+
Skip to content

Sign of a bad copy/paste in logging of usserSessionLimitsAuthenticator #40060

New issue
New issue
Closed
#40062
Closed
Sign of a bad copy/paste in logging of usserSessionLimitsAuthenticator#40060
#40062
Labels
area/authenticationIndicates an issue on Authentication areaarea/corekind/enhancementCategorizes a PR related to an enhancementrelease/26.3.0team/core-clientsteam/core-shared
@LM4O322

Description

@LM4O322
LM4O322
opened on May 29, 2025

Description

Hi, guys!
I found some minor bugs in the code while running SAST. There are some signs of bad copy/paste.
In particular, the code was changed in Commit 2c238b9 and this part of code is still in the main branch.

keycloak/services/src/main/java/org/keycloak/authentication/authenticators/sessionlimits/UserSessionLimitsAuthenticator.java

Line 85 in 3099570

logger.infof("Too many sessions related to the current client for this user. Session count: %s", userSessionCountForRealm);

It looks like userSessionCountForClient should be used instead of userSessionCountForRealm.
This code is in a block that compares userSessionCountForClient to determine if userClientLimit has been exceeded, so it would make sense to output the value of userSessionCountForClient to the logs.

Discussion

No response

Motivation

No response

Details

No response

Found by Linux Verification Center with SVACE

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/authenticationIndicates an issue on Authentication areaarea/corekind/enhancementCategorizes a PR related to an enhancementrelease/26.3.0team/core-clientsteam/core-shared

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载