I’ve implemented a custom UserStorageProvider to federate users I host in a Postgres DB. It works.
My CustomUserStorageProvider implements, among others, CredentialInputUpdater.
I’m able to change the user password using the realm admin page.
The problem is that when a user tries to do it by itself, using the Edit Account area (URL /auth/realms//account/), it gets an error and the logs contain:
10:44:43,261 ERROR [org.keycloak.services.error.KeycloakErrorHandler] (default task-6) Uncaught server error: org.keycloak.storage.ReadOnlyException: user is read only for this update
It seems like my custom UserAdapter is not instantiated when arriving from Edit Account, so the removeRequiredAction throws the exception.
Full details and full logs can be found here, on StackOverflow.
Thanks a lot