KEYCLOAK-12535 Fix broken links
This commit is contained in:
parent
8be3ccf885
commit
9194cbe2c4
11 changed files with 26 additions and 26 deletions
|
@ -11,7 +11,7 @@ Contributing to Keycloak Documentation
|
|||
|
||||
See our [Contributor's Guide](internal_resources/contributing.adoc). The directory also includes a set of templates and other resources to help you get started.
|
||||
|
||||
If you want to file a bug report or tell us about any other issue with this documentation, you are invited to please use our [issue tracker](https://issues.jboss.org/projects/KEYCLOAK/).
|
||||
If you want to file a bug report or tell us about any other issue with this documentation, you are invited to please use our [issue tracker](https://issues.redhat.com/projects/KEYCLOAK/).
|
||||
|
||||
|
||||
Building Keycloak Documentation
|
||||
|
|
|
@ -75,7 +75,7 @@ When contributing, follow this procedure. Enter commands from the command line o
|
|||
. Make your changes
|
||||
. (Optional) Enter `git status` now or at any time to see what branch you are on, what files you have changed, and whether those files are staged to be committed.
|
||||
. Enter `git add -A` to stage your changes to the commit you are about to make.
|
||||
. Enter `git commit -m 'KEYCLOAK-XXXX include meaningful information about changes'` where `KEYCLOAK-XXXX` refers to the link:https://issues.jboss.org/projects/KEYCLOAK/issues[Jira issue] being fixed in this commit (if any) and where you add a short sentence that clearly describes what the commit contains.
|
||||
. Enter `git commit -m 'KEYCLOAK-XXXX include meaningful information about changes'` where `KEYCLOAK-XXXX` refers to the link:https://issues.redhat.com/projects/KEYCLOAK/issues[Jira issue] being fixed in this commit (if any) and where you add a short sentence that clearly describes what the commit contains.
|
||||
. Follow the steps in the link:https://github.com/keycloak/keycloak-documentation/blob/master/README.md[README] to create a test build locally and confirm that your changes look correct. Make more changes and repeat steps to here, as needed.
|
||||
. Enter `git push origin {branchname}` to push your changes to your fork in GitHub.
|
||||
. Use the GitHub web interface to create a pull request. First, navigate to your branch in the web UI and click *Compare*. This will show you a diff of the changes. Examine them one more time. If necessary, make more changes locally and repeat the steps to here. When you are ready, click *Create a pull request*. Enter a title and a description with enough detail for reviewers to know what you have changed and why. Click *Submit*.
|
||||
|
|
|
@ -738,7 +738,7 @@ avoid man-in-the-middle security attacks.
|
|||
=== Source-to-Image (S2I)
|
||||
|
||||
=== Known Issues
|
||||
* There is a known issue with the EAP6 Adapter _HttpServletRequest.logout()_ in which the adapter does not log out from the application, which can create a login loop. The workaround is to call _HttpSession.invalidate();_ after _request.logout()_ to clear the Keycloak token from the session. For more information, see https://issues.jboss.org/browse/KEYCLOAK-2665[KEYCLOAK-2665].
|
||||
* There is a known issue with the EAP6 Adapter _HttpServletRequest.logout()_ in which the adapter does not log out from the application, which can create a login loop. The workaround is to call _HttpSession.invalidate();_ after _request.logout()_ to clear the Keycloak token from the session. For more information, see https://issues.redhat.com/browse/KEYCLOAK-2665[KEYCLOAK-2665].
|
||||
* The SSO logs throw a duplication error if the SSO pod is restarted while backed by a database pod. This error can be safely ignored.
|
||||
* Setting _adminUrl_ to a "https://..." address in an OpenID Connect client will cause *javax.net.ssl.SSLHandshakeException* exceptions on the SSO server if the default secrets (*sso-app-secret* and *eap-app-secret*) are used. The application server must use either CA-signed certificates or configure the SSO trust store to trust the self-signed certificates.
|
||||
* If the client route uses a different domain suffix to the SSO service, the client registration script will erroneously configure the client on the SSO side, causing bad redirection.
|
||||
|
|
|
@ -19,7 +19,7 @@ changes we did were related with trying to optimize the policy evaluation path b
|
|||
as soon as they happen. We also introduced a policy decision cache on a per request basis, avoiding redundant decisions from policies
|
||||
previously evaluated.
|
||||
|
||||
We are also working on other layers of cache which should give a much better experience. See https://issues.jboss.org/browse/KEYCLOAK-7952[KEYCLOAK-7952].
|
||||
We are also working on other layers of cache which should give a much better experience. See https://issues.redhat.com/browse/KEYCLOAK-7952[KEYCLOAK-7952].
|
||||
|
||||
= Choosing the response mode when obtaining permissions from the server
|
||||
|
||||
|
|
|
@ -148,34 +148,34 @@ DB2 support has been deprecated for a while. With this release we have removed a
|
|||
= Fixed Issues
|
||||
More than 1,200 issues were resolved in this release.
|
||||
|
||||
* link:https://issues.jboss.org/issues/?filter=12337585[https://issues.jboss.org/issues/?filter=12337585]
|
||||
* link:https://issues.redhat.com/issues/?filter=12337585[https://issues.redhat.com/issues/?filter=12337585]
|
||||
|
||||
= Known Issues
|
||||
The following are known issues for this release.
|
||||
|
||||
* link:https://issues.jboss.org/browse/KEYCLOAK-6127[KEYCLOAK-6127] - Role manage-users still required for some operations regardless granted permission
|
||||
* link:https://issues.redhat.com/browse/KEYCLOAK-6127[KEYCLOAK-6127] - Role manage-users still required for some operations regardless granted permission
|
||||
|
||||
* link:https://issues.jboss.org/browse/KEYCLOAK-8043[KEYCLOAK-8043] - prompt=none doesn't work with default identity provider
|
||||
* link:https://issues.redhat.com/browse/KEYCLOAK-8043[KEYCLOAK-8043] - prompt=none doesn't work with default identity provider
|
||||
|
||||
* link:https://issues.jboss.org/browse/KEYCLOAK-8049[KEYCLOAK-8049] - Nullpointer when create group policy for the root node
|
||||
* link:https://issues.redhat.com/browse/KEYCLOAK-8049[KEYCLOAK-8049] - Nullpointer when create group policy for the root node
|
||||
|
||||
* link:https://issues.jboss.org/browse/KEYCLOAK-8766[KEYCLOAK-8766] - CORS with OIDC requests fails when using elytron adapter
|
||||
* link:https://issues.redhat.com/browse/KEYCLOAK-8766[KEYCLOAK-8766] - CORS with OIDC requests fails when using elytron adapter
|
||||
|
||||
* link:https://issues.jboss.org/browse/KEYCLOAK-8821[KEYCLOAK-8821] - When KeycloakApplication is not successfully deployed server.log's content is erased
|
||||
* link:https://issues.redhat.com/browse/KEYCLOAK-8821[KEYCLOAK-8821] - When KeycloakApplication is not successfully deployed server.log's content is erased
|
||||
|
||||
* link:https://issues.jboss.org/browse/KEYCLOAK-8867[KEYCLOAK-8867] - Return resource associated with policies when querying via uma-policy
|
||||
* link:https://issues.redhat.com/browse/KEYCLOAK-8867[KEYCLOAK-8867] - Return resource associated with policies when querying via uma-policy
|
||||
|
||||
* link:https://issues.jboss.org/browse/KEYCLOAK-8957[KEYCLOAK-8957] - Federated ID Login results in broken user accounts
|
||||
* link:https://issues.redhat.com/browse/KEYCLOAK-8957[KEYCLOAK-8957] - Federated ID Login results in broken user accounts
|
||||
|
||||
* link:https://issues.jboss.org/browse/KEYCLOAK-9093[KEYCLOAK-9093] - False-Positive UMA Policy Evaluation
|
||||
* link:https://issues.redhat.com/browse/KEYCLOAK-9093[KEYCLOAK-9093] - False-Positive UMA Policy Evaluation
|
||||
|
||||
* link:https://issues.jboss.org/browse/KEYCLOAK-9095[KEYCLOAK-9095] - NullpointerException in AuthenticatedActionsHandler when Web Origins is null
|
||||
* link:https://issues.redhat.com/browse/KEYCLOAK-9095[KEYCLOAK-9095] - NullpointerException in AuthenticatedActionsHandler when Web Origins is null
|
||||
|
||||
* link:https://issues.jboss.org/browse/KEYCLOAK-9183[KEYCLOAK-9183] - NullPointerException when validating password via LDAPStorageProvider for a no longer existing LDAP entry
|
||||
* link:https://issues.redhat.com/browse/KEYCLOAK-9183[KEYCLOAK-9183] - NullPointerException when validating password via LDAPStorageProvider for a no longer existing LDAP entry
|
||||
|
||||
* link:https://issues.jboss.org/browse/KEYCLOAK-9272[KEYCLOAK-9272] - NullPointer if truststore password is missing
|
||||
* link:https://issues.redhat.com/browse/KEYCLOAK-9272[KEYCLOAK-9272] - NullPointer if truststore password is missing
|
||||
|
||||
* link:https://issues.jboss.org/browse/KEYCLOAK-9310[KEYCLOAK-9310] - Removing custom required action provider corrupts the Realm model
|
||||
* link:https://issues.redhat.com/browse/KEYCLOAK-9310[KEYCLOAK-9310] - Removing custom required action provider corrupts the Realm model
|
||||
|
||||
= Supported Configurations
|
||||
|
||||
|
|
|
@ -519,4 +519,4 @@ All cookies are part of the header request, so you might find a problem with the
|
|||
|
||||
==== Known Issues
|
||||
|
||||
There is a known issue with the Keycloak server 4.7.0.Final in which Gatekeeper is unable to find the _client_id_ in the _aud_ claim. This is due to the fact the _client_id_ is not in the audience anymore. The workaround is to add the "Audience" protocol mapper to the client with the audience pointed to the _client_id_. For more information, see link:https://issues.jboss.org/browse/KEYCLOAK-8954[KEYCLOAK-8954].
|
||||
There is a known issue with the Keycloak server 4.7.0.Final in which Gatekeeper is unable to find the _client_id_ in the _aud_ claim. This is due to the fact the _client_id_ is not in the audience anymore. The workaround is to add the "Audience" protocol mapper to the client with the audience pointed to the _client_id_. For more information, see link:https://issues.redhat.com/browse/KEYCLOAK-8954[KEYCLOAK-8954].
|
||||
|
|
|
@ -45,7 +45,7 @@ necessary.
|
|||
Unicode characters are properly handled provided the database was created with Unicode support in `VARCHAR` and `CHAR`
|
||||
fields in the `CREATE DATABASE` command (e.g. by using `utf8` character set as the default database character set in
|
||||
MySQL 5.5. Please note that `utf8mb4` character set does not work due to different storage requirements to `utf8`
|
||||
character set footnote:[Tracked as https://issues.jboss.org/browse/KEYCLOAK-3873]). Note that in this case, length
|
||||
character set footnote:[Tracked as https://issues.redhat.com/browse/KEYCLOAK-3873]). Note that in this case, length
|
||||
restriction to non-special fields does not apply because columns are created to accommodate given amount of characters,
|
||||
not bytes. If the database default character set does not allow storing Unicode, only the special fields allow storing
|
||||
Unicode values.
|
||||
|
|
|
@ -321,7 +321,7 @@ Issues related to authorization may exist just for some other versions of {jdgse
|
|||
...
|
||||
```
|
||||
+
|
||||
It is currently required to have different configuration files for the JDG servers on both sites as the Infinispan subsystem does not support replacing site names with expressions. See link:https://issues.jboss.org/browse/WFLY-9458[this issue] for more details.
|
||||
It is currently required to have different configuration files for the JDG servers on both sites as the Infinispan subsystem does not support replacing site names with expressions. See link:https://issues.redhat.com/browse/WFLY-9458[this issue] for more details.
|
||||
|
||||
. Start server `jdg1`:
|
||||
+
|
||||
|
@ -716,7 +716,7 @@ The difference between `WARN` and `IGNORE` is, that with `IGNORE` warnings are n
|
|||
|
||||
The default configuration is using transaction in NON_DURABLE_XA mode with acquire timeout 0. This means that transaction will fail-fast if there is another transaction in progress for the same key.
|
||||
|
||||
The reason to switch this to 0 instead of default 10 seconds was to avoid possible deadlock issues. With {project_name}, it can happen that the same entity (typically session entity or loginFailure) is updated concurrently from both sites. This can cause deadlock under some circumstances, which will cause the transaction to be blocked for 10 seconds. See link:https://issues.jboss.org/browse/JDG-1318[this JIRA report] for details.
|
||||
The reason to switch this to 0 instead of default 10 seconds was to avoid possible deadlock issues. With {project_name}, it can happen that the same entity (typically session entity or loginFailure) is updated concurrently from both sites. This can cause deadlock under some circumstances, which will cause the transaction to be blocked for 10 seconds. See link:https://issues.redhat.com/browse/JDG-1318[this JIRA report] for details.
|
||||
|
||||
With timeout 0, the transaction will immediately fail and then will be retried from {project_name} if backup `failure-policy` with the value `FAIL` is configured. As long as the second concurrent transaction is finished, the retry will usually be successful and the entity will have applied updates from both concurrent transactions.
|
||||
|
||||
|
@ -863,7 +863,7 @@ of redirects in your browser and you see the errors like this in the {project_na
|
|||
+
|
||||
it probably means that your load balancer needs to be set to support sticky sessions. Make sure that the provided route name used during startup of {project_name} server (Property `jboss.node.name`) contains the correct name used by the load balancer server to identify the current server.
|
||||
|
||||
* If the {jdgserver_name} `work` cache grows indefinitely, you may be experiencing https://issues.jboss.org/browse/JDG-987[this {jdgserver_name} issue],
|
||||
* If the {jdgserver_name} `work` cache grows indefinitely, you may be experiencing https://issues.redhat.com/browse/JDG-987[this {jdgserver_name} issue],
|
||||
which is caused by cache items not being properly expired. In that case, update the cache declaration with an empty `<expiration />` tag like this:
|
||||
+
|
||||
```xml
|
||||
|
@ -882,7 +882,7 @@ which is caused by cache items not being properly expired. In that case, update
|
|||
```
|
||||
+
|
||||
you can just ignore them. To avoid the warning, the caches on {jdgserver_name} server side could be changed to transactional caches, but this is not recommended as it can cause some
|
||||
other issues caused by the bug https://issues.jboss.org/browse/ISPN-9323. So for now, the warnings just need to be ignored.
|
||||
other issues caused by the bug https://issues.redhat.com/browse/ISPN-9323. So for now, the warnings just need to be ignored.
|
||||
|
||||
* If you see errors in the {jdgserver_name} server log like:
|
||||
+
|
||||
|
|
|
@ -30,4 +30,4 @@ http://127.0.0.1:3000/oauth/callback
|
|||
https://api.linkedin.com/v2/me
|
||||
https://raw.githubusercontent.com/jboss-container-images/redhat-sso-7-openshift-image/sso-cd-dev/templates/${resource}
|
||||
https://raw.githubusercontent.com/jboss-container-images/redhat-sso-7-openshift-image/sso73-dev/templates/${resource}
|
||||
https://issues.jboss.org/secure/CreateIssueDetails*
|
||||
https://issues.redhat.com/secure/CreateIssueDetails*
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
[sidebar,role="page-links"]
|
||||
link:https://github.com/keycloak/keycloak-documentation/blob/master/{include_filename}[Edit this section, window="_blank"]
|
||||
link:https://issues.jboss.org/secure/CreateIssueDetails!init.jspa?pid=12313920&components=12323375&issuetype=1&priority=3&description=File:%20{include_filename}[Report an issue, window="_blank"]
|
||||
link:https://issues.redhat.com/secure/CreateIssueDetails!init.jspa?pid=12313920&components=12323375&issuetype=1&priority=3&description=File:%20{include_filename}[Report an issue, window="_blank"]
|
|
@ -258,7 +258,7 @@ Cross-Datacenter Replication changes::
|
|||
* You don't need to configure security anymore in the {jdgserver_name} server configuration file.
|
||||
ifeval::[{project_community}==true]
|
||||
* There is a need to remove `transaction` element from the configuration of replicated caches in the {jdgserver_name} server
|
||||
configuration file. This is needed because of the infinispan bug https://issues.jboss.org/browse/ISPN-9323.
|
||||
configuration file. This is needed because of the infinispan bug https://issues.redhat.com/browse/ISPN-9323.
|
||||
endif::[]
|
||||
|
||||
=== Migration to 4.3.0
|
||||
|
|
Loading…
Reference in a new issue