Pedro Igor
6f7c62fc73
Remove unnecessary endpoints from our JAX-RS entensions
...
Closes #15525
2022-11-16 16:25:33 +01:00
Marek Posolda
f616495b05
Fixing UserFederationLdapConnectionTest,LDAPUserLoginTest to work with FIPS ( #15299 )
...
closes #14965
2022-11-03 16:35:57 +01:00
Michal Hajas
883e83e625
Remove deprecated methods from data providers and models
...
Closes #14720
2022-10-25 09:01:33 +02:00
Mark Andreev
581def56d6
Fix null username in ldap ( #8717 )
...
Closes #14667
2022-09-30 09:34:02 +02:00
rmartinc
cc9326fcad
Delay LDAPObject creation until mandatory attributes are set ( #14341 )
...
Closes #14286
2022-09-16 20:35:50 +02:00
Christoph Leistert
cc2bb96abc
Fixes #9482 : A user could be assigned to a parent group if he is already assigned to a subgroup.
2022-09-06 21:31:31 +02:00
Pedro Igor
5b48d72730
Upgrade Resteasy v4
...
Closes #10916
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2022-07-11 12:17:51 -03:00
Clara Fang
4643fd09e3
Replace occurrences of getParameterTypes().length and getParameters().length with getParameterCount()
...
This should reduce GC pressure.
Closes #12644
2022-06-29 08:53:09 +02:00
Alexander Schwartz
6376db0f9c
code cleanup
2022-06-21 08:53:06 +02:00
Alexander Schwartz
cb0c881821
rename SingleEntityCredentialManager to SubjectCredentialManager
2022-06-21 08:53:06 +02:00
Alexander Schwartz
84d21f0230
for all added files in the PR, update the copyright header or add it if it was missing
2022-06-21 08:53:06 +02:00
Alexander Schwartz
d41764b19b
Inline deprecated methods in legacy code
2022-06-21 08:53:06 +02:00
Alexander Schwartz
08bbb1fb92
Move LDAP REST Endpoints to LDAP package
...
- Thus remove implicit dependency on services on the legacy modules
- Disable tests for LDAP/Kerberos that won't work when map storage is enabled
2022-06-21 08:53:06 +02:00
Alexander Schwartz
1bc6133e4e
redirect calls to userLocalStorage from legacy modules (federation, ldap, sssd, kerberos)
2022-06-21 08:53:06 +02:00
Hynek Mlnarik
e396d0daa1
Renaming SingleUserCredentialManager and UserModel.getUserCredentialManager():
...
- class SingleUserCredentialManager to SingleEntityCredentialManager
- method UserModel.getUserCredentialManager() to credentialManager()
Renaming of API without "get" prefix to make it consistent with other APIs like for example with KeycloakSession
2022-06-21 08:53:06 +02:00
Alexander Schwartz
bc8fd21dc6
SingleUserCredentialManager moving in
...
- UserStorageManager now handles authentication for old Kerberos+LDAP style
- new getUserByCredential method in MapUserProvider would eventually do the same.
2022-06-21 08:53:06 +02:00
Hynek Mlnarik
703e868a51
Preparation for moving User Storage SPI
...
- Introduction of new AdminRealmResource SPI
- Moving handler of /realm/{realm}/user-storage into model/legacy-service
- session.users() and userStorageManager() moved refers legacy module
IMPORTANT: Broken as UserStorageSyncManager is not yet moved
2022-06-21 08:53:06 +02:00
Hynek Mlnarik
247ff52187
Introduce legacy datastore module and update dependencies
2022-06-21 08:53:06 +02:00
Nick Farley
91e88f554e
Replaces instances of himself
with more inclusive language
...
Closes #12300
2022-06-03 12:25:14 -03:00
Sven-Torben Janus
0efa4afd49
Evaluate composite roles for hardcoded LDAP roles/groups
...
Closes: 11771
see also KEYCLOAK-18308
2022-05-02 14:13:37 +02:00
R0Wi
cb4a513e24
Fail authenticate if credentialInput is not of type UserCredentialModel
...
Code fix inside LDAPStorageProvider.java:
return failed result if credential input object is not of expected type
Closes #11191
2022-04-12 14:38:17 +02:00
Alexander Schwartz
fb92b95c33
Revert from getParameterCount() to getParameterTypes().length to be Java 1.7 compatible.
...
This reverts commit bc27c7c464
.
Closes #10840
2022-03-22 10:23:25 +01:00
keycloak-bot
c71aa8b711
Set version to 999-SNAPSHOT ( #10784 )
2022-03-22 09:22:48 +01:00
Clara Fang
bc27c7c464
Replace occurrences of getParameterTypes().length and getParameters().length with getParameterCount()
...
Closes #10333
2022-03-18 11:20:52 +01:00
keycloak-bot
d9f1a9b207
Set version to 18.0.0-SNAPSHOT ( #10165 )
2022-02-11 21:28:06 +01:00
pravsjv
a6acc89bf3
Update LDAPOperationManager.java ( #9561 )
...
Update LDAPOperationManager.java
Closes #9560
2022-01-20 17:33:56 +01:00
keycloak-bot
9f3d4a7d42
Set version to 17.0.0-SNAPSHOT
2021-12-20 10:50:39 +01:00
Marcelo Sales
afeaa6f593
KEYCLOAK-19391: Fix ldap query search adding custom serach filter
2021-12-15 08:54:52 +01:00
Marcelo Sales
e69c3dcb1f
KEYCLOAK-19391: Fix ldap query search adding custom serach filter
2021-12-15 08:54:52 +01:00
Daniel Fesenmeyer
339224578e
KEYCLOAK-10603 adjust assignments to roles (user-role and group-role assignments, client-scope and client "scope mappings"): allow assignments of roles which are already indirectly assigned (e.g. by composite role)
...
- extend RoleMapperModel with method hasDirectRole(RoleModel), which only checks for direct assignment in contrast to the existing method hasRole(RoleModel)
- extend ScopeContainerModel with method hasDirectScope(RoleModel), which only checks for direct scope mapping in contrast to the existing method hasScope(RoleModel)
- use the new hasDirectRole and hasDirectScope methods to check whether a role is in the "available" list and whether it can be assigned (previously, the hasRole method was used for this purpose)
- add hint to UI that available roles contain effectively assigned roles which are not directly assigned
- adjust and extend tests
2021-09-22 13:56:29 +02:00
Marek Posolda
11e5f66c60
KEYCLOAK-19056 EDIT MODE field should not be leave empty ( #8380 )
2021-09-14 20:27:09 +02:00
bohmber
0c64d32b9b
KEYCLOAK-19183
...
LDAPDn should use a static Pattern instead calling String.split with a regex
2021-09-06 09:17:26 +02:00
bohmber
ba946b54f7
KEYCLOAK-19021
...
LDAPOperationManager.getFilterById is causing additional call to AD
2021-08-19 09:25:33 +02:00
Thomas Darimont
f9b4e47851
KEYCLOAK-19036 Avoid infinite loop during LDAP sync with OpenLDAP and olcSizeLimit
...
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2021-08-18 17:42:13 +02:00
mposolda
418d1e3471
KEYCLOAK-19039 Sync UPDATE_PASSWORD required action to only to MSAD with WRITABLE edit mode. Add tests for MSAD mapper
2021-08-18 17:39:19 +02:00
cturkalj
b4536a394a
Missing null check for session.userCache() added
...
NPE when existing user from LDAP is found (same LDAP_ID, but with changed username) and session.userCache() is null.
2021-08-03 13:40:02 +02:00
keycloak-bot
262ec3d031
Set version to 16.0.0-SNAPSHOT
2021-07-30 14:56:10 +02:00
mposolda
e58eeca800
KEYCLOAK-18706 Add UPDATE_PASSWORD required action only to authenticationSession when MSAD requires user to change password
2021-07-28 08:47:01 +02:00
Sven-Torben Janus
c6e7c06f6c
KEYCLOAK-18695 Support user lookup by ID with Novell eDirectory
...
The LDAPOperationManager does not encode GUID correctly when looking up
federated users from Novell eDirectory.
The correct encoding can be found here:
https://support.novell.com/docs/Tids/Solutions/10096551.html
2021-07-27 08:46:04 +02:00
keycloak-bot
13f7831a77
Set version to 15.0.0-SNAPSHOT
2021-06-18 10:42:27 +02:00
rmartinc
b97f177f26
[KEYCLOAK-14696] Unable to fetch list of members from a group through keycloak admin console.
2021-05-20 11:32:23 +02:00
keycloak-bot
4b44f7d566
Set version to 14.0.0-SNAPSHOT
2021-05-06 14:55:01 +02:00
Pascal Euhus
82fc401298
[KEYCLOAK-9841] use LDAPUser UUID as an identifier instead of username
2021-03-16 17:55:24 +01:00
Andrew Elwell
c76ca4ad13
Correct "doesn't exists" typos - fixes KEYCLOAK-14986 ( #7316 )
...
* Correct "doesn't exists" typos
* Revert changes to imported package
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2021-03-16 11:52:36 +01:00
Mathieu CLAUDEL
197b34889c
KEYCLOAK-17146 : Fix reset password MS AD LDS mapper
2021-03-03 09:17:39 +01:00
Thomas Darimont
2faf809536
KEYCLOAK-16464 Allow to map enabled user model attribute to LDAP attribute
2021-01-20 09:24:06 +01:00
Thomas Darimont
f76e9cc833
KEYCLOAK-16464 Allow to map emailVerified user model attribute to LDAP attribute
2021-01-20 09:24:06 +01:00
Michal Hajas
ba8e2fef6b
KEYCLOAK-15524 Cleanup user related interfaces
2021-01-18 16:56:10 +01:00
Jiri Lunacek
91a51c2dbe
KEYCLOAK-16606 add default value to mandatory LDAP attributes
2021-01-15 21:58:04 +01:00
vramik
1402d021de
KEYCLOAK-14846 Default roles processing
2021-01-08 13:55:48 +01:00