Uploaded image for project: 'RH-SSO'
  1. RH-SSO
  2. RHSSO-1146

[GSS] When a user federation is broken, local accounts cannot be accessed from the administration console


    • Icon: Enhancement Enhancement
    • Resolution: Done
    • Icon: Major Major
    • RH-SSO-7.2.0.CR1
    • RH-SSO-7.1.1.GA
    • Server

      I have a case where a customer noticed that when a User Federation provider is broken (ldap is down, ldap cert is not in the truststore, etc), the local user accounts cannot be accessed / viewed in the Admin console.

      This issue appears to be related to KEYCLOAK-2984. However, KEYCLOAK-2984 is more about creating users while the User Federation provider is broken.

      The customer would like to have the ability to view/manage local users while a user federation is down.

      In my testing, when my ldap user federation provider is configured wrong or ldap is down and I click on "View all users", I get a red box with the following error:

      Error! An unexpected server error has occurred

      and no users (local or ldap) show up in the list. The user list is empty.

      I am able to login as the local users, but "View all" does not work.

      Recreated the issue on 7.1.0 and 7.1.1.

            mtrue-1 Mark True (Inactive)
            rhn-support-dehort Derek Horton
            1 Vote for this issue
            5 Start watching this issue