[keycloak-user] KEYCLOAK-1014 Reset password leads to 400 Bad Request - still unresolved?

Bruno Oliveira bruno at abstractj.org
Mon Jul 18 09:45:26 EDT 2016


I never heard about such issue. Do you get any errors at the logs?

On 2016-07-15, Valerij Timofeev wrote:
> I've figred out exact condition when descibed scenario fails for us:
>
> 1) it does not work in combination with our legacy web application (built
> on RH/JBoss Seam 2)
> 2) but it works in Keycloak 1.9.4 properly too if a user logins in into the
> Account web application and then starts password reset process
>
> Are there any known general issues with Seam 2 or JSF web applications
> protected by Keycloak?
>
> 2016-07-15 15:17 GMT+02:00 Valerij Timofeev <valerij.timofeev at gmail.com>:
>
> > I've just quickly tested in RH SSO 7.0: it works!
> > The only thing we have to do now is to test thoroughly and roll out it in
> > production :-)
> >
> > Thank you very much for your quick assistance!
> >
> > 2016-07-15 13:15 GMT+02:00 Stian Thorgersen <sthorger at redhat.com>:
> >
> >> I tested with 2.0.0.Final though. Please check with 1.9.8.Final or RH SSO
> >> 7.0. I believe there was some fixes around this at some point in 1.9.x.
> >>
> >> On 15 July 2016 at 13:14, Stian Thorgersen <sthorger at redhat.com> wrote:
> >>
> >>> Just checked and I'm not able to reproduce this issue.
> >>>
> >>> I clicked on reset password in one browser, copied the link and opened
> >>> it in a new incognito session. Worked just fine.
> >>>
> >>> On 15 July 2016 at 12:22, Valerij Timofeev <valerij.timofeev at gmail.com>
> >>> wrote:
> >>>
> >>>> Hi,
> >>>>
> >>>> our customers are experiencing problems in situations where resetting
> >>>> password is started in one web browser and accomplished in another one.
> >>>> This scenario occurs if a user surfs with one kind of web browser, but
> >>>> an email application opens password reset link in another one.
> >>>>
> >>>> I suppose that the root cause is the same like the documented in
> >>>> KEYCLOAK-1014 one.
> >>>>
> >>>> We run Keycloak 1.9.4 standalone servers in our production at the
> >>>> moment, but already started to roll out RH SSO 7.0 in other stages. So a
> >>>> bug fix should be scheduled for this version as well.
> >>>>
> >>>> Kind regards
> >>>> Valerij Timofeev
> >>>>
> >>>>
> >>>> _______________________________________________
> >>>> keycloak-user mailing list
> >>>> keycloak-user at lists.jboss.org
> >>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
> >>>>
> >>>
> >>>
> >>
> >

> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user


--

abstractj
PGP: 0x84DC9914


More information about the keycloak-user mailing list