Unable to turn on users permissions feature
See original GitHub issueArea
account/api
Describe the bug
In the admin UI users section -> permissions tab “Permissions enabled” switch doesn’t work. And I’m unable to turn on grand type “urn:ietf:params:oauth:grant-type:uma-ticket”. In the console I get this error:
keycloak | 2022-11-07 08:39:03,761 ERROR [org.keycloak.services.error.KeycloakErrorHandler] (executor-thread-1) Uncaught server error: java.lang.NullPointerException keycloak | at org.keycloak.services.resources.admin.RealmAdminResource.toUsersMgmtRef(RealmAdminResource.java:521) keycloak | at org.keycloak.services.resources.admin.RealmAdminResource.setUsersManagementPermissionsEnabled(RealmAdminResource.java:511) keycloak | at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) keycloak | at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) keycloak | at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) keycloak | at java.base/java.lang.reflect.Method.invoke(Method.java:566) keycloak | at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:170) keycloak | at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:130) keycloak | at org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:660) keycloak | at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:524) keycloak | at org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$2(ResourceMethodInvoker.java:474) keycloak | at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364) keycloak | at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:476) keycloak | at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:434) keycloak | at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:192) keycloak | at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:152) keycloak | at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:183) keycloak | at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:141) keycloak | at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:32) keycloak | at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:492) keycloak | at org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:261) keycloak | at org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:161) keycloak | at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364) keycloak | at org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:164) keycloak | at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:247) keycloak | at io.quarkus.resteasy.runtime.standalone.RequestDispatcher.service(RequestDispatcher.java:73) keycloak | at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.dispatch(VertxRequestHandler.java:151) keycloak | at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.handle(VertxRequestHandler.java:82) keycloak | at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.handle(VertxRequestHandler.java:42) keycloak | at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1284) keycloak | at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:173) keycloak | at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:140) keycloak | at io.quarkus.vertx.http.runtime.StaticResourcesRecorder$2.handle(StaticResourcesRecorder.java:84) keycloak | at io.quarkus.vertx.http.runtime.StaticResourcesRecorder$2.handle(StaticResourcesRecorder.java:71) keycloak | at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1284) keycloak | at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:173) keycloak | at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:140) keycloak | at io.quarkus.vertx.http.runtime.VertxHttpRecorder$6.handle(VertxHttpRecorder.java:430) keycloak | at io.quarkus.vertx.http.runtime.VertxHttpRecorder$6.handle(VertxHttpRecorder.java:408) keycloak | at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1284) keycloak | at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:173) keycloak | at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:140) keycloak | at org.keycloak.quarkus.runtime.integration.web.QuarkusRequestFilter.lambda$createBlockingHandler$0(QuarkusRequestFilter.java:82) keycloak | at io.quarkus.vertx.core.runtime.VertxCoreRecorder$14.runWith(VertxCoreRecorder.java:564) keycloak | at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2449) keycloak | at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1478) keycloak | at org.jboss.threads.DelegatingRunnable.run(DelegatingRunnable.java:29) keycloak | at org.jboss.threads.ThreadLocalResettingRunnable.run(ThreadLocalResettingRunnable.java:29) keycloak | at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) keycloak | at java.base/java.lang.Thread.run(Thread.java:829)
Version
20.0.0
Expected behavior
Feature enables, there no error in console and realm openid realm settings returns “urn:ietf:params:oauth:grant-type:uma-ticket” in “grant_types_supported” array.
Actual behavior
Feature doesn’t work, error in console, “urn:ietf:params:oauth:grant-type:uma-ticket” grand type doesn’t enable.
How to Reproduce?
“users” section of any realm, click on the permissions tab, click on “Permissions enabled” switch. Look to keycloak console.
Anything else?
I use postgresql, so it probably matters.
Issue Analytics
- State:
- Created 10 months ago
- Reactions:2
- Comments:5 (3 by maintainers)
Top GitHub Comments
Hi! Same issue, Keycloak 20.0.1 on Postgres. This issue is present both in Users and Realm Roles. Thank you!
Technically, it’s both. But it was fixed as a UI issue with https://github.com/keycloak/keycloak-ui/pull/3779
I’m going to move this back to the main keycloak repo so they can fix the back end part if they want. It will be likely be a low priority because the only way you could reproduce it now is to use the admin API.