New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
NullPointerException using auth-require-role-extension #5
Comments
It looks like a bad flow. Example from auth-require-group-extension is bad.
|
I think your flow is not correct. edited: typo |
Can you paste a screenshot of your config? I am not sure I am understanding you. |
as @army1349 indicates since keycloak version 8.0.x that is not a valid flow any more. in your case Conditional OTP, I would put It on CONDITIONAL and OTP Form on REQUIRED |
Thanks a lot @army1349 and @tomrutsaert !! It is working and I understand this better now :) |
Has nothing to do with the opened issue ... but what type is your top level exection "Authentication"? Is it an execution flow? Now that I see it how you configured it, I see that my flow definition is wrong ;-) So... thank you for your screenshot! I´ll have to fix that before production... |
It is generic flow.
I see. So, in your current state, if someone logs in to different client or to Account Management, flow will use the cookie and let him access limited client without group/role check. Glad, I could help. |
I installed and configured
auth-require-role-extension
to restrict logins against a SAML app but unfortunately it does not work.The problem seems to be that the UserModel user is
null
therefore the NullPointerException.I'm hitting the error even before the logging form is displayed (I don't type user nor password)
I am using Keycloak v9.0.0. Do you think it might be a bug of this specific version of Keycloak?
The text was updated successfully, but these errors were encountered: