We didn't migrate, we did a fresh install. I'm checking if we copied
standalone.xml from an older version, but I doubt it.
Haven't yet taken the upstream version. We've had difficulties making a
build, and are looking into it.
On 24-Jan-2017 6:51 PM, "Pedro Igor Silva" <psilva(a)redhat.com> wrote:
I see. I'm going to check what is happening. Can't understand
why it works
after re-creating the policies.
So, you were using which version before migrating to 2.5.0 ? Did you also
try a build from upstream ?
On Tue, Jan 24, 2017 at 11:04 AM, Ushanas Shastri <ushanas(a)gmail.com>
> Hello Pedro,
> Policies created by us stop working. For example, without any change
> the Evaluation API shows Deny, and we can't investigate why, as the
> policy results in Resource not found.
> Interestingly, while the Evaluation API in the administration console
> says denied, the protected application gets a permit when using the
> Authorization API.
> We then recreate the policies, permissions and all is good again.
> Regards, Ushanas.
> On 24-Jan-2017 5:05 PM, "Pedro Igor Silva" <psilva(a)redhat.com>
> HI Ushanas, recently we made a specific change to update policies types
> from "drools" to "rules". But that was in 2.5.1, so I think it is
> Can you elaborate more what are those random instances of policies ? Are
> they being created somehow but not by you ?
> Regarding the resource not found, I think I have fixed this with this PR
. It should be available
> on 2.5.1.
> On Tue, Jan 24, 2017 at 12:51 AM, Ushanas Shastri <ushanas(a)gmail.com>
>> I've created scope based permissions tied to role based policies. Any
>> permission or policy we create, all looks right, but we find random
>> instances of policies that deny authorization, and when we want to
>> investigate, we can't even see the details of the policy. It shows up
>> the list, but clicking on it takes us to a resource nor found page.
>> Any ideas on what may be happening here?
>> Regards, Ushanas.
>> keycloak-user mailing list