Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-15440

Password Form not working with ldap credential store

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Done
    • 9.0.3, 11.0.2
    • 13.0.0
    • Authentication
    • Hide
      1. Create a browser auth flow that uses username form and password form instead of the combined username & password form.
      2. set up ldap as the password storage backend
      3. delete all other credentials that the user has that are not stored in ldap
      4. try to log in
      Show
      Create a browser auth flow that uses username form and password form instead of the combined username & password form. set up ldap as the password storage backend delete all other credentials that the user has that are not stored in ldap try to log in
    • NEW
    • NEW

    Description

      Hi everyone,

      We wanted to change our browser login flows to use the "Username Form" and in a later step the "Password Form" instead of the combined "Username/Password Form".

      This works well in a local development environment with a local user database.

      However for our production systems we're using LDAP as our federation backend. This works with the "Username/Password Form" but when we switch the browser flow to the new flow instead, it returns the following error after entering the username (when the password form should show up).

      "Cannot login, credential setup required."

      Using a different credential like webauthn-passwordless, works fine but the usual "try another way" button also doesn't show up when trying to login with a password instead - as if the user didn't have a password set at all.

      Thus, we assume there is a  bug with the "Password Form" when using LDAP as a backend.

      Attachments

        Issue Links

          Activity

            People

              mposolda@redhat.com Marek Posolda
              ste@nine Stefan Brand (Inactive)
              Votes:
              5 Vote for this issue
              Watchers:
              10 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: