+
Skip to content

Acceptable value range is inconsistent between API and Admin Console because of lack of validation in REST API endpoint #8840

New issue
New issue
Open
Open
Acceptable value range is inconsistent between API and Admin Console because of lack of validation in REST API endpoint#8840
Labels
area/admin/apihelp wantedkind/bugCategorizes a PR related to a bugpriority/normalstatus/auto-bumpteam/core-iam
@ynojima

Description

@ynojima
ynojima
opened on Nov 17, 2021

Describe the bug

Moved from https://issues.redhat.com/browse/KEYCLOAK-16711

At REST endpoint, no validation is done for ssoSessionIdleTimeout, ssoSessionMaxLifespan, offlineSessionIdleTimeout, and offlineSessionMaxLifespan.
At Admin console, these settings are regulated in positive values. Negative values and zero are rejected.
REST endpoint should have data validation check because zero and negative values are inappropriate for these settings.

Version

RH-SSO 7.5.0

Expected behavior

consistent validation between API and Admin Console

Actual behavior

no validation is done for ssoSessionIdleTimeout, ssoSessionMaxLifespan, offlineSessionIdleTimeout, and offlineSessionMaxLifespan.

How to Reproduce?

./kcadm.sh update realms/<your-realm> -s ssoSessionIdleTimeout=-100

Anything else?

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/admin/apihelp wantedkind/bugCategorizes a PR related to a bugpriority/normalstatus/auto-bumpteam/core-iam

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载