5
afterwards, the case finishes with error (which I found ok).
Is my case somehow wrong or could it be a real issue?
Best regards,
Bystrik
3:59 p.m.
I would like to correct the step 4 - authenticate to realm2 using different
client and service account
But the behavior is still the same - I'm able to delete a user creted for
realm1 when using realm2.
On Wed, Oct 5, 2016 at 1:22 PM, Bystrik Horvath <bystrik.horvath(a)gmail.com>
wrote:
Dear members,
I currently use Keycloak 1.9.3 and came to very strange behavior. My case
is following:
1.) authenticate to realm1 using a client with service account
2.) create an user in realm1
3.) retrieve the created user to get its UID
4.) authenticate to realm2 using the same client and same service account
5.) delete the user in realm2 using the mentioned UID without error
Analyzing the code I found that the class UserCacheSession does not check
in this case the realm in the method getUserById(String id, RealmModel
realm). When I restart Keycloak after step 3 and execute the steps 4 and
5 afterwards, the case finishes with error (which I found ok).
Is my case somehow wrong or could it be a real issue?
Best regards,
Bystrik
10:15 a.m.
There were some caching fixes meanwhile. Do you have an opportunity to
upgrade either to latest 2.2.1 or at least to 1.9.8 and check if the
same behaviour can be still reproduced?
Marek
On 05/10/16 13:22, Bystrik Horvath wrote:
Dear members,
I currently use Keycloak 1.9.3 and came to very strange behavior. My case
is following:
1.) authenticate to realm1 using a client with service account
2.) create an user in realm1
3.) retrieve the created user to get its UID
4.) authenticate to realm2 using the same client and same service account
5.) delete the user in realm2 using the mentioned UID without error
Analyzing the code I found that the class UserCacheSession does not check
in this case the realm in the method getUserById(String id, RealmModel
realm). When I restart Keycloak after step 3 and execute the steps 4 and 5
afterwards, the case finishes with error (which I found ok).
Is my case somehow wrong or could it be a real issue?
Best regards,
Bystrik
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
10:36 a.m.
Hi Marek,
thank you for your response. I downloaded the latest 2.2.1 today and
checked it - the behavior is the same.
Best regards,
Bystrik
On Thu, Oct 6, 2016 at 10:15 AM, Marek Posolda <mposolda(a)redhat.com> wrote:
There were some caching fixes meanwhile. Do you have an opportunity
to
upgrade either to latest 2.2.1 or at least to 1.9.8 and check if the same
behaviour can be still reproduced?
Marek
On 05/10/16 13:22, Bystrik Horvath wrote:
> Dear members,
>
> I currently use Keycloak 1.9.3 and came to very strange behavior. My case
> is following:
> 1.) authenticate to realm1 using a client with service account
> 2.) create an user in realm1
> 3.) retrieve the created user to get its UID
> 4.) authenticate to realm2 using the same client and same service account
> 5.) delete the user in realm2 using the mentioned UID without error
>
> Analyzing the code I found that the class UserCacheSession does not check
> in this case the realm in the method getUserById(String id, RealmModel
> realm). When I restart Keycloak after step 3 and execute the steps 4 and 5
> afterwards, the case finishes with error (which I found ok).
>
> Is my case somehow wrong or could it be a real issue?
>
> Best regards,
> Bystrik
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
11:34 a.m.
Thanks, can you please create JIRA for it?
Marek
On 06/10/16 10:36, Bystrik Horvath wrote:
Hi Marek,
thank you for your response. I downloaded the latest 2.2.1 today and
checked it - the behavior is the same.
Best regards,
Bystrik
On Thu, Oct 6, 2016 at 10:15 AM, Marek Posolda <mposolda(a)redhat.com
<mailto:mposolda@redhat.com>> wrote:
There were some caching fixes meanwhile. Do you have an
opportunity to upgrade either to latest 2.2.1 or at least to 1.9.8
and check if the same behaviour can be still reproduced?
Marek
On 05/10/16 13:22, Bystrik Horvath wrote:
Dear members,
I currently use Keycloak 1.9.3 and came to very strange
behavior. My case
is following:
1.) authenticate to realm1 using a client with service account
2.) create an user in realm1
3.) retrieve the created user to get its UID
4.) authenticate to realm2 using the same client and same
service account
5.) delete the user in realm2 using the mentioned UID without
error
Analyzing the code I found that the class UserCacheSession
does not check
in this case the realm in the method getUserById(String id,
RealmModel
realm). When I restart Keycloak after step 3 and execute the
steps 4 and 5
afterwards, the case finishes with error (which I found ok).
Is my case somehow wrong or could it be a real issue?
Best regards,
Bystrik
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
<mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
<https://lists.jboss.org/mailman/listinfo/keycloak-user>
1:06 p.m.
Created: https://issues.jboss.org/browse/KEYCLOAK-3667
On Thu, Oct 6, 2016 at 11:34 AM, Marek Posolda <mposolda(a)redhat.com> wrote:
Thanks, can you please create JIRA for it?
Marek
On 06/10/16 10:36, Bystrik Horvath wrote:
Hi Marek,
thank you for your response. I downloaded the latest 2.2.1 today and
checked it - the behavior is the same.
Best regards,
Bystrik
On Thu, Oct 6, 2016 at 10:15 AM, Marek Posolda <mposolda(a)redhat.com>
wrote:
> There were some caching fixes meanwhile. Do you have an opportunity to
> upgrade either to latest 2.2.1 or at least to 1.9.8 and check if the same
> behaviour can be still reproduced?
>
> Marek
>
>
> On 05/10/16 13:22, Bystrik Horvath wrote:
>
>> Dear members,
>>
>> I currently use Keycloak 1.9.3 and came to very strange behavior. My case
>> is following:
>> 1.) authenticate to realm1 using a client with service account
>> 2.) create an user in realm1
>> 3.) retrieve the created user to get its UID
>> 4.) authenticate to realm2 using the same client and same service account
>> 5.) delete the user in realm2 using the mentioned UID without error
>>
>> Analyzing the code I found that the class UserCacheSession does not check
>> in this case the realm in the method getUserById(String id, RealmModel
>> realm). When I restart Keycloak after step 3 and execute the steps 4 and
>> 5
>> afterwards, the case finishes with error (which I found ok).
>>
>> Is my case somehow wrong or could it be a real issue?
>>
>> Best regards,
>> Bystrik
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
>
2758
days inactive
2759
days old
5 comments
2 participants
participants (2)
-
Bystrik Horvath -
Marek Posolda