Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-10949

Proper error messages when failing to authenticate the request

    Details

    • Sprint:
      Keycloak Sprint 25
    • Story Points:
      1
    • Steps to Reproduce:
      Hide
      • Login via Resource Owner Password grant flow (via Postman)
      • Getting the token and calling our test microservice where the adapter was
        configured
      • RPT Call worked
      • After that, logout the user's session from the user admin console
      • Retried the call to the microservice with the same token
      • Received the 500 HTTP Error
      Show
      Login via Resource Owner Password grant flow (via Postman) Getting the token and calling our test microservice where the adapter was configured RPT Call worked After that, logout the user's session from the user admin console Retried the call to the microservice with the same token Received the 500 HTTP Error
    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      We're noticing a strange behaviour during RPT call performed by our
      adapter. More specifically, we're getting a 500 HTTP Error with the
      following description: "Unexpected error while evaluating permissions:
      java.lang.RuntimeException: Error while reading attributes" and with a
      NullPointerException.
      I had a keycloak access token with 5 hours of expiration time and "SSO
      Session Idle time", in Keycloak, was set to 30 minutes. I know, it's a
      strange configuration, but we've used it just for testing purposes of the
      RPT / Authorization part.
      Once i've received the error, i've started thinking that the problem was
      probably due to the fact that the user's session was expired (i've notice
      the error after lunch where i've left the pc alone for about 1 hour), so

      We're using Keycloak 6.0.1.
      I've a question about: is it right that error? In my opinion we should
      receive a 401, not 500...

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                pcraveiro Pedro Igor Silva
                Reporter:
                pcraveiro Pedro Igor Silva
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: