The OTP doesn't work when LDAP "Import Users" is false
Issue
The OTP doesn't work when LDAP Import Users
is false
. When the LDAP Import Users
is false
the user isn't redirected to the OTP configuration, but to the application on RH-SSO 7.4.7, on RH-SSO 7.4.8, the following WARN is shown:
13:07:01,223 WARN [org.keycloak.services] (default task-6) KC-SERVICES0013: Failed authentication: org.keycloak.models.ModelException: Not possible to write 'required action CONFIGURE_TOTP' when updating user 'bwilson'
at org.keycloak.keycloak-server-spi-private@9.0.14.redhat-00001//org.keycloak.models.utils.ReadOnlyUserModelDelegate.readOnlyException(ReadOnlyUserModelDelegate.java:146)
at org.keycloak.keycloak-server-spi-private@9.0.14.redhat-00001//org.keycloak.models.utils.ReadOnlyUserModelDelegate.addRequiredAction(ReadOnlyUserModelDelegate.java:71)
at org.keycloak.keycloak-server-spi@9.0.14.redhat-00001//org.keycloak.models.utils.UserModelDelegate.addRequiredAction(UserModelDelegate.java:104)
at org.keycloak.keycloak-ldap-federation@9.0.14.redhat-00001//org.keycloak.storage.ldap.LDAPWritesOnlyUserModelDelegate.addRequiredAction(LDAPWritesOnlyUserModelDelegate.java:86)
at org.keycloak.keycloak-server-spi@9.0.14.redhat-00001//org.keycloak.models.utils.UserModelDelegate.addRequiredAction(UserModelDelegate.java:104)
at org.keycloak.keycloak-server-spi@9.0.14.redhat-00001//org.keycloak.models.utils.UserModelDelegate.addRequiredAction(UserModelDelegate.java:104)
at org.keycloak.keycloak-server-spi@9.0.14.redhat-00001//org.keycloak.models.utils.UserModelDelegate.addRequiredAction(UserModelDelegate.java:104)
at org.keycloak.keycloak-server-spi@9.0.14.redhat-00001//org.keycloak.models.utils.UserModelDelegate.addRequiredAction(UserModelDelegate.java:104)
at org.keycloak.keycloak-server-spi@9.0.14.redhat-00001//org.keycloak.models.utils.UserModelDelegate.addRequiredAction(UserModelDelegate.java:104)
at org.keycloak.keycloak-server-spi@9.0.14.redhat-00001//org.keycloak.models.utils.UserModelDelegate.addRequiredAction(UserModelDelegate.java:104)
at org.keycloak.keycloak-server-spi@9.0.14.redhat-00001//org.keycloak.models.utils.UserModelDelegate.addRequiredAction(UserModelDelegate.java:104)
at org.keycloak.keycloak-server-spi@9.0.14.redhat-00001//org.keycloak.models.utils.UserModelDelegate.addRequiredAction(UserModelDelegate.java:104)
at org.keycloak.keycloak-server-spi-private@9.0.14.redhat-00001//org.keycloak.storage.adapter.UpdateOnlyChangeUserModelDelegate.addRequiredAction(UpdateOnlyChangeUserModelDelegate.java:80)
(...)
Environment
Red Hat Single Sign-On (RH-SSO) 7.4
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.