No description

Find a file

Hynek Mlnarik 12dd3edb10 Fix pagination issue with H6 With Hibernate ORM 6, pagination started to be unreliable: When setting the max results only if the first row was 0 has randomly affected other threads where first row was greater than 0. The latter thread sometimes produced query which did not account for the offset (cf. threads `-t1` and `-t2` below, while `-t2` missed the `offset ? rows` part whic `-t3` has). This has been fixed by setting the first row offset unconditionally. Closes: #20202 Closes: #16570 ``` 2023-06-02 10:19:03.855000 TRACE [org.keycloak.models.sessions.infinispan.initializer.SessionInitializerWorker] (blocking-thread-node-2-p8-t1) Running computation for segment 0 with worker 0 2023-06-02 10:19:03.856000 TRACE [org.keycloak.models.sessions.infinispan.initializer.OfflinePersistentUserSessionLoader] (blocking-thread-node-2-p8-t1) Loading sessions for segment=0 lastSessionId=00000000-0000-0000-0000-000000000000 first=0 2023-06-02 10:19:03.856000 DEBUG [org.keycloak.models.jpa.PaginationUtils] (blocking-thread-node-2-p8-t1) Set max to 64 in org.hibernate.query.sqm.internal.QuerySqmImpl@2fb60f8b 2023-06-02 10:19:03.856000 DEBUG [org.keycloak.models.jpa.PaginationUtils] (blocking-thread-node-2-p8-t1) After pagination: 0, 64 2023-06-02 10:19:03.857000 TRACE [org.keycloak.models.sessions.infinispan.initializer.SessionInitializerWorker] (blocking-thread-node-2-p8-t2) Running computation for segment 1 with worker 1 2023-06-02 10:19:03.857000 TRACE [org.keycloak.models.sessions.infinispan.initializer.OfflinePersistentUserSessionLoader] (blocking-thread-node-2-p8-t2) Loading sessions for segment=1 lastSessionId=00000000-0000-0000-0000-000000000000 first=64 2023-06-02 10:19:03.857000 TRACE [org.keycloak.models.sessions.infinispan.initializer.SessionInitializerWorker] (blocking-thread-node-2-p8-t3) Running computation for segment 2 with worker 2 2023-06-02 10:19:03.857000 DEBUG [org.keycloak.models.jpa.PaginationUtils] (blocking-thread-node-2-p8-t2) Set first to 64 in org.hibernate.query.sqm.internal.QuerySqmImpl@71464e9f 2023-06-02 10:19:03.857000 DEBUG [org.keycloak.models.jpa.PaginationUtils] (blocking-thread-node-2-p8-t2) Set max to 64 in org.hibernate.query.sqm.internal.QuerySqmImpl@71464e9f 2023-06-02 10:19:03.857000 DEBUG [org.keycloak.models.jpa.PaginationUtils] (blocking-thread-node-2-p8-t2) After pagination: 64, 64 2023-06-02 10:19:03.857000 TRACE [org.keycloak.models.sessions.infinispan.initializer.OfflinePersistentUserSessionLoader] (blocking-thread-node-2-p8-t3) Loading sessions for segment=2 lastSessionId=00000000-0000-0000-0000-000000000000 first=128 10:19:03,859 DEBUG [org.hibernate.SQL] (blocking-thread-node-2-p8-t1) select p1_0.OFFLINE_FLAG, p1_0.USER_SESSION_ID, p1_0.CREATED_ON, p1_0.DATA, p1_0.LAST_SESSION_REFRESH, p1_0.REALM_ID, p1_0.USER_ID from OFFLINE_USER_SESSION p1_0, REALM r1_0 where r1_0.ID=p1_0.REALM_ID and p1_0.OFFLINE_FLAG=? and p1_0.USER_SESSION_ID>? order by p1_0.USER_SESSION_ID fetch first ? rows only 10:19:03,859 DEBUG [org.hibernate.SQL] (blocking-thread-node-2-p8-t2) select p1_0.OFFLINE_FLAG, p1_0.USER_SESSION_ID, p1_0.CREATED_ON, p1_0.DATA, p1_0.LAST_SESSION_REFRESH, p1_0.REALM_ID, p1_0.USER_ID from OFFLINE_USER_SESSION p1_0, REALM r1_0 where r1_0.ID=p1_0.REALM_ID and p1_0.OFFLINE_FLAG=? and p1_0.USER_SESSION_ID>? order by p1_0.USER_SESSION_ID fetch first ? rows only 2023-06-02 10:19:03.860000 TRACE [org.hibernate.orm.jdbc.bind] (blocking-thread-node-2-p8-t1) binding parameter [1] as [VARCHAR] - [1] 2023-06-02 10:19:03.860000 TRACE [org.hibernate.orm.jdbc.bind] (blocking-thread-node-2-p8-t1) binding parameter [2] as [VARCHAR] - [00000000-0000-0000-0000-000000000000] 2023-06-02 10:19:03.860000 TRACE [org.hibernate.orm.jdbc.bind] (blocking-thread-node-2-p8-t1) binding parameter [3] as [INTEGER] - [64] 10:19:03,860 DEBUG [org.hibernate.SQL] (blocking-thread-node-2-p8-t3) select p1_0.OFFLINE_FLAG, p1_0.USER_SESSION_ID, p1_0.CREATED_ON, p1_0.DATA, p1_0.LAST_SESSION_REFRESH, p1_0.REALM_ID, p1_0.USER_ID from OFFLINE_USER_SESSION p1_0, REALM r1_0 where r1_0.ID=p1_0.REALM_ID and p1_0.OFFLINE_FLAG=? and p1_0.USER_SESSION_ID>? order by p1_0.USER_SESSION_ID offset ? rows fetch first ? rows only 2023-06-02 10:19:03.861000 TRACE [org.hibernate.orm.jdbc.bind] (blocking-thread-node-2-p8-t3) binding parameter [3] as [INTEGER] - [128] 2023-06-02 10:19:03.861000 TRACE [org.hibernate.orm.jdbc.bind] (blocking-thread-node-2-p8-t3) binding parameter [4] as [INTEGER] - [64] ``` Co-authored-by: mkanis <mkanis@redhat.com>		2023-06-07 20:45:34 +02:00
.github	Add Migration Tests to CI workflow	2023-06-07 19:43:48 +02:00
.mvn/wrapper	Update mvnw to 3.8.6 (#12492 )	2022-06-14 10:28:40 +02:00
adapters	OutOfMemoryError at elytron adapter	2023-05-30 14:26:47 +02:00
authz	allow specifying format of "permission" parameter in the UMA grant token	2023-05-29 08:56:39 -03:00
boms	Fixes SAML tests in testsuite	2023-04-27 13:36:54 +02:00
common	Removing OpenShift integration and moving to separate extension	2023-05-30 17:39:32 +02:00
core	Tests for user property mapper	2023-05-29 14:21:03 +02:00
crypto	Fix the issue with LDAP connectionUrl containing multiple hosts	2023-04-16 17:41:22 +02:00
dependencies	Removing OpenShift integration and moving to separate extension	2023-05-30 17:39:32 +02:00
distribution	Conditionally build WildFly adapters for our testsuite	2023-05-15 14:58:49 +02:00
docs	Update the docs	2023-06-07 09:23:12 -03:00
examples	Support JavaEE for Admin client (#19988 )	2023-04-28 16:35:31 +02:00
federation	Add escaping for fields with wildcard search	2023-05-31 14:38:04 +02:00
integration	Extend group search attribute functionality to account for use case where only the leaf group is required	2023-06-07 08:52:23 -03:00
js	Update dependencies to latest version (#20788 )	2023-06-06 12:35:06 -04:00
misc	Removing OpenShift integration and moving to separate extension	2023-05-30 17:39:32 +02:00
model	Fix pagination issue with H6	2023-06-07 20:45:34 +02:00
operator	enabling keycloak to be a scalable resource (#20828 )	2023-06-07 17:57:25 +02:00
quarkus	Setting ParallelGC as the default garbage collector (#20606 )	2023-06-05 17:48:28 +02:00
rest	added per-instance filtering logic to search groups API (#20714 )	2023-06-02 06:31:20 +00:00
saml-core	Use JakartaEE dependencies	2023-04-27 13:36:54 +02:00
saml-core-api	Adds com.sun.xml.ws.rt dependency to saml-core-api	2023-04-27 13:36:54 +02:00
server-spi	Fix and correlate session timeout calculations in legacy and new map implementations	2023-06-05 18:46:23 +02:00
server-spi-private	Extend group search attribute functionality to account for use case where only the leaf group is required	2023-06-07 08:52:23 -03:00
services	fix: issuedFor added to token to get client id into the token also redirect uri added to token and then passed to info template for "back to application" functionality	2023-06-07 12:19:46 -03:00
testsuite	Fix pagination issue with H6	2023-06-07 20:45:34 +02:00
themes	Pass webauthn signature algorithm IDs as integers instead of strings (#20832 )	2023-06-07 11:46:16 +02:00
util	Artifact SLF4J LOG4J-12 has been relocated (#20113 )	2023-05-05 13:57:45 +02:00
.gitattributes	Use lf as line-ending for sh files	2022-07-19 08:57:57 +02:00
.gitignore	Support JavaEE for Admin client (#19988 )	2023-04-28 16:35:31 +02:00
.gitleaks.toml	Removing testsuite/performance from main Keycloak repository (#15950 )	2022-12-15 14:43:24 +01:00
ADOPTERS.md	Add CERN to Adopters	2022-11-24 11:30:57 +01:00
CONTRIBUTING.md	Removed links from relocated repositories (#19703 )	2023-04-13 12:59:43 -04:00
get-version.sh
GOVERNANCE.md	Removed links from relocated repositories (#19703 )	2023-04-13 12:59:43 -04:00
LICENSE.txt	Added text version of ASL2 license	2019-11-08 12:43:10 +01:00
MAINTAINERS.md	Add Sebastian Schuster to maintainers (#20076 )	2023-05-02 12:35:08 +02:00
maven-settings.xml	[KEYCLOAK-11764] Upgrade to Wildfly 19	2020-04-24 08:19:43 -03:00
mvnw	Add Maven Wrapper (#11031 )	2022-04-22 15:24:39 +02:00
mvnw.cmd	Add Maven Wrapper (#11031 )	2022-04-22 15:24:39 +02:00
pom.xml	Update dependencies to latest version (#20788 )	2023-06-06 12:35:06 -04:00
PR-CHECKLIST.md	Introduce CODEOWNERS (#16637 )	2023-01-30 13:05:45 +01:00
prod-arguments.json	[KEYCLOAK-16723] Upgrade to Wildfly 22	2021-04-29 12:36:03 +02:00
README.md	removed links from relocated repositories	2023-04-13 10:59:57 +02:00
set-version.sh	Move from NPM to PNPM (#19839 )	2023-05-05 12:03:24 -04:00

README.md

Keycloak

Keycloak is an Open Source Identity and Access Management solution for modern Applications and Services.

This repository contains the source code for the Keycloak Server, Java adapters and the JavaScript adapter.

Help and Documentation

Documentation
User Mailing List - Mailing list for help and general questions about Keycloak

Reporting Security Vulnerabilities

If you've found a security vulnerability, please look at the instructions on how to properly report it

Reporting an issue

If you believe you have discovered a defect in Keycloak, please open an issue. Please remember to provide a good summary, description as well as steps to reproduce the issue.

Getting started

To run Keycloak, download the distribution from our website. Unzip and run:

bin/kc.[sh|bat] start-dev

Alternatively, you can use the Docker image by running:

docker run quay.io/keycloak/keycloak start-dev

For more details refer to the Keycloak Documentation.

Building from Source

To build from source, refer to the building and working with the code base guide.

Testing

To run tests, refer to the running tests guide.

Writing Tests

To write tests, refer to the writing tests guide.

Contributing

Before contributing to Keycloak, please read our contributing guidelines.

Other Keycloak Projects

Keycloak - Keycloak Server and Java adapters
Keycloak QuickStarts - QuickStarts for getting started with Keycloak
Keycloak Node.js Connect - Node.js adapter for Keycloak

License

Apache License, Version 2.0