commit
097c49149c
4 changed files with 35 additions and 1 deletions
|
@ -97,6 +97,17 @@
|
|||
<section>
|
||||
<title>Version specific migration</title>
|
||||
|
||||
<section>
|
||||
<title>Migrating to 1.9.5</title>
|
||||
<simplesect>
|
||||
<title>Default password hashing interval increased to 20K</title>
|
||||
<para>
|
||||
The default password hashing interval for new realms is increased to 20K (from 1 previously). This will have a significant performance
|
||||
when users login.
|
||||
</para>
|
||||
</simplesect>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>Migrating to 1.9.3</title>
|
||||
<simplesect>
|
||||
|
|
|
@ -18,6 +18,7 @@ package org.keycloak.services.managers;
|
|||
|
||||
import org.keycloak.Config;
|
||||
import org.keycloak.common.enums.SslRequired;
|
||||
import org.keycloak.models.PasswordPolicy;
|
||||
import org.keycloak.models.session.UserSessionPersisterProvider;
|
||||
import org.keycloak.models.utils.RealmImporter;
|
||||
import org.keycloak.models.AccountRoles;
|
||||
|
@ -218,6 +219,8 @@ public class RealmManager implements RealmImporter {
|
|||
realm.setOTPPolicy(OTPPolicy.DEFAULT_POLICY);
|
||||
|
||||
realm.setEventsListeners(Collections.singleton("jboss-logging"));
|
||||
|
||||
realm.setPasswordPolicy(new PasswordPolicy("hashIterations(20000)"));
|
||||
}
|
||||
|
||||
public boolean removeRealm(RealmModel realm) {
|
||||
|
|
|
@ -132,6 +132,26 @@ public class RealmTest extends AbstractAdminTest {
|
|||
Assert.assertNames(adminClient.realms().findAll(), "master", AuthRealm.TEST, REALM_NAME);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void createRealmCheckDefaultPasswordPolicy() {
|
||||
RealmRepresentation rep = new RealmRepresentation();
|
||||
rep.setRealm("new-realm");
|
||||
|
||||
adminClient.realms().create(rep);
|
||||
|
||||
assertEquals("hashIterations(20000)", adminClient.realm("new-realm").toRepresentation().getPasswordPolicy());
|
||||
|
||||
adminClient.realms().realm("new-realm").remove();
|
||||
|
||||
rep.setPasswordPolicy("length(8)");
|
||||
|
||||
adminClient.realms().create(rep);
|
||||
|
||||
assertEquals("length(8)", adminClient.realm("new-realm").toRepresentation().getPasswordPolicy());
|
||||
|
||||
adminClient.realms().realm("new-realm").remove();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void createRealmFromJson() {
|
||||
RealmRepresentation rep = loadJson(getClass().getResourceAsStream("/admin-test/testrealm.json"), RealmRepresentation.class);
|
||||
|
|
|
@ -163,7 +163,7 @@ public class AdapterTest extends AbstractModelTest {
|
|||
user.updateCredential(cred);
|
||||
Assert.assertTrue(userProvider.validCredentials(session, realmModel, user, UserCredentialModel.password("geheim")));
|
||||
List<UserCredentialValueModel> creds = user.getCredentialsDirectly();
|
||||
Assert.assertEquals(creds.get(0).getHashIterations(), 1);
|
||||
Assert.assertEquals(creds.get(0).getHashIterations(), 20000);
|
||||
realmModel.setPasswordPolicy(new PasswordPolicy("hashIterations(200)"));
|
||||
Assert.assertTrue(userProvider.validCredentials(session, realmModel, user, UserCredentialModel.password("geheim")));
|
||||
creds = user.getCredentialsDirectly();
|
||||
|
|
Loading…
Reference in a new issue