[prev in list] [next in list] [prev in thread] [next in thread] 

List:       keycloak-user
Subject:    [keycloak-user] keycloak reset issue.
From:       ShengHong.Pan () halliburton ! com (Sheng Hong Pan)
Date:       2018-04-30 19:22:28
Message-ID: C8C6980ECAF09F449AF026CA1D850AA085F394 () NP1EXMB102 ! corp ! halliburton ! com
[Download RAW message or body]

We are having issue with Keycloak (3.0.0) reset feature. User is getting an error of  \
"WE'RE SORRY ... An error occurred, please login again through your application". We \
looked log and there are many errors (see below) related to invalid_code.

2018-04-30 13:13:09,188 WARN  [org.keycloak.events] (default task-60) \
type=RESET_PASSWORD_ERROR, realmId=<realm name>, clientId=null, userId=null, \
ipAddress=<ip>, error=invalid_code

After further investigation, we found that multiple requests with same active code \
are hitting on the server and it looks like that reset password url becomes invalid \
after first access. There is a similar complain ( \
http://lists.jboss.org/pipermail/keycloak-user/2016-February/004828.html ) on an \
older version of keycloak. Is the issue addressed in the 3.0.0?

Thanks.

-Sheng

----------------------------------------------------------------------
This e-mail, including any attached files, may contain confidential and privileged \
information for the sole use of the intended recipient.  Any review, use, \
distribution, or disclosure by others is strictly prohibited.  If you are not the \
intended recipient (or authorized to receive information for the intended recipient), \
please contact the sender by reply e-mail and delete all copies of this message.


[prev in list] [next in list] [prev in thread] [next in thread]