[keycloak-user] keycloak reset issue.
Sheng Hong Pan
ShengHong.Pan at halliburton.com
Mon Apr 30 15:22:28 EDT 2018
We are having issue with Keycloak (3.0.0) reset feature. User is getting an error of "WE'RE SORRY ... An error occurred, please login again through your application". We looked log and there are many errors (see below) related to invalid_code.
2018-04-30 13:13:09,188 WARN [org.keycloak.events] (default task-60) type=RESET_PASSWORD_ERROR, realmId=<realm name>, clientId=null, userId=null, ipAddress=<ip>, error=invalid_code
After further investigation, we found that multiple requests with same active code are hitting on the server and it looks like that reset password url becomes invalid after first access. There is a similar complain ( http://lists.jboss.org/pipermail/keycloak-user/2016-February/004828.html ) on an older version of keycloak. Is the issue addressed in the 3.0.0?
Thanks.
-Sheng
----------------------------------------------------------------------
This e-mail, including any attached files, may contain confidential and privileged information for the sole use of the intended recipient. Any review, use, distribution, or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorized to receive information for the intended recipient), please contact the sender by reply e-mail and delete all copies of this message.
More information about the keycloak-user
mailing list