Incorrect username & password error after first login & restart in Registration Client
Problem
User installs the registration client and performs the below actions,
Enters the correct credentials in registration client
Applications performs the initial sync and requests the user for a restart
User restarts the application
User now again enters correct credentials
But this time user gets an error on the UI stating incorrect credentials
User now looks in the logs of registration client and finds the below errors,
2020-12-11T12:54:42+05:30 - [io.mosip.registration.util.restclient.AuthTokenUtilService]
- ERROR - AUTH_REFRESH_TOKEN_UTIL - REGISTRATION - REG -
org.springframework.dao.DataIntegrityViolationException: could not execute statement;
SQL [n/a]; nested exception is org.hibernate.exception.DataException:
could not execute statement
at org.springframework.orm.jpa.vendor.HibernateJpaDialect.
convertHibernateAccessException(HibernateJpaDialect.java:263)
...
Caused by: org.hibernate.exception.DataException: could not execute statement
at org.hibernate.exception.internal.SQLExceptionTypeDelegate.
convert(SQLExceptionTypeDelegate.java:52)
... 72 more
Caused by: java.sql.SQLDataException:
A truncation error was encountered trying to shrink VARCHAR
'eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJ4LUxOZmls&' to length 2048.
at org.apache.derby.impl.jdbc.Util.generateCsSQLException(Unknown Source)
... 90 more
Caused by: ERROR 22001:
A truncation error was encountered trying to shrink VARCHAR
'eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJ4LUxOZmls&' to length 2048.
at org.apache.derby.iapi.error.StandardException.newException(Unknown Source)
... 95 more
Solution
In registration client, after the initial restart during first login, once the credentials are verified a token is stored in the registration client derby database. Here, we are getting an error for SQL exception as the registration client is not able to store the token in derby database as the token is very large.
The size of the token is too big as the user id has too many roles associated in KeyCloak. In order to fix this issue, the roles associated to the user needs to reduce so that the token size is reduced and is less than 2048 characters.
The above solution is a work-around to the problem. There will be a code change for the same in future releases.