keycloak-scim

Author	SHA1	Message	Date
Kohei Tamura	d96967682b	Improve procedure for handling open transactions (#29748 ) Signed-off-by: k-tamura <ktamura.biz.80@gmail.com>	2024-06-12 23:21:24 +02:00
Martin Bartoš	04b16a914c	Remove link to management interface guide from ignored links in docs Closes #28475 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2024-06-12 11:50:21 +02:00
daviddelannoy	d4fc5249c4	fix label error for persistent-user-sessions feature flag in documentation Closes #30368 Signed-off-by: daviddelannoy <16318239+daviddelannoy@users.noreply.github.com>	2024-06-12 09:32:10 +00:00
Václav Muzikář	375ea9da03	Enhance masking around config-keystore (#30348 ) Closes #30346 Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>	2024-06-12 08:54:45 +02:00
Pedro Igor	e6df8a2866	Allow multiple instances of the same social broker in a realm Closes #30088 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-06-11 12:44:10 -03:00
Pedro Igor	22da43c619	Fixing broken link (#30299 ) Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-06-10 15:22:48 +02:00
MWarnecke	0c6558612f	Enhance documentation regarding edge termination (#30170 ) Closes #29665 Signed-off-by: Michael Warnecke <WarneckeMichael@web.de>	2024-06-10 07:47:20 +00:00
Pedro Igor	c35bf11b1b	Adding organization section (#29796 ) Closes #28731 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-06-10 09:08:50 +02:00
Giuseppe Graziano	6067f93984	Improvements to refresh token rotation with multiple tabs (#29966 ) Closes #14122 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-06-07 12:02:36 +02:00
Steven Hawkins	5059a02eb2	fix: minor refinements to collection utils (#29536 ) closes: #29535 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-06-06 10:07:34 -04:00
Steven Hawkins	c7e9ee2bff	fix: adds handling for all kcadm prompts as env variables (#29430 ) closes: #21961 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-06-06 13:08:23 +00:00
Marek Posolda	79c8c80058	Example for X.509 direct grant flow authentication (#30203 ) closes #29639 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-06-06 11:58:09 +02:00
Erik Jan de Wit	5897334ddb	Align environment variables between consoles (#30125 ) * change to make authServerUrl the same as authUrl fixes: #29641 Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> * Remove `authUrl` entirely Signed-off-by: Jon Koops <jonkoops@gmail.com> * Remove file that is unrelated Signed-off-by: Jon Koops <jonkoops@gmail.com> * Split out and align environment variables between consoles Signed-off-by: Jon Koops <jonkoops@gmail.com> * Restore removed variables to preserve backwards compatibility Signed-off-by: Jon Koops <jonkoops@gmail.com> * Also deprecate the `authUrl` for the Admin Console Signed-off-by: Jon Koops <jonkoops@gmail.com> --------- Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> Signed-off-by: Jon Koops <jonkoops@gmail.com> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2024-06-06 08:36:46 +02:00
Giuseppe Graziano	d5e82356f9	Encrypted KC_RESTART cookie and removed sensitive notes Closes #keycloak/keycloak-private#162 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-06-05 10:33:44 +02:00
Marek Posolda	193439788e	Release notes for support application/jwt response in token introspec… (#30105 ) closes #30104 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-06-04 06:49:13 +02:00
Martin Bartoš	262fc09edc	OpenJDK 21 support (#28518 ) * OpenJDK 21 support Closes #28517 Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Signed-off-by: Martin Bartoš <mabartos@redhat.com> * x509 SAN UPN other name is not handled in JDK 21 (#904) closes #29968 Signed-off-by: mposolda <mposolda@gmail.com> --------- Signed-off-by: Martin Bartoš <mabartos@redhat.com> Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Co-authored-by: Marek Posolda <mposolda@gmail.com>	2024-06-03 14:17:28 +02:00
Peter Zaoral	cd2451d58b	Remove Oracle JDBC driver out of the box (#29895 ) Closes: #29491 Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Co-authored-by: Martin Bartoš <mabartos@redhat.com> Signed-off-by: Peter Zaoral <pzaoral@redhat.com>	2024-05-31 17:21:19 +00:00
Alexander Schwartz	af23150343	Fixing typo in the upgrading guide for persistent sessions Closes #30028 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-05-31 13:18:34 +02:00
Miquel Simon	2c521bd64d	Upgrade supported PostgreSQL to version 16 Closes #29875 Signed-off-by: Miquel Simon <msimonma@redhat.com>	2024-05-29 16:31:40 +02:00
Marek Posolda	336b2c875f	Update release notes for Keycloak 25 (#29894 ) closes #29576 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-05-29 14:19:17 +02:00
mposolda	37c10b4d43	Improve documentation for the case when 'basic' client scope already exists closes #29880 Signed-off-by: mposolda <mposolda@gmail.com>	2024-05-29 13:32:05 +02:00
Ryan Emerson	5788263413	Document Failover Lambda for Active/Passive deployments Closes #29787 Signed-off-by: Ryan Emerson <remerson@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-05-29 12:33:13 +02:00
Michal Hajas	61d0d56720	Document it is not possible to use rolling configuration upgrade for enabling persistent sessions Closes #29561 Signed-off-by: Michal Hajas <mhajas@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-05-29 10:19:20 +02:00
Pedro Igor	bbb83236f5	Do not lower-case the username from the IdP when creating the federated identity Closes #28495 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-05-29 01:58:20 -03:00
Jon Koops	a3b2dd0735	Remove deprecated `ServerCookie` class (#29916 ) Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-05-28 14:14:05 +00:00
Ryan Emerson	0f17f0abc5	Require external Infinispan be of version 15 or greater Signed-off-by: Ryan Emerson <remerson@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-05-22 11:26:26 +00:00
Alexander Schwartz	80de3a0a71	Allow migration of non-persistent sessions to persistent sessions Closes #29375 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-05-22 10:30:46 +02:00
rmartinc	f7044ba5c2	Use SessionExpirationUtils for validate user and client sessions Check client session is valid in TokenManager Closes #24936 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-05-22 10:12:20 +02:00
Marek Posolda	6dc28bc7b5	Clarify the documentation about step-up authentication (#29735 ) closes #28341 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-05-21 19:46:27 +02:00
Pedro Ruivo	7182bc2125	Infinispan 15.0.4.Final Closes #29743 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-05-21 16:47:26 +02:00
Bruno Oliveira da Silva	4a21b44b5f	Add documentation about how to handle CVEs on third-party libraries reported by Snyk Closes #29707 Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Signed-off-by: Bruno Oliveira da Silva <bruno@abstractj.com>	2024-05-21 09:08:18 -03:00
mposolda	bbd4b60163	Update documentation after adapters removal closes #28792 Signed-off-by: mposolda <mposolda@gmail.com>	2024-05-21 09:34:48 +02:00
Alex Szczuczko	34a61d72e5	Add chmod to ADD examples in docs (#29626 ) Closes #29625 Signed-off-by: Alex Szczuczko <aszczucz@redhat.com>	2024-05-17 09:15:37 +02:00
vramik	35df0140ee	Add a note to the migration guide about index name length for Oracle database Closes #29594 Signed-off-by: vramik <vramik@redhat.com>	2024-05-16 10:06:39 -03:00
Takashi Norimatsu	b4e7d9b1aa	Passkeys: Supporting WebAuthn Conditional UI (#24305 ) closes #24264 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com> Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: mposolda <mposolda@gmail.com>	2024-05-16 07:58:43 +02:00
Alexander Schwartz	8deca303e2	Update instruction on how to enable persistent sessions (#29490 ) Closes #29489 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-05-15 13:26:51 +02:00
Robin Meese	87086ddb63	Add translation.md for Weblate.org Closes #29548 Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: Jon Koops <jonkoops@gmail.com> Signed-off-by: Robin Meese <39960884+robson90@users.noreply.github.com> Co-authored-by: Robin Meese <39960884+robson90@users.noreply.github.com> Co-authored-by: Jon Koops <jonkoops@gmail.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-05-15 11:37:38 +02:00
Kamesh Akella	1d613d9037	Argon2 release notes and sizing guide update Closes #29033 Signed-off-by: Kamesh Akella <kamesh.asp@gmail.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-05-14 17:40:51 +02:00
mposolda	d8a7773947	Adding dummyHash to DirectGrant request in case user does not exists. Fix dummyHash for normal login requests closes #12298 Signed-off-by: mposolda <mposolda@gmail.com>	2024-05-13 16:33:29 +02:00
christian2	e200ccfa53	Fix URL endpoint for Docker registry v2 authentication Closes #29132 Signed-off-by: Christian Hörtnagl <christian2@univie.ac.at>	2024-05-13 13:51:06 +02:00
Alexander Schwartz	6fbe207d64	Create documentation for persistent user sessions Closes #29218 Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: Michal Hajas <mhajas@redhat.com> Co-authored-by: Michal Hajas <mhajas@redhat.com>	2024-05-13 11:02:45 +02:00
mruzicka	6864ee0ead	doc: Quarkus launch rebuild optimization (#28320 ) Suggest a command which performs the update of the class loading indices only once. Closes #28336 Signed-off-by: Michal Růžička <michal.ruza@gmail.com>	2024-05-10 12:28:38 +02:00
AndyMunro	4a5055c3cc	Update create realm topics to replace Master Closes #29280 Signed-off-by: AndyMunro <amunro@redhat.com>	2024-05-08 17:37:20 +02:00
Pedro Ruivo	cbce548e71	Infinispan 15.0.3.Final Closes #29068 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-05-08 17:18:39 +02:00
Nathan Raj	8ff1ae0c08	Update stack-overflow.adoc (#29363 ) Corrected capitalisation for heading	2024-05-08 16:06:33 +02:00
Thore	4b194d00be	iso-date validator for the user-profile Adds a new validator in order to be able to validate user-model fields which should be modified/supplied by a datepicker. Closes #11757 Signed-off-by: Thore <thore@kruess.xyz>	2024-05-07 11:42:39 -03:00
Pedro Igor	d2c5fc86a9	Additional note on release and upgrade guides about partial update on user attributes Closes #28220 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-05-07 09:59:38 -03:00
Steven Hawkins	c18a68b4e3	docs: add an initial note about sizing to each of the install guides (#29330 ) closes: #14188 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-05-07 08:01:09 +00:00
AndyMunro	eb9b19abe9	Corrections to HA Guide Closes #29183 Signed-off-by: AndyMunro <amunro@redhat.com>	2024-05-06 17:00:54 +02:00
Dimitri Papadopoulos Orfanos	9db1443367	Fix typos found by codespell in docs (#28890 ) Run `chmod -x` on files that need not be executable. Signed-off-by: Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-05-03 12:41:16 +00:00
Douglas Palmer	26eaa4f83f	Broken link in documentation Closes #29233 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-05-02 15:29:56 -03:00
Steven Hawkins	4697cc956b	further refinement of context handling (#28182 ) * fully removing providers and moving the keycloaksession creation / final cleanup also deprecated Resteasy utility methods closes: #29223 Signed-off-by: Steve Hawkins <shawkins@redhat.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-05-02 11:21:01 -04:00
Steven Hawkins	3b1ca46be2	fix: updating docs around -q parameter (#29151 ) closes: #27877 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-05-02 16:48:43 +02:00
Douglas Palmer	8d4d5c1c54	Remove redundant servers from the testsuite Closes #29089 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-04-30 17:39:32 +02:00
Alexander Schwartz	99cb437dc7	Fix product name usage for downstream documentation Closes #29154 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-04-29 18:05:00 +02:00
Jon Koops	a6e2ab5523	Remove `jaxrs-oauth-client` and OIDC `servlet-filter` adapters Closes #28784 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-04-26 15:56:57 +02:00
Douglas Palmer	cca660067a	Remove JAAS login modules Closes #28789 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-04-26 09:30:35 +02:00
Douglas Palmer	eae20c76bd	Remove KeycloakInstalled Signed-off-by: Douglas Palmer <dpalmer@redhat.com> Closes #28790	2024-04-26 09:30:35 +02:00
Douglas Palmer	b2f09feebf	Remove servlet filter saml adapters Closes #28786 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-04-26 09:30:35 +02:00
Douglas Palmer	3e13b40648	Remove Spring adapters Closes #28780 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-04-26 09:30:35 +02:00
Douglas Palmer	bf2c97065f	Remove SpringBoot adapters Closes #28781 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-04-26 09:30:35 +02:00
Douglas Palmer	43aa10e091	Remove Tomcat OIDC adapter Closes #28778 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-04-26 09:30:35 +02:00
Douglas Palmer	98faf6e6a0	Remove Tomcat SAML adapter Signed-off-by: Douglas Palmer <dpalmer@redhat.com> Closes #28783	2024-04-26 09:30:35 +02:00
Mark Banierink	ad32896725	replaced and removed deprecated token methods (#27715 ) closes #19671 Signed-off-by: Mark Banierink <mark.banierink@nedap.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-04-23 09:23:37 +02:00
rmartinc	eac4b53751	Incorrect proxyMappings example in the guides Closes #25514 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-04-22 18:30:41 +02:00
Stefan Guilhen	8ca4bc77a1	Improve the performance of the queries used to find granted resources - simplifies the queries to avoid unnecessary join - creates two new indexes to speed up search time Closes #28861 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-04-22 11:26:06 -03:00
Lex Cao	7e034dbbe0	Add IdpConfirmOverrideLinkAuthenticator to handle duplicate federated identity (#26393 ) Closes #26201. Signed-off-by: Lex Cao <lexcao@foxmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-04-22 11:30:14 +02:00
Alexander Schwartz	9d0b1ecee4	Review CLI option change for caching Closes #28750 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-04-20 18:30:24 +02:00
Pedro Ruivo	3de5357091	CLI options to disable encryption and authentication to external Infinispan Closes #28750 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-04-20 18:30:24 +02:00
Pedro Ruivo	3e0a185070	Remove deprecated EnvironmentDependentProviderFactory.isSupported method Closes #26280 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-04-19 16:36:49 +02:00
Pascal Knüppel	ef45629df4	Add docs for transient-users how to prevent profile-review (#28889 ) Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de> #relatesTo https://github.com/keycloak/keycloak/discussions/26637	2024-04-18 23:49:51 +02:00
Ricardo Martin	fc6b6f0d94	Perform exact string match if redirect URI contains userinfo, encoded slashes or parent access (#131 ) (#28872 ) Closes keycloak/keycloak-private#113 Closes keycloak/keycloak-private#134 Signed-off-by: rmartinc <rmartinc@redhat.com> Co-authored-by: Stian Thorgersen <stianst@gmail.com>	2024-04-18 16:02:24 +02:00
Martin Bartoš	7f74286106	Emphasize the need for setting container limit Closes #28729 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2024-04-18 15:44:27 +02:00
Thomas Darimont	eb2936f655	Add note about using groups with transient-users Document an additional approach for managing user-roles for transient-users via groups. Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-04-18 14:49:18 +02:00
rmartinc	ddacfbdefd	Remove deprecated LinkedIn social provider Closes #23127 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-04-18 10:10:58 +02:00
Peter Zaoral	e7dd5c1991	Hostname:v2 docs (#28123 ) * hostname.adoc now contains the new hostname guide * the old hostname is now available under hostname-deprecated.adoc Closes: #27729 Signed-off-by: Peter Zaoral <pzaoral@redhat.com>	2024-04-17 09:31:14 +02:00
Martin Bartoš	1fb83bb165	Release notes and Migration guide for Hostname v2 (#28621 ) Closes #27730 Signed-off-by: Martin Bartoš <mabartos@redhat.com> Co-authored-by: Václav Muzikář <vmuzikar@redhat.com> Co-authored-by: Peter Zaoral <pzaoral@redhat.com>	2024-04-17 09:29:59 +02:00
Alexander Schwartz	5b4a69a6e9	Limit the concurrency of password hashing to the number of CPU cores available Closes #28477 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-04-15 15:05:09 +02:00
Steven Hawkins	58398d1f69	fix: replaces aesh with picocli (#28276 ) * fix: replaces aesh with picocli closes: #28275 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * fix: replaces aesh with picocli closes: #28275 Signed-off-by: Steve Hawkins <shawkins@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-04-15 13:04:58 +00:00
Christopher Miles	1646315939	Deny list lower cases all passwords when loading from file Closes #28381 We always lower case the inbound password before comparing against the deny list yet the deny list may contain passwords that contain upper case letters. With this change we will now convert passwords from the deny list into lower case while loading, ensuring that more passwords match the deny list. Signed-off-by: Christopher Miles <twitch@nervestaple.com>	2024-04-15 08:49:37 +02:00
Marek Posolda	e6747bfd23	Adjust priority of SubMapper (#28663 ) closes #28661 Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-04-12 14:13:03 +02:00
Martin Bartoš	a3669a6562	Make general cache options runtime (#28542 ) Closes #27549 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2024-04-12 11:56:11 +02:00
rmartinc	6d74e6b289	Escape slashes in full group path representation but disabled by default Closes #23900 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-04-12 10:53:39 +02:00
Niko Köbler	67e4015f67	improve doc for transient users adding a note to pay attention especially to the default-roles Signed-off-by: Niko Köbler <niko@n-k.de>	2024-04-12 10:50:30 +02:00
Marek Posolda	74faddec8e	Release notes for lightweight access tokens and group together relate… (#28622 ) closes #28460 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-04-11 20:02:33 +02:00
Jon Koops	9b94b6f47e	Add release notes for changes to Account and Admin consoles (#28545 ) Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-04-11 08:42:08 +02:00
Marek Posolda	13daaa55ba	Documentation for changes related to 'You are already logged in' scen… (#28595 ) closes #27879 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-04-11 08:18:41 +02:00
Giuseppe Graziano	33b747286e	Changed userId value for refresh token events Closes #28567 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-04-11 07:46:44 +02:00
Václav Muzikář	33f580daa4	Hostname v2 for Operator (#28599 ) Closes #27728 Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>	2024-04-10 18:56:47 +02:00
Giuseppe Graziano	c76cbc94d8	Add sub via protocol mapper to access token Closes #21185 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-04-10 10:40:42 +02:00
Martin Bartoš	b2c88e9876	docs: Support management port for health and metrics (#28213 ) Relates to #19334 Signed-off-by: Martin Bartoš <mabartos@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Václav Muzikář <vmuzikar@redhat.com>	2024-04-09 14:33:30 +02:00
Alexander Schwartz	3ba9a905c9	Provide histograms for http server metrics Closes #28178 Co-authored-by: Martin Bartoš <mabartos@redhat.com> Signed-off-by: Martin Bartoš <mabartos@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-04-09 12:52:42 +02:00
Stian Thorgersen	a499512f35	Set SameSite for all cookies (#28467 ) Closes #28465 Signed-off-by: stianst <stianst@gmail.com>	2024-04-09 12:29:19 +02:00
Steve Hawkins	9afe3a2560	fix: changing max threads default closes: #17483 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-04-09 12:14:56 +02:00
Václav Muzikář	e4987f10f5	Hostname SPI v2 (#26345 ) * Hostname SPI v2 Closes: #26084 Signed-off-by: Václav Muzikář <vmuzikar@redhat.com> * Fix HostnameV2DistTest#testServerFailsToStartWithoutHostnameSpecified Signed-off-by: Václav Muzikář <vmuzikar@redhat.com> * Address review comment Signed-off-by: Václav Muzikář <vmuzikar@redhat.com> * Partially revert the previous fix Signed-off-by: Václav Muzikář <vmuzikar@redhat.com> * Do not polish values Signed-off-by: Václav Muzikář <vmuzikar@redhat.com> * Remove filtering of denied categories Signed-off-by: Václav Muzikář <vmuzikar@redhat.com> --------- Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>	2024-04-09 11:25:19 +02:00
Martin Bartoš	9c1790af68	Enable Syslog log handler (#28462 ) * Enable syslog log handler Closes #27544 Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Suggest an alternative to GELF Signed-off-by: Martin Bartoš <mabartos@redhat.com> --------- Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2024-04-08 17:38:20 +02:00
Pedro Igor	52ba9b4b7f	Make sure attribute metadata from user storage providers are added only for the provider associated with a federated user Closes #28248 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-04-08 09:05:16 -03:00
Giuseppe Graziano	b4f791b632	Remove session_state from tokens Closes #27624 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-04-08 08:12:51 +02:00
Stian Thorgersen	b9feaec38e	Ignore all links to GitHub when checking external links in docs due to rate limiting issues (#28472 ) Closes #28330 Signed-off-by: stianst <stianst@gmail.com>	2024-04-05 15:36:38 +02:00
Pedro Igor	8fb6d43e07	Do not export ids when exporting authorization settings Closes #25975 Co-authored-by: 박시준 <sjpark@logblack.com> Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-04-04 19:26:03 +02:00
Ryan Emerson	71eacdc1c5	Update HA Guide now that non-XA mode is the default. Fixes #28142 Signed-off-by: Ryan Emerson <remerson@redhat.com>	2024-04-04 13:15:42 +02:00
Ryan Emerson	9bf131b5fb	HA guide erroneously refers to AWS Global Accelerator. Fixes #28174 Signed-off-by: Ryan Emerson <remerson@redhat.com>	2024-04-04 13:15:42 +02:00
Alexander Schwartz	c1a471755d	Fix lists to be rendered as expected Closes #28377 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-04-04 11:16:57 +02:00
Alexander Schwartz	1d204e77a4	Fix source highlighting for log output (#28375 ) Closes #28374 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-04-03 08:32:48 +02:00
Clemens Zagler	b44252fde9	authz/client: Fix getPermissions returning wrong type Due to an issue with runtime type erasure, getPermissions returned a List<LinkedHashSet> instead of List<Permission>. Fixed and added test to catch this Closes #16520 Signed-off-by: Clemens Zagler <c.zagler@noi.bz.it>	2024-04-02 11:09:43 -03:00
Giuseppe Graziano	fe06df67c2	New default client scope for 'basic' claims with 'auth_time' protocol mapper Closes #27623 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-04-02 08:44:28 +02:00
Steven Hawkins	e9ad9d0564	fix: replace aesh with picocli (#27458 ) * fix: replace aesh with picocli closes: #27388 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * Update integration/client-cli/admin-cli/src/main/java/org/keycloak/client/admin/cli/commands/AbstractRequestCmd.java Co-authored-by: Martin Bartoš <mabartos@redhat.com> * splitting the error handling for password input Signed-off-by: Steve Hawkins <shawkins@redhat.com> * adding a change note about kcadm Signed-off-by: Steve Hawkins <shawkins@redhat.com> * Update docs/documentation/upgrading/topics/changes/changes-25_0_0.adoc Co-authored-by: Martin Bartoš <mabartos@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com> Co-authored-by: Martin Bartoš <mabartos@redhat.com>	2024-03-28 14:34:06 +01:00
Gilvan Filho	757c524cc5	Password policy for not having username in the password closes #27643 Signed-off-by: Gilvan Filho <gfilho@redhat.com>	2024-03-28 08:29:03 +01:00
Alexander Schwartz	305dd5812e	Make use of attributes consistent between old docs and new guides Closes #28215 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-03-26 17:07:54 +01:00
Stian Thorgersen	c3a98ae387	Use Argon2 as default password hashing algorithm (#28162 ) Closes #28161 Signed-off-by: stianst <stianst@gmail.com>	2024-03-22 13:04:14 +00:00
rmartinc	d4da0c816c	Upgrading note to warn truststore changes affect webauthn registration Closes #28113 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-03-22 10:58:48 +01:00
Steven Hawkins	619775b8db	fix: simplifies the parsing routine, which accounts for leading 0's (#28102 ) closes: #27839 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-03-22 09:19:52 +01:00
Steven Hawkins	6cc66109d5	doc: add keycloak cr truststores (#28015 ) closes: #27892 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-03-22 08:27:15 +01:00
Stian Thorgersen	3f9cebca39	Ability to set the default provider for an SPI (#28135 ) Closes #28134 Signed-off-by: stianst <stianst@gmail.com>	2024-03-22 07:45:08 +01:00
Stian Thorgersen	cae92cbe8c	Argon2 password hashing provider (#28031 ) Closes #28030 Signed-off-by: stianst <stianst@gmail.com>	2024-03-22 07:08:09 +01:00
andymunro	8602b4f9cf	Edits to Operator Guide Closes #28009 Signed-off-by: AndyMunro <amunro@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-03-21 17:44:44 +00:00
Steven Hawkins	cbe185fbab	doc: add a note about lack of other JAX-RS support (#28048 ) closes: #27057 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-03-21 16:59:22 +01:00
Steven Hawkins	7eab019748	task: deprecate WILDCARD and STRICT options (#26833 ) closes: #24893 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-03-21 16:22:41 +01:00
Alexander Schwartz	c4fdf1cee7	Enable HTTP metrics for Keycloak by default (#28088 ) Closes #27924 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-03-21 16:18:03 +01:00
Steve Hawkins	91c89c28e7	fix: changes xa transaction related defaults xa is not enabled by default recovery is enabled by default closes #27308 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-03-21 16:01:19 +01:00
Sebastian Schuster	0542554984	12671 querying by user attribute no longer forces case insensitivity for keys Signed-off-by: Sebastian Schuster <sebastian.schuster@bosch.io>	2024-03-21 08:35:29 -03:00
Pedro Ruivo	2387549308	Upgrade Infinispan to 14.0.27.Final Closes #28033 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-03-19 11:18:42 +01:00
Alexander Schwartz	fbdb2ed9f7	Updated performance impact due to changed hashing Fixes #27900 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-03-19 09:30:49 +01:00
AndyMunro	d61b1ddb09	Edit use of Keycloak in Server Admin Guide Closes #27955 Signed-off-by: AndyMunro <amunro@redhat.com>	2024-03-18 09:51:55 +01:00
AndyMunro	0e5d685cd3	Revise use of Keycloak term Closes #27953 Signed-off-by: AndyMunro <amunro@redhat.com>	2024-03-18 09:50:26 +01:00
Alexander Schwartz	4bbe4705d4	Remove http metrics from the docs as they are not available in the current release (#27926 ) Fixes #27925 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-03-15 17:57:56 +01:00
Alexander Schwartz	62d24216e3	Remove offline session preloading Closes #27602 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-03-15 15:19:27 +01:00
Stian Thorgersen	2bddfe7380	Remove log4j from documentation tests (#27929 ) Signed-off-by: stianst <stianst@gmail.com>	2024-03-15 15:06:24 +01:00
AndyMunro	e40227fa50	Address comments on Securing Apps Closes #27867 Signed-off-by: AndyMunro <amunro@redhat.com>	2024-03-15 13:04:05 +01:00
Stian Thorgersen	81f3f211f3	Delete all deprecated and unmaintained examples (#27855 ) Signed-off-by: stianst <stianst@gmail.com>	2024-03-15 07:24:20 +01:00
Steven Hawkins	1cc1911ec3	doc: adding a note about repairing a corrupted classloading index (#27906 ) relates to: #26396 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-03-14 16:47:07 +01:00
larsw	42244d2a67	doc/token-exchange.adoc: issuer claim -> iss claim (#27018 ) Fixed a typo in the text.	2024-03-14 13:37:40 +01:00
Pedro Ruivo	a5634b201c	Use new remote-store options in HA guides Fixes #27508 Signed-off-by: Pedro Ruivo <pruivo@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-03-14 12:47:35 +01:00
andymunro	be29be6741	Edit Keycloak 23 part of Upgrading Guide Closes #27484 Signed-off-by: AndyMunro <amunro@redhat.com>	2024-03-14 11:03:58 +01:00
mposolda	1f80f561db	Update version of bctls-fips in the docs closes #27882 Signed-off-by: mposolda <mposolda@gmail.com>	2024-03-14 08:58:34 +01:00
Stefan Guilhen	be6f0bc520	Add a section on the admin console partial import/export capability Closes #25490 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: andymunro <48995441+andymunro@users.noreply.github.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-03-14 08:50:54 +01:00
Alexander Schwartz	1788cf2b09	Enable Infinispan metrics automatically if overall metrics are enabled Closes #27724 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-03-13 18:55:45 +01:00
Ryan Emerson	a32808e8eb	Upgrade to Infinispan 14.0.26.Final Closes #27871 Signed-off-by: Ryan Emerson <remerson@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-03-13 17:24:20 +00:00
Alexander Schwartz	6de5325d1c	Limit the received content when handling the content as a String Closes #27293 Co-authored-by: rmartinc <rmartinc@redhat.com> Signed-off-by: rmartinc <rmartinc@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-03-13 16:43:03 +01:00
Steven Hawkins	e22148043b	doc: mention that the split package warning may not happen (#27789 ) closes: #26396 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-03-13 14:57:20 +01:00
Stian Thorgersen	1f772d2957	Move authenticator example to quickstarts (#27850 ) Signed-off-by: stianst <stianst@gmail.com>	2024-03-13 11:52:29 +00:00
stianst	15717cc152	Remove deprecated cookie code Closes #26813 Signed-off-by: stianst <stianst@gmail.com>	2024-03-12 17:24:14 +01:00
Alexander Schwartz	967ceddfbb	Fixing downstream documentation build (#27781 ) Closes #27780 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-03-12 08:37:41 +01:00
andymunro	66cffca3d4	Simplify Upgrade Guide structure Closes #27632 Signed-off-by: AndyMunro <amunro@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-03-11 16:22:46 +01:00
Alexander Schwartz	050acf0d94	Map Storage Removal: Remove deprecated model/legacy module (#27601 ) Closes #26657 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-03-08 15:17:24 +00:00
Martin Bartoš	c5553b46b4	Update Welcome page image in docs Closes #27719 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2024-03-08 15:00:36 +01:00
Martin Bartoš	e4aa1b5f95	Conditionally enable and disable CLI options (#25333 ) * Conditionally enable and disable CLI options Closes #13113 Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Support for duplicates in config Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Fix rendering config options in docs Fixes #26515 Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Reorder OptionsDistTest Signed-off-by: Martin Bartoš <mabartos@redhat.com> --------- Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2024-03-07 20:36:43 +00:00
rmartinc	dea15e25da	Only add the nonce claim to the ID Token (mapper for backwards compatibility) Closes #26893 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-03-07 09:56:57 +01:00
Alexander Schwartz	fa12b14a32	Update docs about when emails for changed credentials are sent Closes #27620 Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-03-07 07:16:16 +01:00
Václav Muzikář	43727aa10f	Clarify format of keys in `additionalOptions` field in the Keycloak CR (#27435 ) Closes #27433 Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>	2024-03-06 17:10:41 +01:00
Alexander Schwartz	2199d37879	Add multi-site active-passive support to the release notes (#27575 ) Closes #27573 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-03-06 12:59:22 +01:00
Alexander Schwartz	4b697009d3	Clean up feature IDs in the docs (#27418 ) Closes #27416 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-03-06 12:32:06 +01:00
Pedro Igor	d12711e858	Allow fetching roles when evaluating role licies Closes #20736 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-03-05 15:54:02 +01:00
Alexander Schwartz	aec6020750	URL change as liquibase.org now redirects Closes #27540 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-03-05 13:24:12 +01:00
Ryan Emerson	244ecd45a7	Upgrade to Aurora Postgres 15.5 Closes #27509 Signed-off-by: Ryan Emerson <remerson@redhat.com>	2024-03-05 10:29:20 +01:00
Stian Thorgersen	d48ef8b507	Added release notes for 24.0.1 (#27524 ) Signed-off-by: stianst <stianst@gmail.com>	2024-03-05 08:46:10 +01:00
Vojtěch Mareš	8230655880	docs(cpu and memory sizing): typo GB -> MB Closes #27504 Signed-off-by: Vojtech Mares <iam@vojtechmares.com>	2024-03-04 16:12:29 +01:00
AndyMunro	a4a6b4f015	Edit HA guide Closes #27481 Signed-off-by: AndyMunro <amunro@redhat.com>	2024-03-04 13:10:23 +01:00
Stian Thorgersen	d875a8f2b7	Delete broken images from release notes (#27492 ) Signed-off-by: stianst <stianst@gmail.com>	2024-03-04 12:47:03 +01:00
Lucy Linder	84d48a9877	Update documentation for reCAPTCHA support Signed-off-by: Lucy Linder <lucy.derlin@gmail.com>	2024-03-04 20:28:06 +09:00
Marek Posolda	f1e7c572da	Release notes 24: default password hashing updates (#27475 ) Signed-off-by: mposolda <mposolda@gmail.com>	2024-03-04 09:55:03 +01:00
AndyMunro	14a12d106a	Edit Keycloak 23.x release notes Closes #27440 Signed-off-by: AndyMunro <amunro@redhat.com>	2024-03-02 21:20:58 +01:00
AndyMunro	405feb0bc2	Edit Keycloak 24 changes chapter Closes 27452 Signed-off-by: AndyMunro <amunro@redhat.com>	2024-03-02 21:11:35 +01:00
Michal Hajas	87993905c8	Minor HA guide fixes (#27436 ) Signed-off-by: Michal Hajas <mhajas@redhat.com>	2024-03-01 20:28:59 +01:00
Steven Hawkins	c2596849f9	doc: adding a note about not conflicting with built-in stuff (#27214 ) closes: #24459 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-03-01 14:34:16 +01:00
Václav Muzikář	3e3cb2222d	Deprecate GELF (#27367 ) Closes #27364 Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>	2024-02-29 12:07:28 +01:00
Takashi Norimatsu	3db04d8d8d	Replace Security Key with Passkey in WebAuthn UIs and their documents closes #27147 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>	2024-02-29 10:31:05 +01:00
Marek Posolda	8dd0eb451d	Additional release notes for Keycloak 24 (#27339 ) closes #27142 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-02-29 08:43:22 +01:00
Michal Hajas	d7c6464ad6	Update the HA guide with the workaround for ISPN-15758 Closes #27353 Signed-off-by: Michal Hajas <mhajas@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-02-28 15:56:15 +00:00
Vlasta Ramik	ade3b31a91	Introduce new CLI config options for Infinispan remote store Closes #25676 Signed-off-by: vramik <vramik@redhat.com> Signed-off-by: Pedro Ruivo <pruivo@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Pedro Ruivo <pruivo@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-02-28 15:49:19 +00:00
andymunro	773bebbc2b	Change docker image to container image (#27317 ) Closes #27315	2024-02-28 13:43:26 +01:00
Alexander Schwartz	3950b4ed46	Cleaning old product documentation from the upstream documentation Closes #27324 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-02-28 13:30:39 +01:00
AndyMunro	941e7cc3a5	notes about access and refresh tokens Closes #26919 Signed-off-by: AndyMunro <amunro@redhat.com>	2024-02-28 12:12:48 +01:00
AndyMunro	ca0526f54d	Edit Keycloak 24 release notes Closes #27326 Signed-off-by: AndyMunro <amunro@redhat.com>	2024-02-28 10:43:17 +01:00
Stian Thorgersen	693aa1710f	Added documentation for bug triage process (#27227 ) Signed-off-by: stianst <stianst@gmail.com>	2024-02-28 09:41:52 +01:00
Alexander Schwartz	6de61f61f0	Adding missing explicit IDs for cross-references Closes #27316 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-02-28 08:37:52 +01:00
Michal Hajas	eadd1c45c4	Document using AWS JDBC Wrapper in HA guide Closes #27211 Signed-off-by: Michal Hajas <mhajas@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-02-26 12:15:04 +00:00
Gilvan Filho	83af01c4c0	Add failedLoginNotBefore to AttackDetectionResource Closes #17574 Signed-off-by: Gilvan Filho <gfilho@redhat.com>	2024-02-26 09:35:51 +01:00
Pedro Igor	b98e115183	Updating docs and account message Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-02-22 22:58:22 +09:00
Pedro Igor	604274fb76	Allow setting an attribute as multivalued Closes #23539 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: Jon Koops <jonkoops@gmail.com> Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>	2024-02-22 12:56:44 +01:00
Takashi Norimatsu	1e12b15890	Supporting OAuth 2.1 for public clients closes #25316 Co-authored-by: shigeyuki kabano <shigeyuki.kabano.sj@hitachi.com> Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>	2024-02-22 10:57:29 +01:00
Douglas Palmer	b0ef746f39	Permanently lock users out after X temporary lockouts during a brute force attack Closes #26172 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-02-22 09:34:51 +01:00
Takashi Norimatsu	9ea679ff35	Supporting OAuth 2.1 for confidential clients closes #25314 Co-authored-by: shigeyuki kabano <shigeyuki.kabano.sj@hitachi.com> Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>	2024-02-22 08:34:21 +01:00
Alexander Schwartz	25f2b52afd	Remove the preview note from Keycloak's HA guide Closes #27084 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-02-21 19:59:15 +01:00
Jon Koops	89af9e3ffd	Write announcement and documentation for Account Console v3 (#26318 ) Closes #26122 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-02-21 13:42:33 -05:00
Alexander Schwartz	5f56a9b356	Keycloak users should not need to understand the depths of Quarkus configuration to implement Keycloak HA (#27122 ) Closes #27121 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-02-21 13:49:14 +01:00
Alexander Schwartz	3b6886d970	Add warning about too long attribute values as it can exhaust caches (#27126 ) Closes #27125 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-02-21 13:47:58 +01:00
Václav Muzikář	33425dacd9	Add `proxy-headers` option to the Keycloak CR (#27092 ) Closes #25179 Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>	2024-02-21 12:19:37 +01:00
Václav Muzikář	de60c9b469	Tweak the default memory request and limit in the Operator (#27170 ) Closes #27169 Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>	2024-02-21 10:03:17 +01:00
Takashi Norimatsu	1bdbaa2ca5	Client policies: executor for validate and match a redirect URI closes #25637 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>	2024-02-20 08:37:33 +01:00
Joshua Sorah	018914d7fd	Change Open ID Connect to OpenID Connect in UI and docs Closes #27093 Signed-off-by: Joshua Sorah <jsorah@redhat.com>	2024-02-19 17:01:57 +01:00
Václav Muzikář	fb49c21f90	Fix docs around `--config-file` option (#27129 ) Closes #22540 Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>	2024-02-19 15:13:09 +01:00
Takashi Norimatsu	849a920955	Rename Resident key to Discoverable Credential closes #9508 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>	2024-02-19 14:12:15 +01:00
Alexander Schwartz	5f797e3e71	Update Keycloak HA Guide new resource limit settings (#27079 ) Closes #27078 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-02-19 10:41:49 +01:00
Alexander Schwartz	7135b4ec4c	Add Amazon Aurora PostgreSQL to the list of tested databases (#27049 ) Closes #27048 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-02-19 09:16:49 +01:00
Marek Posolda	d8ab12eab7	Release notes for Keycloak 24 with OIDC contributions (#27047 ) closes #25729 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-02-16 08:34:20 +01:00
Vlasta Ramik	76453550a5	User attribute value length extension Closes #9758 Signed-off-by: vramik <vramik@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: Michal Hajas <mhajas@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Michal Hajas <mhajas@redhat.com>	2024-02-16 08:09:34 +01:00
Martin Bartoš	59007844d9	Supported option to specify resource management for pods in Keycloak CR (#26661 ) Closes #26456 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2024-02-15 13:38:41 +01:00
rmartinc	4ff4c3f897	Increase internal algorithm security using HS512 and 128 byte hmac keys Closes #13080 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-02-15 08:16:45 +01:00
Marek Posolda	16fca0118e	User profile - release notes and more migration instructions (#27003 ) closes #26917 closes #26932 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-02-15 08:14:16 +01:00
Marek Posolda	e2fb8406a3	Fixing the docs about default hashing iterations (#27020 ) closes #26816 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-02-15 08:11:44 +01:00
Joshua Sorah	b81233a4af	[docs] Align OAuth 2.0 Security Best Current Practice links (#24706 ) Closes keycloak/keycloak#24705 Signed-off-by: Joshua Sorah <jsorah@gmail.com>	2024-02-13 13:53:56 +01:00
Michal Hajas	83f3e91e4f	Use http-pool-max-threads in HA guides Closes #26849 Signed-off-by: Michal Hajas <mhajas@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-02-13 10:01:59 +00:00
Pedro Igor	750bc2c09c	Reviewing references to user attribute management and UIs Closes #26155 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-02-12 16:01:34 +01:00
mposolda	7af753e166	Documentation for AIA closes #25569 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-02-12 09:42:34 +01:00
Thomas Darimont	93fc6a6c54	Shorter lifespan for offline session cache entries in memory Closes #26810 Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com> Co-authored-by: Martin Kanis <mkanis@redhat.com> Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com> Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-02-09 19:44:04 +01:00
stianst	d2f74dd83d	Fix anchors in securing apps guide in prod profile Closes #26853 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-02-09 12:31:30 +01:00
Pedro Igor	b91ad23b20	Update theme documentation about the considerations when deploying custom themes (#26885 ) Related #23907 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-02-09 04:21:54 +01:00
Steven Hawkins	77581d2527	fix: change from operator. to kc.operator. keys (#26414 ) closes #12352 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-02-08 15:03:20 +01:00
Michal Hajas	de598577b1	Fix confusing SAML NameId mapper format tooltip Closes #26051 Signed-off-by: Michal Hajas <mhajas@redhat.com> Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>	2024-02-08 11:21:11 +01:00
Stian Thorgersen	cd1e483134	Remove section on adding custom attributes with account v1 and custom themes (#26858 ) Closes #26856 Signed-off-by: stianst <stianst@gmail.com>	2024-02-08 07:28:32 +01:00
Alexander Schwartz	786023fd06	Update HA guide about non-blocking probes (#26783 ) Closes #26781 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-02-07 16:16:50 +01:00
Michael Schnitzler	fdfe41bdda	fix documentation for resetting OTP in "reset credentials" flow (#26834 ) The former version stated that the "Reset OTP" step had to be disabled in the "reset credentials" authentication flow in order to keep the OTP unchanged. This leads to an error. More precisely, the "Reset - Conditional OTP" sub-flow has to be disabled. Fixex #26834 Signed-off-by: Michael Schnitzler <schnitzler.michael+github@gmail.com>	2024-02-07 11:57:58 -03:00
Tero Saarni	ac1780a54f	Added event for temporary lockout for brute force protector (#26630 ) This change adds event for brute force protector when user account is temporarily disabled. It also lowers the priority of free-text log for failed login attempts. Signed-off-by: Tero Saarni <tero.saarni@est.tech> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-02-07 14:13:33 +00:00
zak905	bcd423b270	rephrase sentence in changes-22_0_0.adoc for more clarity Signed-off-by: zak905 <zakaria.amine88@gmail.com>	2024-02-07 09:32:43 -03:00
zak905	c7db7bd528	Update custom rest endpoint documentation and example Add a mention about beans.xml and @Provider in the extending server documentation Add beans.xml in the rest provider example Add a mention about @Provider in the upgrading guides Closes #25882 Signed-off-by: zak905 <zakaria.amine88@gmail.com> Address suggested change for docs/documentation/server_development/topics/extensions.adoc Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com> Address suggested change for docs/documentation/server_development/topics/extensions.adoc Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com> Signed-off-by: zak905 <zakaria.amine88@gmail.com> Address suggested change for docs/documentation/upgrading/topics/keycloak/changes-22_0_0.adoc Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com> Signed-off-by: zak905 <zakaria.amine88@gmail.com>	2024-02-07 09:32:43 -03:00
mposolda	ab7426b857	User profile migration documentation for default validations and strange attributes closes #26634 closes #25979 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-02-06 16:48:03 -03:00
Alexander Schwartz	486b199548	Make label for Keycloak container images configurable Closes #26819 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-02-06 16:16:00 +01:00
Stian Thorgersen	c4b1fd092a	Use code from RestEasy to create and set cookies (#26558 ) Closes #26557 Signed-off-by: stianst <stianst@gmail.com>	2024-02-06 15:14:04 +01:00
Hynek Mlnarik	c866e8e6f9	Introduce index.ftl into base account theme Fixes: #26487 Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>	2024-02-06 14:29:07 +01:00
Alexander Schwartz	43c200a8ce	Update migration guide Closes #26490 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-02-05 14:41:44 +01:00
Kamesh Akella	4459ed66ad	update cpu sizing based on the hashing changes Closes #26490 Signed-off-by: Kamesh Akella <kamesh.asp@gmail.com>	2024-02-05 14:41:44 +01:00
Michal Hajas	80de12d59a	Update HA guides to use the new ISPN config options Closes #26776 Signed-off-by: Michal Hajas <mhajas@redhat.com>	2024-02-05 11:40:08 +01:00
Pascal Paulis	2785bbd29b	added comment about MySQL Server parameter sql_generate_invisible_primary_key Closes #23268 Signed-off-by: Pascal Paulis <ppaulis@gmail.com>	2024-02-05 10:36:31 +01:00
Pedro Igor	4338f44955	Reviewing the user profile documentation Closes #26154 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-02-02 17:14:51 +01:00
christian-2	e14b523a8d	Fixes typo in Server Administration guide (#26543 ) Signed-off-by: Christian Hörtnagl <christian2@univie.ac.at>	2024-02-01 19:36:32 +01:00
mposolda	56a605fae7	Documentation for SuppressRefreshTokenRotationExecutor closes #26587 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-02-01 17:18:50 +01:00
Martin Bartoš	14d97ca9ea	Update Maven dependency versions for docs Update Maven Wrapper version Closes #26689 Fixes #26686 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2024-02-01 13:42:25 +01:00
Pedro Igor	3a7ce54266	Allow formating numbers when rendering attributes Closes keycloak#26320 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-02-01 08:14:58 -03:00
Martin Kanis	a3fcacdab7	Map Store Removal: deprecate model legacy module Closes #26598 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-01-31 17:40:45 +01:00
Steven Hawkins	66e45a335e	doc: noting the formats apply to spi options as well (#26648 ) closes: #26468 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-01-31 16:09:47 +00:00
Steven Hawkins	f55e903092	Convert watching to polling and adding infinispan config file support (#26510 ) Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-01-31 12:57:34 +00:00
Alexander Schwartz	c1ae9a0817	Prevent blank after backslash which breaks shell execution (#26632 ) Closes #26631 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-01-31 13:17:31 +01:00
Stian Thorgersen	bc3c27909e	Cookie Provider (#26499 ) Closes #26500 Signed-off-by: stianst <stianst@gmail.com>	2024-01-26 10:45:00 +01:00
Martin Kanis	7797f778d1	Map Store Removal: Rename legacy modules Closes #24107 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-01-25 16:29:16 +01:00
Thomas Darimont	e7363905fa	Change password hashing defaults according to OWASP recommendations (#16629 ) Changes according to the latest [OWASP cheat sheet for secure Password Storage](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2): - Changed default password hashing algorithm from pbkdf2-sha256 to pbkdf2-sha512 - Increased number of hash iterations for pbkdf2-sha1 from 20.000 to 1.300.000 - Increased number of hash iterations for pbkdf2-sha256 from 27.500 to 600.000 - Increased number of hash iterations for pbkdf2-sha512 from 30.000 to 210.000 - Adapt PasswordHashingTest to new defaults - The test testBenchmarkPasswordHashingConfigurations can be used to compare the different hashing configurations. - Document changes in changes document with note on performance and how to keep the old behaviour. - Log a warning at the first time when Pbkdf2PasswordHashProviderFactory is used directly Fixes #16629 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-01-24 18:35:51 +01:00
Stian Thorgersen	fea49765f0	Remove Jetty 9.4 adapters (#26261 ) Only removing the distribution of the Jetty adapter for now, and leaving the rest for now. This is due to the complexity of removing all Jetty adapter code due to Spring, OSGI, Fuse, testsuite, etc. and it will be better to leave the rest of the clean-up to after 24 when we are removing most adapters Closes #26255 Signed-off-by: stianst <stianst@gmail.com>	2024-01-24 11:17:29 +01:00
Martin Kanis	84603a9363	Map Store Removal: Rename Legacy* classes (#26273 ) Closes #24105 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-01-23 13:50:31 +00:00
Jon Koops	5bf2d4b6ec	Enable PKCE by default for Keycloak JS (#26412 ) Closes #26411 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-01-23 14:04:13 +01:00
Thomas Darimont	cc7d6a9b79	Improve wording for Concepts for configuring thread pools in docs Closes #26402 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-01-23 12:56:55 +00:00
Alexander Schwartz	e6cd9a2987	Remove product specific content about Linux only (#26222 ) Closes #26220 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-01-22 10:38:07 +01:00
Pedro Ruivo	70b4c6bf52	Encrypt network communication in JGroups Closes #25702 Signed-off-by: Pedro Ruivo <pruivo@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-01-18 17:24:27 +00:00
rmartinc	2f0a0b6ad8	Remove deprecated mode for saml encryption Closes #26291 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-01-18 16:52:10 +01:00
Lex Cao	a960d0d8fa	Add upgrading docs for changes to send-verify-email API Closes #26146. Signed-off-by: Lex Cao <lexcao@foxmail.com>	2024-01-18 09:48:01 +01:00
Ryan Emerson	ba76682590	Use the http-max-queued-requests option for load shedding in HA docs Resolves #26223 Signed-off-by: Ryan Emerson <remerson@redhat.com>	2024-01-17 15:44:08 +01:00
Alexander Schwartz	b9498b91cb	Deprecating the offline session preloading (#26160 ) Closes #25300 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-01-16 09:29:01 +01:00
Luca Orlandi	d70dd9db67	Update placeholders for hostname and port (#24153 ) Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-01-11 12:05:05 +01:00
Kévin Martins	16dddfa49c	Complete the documentation for the use case of a resource from an email template. (#25705 ) Signed-off-by: Kevin MARTINS <k.martins@ubitransport.com>	2024-01-10 18:08:04 -03:00
Alexander Schwartz	0f48027ffb	Reduce internal unsupported options in the Keycloak HA documentation Closes #26068 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-01-10 17:38:15 +01:00
AndyMunro	b875acbc20	Change RHDG to Infinispan Closes #26083 Signed-off-by: AndyMunro <amunro@redhat.com>	2024-01-10 17:18:50 +01:00

... 3 4 5 6 7 ...

949 commits