Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-1015

Login attempt after "Login user action lifespan" leads to "Invalid username or password."

    XMLWordPrintable

    Details

    • Type: Feature Request
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: 1.1.0.Beta2
    • Fix Version/s: 1.2.0.Beta1
    • Component/s: None
    • Labels:
      None

      Description

      The error message "Invalid username or password" is a bit confusing if a user tries to login with a correct username and password.

      It would also be nice to configure a different expiration time for the "Authentication" process.

      I totally understand why the password change process has to be finished in a given time, but I think it should be possible to login at any time. (So I can get a coffee before I enter my credentials...)

      Maybe it's even possible to exclude the "Authentication" process from the time validation like that:

      ClientSessionCode.java
      public boolean isValid(ClientSessionModel.Action requestedAction) {
              ClientSessionModel.Action action = clientSession.getAction();
              if (action == null) {
                  return false;
              }
      
              int timestamp = clientSession.getTimestamp();
      
              if (!action.equals(requestedAction)) {
                  return false;
              }
      
              if(!clientSession.getAction().equals(ClientSessionModel.Action.AUTHENTICATE)){
                  int lifespan = action.equals(ClientSessionModel.Action.CODE_TO_TOKEN) ? realm.getAccessCodeLifespan() : realm.getAccessCodeLifespanUserAction();
                  return timestamp + lifespan > Time.currentTime();
              }else {
                  return true;
              }
          }
      

      It would be very nice if this feature could be implemented for the version 1.1.0 Final.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              stianst Stian Thorgersen
              Reporter:
              gerbermichi Michael Gerber (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: