[keycloak-user] Bug in User Federation pages in Keycloak admin UI? Bind credentials are incorrect - test authentication fails

[Stian Thorgersen]

Already fixed - https://issues.jboss.org/browse/KEYCLOAK-4038

On 9 January 2017 at 11:36, Edgar Vonk - Info.nl <Edgar at info.nl> wrote:

> Hi,
>
> I think in Keycloak 2.40 or 2.5.0 a bug was introduced in the User
> Federation pages concerning the Bind Credential fields. The Bind Credential
> is fine in the Keycloak database (COMPONENT_CONFIG table these days) and
> everything works fine except the following scenario:
>
> 1/ Log in to Keycloak admin UI as an admin
> 2/ Go to a User Federation and select an LDAP user federation provider
> (assuming you have one of course). You already notice that the value of the
> Bind Credential field has too few characters.
> 3/ Now click on the ‘Test authentication’. This fails with 'Error! LDAP
> authentication failed.' The issue is that the bind credential is wrong.
> 4/ However click on ‘Synchronize all users’ and this works just fine. So
> the bind credential used here (the one in the database) is just fine.
> 5/ Now enter the correct bind credential in the Bind Credential field
> 6/ Test authentication now works fine
> 7/ Click Save
> 8/ Click Test authentication and it fails again, same as in step 3
>
> I think the issue is with this admin page. It seems to do something with
> the bind credentials it gets from the database. Maybe it wants to unhash it
> or something but it is not hashed in the database at all (just plain text).
> Which maybe it is the real issue here?
>
> Is this indeed a bug and if so shall I create a bug report for it?
>
> cheers
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user