[keycloak-user] CredentialInputUpdater in 8.0.0
Simon Levermann
simon at slevermann.de
Thu Nov 28 05:23:53 EST 2019
Hi,
when upgrading our existing UserStorageProvider to Keycloak 8.0.0, we
came across a possible regression: Logging in with the passwords in our
provider database still works, but changing them does not work in all cases:
In the self-service (auth/realms/{realm}/account/) interface, users can
still update their passwords and our updateCredential(...)
implementation is invoked. However, when we use the "Credentials" Tab in
the admin console to set the user's password, our updateCredential(...)
implementation is *not* invoked, and it looks like instead a new
password is created for the user, which is then *also* accepted for
logging the user in.
This seems to me like a regression and rather unexpected behaviour.
Previously, using the Credentials Tab would also invoke
updateCredential(...) instead of creating a new password.
Best regards,
Simon
More information about the keycloak-user
mailing list