Alexander Schwartz
b9498b91cb
Deprecating the offline session preloading ( #26160 )
...
Closes #25300
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-01-16 09:29:01 +01:00
Alexander Schwartz
01939bcf34
Remove concurrent loading of remote sessions as at startup time only one node is up anyway. ( #25709 )
...
Closes #22082
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Martin Kanis <martin-kanis@users.noreply.github.com>
2024-01-09 16:55:22 +01:00
Douglas Palmer
58d167fe59
Deleting a User or User Group might cause that all users suddenly get the permissions of the deleted user.
...
Closes #24651
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-01-08 19:32:01 -03:00
Alexander Schwartz
badf3f461d
Making metrics with labels for embedded Infinispan the default
...
Closes #25935
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-01-08 21:29:03 +01:00
Jon Koops
ddcaa6dcbf
Add release announcement and migration for new welcome theme ( #25895 )
...
Closes #25894
Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-01-08 13:10:51 +00:00
Pedro Igor
8ff9e71eae
Do not allow verifying email from a different account
...
Closes #14776
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-01-05 12:45:07 +01:00
Steven Hawkins
667ce4be9e
enhance: supporting versioned features ( #24811 )
...
also adding a common PropertyMapper validation method
closes #24668
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2024-01-03 17:56:31 +01:00
Pedro Igor
ceb085e7b8
Update the UPDATE_EMAIL feature to rely on the user profile configuration when rendering templates and validating the email
...
Closes #25704
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2023-12-20 15:15:06 -03:00
Pedro Igor
778847a3ce
Updating theme templates to render user attributes based on the user profile configuration
...
Closes #25149
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2023-12-18 15:35:52 -03:00
Steven Hawkins
bee7595275
fix: adding the kube ca cert to the truststores
...
closes #10794
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
2023-12-18 15:56:43 +01:00
Steven Hawkins
08751001db
enhance: adds truststores to the keycloak cr ( #25215 )
...
also generally correcting the misspelling trustore
closes : #24798
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2023-12-14 11:15:06 -03:00
Václav Muzikář
e4c348e99e
Add new --proxy-headers
option ( #25178 )
...
* Add new `--proxy-headers` option
Closes #23431
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
* Address review comments vol. 03
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
* Address review comments vol. 04
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
---------
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-12-13 10:48:12 -03:00
Pedro Igor
fa79b686b6
Refactoring user profile interfaces and consolidating user representation for both admin and account context
...
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2023-12-13 08:27:55 +01:00
Steven Hawkins
4db4982e9d
enhance: adding a start optimized flag ( #25216 )
...
closes : #25015
Update docs/guides/operator/customizing-keycloak.adoc
Update docs/documentation/release_notes/topics/24_0_0.adoc
Update operator/src/main/java/org/keycloak/operator/crds/v2alpha1/deployment/KeycloakSpec.java
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
2023-12-11 16:15:16 +00:00
Alexander Schwartz
a08f112f79
Add links to guides and GitHub discussions ( #25271 )
...
This should increase the likelihood for feedback
Closes #25270
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2023-12-05 08:57:52 +01:00
Michal Hajas
cafc238ff2
Add documentation for lb-check
...
Closes #25077
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-11-30 12:47:06 +00:00
Steven Hawkins
8c3df19722
feature: add option for creating a global truststore ( #24473 )
...
closes #24148
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2023-11-30 08:57:17 +01:00
rmartinc
16afecd6b4
Allow automatic download of SAML certificates in the identity provider
...
Closes https://github.com/keycloak/keycloak/issues/24424
Signed-off-by: rmartinc <rmartinc@redhat.com>
2023-11-29 18:03:31 +01:00
Jon Koops
48fc29a5c6
Use exports
field for Keycloak JS ( #24974 )
...
Closes #24923
Signed-off-by: Jon Koops <jonkoops@gmail.com>
2023-11-24 10:50:02 +01:00
Stian Thorgersen
f41383a851
Release notes editorial for 23 ( #24972 )
...
Signed-off-by: stianst <stianst@gmail.com>
2023-11-23 13:34:45 +01:00
Alexander Schwartz
834ef79509
Adding a Keycloak High Availability section to Keycloak's docs
...
The content was moved over from the Keycloak Benchmark subproject.
Closes #24844
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Pedro Ruivo <pruivo@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Kamesh Akella <kakella@redhat.com>
Co-authored-by: Ryan Emerson <remerson@redhat.com>
Co-authored-by: Anna Manukyan <amanukya@redhat.com>
Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: AndyMunro <amunro@redhat.com>
2023-11-23 12:27:47 +00:00
mposolda
87c45437a5
Release notes for max auth age password policy
...
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-11-22 07:35:09 +01:00
Marek Posolda
765e4838e9
Remove OIDC and SAML adapters for Wildfly/EAP ZIP downloads. Update documentation. ( #24877 )
...
* Update EAP documentation for OIDC and SAML (#24734 )
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
(cherry picked from commit d7f2ad747d90dd0475a016fcfd528fea4ebed043)
Signed-off-by: Stian Thorgersen <stianst@gmail.com>
* Remove OIDC and SAML adapters for Wildfly/EAP ZIP downloads. Update documentation.
Closes #24713
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
---------
Signed-off-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2023-11-21 14:22:00 +00:00
Václav Muzikář
15a83985b1
Implement load shedding
...
Closes #23340
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2023-11-21 13:43:09 +01:00
Alexander Schwartz
1b12fe132b
Update documentation for removal of the map store
...
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Closes #24092
2023-11-13 15:38:05 +01:00
mposolda
4ec85707f4
Upgrading notes for user profile
...
closes #24491
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-11-06 02:19:26 -08:00
mposolda
70e820469a
Updating release notes for Keycloak 23 with some 'core features' improvements
...
closes #23971
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-11-01 17:39:02 +01:00
Ivan Atanasov
7b0683879d
Updated documentations to mention Resteasy reactive migration
...
Closes #23444
2023-10-31 20:59:12 +01:00
Hynek Mlnařík
3f55cd72d7
Docs: Fix account name
...
Closes : #24341
2023-10-27 09:32:27 +02:00
Takashi Norimatsu
1c8cddf145
passkeys: documentation
...
closes #23660
2023-10-24 14:48:13 +02:00
Stian Thorgersen
1194c2507d
Add 22.0.3 to release notes ( #23238 )
...
Closes #23235
2023-09-14 11:06:06 +02:00
Pedro Igor
5958c7948d
Ignore attributes when they are not prefixed with user.attributes prefix ( #23184 )
...
Co-authored-by: mposolda <mposolda@gmail.com>
Co-authored-by: stianst <stianst@gmail.com>
2023-09-14 10:35:47 +02:00
Martin Bartoš
6ca78b7554
Return Oracle JDBC driver to the upstream
...
Closes #22999
2023-09-06 19:11:29 +02:00
mposolda
57e51e9dd4
Use an original domain name of Kerberos Principal in UserModel attribute instead of configured value of Kerberos realm in User federation
...
closes #20045
2023-08-30 13:24:48 +02:00
Marek Posolda
6f989fc132
Fallback to next LDAP/Kerberos provider when not able to find authenticated Kerberos principal ( #22531 )
...
closes #22352 #9422
2023-08-29 11:21:01 +00:00
Martin Bartoš
fcf65389ea
Remove Oracle Database JDBC driver from the Keycloak distribution ( #22577 )
...
* Remove Oracle Database JDBC driver from the Keycloak distribution
Closes #22452
* Remove profile for proprietary Oracle JDBC driver
---------
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-08-21 15:13:49 +00:00
mposolda
710f28ce9e
DPoP release notes and documentation polishing
...
closes #21922
2023-08-08 09:47:28 +02:00
Marek Posolda
d954dfec5e
Release notes and documentation for FAPI 2 ( #22228 )
...
Closes #21945
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-08-04 08:21:27 +02:00
Alexander Schwartz
748c53df7f
Use Java mechanisms to read language files and default to UTF-8 ( #21755 )
...
Closes #21753
2023-08-01 11:27:10 +02:00
Stian Thorgersen
3d33878c33
Update release notes for 22 ( #21583 )
...
* Updates to release notes
* Fix
2023-07-11 11:02:45 +02:00
rmartinc
09e30b3c99
Support for JWE IDToken and UserInfo tokens in OIDC brokers
...
Closes https://github.com/keycloak/keycloak/issues/21254
2023-07-03 21:25:46 -03:00
mposolda
0ea2891eee
Remove support for OpenJDK 11 on the server side
...
closes #15014
2023-07-03 13:12:22 -03:00
Daniele Martinoli
e2ac9487f7
Conditional login through identity provider ( #20188 )
...
Closes #20191
Co-authored-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
2023-06-29 18:44:15 +02:00
Steven Hawkins
88992dae19
widens status to be any type. ( #21281 )
...
this is to avoid olm complaining about an incompatible schema during
upgrade
Relates to #13074
2023-06-29 08:57:22 +02:00
Ricardo Martin
1973d0f0d4
Check the redirect URI is http(s) when used for a form Post ( #22 )
...
Closes https://github.com/keycloak/security/issues/22
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Signed-off-by: Peter Skopek <pskopek@redhat.com>
2023-06-28 17:52:48 -03:00
Hynek Mlnarik
c092c76ae8
Remove ldapsOnly (Java)
...
In `LDAPConstants.java`, the function to set the Truststore SPI system property was removed, as this is now handled by the `shouldUseTruststoreSpi` method in `LdapUtil`.
Closes : #9313
2023-06-28 08:30:09 +02:00
Stian Thorgersen
4fcb154d36
Add removal of account console v1 to release notes ( #21212 )
...
* Add removal of account console v1 to release notes
* Update docs/documentation/release_notes/topics/22_0_0.adoc
Co-authored-by: Jon Koops <jonkoops@gmail.com>
* Update docs/documentation/release_notes/topics/22_0_0.adoc
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
* Update docs/documentation/release_notes/topics/22_0_0.adoc
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
* Update docs/documentation/release_notes/topics/22_0_0.adoc
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
---------
Co-authored-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-06-28 07:52:10 +02:00
Steve Hawkins
6a92669139
finishes the conversion away from createOrReplace
...
however this is a broader change given the implications of
serverSideApply vs createOrReplace - mostly the concern of only applying
the managed state not based upon an existing resource
Closes #20850
2023-06-23 11:55:47 -03:00
Steven Hawkins
fc0be1a65b
Update docs/documentation/release_notes/topics/22_0_0.adoc
...
Co-authored-by: Peter Zaoral <pepo48@gmail.com>
2023-06-21 17:14:33 -03:00
Steve Hawkins
5701f70157
changes condition status to be a string, rather than a boolean
...
Closes #13074
2023-06-21 17:14:33 -03:00