Commit graph

72 commits

Author SHA1 Message Date
Alexander Schwartz
b9498b91cb
Deprecating the offline session preloading (#26160)
Closes #25300

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-01-16 09:29:01 +01:00
Alexander Schwartz
01939bcf34
Remove concurrent loading of remote sessions as at startup time only one node is up anyway. (#25709)
Closes #22082

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Martin Kanis <martin-kanis@users.noreply.github.com>
2024-01-09 16:55:22 +01:00
Douglas Palmer
58d167fe59 Deleting a User or User Group might cause that all users suddenly get the permissions of the deleted user.
Closes #24651
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-01-08 19:32:01 -03:00
Alexander Schwartz
badf3f461d Making metrics with labels for embedded Infinispan the default
Closes #25935

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-01-08 21:29:03 +01:00
Jon Koops
ddcaa6dcbf
Add release announcement and migration for new welcome theme (#25895)
Closes #25894

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-01-08 13:10:51 +00:00
Pedro Igor
8ff9e71eae Do not allow verifying email from a different account
Closes #14776

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-01-05 12:45:07 +01:00
Steven Hawkins
667ce4be9e
enhance: supporting versioned features (#24811)
also adding a common PropertyMapper validation method

closes #24668

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2024-01-03 17:56:31 +01:00
Pedro Igor
ceb085e7b8 Update the UPDATE_EMAIL feature to rely on the user profile configuration when rendering templates and validating the email
Closes #25704

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2023-12-20 15:15:06 -03:00
Pedro Igor
778847a3ce Updating theme templates to render user attributes based on the user profile configuration
Closes #25149

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2023-12-18 15:35:52 -03:00
Steven Hawkins
bee7595275
fix: adding the kube ca cert to the truststores
closes #10794

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
2023-12-18 15:56:43 +01:00
Steven Hawkins
08751001db
enhance: adds truststores to the keycloak cr (#25215)
also generally correcting the misspelling trustore

closes: #24798

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2023-12-14 11:15:06 -03:00
Václav Muzikář
e4c348e99e
Add new --proxy-headers option (#25178)
* Add new `--proxy-headers` option

Closes #23431

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>

* Address review comments vol. 03

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

* Address review comments vol. 04

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

---------

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-12-13 10:48:12 -03:00
Pedro Igor
fa79b686b6 Refactoring user profile interfaces and consolidating user representation for both admin and account context
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2023-12-13 08:27:55 +01:00
Steven Hawkins
4db4982e9d
enhance: adding a start optimized flag (#25216)
closes: #25015



Update docs/guides/operator/customizing-keycloak.adoc
Update docs/documentation/release_notes/topics/24_0_0.adoc
Update operator/src/main/java/org/keycloak/operator/crds/v2alpha1/deployment/KeycloakSpec.java

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
2023-12-11 16:15:16 +00:00
Alexander Schwartz
a08f112f79
Add links to guides and GitHub discussions (#25271)
This should increase the likelihood for feedback

Closes #25270

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2023-12-05 08:57:52 +01:00
Michal Hajas
cafc238ff2
Add documentation for lb-check
Closes #25077

Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-11-30 12:47:06 +00:00
Steven Hawkins
8c3df19722
feature: add option for creating a global truststore (#24473)
closes #24148

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2023-11-30 08:57:17 +01:00
rmartinc
16afecd6b4 Allow automatic download of SAML certificates in the identity provider
Closes https://github.com/keycloak/keycloak/issues/24424

Signed-off-by: rmartinc <rmartinc@redhat.com>
2023-11-29 18:03:31 +01:00
Jon Koops
48fc29a5c6
Use exports field for Keycloak JS (#24974)
Closes #24923

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2023-11-24 10:50:02 +01:00
Stian Thorgersen
f41383a851
Release notes editorial for 23 (#24972)
Signed-off-by: stianst <stianst@gmail.com>
2023-11-23 13:34:45 +01:00
Alexander Schwartz
834ef79509
Adding a Keycloak High Availability section to Keycloak's docs
The content was moved over from the Keycloak Benchmark subproject.

Closes #24844

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Pedro Ruivo <pruivo@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Kamesh Akella <kakella@redhat.com>
Co-authored-by: Ryan Emerson <remerson@redhat.com>
Co-authored-by: Anna Manukyan <amanukya@redhat.com>
Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: AndyMunro <amunro@redhat.com>
2023-11-23 12:27:47 +00:00
mposolda
87c45437a5 Release notes for max auth age password policy
Signed-off-by: mposolda <mposolda@gmail.com>

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-11-22 07:35:09 +01:00
Marek Posolda
765e4838e9
Remove OIDC and SAML adapters for Wildfly/EAP ZIP downloads. Update documentation. (#24877)
* Update EAP documentation for OIDC and SAML (#24734)

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>

(cherry picked from commit d7f2ad747d90dd0475a016fcfd528fea4ebed043)

Signed-off-by: Stian Thorgersen <stianst@gmail.com>

* Remove OIDC and SAML adapters for Wildfly/EAP ZIP downloads. Update documentation.
Closes #24713

Signed-off-by: mposolda <mposolda@gmail.com>

Co-authored-by: Stian Thorgersen <stian@redhat.com>

---------

Signed-off-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2023-11-21 14:22:00 +00:00
Václav Muzikář
15a83985b1 Implement load shedding
Closes #23340

Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2023-11-21 13:43:09 +01:00
Alexander Schwartz
1b12fe132b Update documentation for removal of the map store
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>

Closes #24092
2023-11-13 15:38:05 +01:00
mposolda
4ec85707f4 Upgrading notes for user profile
closes #24491

Signed-off-by: mposolda <mposolda@gmail.com>

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-11-06 02:19:26 -08:00
mposolda
70e820469a Updating release notes for Keycloak 23 with some 'core features' improvements
closes #23971

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-11-01 17:39:02 +01:00
Ivan Atanasov
7b0683879d Updated documentations to mention Resteasy reactive migration
Closes #23444
2023-10-31 20:59:12 +01:00
Hynek Mlnařík
3f55cd72d7 Docs: Fix account name
Closes: #24341
2023-10-27 09:32:27 +02:00
Takashi Norimatsu
1c8cddf145 passkeys: documentation
closes #23660
2023-10-24 14:48:13 +02:00
Stian Thorgersen
1194c2507d
Add 22.0.3 to release notes (#23238)
Closes #23235
2023-09-14 11:06:06 +02:00
Pedro Igor
5958c7948d
Ignore attributes when they are not prefixed with user.attributes prefix (#23184)
Co-authored-by: mposolda <mposolda@gmail.com>
Co-authored-by: stianst <stianst@gmail.com>
2023-09-14 10:35:47 +02:00
Martin Bartoš
6ca78b7554 Return Oracle JDBC driver to the upstream
Closes #22999
2023-09-06 19:11:29 +02:00
mposolda
57e51e9dd4 Use an original domain name of Kerberos Principal in UserModel attribute instead of configured value of Kerberos realm in User federation
closes #20045
2023-08-30 13:24:48 +02:00
Marek Posolda
6f989fc132
Fallback to next LDAP/Kerberos provider when not able to find authenticated Kerberos principal (#22531)
closes #22352 #9422
2023-08-29 11:21:01 +00:00
Martin Bartoš
fcf65389ea
Remove Oracle Database JDBC driver from the Keycloak distribution (#22577)
* Remove Oracle Database JDBC driver from the Keycloak distribution

Closes #22452

* Remove profile for proprietary Oracle JDBC driver

---------

Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-08-21 15:13:49 +00:00
mposolda
710f28ce9e DPoP release notes and documentation polishing
closes #21922
2023-08-08 09:47:28 +02:00
Marek Posolda
d954dfec5e
Release notes and documentation for FAPI 2 (#22228)
Closes #21945


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-08-04 08:21:27 +02:00
Alexander Schwartz
748c53df7f
Use Java mechanisms to read language files and default to UTF-8 (#21755)
Closes #21753
2023-08-01 11:27:10 +02:00
Stian Thorgersen
3d33878c33
Update release notes for 22 (#21583)
* Updates to release notes

* Fix
2023-07-11 11:02:45 +02:00
rmartinc
09e30b3c99 Support for JWE IDToken and UserInfo tokens in OIDC brokers
Closes https://github.com/keycloak/keycloak/issues/21254
2023-07-03 21:25:46 -03:00
mposolda
0ea2891eee Remove support for OpenJDK 11 on the server side
closes #15014
2023-07-03 13:12:22 -03:00
Daniele Martinoli
e2ac9487f7
Conditional login through identity provider (#20188)
Closes #20191


Co-authored-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
2023-06-29 18:44:15 +02:00
Steven Hawkins
88992dae19
widens status to be any type. (#21281)
this is to avoid olm complaining about an incompatible schema during
upgrade

Relates to #13074
2023-06-29 08:57:22 +02:00
Ricardo Martin
1973d0f0d4 Check the redirect URI is http(s) when used for a form Post (#22)
Closes https://github.com/keycloak/security/issues/22

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Signed-off-by: Peter Skopek <pskopek@redhat.com>
2023-06-28 17:52:48 -03:00
Hynek Mlnarik
c092c76ae8 Remove ldapsOnly (Java)
In `LDAPConstants.java`, the function to set the Truststore SPI system property was removed, as this is now handled by the `shouldUseTruststoreSpi` method in `LdapUtil`.

Closes: #9313
2023-06-28 08:30:09 +02:00
Stian Thorgersen
4fcb154d36
Add removal of account console v1 to release notes (#21212)
* Add removal of account console v1 to release notes

* Update docs/documentation/release_notes/topics/22_0_0.adoc

Co-authored-by: Jon Koops <jonkoops@gmail.com>

* Update docs/documentation/release_notes/topics/22_0_0.adoc

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>

* Update docs/documentation/release_notes/topics/22_0_0.adoc

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>

* Update docs/documentation/release_notes/topics/22_0_0.adoc

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>

---------

Co-authored-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-06-28 07:52:10 +02:00
Steve Hawkins
6a92669139 finishes the conversion away from createOrReplace
however this is a broader change given the implications of
serverSideApply vs createOrReplace - mostly the concern of only applying
the managed state not based upon an existing resource

Closes #20850
2023-06-23 11:55:47 -03:00
Steven Hawkins
fc0be1a65b Update docs/documentation/release_notes/topics/22_0_0.adoc
Co-authored-by: Peter Zaoral <pepo48@gmail.com>
2023-06-21 17:14:33 -03:00
Steve Hawkins
5701f70157 changes condition status to be a string, rather than a boolean
Closes #13074
2023-06-21 17:14:33 -03:00