[kolla] Keycloak "More than one user" error

Braden, Albert C-Albert.Braden at charter.com
Mon Jan 25 13:34:10 UTC 2021


We're running Train on Centos 7, and using Keycloak for auth. After I setup Keycloak, create a user in Keycloak, and then login to Horizon via Keycloak, a user is created in Keystone:

| ccb276f4f507fd9f271d629d2ad896d2c97e04f81336cd8c1332f4b2df115ca2 | test              |

If I try to address that user by name, I get an error:

(openstack) [root at chrnc-area51-build-01 our-ok-kolla-ansible]# os user show test
More than one user exists with the name 'test'.

I can address it by id. When I list users, I only see one "test" user."

(openstack) [root at chrnc-area51-build-01 our-ok-kolla-ansible]# os user show ccb276f4f507fd9f271d629d2ad896d2c97e04f81336cd8c1332f4b2df115ca2
+---------------------+------------------------------------------------------------------+
| Field               | Value                                                            |
+---------------------+------------------------------------------------------------------+
| domain_id           | 4678301ef9a24d54bcd2e87a8fbc6872                                 |
| email               | test at example.com                                                 |

If I create a second user in Keycloak and login the same way, this doesn't happen:

(openstack) [root at chrnc-area51-build-01 our-ok-kolla-ansible]# os user show test2
+---------------------+------------------------------------------------------------------+
| Field               | Value                                                            |
+---------------------+------------------------------------------------------------------+
| domain_id           | 4678301ef9a24d54bcd2e87a8fbc6872                                 |
| email               | test2 at example.com                                                |

These 2 users look identical in the database:

user:

| ccb276f4f507fd9f271d629d2ad896d2c97e04f81336cd8c1332f4b2df115ca2 | {"email": "test at example.com"}        |       1 | NULL                             | 2021-01-22 18:33:20 | NULL           | 4678301ef9a24d54bcd2e87a8fbc6872 |
| f4287b6082b8f36048d052eaa3d35facb94e5eff598d59d2aee68252ddb13339 | {"email": "test2 at example.com"}       |       1 | NULL                             | 2021-01-22 21:01:54 | NULL           | 4678301ef9a24d54bcd2e87a8fbc6872 |

federated_user:

|  6 | ccb276f4f507fd9f271d629d2ad896d2c97e04f81336cd8c1332f4b2df115ca2 | keycloak | openid      | test      | test         |
|  9 | f4287b6082b8f36048d052eaa3d35facb94e5eff598d59d2aee68252ddb13339 | keycloak | openid      | test2     | test2        |

Where should I be looking for the cause of this error?


I apologize for the nonsense below. So far I have not been able to stop it from being attached to my external emails. I'm working on it.

E-MAIL CONFIDENTIALITY NOTICE: 
The contents of this e-mail message and any attachments are intended solely for the addressee(s) and may contain confidential and/or legally privileged information. If you are not the intended recipient of this message or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message and any attachments. If you are not the intended recipient, you are notified that any use, dissemination, distribution, copying, or storage of this message or any attachment is strictly prohibited.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20210125/f29d2482/attachment.html>


More information about the openstack-discuss mailing list