Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-1411

DefaultCacheUserProvider addUser returns UserModel instance which is not cached/managed by the cache

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Critical
    • Resolution: Done
    • 1.2.0.Final
    • 1.3.1.Final
    • None
    • None

    Description

      Both DefaultCacheUserProvider.addUser() methods directly return UserModel instance obtained from delegate, which is not stored in cache nor managed by the cache. Subsequent calls of getUserById or getUserByUsername or getUserByEmail can return other instance of UserModel in this case, and some changes performed on original instance are not visible by code using this second instance.

      Concrete problem is for example in org.keycloak.services.managers.AuthenticationManager.nextActionAfterAuthentication() when called from org.keycloak.services.resources.IdentityBrokerService.authenticated()
      because UserModel is not passed there directly but over UserSessionModel which finds user over getUserById then. This causes problems with KEYCLOAK-1372 feature for example.

      Attachments

        Activity

          People

            sthorger@redhat.com Stian Thorgersen
            velias@redhat.com Vlastimil Eliáš
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: