[keycloak-user] Problem Updating Account

Rodrigo Sasaki rodrigopsasaki at gmail.com
Thu Oct 9 09:23:42 EDT 2014


I use Chrome on Ubuntu and version 1.1-alpha-1

I'm using the default keycloak theme, but the stateChecker never gets sent
with the form params, so it's always null and I get the error code

On Thu, Oct 9, 2014 at 5:34 AM, Stian Thorgersen <stian at redhat.com> wrote:

> Not a known bug and it works fine here. I'll need more info:
>
> * Browser
> * KC version
> * Is this with unmodified theme? If not can you try with the default theme
> and see if the problem exists there as well
>
> Also, open http://serverUrl/auth/realms/{realm}/account. Then view source
> and check if it has a hidden input field with the name stateChecker. Then
> check if a cookie KEYCLOAK_STATE_CHECKER is set with the same value.
>
> BTW the state checker is to prevent CSRF attack.
>
> ----- Original Message -----
> > From: "Rodrigo Sasaki" <rodrigopsasaki at gmail.com>
> > To: keycloak-user at lists.jboss.org
> > Sent: Wednesday, 8 October, 2014 10:08:41 PM
> > Subject: [keycloak-user] Problem Updating Account
> >
> > Hi. I'm having some trouble with the account page.
> >
> > I try updating my profile at
> http://serverUrl/auth/realms/{realm}/account
> >
> > When I try editing my account info (firstName, email...) I have a problem
> > when I hit save.
> >
> > the processAccountUpdate method inside AccountService.java invokes a
> > csrfCheck method, that checks if a stateChecker variable is present on my
> > post, but it's always null, so I can never update my account info.
> >
> > Is this a known bug?
> >
> > Thanks again
> >
> > --
> > Rodrigo Sasaki
> >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>



-- 
Rodrigo Sasaki
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20141009/01ff32bd/attachment-0001.html 


More information about the keycloak-user mailing list