Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1910055

Summary: Keycloak login page doesn't show after recent update with shm cache issues
Product: [oVirt] ovirt-engine Reporter: Petr Matyáš <pmatyas>
Component: BLL.InfraAssignee: Artur Socha <asocha>
Status: CLOSED NOTABUG QA Contact: Lucie Leistnerova <lleistne>
Severity: medium Docs Contact:
Priority: medium    
Version: 4.4.4.5CC: asocha, bugs, mperina
Target Milestone: ---Keywords: Regression
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-01-18 12:05:11 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Infra RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1884233    

Description Petr Matyáš 2020-12-22 13:39:19 UTC 
Description of problem:
After some of the recent updates I did on my RHVM, keycloak login stopped working and login always redirects to regular login page.
Not sure which update it was as I had the keycloak login disabled for some time.
Login through python API with a user from keycloak (user@openidchttp) works without issues.
Also using this keycloak instance for logging in on a 4.3 engine is working.

Only error I can find is in ssl_error_log:
[Tue Dec 22 14:16:05.881844 2020] [auth_openidc:warn] [pid 1621:tid 140691359319808] [client ip:35124] oidc_cache_get: error retrieving value from shm cache backend for key "very_long_token"
[Tue Dec 22 14:16:05.901819 2020] [auth_openidc:error] [pid 1621:tid 140691359319808] [client ip:35124] oidc_cache_shm_get_key: could not construct cache key since key size is too large (1828 >= 512) (a:"very_long_token")
[Tue Dec 22 14:16:05.901849 2020] [auth_openidc:warn] [pid 1621:tid 140691359319808] [client ip:35124] oidc_cache_set: could NOT store 1105 bytes in shm cache backend for key "very_long_token"


Version-Release number of selected component (if applicable):
ovirt-engine-4.4.4.5-0.10.el8ev.noarch

How reproducible:
always

Steps to Reproduce:
1. setup keycloak login in RHVM
2. open login page
3.

Actual results:
regular login page appears

Expected results:
keycloak login page should appear or no login page at all if already logged in keycloak

Additional info:
Comment 1 Artur Socha 2020-12-22 14:40:21 UTC 
What is the exact version of Keycloak ?
Comment 2 Petr Matyáš 2020-12-22 14:53:18 UTC 
Server Version 	4.5.0.Final