Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-13074

GroupLDAPStorageMapper: duplicate users in getGroupMembers in IMPORT mode

    Details

    • Steps to Reproduce:
      Hide
      1. Add to LDAP with some users, groups, and membership information.
      2. Create a realm with LDAP intregration, with a group mapper with the mode IMPORT.
      3. After the LDAP import is complete, go to the admin console, under the group imported from LDAP, check the member list. There will be duplicate users with the same user ID in the list.

      I can also reproduce this via a unit test. I can submit a PR for this.

      Show
      Add to LDAP with some users, groups, and membership information. Create a realm with LDAP intregration, with a group mapper with the mode IMPORT. After the LDAP import is complete, go to the admin console, under the group imported from LDAP, check the member list. There will be duplicate users with the same user ID in the list. I can also reproduce this via a unit test. I can submit a PR for this.
    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      If GroupLDAPStorageMapper is running under IMPORT mode, getGroupMembers will still return users in LDAP, which, according to how UserStorageManager.query works (reading both user federation and Keycloak storage), will cause duplicate users in the list.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                mposolda Marek Posolda
                Reporter:
                phy25 Henry Pan
              • Votes:
                1 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: