Bernd Bohmann
Bernd Bohmann
Why keycloak should allow to delete and recreate a flow that is currently in use in a client?
`[org.keycloak.services.error.KeycloakErrorHandler] (executor-thread-2) Uncaught server error: org.keycloak.models.ModelException: Cannot remove authentication flow, it is currently in use` `at org.keycloak.models.jpa.RealmAdapter.removeAuthenticationFlow(RealmAdapter.java:1460)` `at org.keycloak.models.cache.infinispan.RealmAdapter.removeAuthenticationFlow(RealmAdapter.java:1349)` `at org.keycloak.models.utils.KeycloakModelUtils.deepDeleteAuthenticationFlow(KeycloakModelUtils.java:967)` `at org.keycloak.services.resources.admin.AuthenticationManagementResource.deleteFlow(AuthenticationManagementResource.java:370)` `at org.keycloak.services.resources.admin.AuthenticationManagementResource$quarkusrestinvoker$deleteFlow_c7a3b2245d7e636a2fcab9cafd6ed82fb5d1f875.invoke(Unknown Source)` `at org.jboss.resteasy.reactive.server.handlers.InvocationHandler.handle(InvocationHandler.java:29)` `at io.quarkus.resteasy.reactive.server.runtime.QuarkusResteasyReactiveRequestContext.invokeHandler(QuarkusResteasyReactiveRequestContext.java:141)`...
The specific code is here in `AuthenticationFlowsImportService#recreateTopLevelFlow` To update a flow the flow will be deleted and recreated. Before the deletion all references to this flow will be disabled/unasigned and...
@ma1uta The last failing test is something similar https://github.com/adorsys/keycloak-config-cli/pull/1162/commits/8f2f5dc5d3b65c06c660a3fb7b18265df605e8a2 in the file [44_update_realm_remove_authz_policy_realm-management.json](https://github.com/bohmber/keycloak-config-cli/blob/fcf3a3047fcf02252f6b1666e8f14a5378e7d0da/src/test/resources/import-files/clients/44_update_realm_remove_authz_policy_realm-management.json#L62) the `realm-management` client has `authorizationServicesEnabled` with an empty resources section in authorizationSettings. The authorizationSettings will be deleted...
@ma1uta good point. That was exactly the code I was searching for the behavior
@test4423 @francis-pouatcha Could be fixed by #1096
@jonasvoelcker can you take a look
@jonasvoelcker can you take a look?
@francis-pouatcha thanks a lot. And nice to meet you in vienna
TODOs: Metrics names prefix vendor.kc or vendor or keycloak or vendor.keycloak? @ahus1 suggested the prefix keycloak. Which metrics should be part of the basic configuration?