Uploaded image for project: 'Red Hat build of Keycloak'
  1. Red Hat build of Keycloak
  2. RHBK-2970

Not Recently Used (In Days) "user" is null on registration [GHI#38331]

XMLWordPrintable

    • False
    • Hide

      None

      Show
      None
    • False

      Before reporting an issue

      [x] I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.

      Area

      core

      Describe the bug

      If I enable Not Recently Used (In Days) in password Policy I got the error when the user try a new registration:

      > Unexpected error when handling authentication request to identity provider.

      with log error:
      WARN [org.keycloak.services] (executor-thread-117) KC-SERVICES0013: Failed authentication: java.lang.NullPointerException: Cannot invoke "org.keycloak.models.UserModel.credentialManager()" because "user" is null

      Version

      26.1.4

      Regression

      [ ] The issue is a regression

      Expected behavior

      AgePasswordPolicyProvider should validate because user does not still exist

      Actual behavior

      complete error stacktrace

      2025-03-21 14:41:14 2025-03-21 13:41:14,326 WARN  [org.keycloak.services] (executor-thread-117) KC-SERVICES0013: Failed authentication: java.lang.NullPointerException: Cannot invoke "org.keycloak.models.UserModel.credentialManager()" because "user" is null
2025-03-21 14:41:14     at org.keycloak.policy.AgePasswordPolicyProvider.validate(AgePasswordPolicyProvider.java:56)
2025-03-21 14:41:14     at org.keycloak.policy.AgePasswordPolicyProvider.validate(AgePasswordPolicyProvider.java:46)
2025-03-21 14:41:14     at org.keycloak.policy.DefaultPasswordPolicyManagerProvider.validate(DefaultPasswordPolicyManagerProvider.java:53)
2025-03-21 14:41:14     at org.keycloak.authentication.forms.RegistrationPassword.validate(RegistrationPassword.java:74)
2025-03-21 14:41:14     at org.keycloak.authentication.FormAuthenticationFlow.processAction(FormAuthenticationFlow.java:216)
2025-03-21 14:41:14     at org.keycloak.authentication.DefaultAuthenticationFlow.processAction(DefaultAuthenticationFlow.java:128)
2025-03-21 14:41:14     at org.keycloak.authentication.AuthenticationProcessor.authenticationAction(AuthenticationProcessor.java:1039)
2025-03-21 14:41:14     at org.keycloak.services.resources.LoginActionsService.processFlow(LoginActionsService.java:378)
2025-03-21 14:41:14     at org.keycloak.services.resources.LoginActionsService.processRegistration(LoginActionsService.java:746)
2025-03-21 14:41:14     at org.keycloak.services.resources.LoginActionsService.registerRequest(LoginActionsService.java:810)
2025-03-21 14:41:14     at org.keycloak.services.resources.LoginActionsService.processRegister(LoginActionsService.java:788)
2025-03-21 14:41:14     at org.keycloak.services.resources.LoginActionsService$quarkusrestinvoker$processRegister_7a9f3962753907b18ff9c85418d7f9feed84dedc.invoke(Unknown Source)
2025-03-21 14:41:14     at org.jboss.resteasy.reactive.server.handlers.InvocationHandler.handle(InvocationHandler.java:29)
2025-03-21 14:41:14     at io.quarkus.resteasy.reactive.server.runtime.QuarkusResteasyReactiveRequestContext.invokeHandler(QuarkusResteasyReactiveRequestContext.java:141)
2025-03-21 14:41:14     at org.jboss.resteasy.reactive.common.core.AbstractResteasyReactiveContext.run(AbstractResteasyReactiveContext.java:147)
2025-03-21 14:41:14     at io.quarkus.vertx.core.runtime.VertxCoreRecorder$14.runWith(VertxCoreRecorder.java:635)
2025-03-21 14:41:14     at org.jboss.threads.EnhancedQueueExecutor$Task.doRunWith(EnhancedQueueExecutor.java:2516)
2025-03-21 14:41:14     at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2495)
2025-03-21 14:41:14     at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1521)
2025-03-21 14:41:14     at org.jboss.threads.DelegatingRunnable.run(DelegatingRunnable.java:11)
2025-03-21 14:41:14     at org.jboss.threads.ThreadLocalResettingRunnable.run(ThreadLocalResettingRunnable.java:11)
2025-03-21 14:41:14     at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
2025-03-21 14:41:14     at java.base/java.lang.Thread.run(Unknown Source)
2025-03-21 14:41:14 
2025-03-21 14:41:14 2025-03-21 13:41:14,326 WARN  [org.keycloak.events] (executor-thread-117) type="REGISTER_ERROR", realmId="master", realmName="master", clientId="account-console", userId="null", ipAddress="172.18.0.1", error="invalid_user_credentials", auth_method="openid-connect", auth_type="code", register_method="form", last_name="cognome", redirect_uri="http://localhost/auth/realms/master/account", first_name="nome", code_id="e22cf01a-b839-43ba-b63b-ef14426b6f3b", email="myemail@email.com", username="myemail@email.com"

      How to Reproduce?

      Go into Authentication => Policies => Add Not Recently Used (In Days) and Save.
      Then register a new user using client interface: ex: http://localhost/auth/realms/master/account/

      Anything else?

      No response

              Unassigned Unassigned
              pvlha Pavel Vlha
              Keycloak Core (shared)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: