mposolda
a98f085be6
KEYCLOAK-5618 Fix SessionsPreloadCrossDCTest. Update HOW-TO-RUN docs. Ensure it's executed in travis.
2017-11-09 17:39:04 +01:00
mposolda
701b7acd80
KEYCLOAK-5371 More stable cross-dc tests
2017-11-08 10:03:04 +01:00
mposolda
62a1c187a2
KEYCLOAK-5716 KEYCLOAK-5738 Avoid infinispan deadlock. Ensure code-to-token works correctly in cross-dc
2017-11-07 09:01:59 +01:00
Hynek Mlnarik
92027e4c57
KEYCLOAK-5745 Fix ActionTokenCrossDCTest and improve logging
2017-10-27 08:45:05 +02:00
Hynek Mlnarik
75c354fd94
KEYCLOAK-5745 Separate user and client sessions in infinispan
2017-10-26 10:39:41 +02:00
Marek Posolda
a7bc294a08
Merge pull request #4594 from hmlnarik/KEYCLOAK-5688-Externalizer-for-entities-shared-across-DC-2
...
KEYCLOAK-5688 Externalizers for cluster messages and predicates
2017-10-24 14:41:16 +02:00
mposolda
9a19e95b60
KEYCLOAK-5710 Change cache-server to use backups based caches
2017-10-24 11:52:08 +02:00
Hynek Mlnarik
faf830dc77
KEYCLOAK-5688 Externalizers for cluster messages and predicates
2017-10-23 12:18:56 +02:00
Bill Burke
92245e3fc8
fixes
2017-10-20 09:55:37 -04:00
Bill Burke
54ebc21880
KEYCLOAK-5698
2017-10-19 19:38:56 -04:00
Bill Burke
0371a562d9
Merge pull request #4574 from patriot1burke/master
...
KEYCLOAK-5701
2017-10-19 10:33:10 -04:00
Bill Burke
8faa6f1f4d
KEYCLOAK-5701
2017-10-18 18:20:50 -04:00
Hynek Mlnarik
6d18ba4b32
KEYCLOAK-5688 Add externalizers for session entities
...
and remove unused events
2017-10-18 16:04:57 +02:00
Hynek Mlnarik
056ba75a72
KEYCLOAK-5656 Use standard infinispan remote-store
2017-10-16 21:49:42 +02:00
Bruno Oliveira da Silva
b6ab2852c2
Remove unused imports ( #4558 )
2017-10-16 14:23:42 +02:00
mposolda
26f11078dc
KEYCLOAK-5371 Use managed executors on Wildfly
2017-10-11 11:09:53 +02:00
mposolda
f5ff24ccdb
KEYCLOAK-5371 Fix SessionExpirationCrossDCTest, Added ExecutorsProvider. Debug support for cache-servers in tests
2017-10-10 22:30:44 +02:00
Hynek Mlnarik
fe972ce12b
KEYCLOAK-5656 Remove remoteServers configuration option
2017-10-09 11:58:28 +02:00
Hynek Mlnarik
6cbfbeca0b
KEYCLOAK-5656 Remove KeycloakTcpTransportFactory
2017-10-06 13:20:17 +02:00
mposolda
bca4c35708
KEYCLOAK-5371 Fix ActionTokenCrossDCTest and BruteForceCrossDCTest
2017-10-04 13:25:45 +02:00
Marek Posolda
13fe9e7cf8
Merge pull request #4510 from glavoie/KEYCLOAK-3303
...
KEYCLOAK-3303: Allow reuse of refresh tokens.
2017-09-29 17:07:45 +02:00
mposolda
3b6e1f4e93
KEYCLOAK-5007 Used single-use cache for tracke OAuth code. OAuth code changed to be encrypted and signed JWT
2017-09-29 13:20:22 +02:00
mposolda
63673c4328
KEYCLOAK-5569 Added JWE
2017-09-29 13:01:42 +02:00
Gabriel Lavoie
134daeac7f
KEYCLOAK-3303: Allow reuse of refresh tokens.
...
- Configurable max reuse count.
2017-09-28 15:30:40 -04:00
Bill Burke
fd025ae76b
Merge pull request #4209 from guitaro/feature/group-search-and-pagination
...
[KEYCLOAK-2538] - groups pagination and group search
2017-09-23 20:52:19 -04:00
howcroft
e78bf5f876
Keycloak 2035
...
This PR adds:
* an endpoint to Role that lists users with the Role
* a tab "Users in Role" in Admin console Role page
* it is applicable to Realm and Client Roles
* Extends UserQueryProvider with default methods (throwing Runtime Exception if not overriden)
* Testing in base testsuite and Console
2017-09-22 15:05:49 +01:00
mposolda
ca92bcbf7f
KEYCLOAK-5480 Cross-DC setup: Remote cache stores are connecting to Infinispan servers in both datacenters
2017-09-18 18:04:04 +02:00
Levente NAGY
d18aa44fb4
Merge branch 'feature/group-search-and-pagination' of https://github.com/guitaro/keycloak into feature/group-search-and-pagination
2017-09-13 16:48:24 +02:00
Levente NAGY
e907da77d7
KEYCLOAK 2538 - UI group pagination - Remove junit mocked TUs, add arquillian Tests, delete mockito from poms, fix groups sorting when get result from cache
2017-09-13 16:45:45 +02:00
Léventé NAGY
503ce3a47f
Merge branch 'master' into feature/group-search-and-pagination
2017-09-13 10:27:38 +02:00
Pedro Igor
90db6654d3
Merge pull request #4451 from glavoie/KEYCLOAK-4858-ResourceServer
...
KEYCLOAK-4858: Slow query performance for client with large data volume
2017-09-12 15:54:16 -03:00
Hynek Mlnarik
24e9cbb292
KEYCLOAK-4899 Replace updates to user session with temporary auth session
2017-09-11 21:43:49 +02:00
Levente NAGY
2c24b39268
KEYCLOAK 2538 - UI group pagination
2017-09-07 19:39:06 +02:00
Gabriel Lavoie
c1664478d9
KEYCLOAK-4858: Slow query performance for client with large data volume
...
- Changing RESOURCE_SERVER PK to the client ID.
- Changing FK on children of RESOURCE_SERVER.
- Use direct fetch of ResourceServer through ID/PK to avoid a lot of implicit Hibernate flush.
2017-09-06 09:55:53 -03:00
Pedro Igor
9ed5fc5595
[KEYCLOAK-5389] - Invalidating ResourceStore.findByUri cache when creating new resources
2017-09-05 11:45:51 -03:00
mposolda
43ce466aa6
KEYCLOAK-5294 Cross-dc working on Wildfly
2017-08-24 18:03:01 +02:00
Pedro Igor
3ff38e22cf
[KEYCLOAK-4639] - Invalidating resource query by owner cache
2017-08-23 15:11:48 -03:00
mposolda
fe5891fbdb
KEYCLOAK-5293 Add notBefore to user
2017-08-23 08:58:26 +02:00
mposolda
089514d8a6
KEYCLOAK-4634 Cross-dc support for UserLoginFailures
2017-08-17 10:22:12 +02:00
mposolda
fc777e166c
KEYCLOAK-3298 Bit more perf improvement for bulk removal of sessions
2017-08-14 16:17:59 +02:00
mposolda
c4bb29b4bb
KEYCLOAK-4187 SessionExpirationCrossDCTest - added tests for user logout and removal
2017-08-14 11:19:07 +02:00
mposolda
868e76fcf3
KEYCLOAK-4630 Added SessionsPreloadCrossDCTest for test preloading sessions and offline sessions. Support for manual.mode to control manually lifecycle of all servers.
2017-08-11 17:44:00 +02:00
mposolda
1289e84cdb
KEYCLOAK-4630 Refactor RemoteCacheSessionsLoader to use JS script for preload sessions through more pages
2017-08-11 17:44:00 +02:00
Levente NAGY
c8aa708cff
Merge remote-tracking branch 'upstream/master'
2017-08-10 18:14:49 +02:00
mposolda
0f7440d344
KEYCLOAK-4187 Fixes and tests related to sessions expiration and bulk removal in cross-dc environment
2017-08-10 08:29:59 +02:00
mposolda
a72c297d5d
KEYCLOAK-4187 Fix LoginCrossDCTest
2017-08-08 14:02:48 +02:00
Hynek Mlnarik
9ca72dc5c6
KEYCLOAK-4189 Improve logging and concurrency/cross-DC testing
2017-08-08 10:11:51 +02:00
Hynek Mlnarik
80177e8712
KEYCLOAK-4187 Include version when marshalling UserSessionEntity
2017-08-08 10:11:51 +02:00
Hynek Mlnarik
125b178297
KEYCLOAK-4187 Fix warnings
2017-08-08 10:11:51 +02:00
mposolda
251b41a7ac
KEYCLOAK-4187 Fix LastSessionRefreshCrossDCTest and ConcurrentLoginCrossDCTest
2017-08-07 11:55:49 +02:00
mposolda
07e2136b3b
KEYCLOAK-4187 Added UserSession support for cross-dc
2017-07-27 22:32:58 +02:00
Josh Cain
89fcddd605
KEYCLOAK-3592 Docker auth implementation
2017-06-29 06:37:34 +02:00
Léventé NAGY
1a50e77a4d
Merge branch 'master' into feature/group-search-and-pagination
2017-06-26 20:36:36 +02:00
Stian Thorgersen
1c10199698
Merge pull request #4252 from hmlnarik/KEYCLOAK-5078-ConcurrencyTest-fails-intermittently
...
KEYCLOAK-5078 ConcurrencyTest fails intermittently
2017-06-26 12:48:37 +02:00
Hynek Mlnarik
955cbc76d7
KEYCLOAK-5030 Change action tokens cache type to distributed
2017-06-26 10:11:53 +02:00
Hynek Mlnarik
8f9ed32a66
KEYCLOAK-5078 ConcurrencyTest fails intermittently
...
This commit fixes 401 Unauthorized issues
2017-06-23 15:16:23 +02:00
Léventé NAGY
41d8d17062
Merge branch 'master' into feature/group-search-and-pagination
2017-06-22 17:41:30 +02:00
mposolda
fc61a4e89f
KEYCLOAK-4631 Move ClientInitialAccessModel from userSession model to realm model
2017-06-21 22:14:20 +02:00
Hynek Mlnarik
2e2d15be9f
KEYCLOAK-4189 Infinispan cache and channel statistics for Cross-DC-testing
2017-06-20 12:48:08 +02:00
Pedro Igor
6202222da4
Merge pull request #4221 from pedroigor/KEYCLOAK-5051
...
[KEYCLOAK-5051] - Invalidate authz cache when realm cache is cleared
2017-06-14 07:53:46 -03:00
Pedro Igor
473065fd31
[KEYCLOAK-5051] - Invalidate authz cache when realm cache is cleared
2017-06-12 12:29:21 -03:00
Hynek Mlnarik
a0f3a6469f
KEYCLOAK-4189 - Cross DC testing
2017-06-12 11:14:28 +02:00
Pedro Igor
84d2d7b431
Missing invalidation for some queries cache
2017-06-08 18:09:44 -03:00
Levente NAGY
f377a45c4e
[KEYCLOAK-2538] - groups count for pagination limits
2017-06-07 20:52:22 +02:00
Levente NAGY
c4da7637d6
[KEYCLOAK-2538] - groups pagination and group search
2017-06-06 18:32:48 +02:00
Pedro Igor
1d5bd2567e
[KEYCLOAK-4913] - Caching more query methods
2017-05-23 16:13:20 -03:00
Pedro Igor
37a98fba20
[KEYCLOAK-4913] - Caching more query methods
2017-05-22 19:08:24 -03:00
mposolda
e2a7b71cf3
KEYCLOAK-4939 ConcurrentLoginTest broken in latest master
2017-05-19 14:00:52 +02:00
Bill Burke
2cac8b1bb7
KEYCLOAK-4929
2017-05-18 16:53:31 -04:00
Bill Burke
c291748f43
KEYCLOAK-4929
2017-05-18 16:48:04 -04:00
Marek Posolda
70d7e07526
Merge pull request #4132 from mposolda/cross-dc4-squash
...
KEYCLOAK-4626 KEYCLOAK-4627 Authentication sessions & Action tokens
2017-05-15 12:46:43 +02:00
Pedro Igor
d824b4d93c
Changing cache key for findByResource
2017-05-12 10:25:06 -03:00
Pedro Igor
7569493b17
Invalidating cache for findByowner
2017-05-12 10:23:54 -03:00
mposolda
7d8796e614
KEYCLOAK-4626 Support for sticky sessions with AUTH_SESSION_ID cookie. Clustering tests with embedded undertow. Last fixes.
2017-05-11 22:24:07 +02:00
Hynek Mlnarik
b8262a9f02
KEYCLOAK-4628 Single-use cache + its functionality incorporated into reset password token. Utilize single-use cache for relevant actions in execute-actions token
2017-05-11 22:16:26 +02:00
mposolda
db8b733610
KEYCLOAK-4626 Fix TrustStoreEmailTest and PolicyEvaluationCompositeRoleTest. Distribution update
2017-05-11 22:16:26 +02:00
Hynek Mlnarik
c431cc1b01
KEYCLOAK-4627 IdP email account verification + code cleanup. Fix for concurrent access to auth session notes
2017-05-11 22:16:26 +02:00
mposolda
168153c6e7
KEYCLOAK-4626 Authentication sessions - SAML, offline tokens, broker logout and other fixes
2017-05-11 22:16:26 +02:00
mposolda
e7272dc05a
KEYCLOAK-4626 AuthenticationSessions - brokering works. Few other fixes and tests added
2017-05-11 22:16:26 +02:00
mposolda
a9ec69e424
KEYCLOAK-4626: AuthenticationSessions - working login, registration, resetPassword flows
2017-05-11 22:16:26 +02:00
mposolda
83b29c5080
KEYCLOAK-4626 AuthenticationSessions: start
2017-05-11 22:16:26 +02:00
Pedro Igor
e14be4460b
[KEYCLOAK-4867] - Cluster events and invalidations
2017-05-05 22:48:51 -03:00
Bill Burke
af792b8abe
fix
2017-04-29 17:03:36 -04:00
Bill Burke
1f4311a02c
KEYCLOAK-4821
2017-04-29 10:41:32 -04:00
Eriksson Fabian
ca1152c3e5
KEYCLOAK-4204 Extend brute force protection with permanent lockout on failed attempts
...
- Can still use temporary brute force protection.
- After X-1 failed login attempt, if the user successfully logs in his/her fail login count is reset.
2017-04-28 09:02:10 +02:00
mposolda
1fd5af840b
KEYCLOAK-4525 Deleting a client with existing sessions/offline_tokens leads to Internal Server Errors
2017-04-24 11:24:09 +02:00
Pedro Igor
bf69bc94bb
[KEYCLOAK-4754] - Unable to delete realm when using aggregated policies
2017-04-20 12:10:52 -03:00
Pedro Igor
8e877a7f6c
[KEYCLOAK-3135] - More tests
2017-04-12 14:34:27 -03:00
Pedro Igor
eec712a259
[KEYCLOAK-3135] - Role and user policies apis
2017-04-12 00:52:14 -03:00
Pedro Igor
54ebc1918c
[KEYCLOAK-3135] - Using abstract policy representation when creating policies and updating tests
2017-04-12 00:52:13 -03:00
Pedro Igor
55f747ecd0
[KEYCLOAK-3135] - Part 1: Permission Management API
2017-04-12 00:52:13 -03:00
Pedro Igor
1f50421a54
[KEYCLOAK-4726] - Multiple role policies crash realm delete
2017-04-06 12:36:03 -03:00
Jared Blashka
61bd9bb58c
Fix CachePolicy.MAX_LIFESPAN invalidation
2017-03-20 22:56:35 -04:00
Pedro Igor
e7e6314146
[KEYCLOAK-4555] - Fixes and improvements to evaluation code
2017-03-13 14:08:54 -03:00
Bill Burke
cf5e2a1d20
unlink/remoteimported
2017-02-08 19:48:22 -05:00
mposolda
e487db349c
KEYCLOAK-4274 Fix recursive composite role mappings
2017-01-23 17:55:45 +01:00
Marko Strukelj
7de999a7f9
KEYCLOAK-3657 Role id is not preserved during import-export operation
2017-01-13 17:46:30 +01:00
mposolda
9a6f202c46
KEYCLOAK-4137 Significant performance lag in 'get client role by role name'
2017-01-12 11:55:58 +01:00
mposolda
7098daaf72
KEYCLOAK-4066 TimeoutException in cluster environment in ClearExpiredSessions
2017-01-11 12:27:51 +01:00
mposolda
b5317f3485
RHSSO-377 Added reproducer unit test L1SerializationIssueTest
2016-12-22 11:41:10 +01:00
Pedro Igor
df7a68b709
[KEYCLOAK-4125] - Fixing when running in a cluster
2016-12-21 20:04:08 -02:00
Stian Thorgersen
663b99d884
KEYCLOAK-4127
...
Temporarily disable cache for authorization services as it breaks clustering
2016-12-21 08:36:24 +01:00
Pedro Igor
c9c8acd029
[KEYCLOAK-4034] - Invalidating policy cache when creating resources and scopes
2016-12-19 20:28:49 -02:00
Pedro Igor
40591cff25
Merge pull request #3662 from pedroigor/KEYCLOAK-4034
...
[KEYCLOAK-4034] - Improvements to UI, performance and some code cleanup
2016-12-19 16:49:10 -02:00
Pedro Igor
5cf5168770
[KEYCLOAK-4034] - Improvements to UI, performance and some code cleanup
2016-12-19 16:48:16 -02:00
Pedro Igor
c9c9f05e29
[KEYCLOAK-4034] - Improvements to UI, performance and some code cleanup
2016-12-19 11:22:37 -02:00
Slawomir Dabek
93cec9b3ee
KEYCLOAK-4059 Support for duplicate emails
2016-12-19 10:55:12 +01:00
Marek Posolda
c8b22e71f0
Merge pull request #3573 from glavoie/KEYCLOAK-4003
...
KEYCLOAK-4003: Slow Infinispan RoleAdapter.hasRole() call.
2016-12-06 09:49:42 +01:00
Gabriel Lavoie
32c23c2410
KEYCLOAK-4002: realmRevisions cache too small with high number of realms.
...
- Increased the hardcoded default value to help running master with high number of realms.
- Added a value computation based on the realms cache max size (to match the userRevisions cache configuration pattern).
- Computed revisions cache size is now 2 times the configured maximum cache size.
- Added a maximum realms cache size configuration to the different standalone.xml templates.
- Added a missing users cache size configuration to standalone.xsl.
2016-12-05 08:07:24 -05:00
Gabriel Lavoie
6fa504489f
KEYCLOAK-4003: Slow Infinispan RoleAdapter.hasRole() call.
...
- Added a session/query cache for the result getComposites() to avoid always hitting the Infinispan cache.
- KeycloakModelUtils doesn't rely anymore on a "visited" set as performance seems good without it.
- Added test for multiple levels of composite roles. Only one level was covered.
2016-11-30 10:56:26 -05:00
mposolda
ec49d10007
KEYCLOAK-3997 InfinispanKeyStorageProviderTest was failing
2016-11-30 08:38:35 +01:00
Bill Burke
b33afcd47c
KEYCLOAK-3903 KEYCLOAK-3960
2016-11-29 16:43:06 -05:00
mposolda
69ce1e05f0
KEYCLOAK-3822 Changing signature validation settings of an external IdP is not sometimes reflected
2016-11-28 15:27:25 +01:00
mposolda
7c6032cc84
KEYCLOAK-3825 Ability to expire publicKeys cache. Migrated OIDCBrokerWithSignatureTest to new testsuite
2016-11-25 17:45:37 +01:00
Bill Burke
ccbd8e8c70
remove User Fed SPI
2016-11-23 16:06:44 -05:00
Bill Burke
d5925b8ccf
remove realm UserFed SPI methods
2016-11-23 08:31:20 -05:00
mposolda
6df7a80352
KEYCLOAK-3931 Fix Mongo to have LDAP tests pass
2016-11-21 11:25:18 +01:00
mposolda
76bfbad2c4
KEYCLOAK-3895 Make UserSessionProvider and UserSessionPersisterProvider to rely on UserRemovedEvent callbacks
2016-11-18 15:58:33 +01:00
Stian Thorgersen
7043ecc21b
KEYCLOAK-3881 Fix login status iframe with * origin
2016-11-18 12:50:52 +01:00
mposolda
a27be0cee7
KEYCLOAK-3857 Clustered invalidation cache fixes and refactoring. Support for cross-DC for invalidation caches.
2016-11-16 22:29:23 +01:00
Bill Burke
cc0eb47814
merge
2016-11-14 15:09:41 -05:00
Bill Burke
c280634bfa
fix tests
2016-11-14 15:06:17 -05:00
Bill Burke
8a5f817030
ldap jpa migration
2016-11-10 16:52:18 -05:00
Stian Thorgersen
7e33f4a7d1
KEYCLOAK-3882 Split server-spi into server-spi and server-spi-private
2016-11-10 13:28:42 +01:00
Bill Burke
14dc0ff92f
Merge remote-tracking branch 'upstream/master'
2016-11-05 20:05:01 -04:00
Bill Burke
4302b440ee
ldap port
2016-11-05 20:04:53 -04:00
Pedro Igor
4bf5da8fac
Merge pull request #3371 from brewers/bug/cache-dynamic-resource
...
KEYCLOAK-3752 : Include programmatically created resources in the resource cache
2016-11-02 07:19:04 -02:00
Stian Thorgersen
3d46b4c425
KEYCLOAK-3667
2016-10-28 08:43:24 +02:00
Bill Burke
3e28ac1e46
user spi cache policy
2016-10-24 15:36:37 -04:00
Bill Burke
139158e614
fix
2016-10-20 12:36:24 -04:00
Bill Burke
36c2422fa4
realm cache event
2016-10-20 10:35:28 -04:00
mposolda
3779bfb6b4
KEYCLOAK-3666 client registration policies - polishing
2016-10-19 17:45:23 +02:00
Cherian Mathew
2bba6af6d9
Include programmatically created resources in the resource cache
2016-10-19 11:04:22 +02:00
Bill Burke
2199df71bf
Merge remote-tracking branch 'upstream/master'
2016-10-18 10:14:00 -04:00
Bill Burke
4182e4d92a
federated import/export
2016-10-18 10:13:51 -04:00
Marek Posolda
940237ee78
Merge pull request #3304 from hmlnarik/KEYCLOAK-2964
...
KEYCLOAK-2964 - Fix groups not applied for authentication of admin operations
2016-10-18 14:50:12 +02:00
Geir Ole Hiåsen Stevning
95f62c6aeb
KEYCLOAK-3626 - CreatedDate and lastUpdatedDate on user consent
2016-10-17 13:53:12 +02:00
Stian Thorgersen
d2cae0f8c3
KEYCLOAK-905
...
Realm key rotation for OIDC
2016-10-13 11:19:52 +02:00
Hynek Mlnarik
03cf9bad2e
KEYCLOAK-2964 - Fix groups not applied for authentication of admin operations
2016-10-11 15:21:38 +02:00
Bill Burke
c5600e888d
revactor CredentialValidationOutput apis
2016-10-04 17:26:45 -04:00
mposolda
0f9798a10d
KEYCLOAK-3493 KEYCLOAK-3532 Renamed KeyStorageProvider to PublicKeyStorageProvider
2016-10-03 15:23:50 +02:00
Bill Burke
d4c3fae546
merge conflicts
2016-09-30 19:19:12 -04:00
Bill Burke
6a4e413bf4
final mongo fixes
2016-09-30 19:08:34 -04:00
mposolda
f9a0abcfc4
KEYCLOAK-3493 KEYCLOAK-3532 Added KeyStorageProvider. Support key rotation for OIDC clients and identity providers with JWKS url.
2016-09-30 21:28:23 +02:00
Bill Burke
8967ca4066
refactor mongo entities, optimize imports
2016-09-28 15:25:39 -04:00
Bill Burke
ff1326fe35
authenticator example updated
2016-09-23 16:50:08 -04:00
Bill Burke
8e65356891
creds
2016-09-22 19:57:39 -04:00
Bill Burke
7209a95dce
credential refactoring
2016-09-22 08:34:45 -04:00
Bill Burke
2a5c778af5
Merge pull request #3209 from patriot1burke/master
...
KEYCLOAK-3440
2016-09-08 09:10:54 -04:00
Stian Thorgersen
1f27fc9e4b
Merge pull request #3153 from cargosoft/KEYCLOAK-3327
...
KEYCLOAK-3327 Make realm attributes accessible via the RealmModel
2016-09-08 08:00:14 +02:00