Translated message

A translation of this page exists in English.

クライアントまたはレルム設定のインポート/エクスポートにより "java.lang.RuntimeException: Script upload is disabled" が発生する

Solution In Progress - Updated -

Issue

  • upload_scripts 機能の非推奨化により、任意の openid-connect クライアントにおいて認可設定のインポートおよびエクスポートができなくなり、以下の例外が発生します。
ERROR [org.keycloak.services.error.KeycloakErrorHandler] (default task-7) Uncaught server error: java.lang.RuntimeException: Script upload is disabled
    at org.keycloak.authorization.policy.provider.js.JSPolicyProviderFactory.updatePolicy(JSPolicyProviderFactory.java:125)
    at org.keycloak.authorization.policy.provider.js.JSPolicyProviderFactory.onImport(JSPolicyProviderFactory.java:70)
    at org.keycloak.models.utils.RepresentationToModel.toModel(RepresentationToModel.java:2185)
    at org.keycloak.models.utils.RepresentationToModel.importPolicies(RepresentationToModel.java:2113)
    at org.keycloak.models.utils.RepresentationToModel.toModel(RepresentationToModel.java:2059)
    at org.keycloak.authorization.admin.ResourceServerService.importSettings(ResourceServerService.java:136)

  • ある RH-SSO インスタンスからクライアント設定データをエクスポートし、別のインスタンスにインポートできる必要があります。

  • RH-SSO でレルムをエクスポートしてインポートすると、以下のエラーが発生して失敗します。

ERROR [org.keycloak.services.error.KeycloakErrorHandler] (default task-3) Uncaught server error: java.lang.RuntimeException: Script upload is disabled
        at org.keycloak.keycloak-authz-policy-common@18.0.0.redhat-00001//org.keycloak.authorization.policy.provider.js.JSPolicyProviderFactory.throwCanNotUpdatePolicy(JSPolicyProviderFactory.java:130)
        at org.keycloak.keycloak-authz-policy-common@18.0.0.redhat-00001//org.keycloak.authorization.policy.provider.js.JSPolicyProviderFactory.onImport(JSPolicyProviderFactory.java:72)
        at org.keycloak.keycloak-server-spi-private@18.0.0.redhat-00001//org.keycloak.models.utils.RepresentationToModel.toModel(RepresentationToModel.java:2483)
        at org.keycloak.keycloak-server-spi-private@18.0.0.redhat-00001//org.keycloak.authorization.AuthorizationProvider$3.create(AuthorizationProvider.java:351)
        at org.keycloak.keycloak-server-spi-private@18.0.0.redhat-00001//org.keycloak.models.utils.RepresentationToModel.importPolicies(RepresentationToModel.java:2405)
        at org.keycloak.keycloak-server-spi-private@18.0.0.redhat-00001//org.keycloak.models.utils.RepresentationToModel.toModel(RepresentationToModel.java:2353)
        at org.keycloak.keycloak-server-spi-private@18.0.0.redhat-00001//org.keycloak.models.utils.RepresentationToModel.importAuthorizationSettings(RepresentationToModel.java:2300)
        at org.keycloak.keycloak-server-spi-private@18.0.0.redhat-00001//org.keycloak.models.utils.RepresentationToModel.lambda$importRealmAuthorizationSettings$9(RepresentationToModel.java:2278)
        at java.base/java.util.ArrayList.forEach(ArrayList.java:1540)
        at org.keycloak.keycloak-server-spi-private@18.0.0.redhat-00001//org.keycloak.models.utils.RepresentationToModel.importRealmAuthorizationSettings(RepresentationToModel.java:2276)

Environment

  • Red Hat Single Sign-On (RH-SSO)
    • 7.3
    • 7.4
    • 7.5
    • 7.6

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content