[keycloak-dev] A probable bug in read-only mode for LDAP Federation Provider

Bruno Oliveira bruno at abstractj.org
Wed Nov 16 08:16:38 EST 2016


Hi Marek,

After rebase against master and go to "Users > Edit" I get:

"Resource not found...
We could not find the resource you are looking for. Please make sure the URL you entered is correct."

I can be wrong, but I believe that if a role is associated to some user,
admin should not be able to delete it.

Or, if we would like to remove roles, even if they have users associated
to this, user should be displayed without these roles.

Does it make sense? I can file a jira if we agree on that.


On 2016-11-15, Marek Posolda wrote:
> Hey Bruno,
>
> it seems Bill pushed already some LDAP changes last night and migrated LDAP
> FederationProvider to UserStorage SPI. Do you have an opportunity to retry
> with latest master? If it can be still reproduced, then you can create JIRA
> for 2.4.1 fix version. We already have bunch of LDAP related issues planned
> for that version, so this can be possibly another one to address.
>
> Marek
>
> On 14/11/16 20:21, Bruno Oliveira wrote:
> > Good morning, I believe I found a bug while playing with LDAP Federation
> > provider. But before file any Jira, I would like to confirm.
> >
> > Steps to reproduce:
> >
> > 1. Just follow all the steps described here https://github.com/keycloak/keycloak/tree/master/examples/ldap
> > 2. Change the federation provider to read-only mode
> > 3. Synchronize all users
> > 4. Delete all the roles associated with LDAP (For example: ldap-user,
> > ldap-admin)
> > 5. Now go to "Users" > "Edit"
> > 6. Click on "Role Mappings"
> >
> > You might get an exception like this: https://gist.github.com/abstractj/19eb8e5f25fee3b469110246066ecd08
> >
> > Is this a bug?
> >
> >
> > --
> >
> > abstractj
> > PGP: 0x84DC9914
> > _______________________________________________
> > keycloak-dev mailing list
> > keycloak-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
>

--

abstractj
PGP: 0x84DC9914


More information about the keycloak-dev mailing list