Stefan Guilhen
ceed7bc120
Add ability to search organizations by attribute
...
Closes #29411
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-05-10 16:45:41 -03:00
Alexander Schwartz
eaeffe95ac
Avoid conflicts when writing to session stores by checking for concurrent requests within the JVM ( #29393 )
...
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2024-05-09 08:24:43 +00:00
Pedro Ruivo
cbce548e71
Infinispan 15.0.3.Final
...
Closes #29068
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-05-08 17:18:39 +02:00
Martin Kanis
d4b7e1a7d9
Prevent to manage groups associated with organizations from different APIs
...
Closes #28734
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-05-07 11:16:40 -03:00
Stefan Guilhen
aa945d5636
Add description field to OrganizationEntity
...
Closes #29356
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-05-07 10:35:51 -03:00
Pedro Igor
c0325c9fdb
Do not manage brokers through the Organization API
...
Closes #29268
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-05-07 09:15:25 -03:00
Alice W
584e92aaba
Add support for organizational invites to new and existing users based on tokens
...
Signed-off-by: Alice W <105500542+alice-wondered@users.noreply.github.com>
2024-05-06 17:57:13 -03:00
Dimitri Papadopoulos Orfanos
cd8e0fd333
Fix user-facing typos in Javadoc ( #28971 )
...
Signed-off-by: Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com>
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-05-06 18:57:55 +00:00
Stefan Guilhen
dae1eada3d
Add enabled field to OrganizationEntity
...
Closes #28891
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-05-06 14:46:56 -03:00
Pedro Ruivo
4c6f3ce35d
Remove unused code from model/infinispan module
...
Closes #29137
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-05-06 18:53:23 +02:00
Pedro Ruivo
fe5bed6191
Retry fetching event from remote cache
...
Closes #28303
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-05-06 17:27:07 +02:00
Michal Hajas
128bba34d3
Remove PERSISTENT_USER_SESSIONS_No_CACHE feature
...
Closes #29264
Signed-off-by: Michal Hajas <mhajas@redhat.com>
2024-05-06 08:53:39 +02:00
Michal Hajas
8b715d3a31
Do not use LastSessionRefreshPersister with persistent user sessions enabled
...
Closes #29144
Signed-off-by: Michal Hajas <mhajas@redhat.com>
2024-05-06 08:49:48 +02:00
Pedro Igor
32d25f43d0
Support for mutiple identity providers
...
Closes #28840
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-05-04 16:19:27 +02:00
Pedro Ruivo
82a959fa78
Remove WildFly Clustering Marshaller
...
Closes #29135
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-05-03 12:31:47 +02:00
Alexander Schwartz
05b6f897ce
Execute persistent sessions tests in CI and fix deadlock ( #29236 )
...
* Execute persistent sessions tests in CI and fix deadlock in UserSessionConcurrencyTest
The deadlock was caused by a switch to reactive handling of embedded Infinispan updates introduced here #28862
Closes #29235
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-05-03 10:42:34 +02:00
Michal Hajas
e93b7d4f3a
Use computeIfPresent also for Persistent sessions
...
Follow-up-on #29073
Signed-off-by: Michal Hajas <mhajas@redhat.com>
2024-05-02 16:43:54 +00:00
Stefan Guilhen
45e5e6cbbf
Introduce filtered (and paginated) search for organization members
...
Closes #28844
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-05-02 11:25:43 -03:00
Michal Hajas
4c17c6107e
Merge offline and online sessions transactions
...
Closes #29139
Signed-off-by: Michal Hajas <mhajas@redhat.com>
2024-04-30 18:03:17 +02:00
Michal Hajas
7c427e8d38
Remove offline sessions timeouts adjusters as with persistent session we have bounded caches and it is no longer necessary to adjust time in caches
...
Closes #29140
Signed-off-by: Michal Hajas <mhajas@redhat.com>
2024-04-30 18:03:17 +02:00
Alexander Schwartz
d69872fa11
Batch writes originating from logins/logouts for persistent sessions
...
All writes for the sessions are handled by a background thread which batches them.
Closes #28862
Wait for persistent-store to contain update
instead of cache which has the change immediately since it is in memory + introduce new model-test profile
Closes #29141
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2024-04-30 14:07:35 +02:00
Pedro Igor
51352622aa
Allow adding realm users as an organization member
...
Closes #29023
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-04-29 08:37:47 -03:00
Pedro Ruivo
17a700b6b9
Use cache.compute() method to improve the replace retry loop
...
Closes #29073
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-04-29 12:24:33 +02:00
Stefan Guilhen
bfabc291cc
28843 - Introduce filtered (and paginated) searches for organizations
...
Closes #28843
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-04-25 12:38:20 -03:00
vramik
c56f062416
Typo in Organization table
...
Closes #29054
Signed-off-by: vramik <vramik@redhat.com>
2024-04-24 11:23:44 -03:00
vramik
d65649d5c0
Make sure organization are only manageable by the admin users with the manage-realm role
...
Closes #28733
Signed-off-by: vramik <vramik@redhat.com>
2024-04-23 12:16:57 -03:00
Tero Saarni
64862d568e
Convert database errors to 500 instead of 400.
...
Signed-off-by: Tero Saarni <tero.saarni@est.tech>
2024-04-22 11:42:18 -03:00
Stefan Guilhen
f1532565b6
Don't use no-arg version of GroupModel.getSubGroupsStream() when fetching the subgroups from the GroupResource endpoint.
...
- prevents pre-loading all groups; instead use the stream from the JPA adapter to load subgroups one by one and then filter based on the user permissions.
Closes #28935
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-04-22 11:27:29 -03:00
Stefan Guilhen
8ca4bc77a1
Improve the performance of the queries used to find granted resources
...
- simplifies the queries to avoid unnecessary join
- creates two new indexes to speed up search time
Closes #28861
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-04-22 11:26:06 -03:00
Pedro Ruivo
3de5357091
CLI options to disable encryption and authentication to external Infinispan
...
Closes #28750
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-04-20 18:30:24 +02:00
Pedro Ruivo
3e0a185070
Remove deprecated EnvironmentDependentProviderFactory.isSupported method
...
Closes #26280
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-04-19 16:36:49 +02:00
mposolda
c427e65354
Secondary factor bypass in step-up authentication
...
closes #34
Signed-off-by: mposolda <mposolda@gmail.com>
(cherry picked from commit e632c03ec4dbfbb7c74c65b0627027390b2e605d)
2024-04-19 14:43:53 +02:00
Joerg Matysiak
76a5a27082
Refactored StripSecretsUtils in order to make it unit-testable, added unit tests for it
...
Don't mask secrets at realm export
Closes #21562
Signed-off-by: Joerg Matysiak <joerg.matysiak@bosch.com>
2024-04-18 18:26:47 -03:00
Pedro Igor
7483bae130
Make sure admin events are not referencing sensitive data from their representation
...
Closes #21562
Signed-off-by: Joerg Matysiak <joerg.matysiak@bosch.com>
2024-04-18 18:26:47 -03:00
Pedro Igor
1e3837421e
Organization member onboarding using the organization identity provider
...
Closes #28273
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-04-17 07:24:01 -03:00
Alexander Schwartz
13af4f44f5
Defer updates of last session updates and batch them ( #28502 )
...
Defer updates of last session refreshes and batch them
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2024-04-17 09:25:05 +02:00
Martin Kanis
f764a9cb4a
NPE when listing sessions in UI if associated user is gone
...
Closes #28801
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-04-16 11:53:36 -03:00
Pedro Ruivo
2494ad6950
Refactor and remove deprecated Infinispan methods from DefaultInfinispanConnectionProviderFactory
...
Closes #28752
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-04-16 10:51:57 +02:00
Stefan Guilhen
2ab8bf852d
Add validation for the organization's internet domains.
...
Closes #28634
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-04-15 09:03:52 -03:00
Alexander Schwartz
004f419fd0
Leave a tombstone after the deletion of a cache entry
...
This captures the scenario of multiple deletion calls in the current session.
Closes #28672
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-04-12 17:00:19 +02:00
Pedro Igor
61b1eec504
Prevent members with an email other than the domain set to an organization
...
Closes #28644
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-04-12 08:33:18 -03:00
Alexander Schwartz
b4cfebd8d5
Persistent sessions code also for offline sessions ( #28319 )
...
Persistent sessions code also for offline sessions
Closes #28318
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-04-12 13:15:02 +02:00
rmartinc
6d74e6b289
Escape slashes in full group path representation but disabled by default
...
Closes #23900
Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-04-12 10:53:39 +02:00
Douglas Palmer
69ba92808d
DefaultBruteForceProtector leverages a single thread to write success/failed events
...
Closes #14084
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-04-12 09:53:40 +02:00
Pedro Igor
8f8094408e
Encapsulate the logic to set attributes into the domain model
...
Closes #28646
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-04-11 15:32:21 -03:00
ali_dandach
eb77220cca
Fix string comparison for action
...
Closes #28628
Signed-off-by: ali dandach <alidandach1995@gmail.com>
2024-04-11 17:59:57 +02:00
tqe1999
6e0fc8a774
fix integer overflow with explicit cast
...
Closes #28564
Signed-off-by: tqe1999 <tqe1999@gmail.com>
2024-04-11 10:58:44 +02:00
Stefan Guilhen
9a466f90ab
Add ability to set one or more internet domain to an organization.
...
Closed #28274
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-04-10 13:18:12 -03:00
vramik
00ce3e34bd
Manage a single identity provider for an organization
...
Closes #28272
Signed-off-by: vramik <vramik@redhat.com>
2024-04-10 09:47:51 -03:00
Martin Kanis
51fa054ba7
Manage organization attributes
...
Closes #28253
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-04-10 09:10:49 -03:00
Michal Hajas
1bb5e14134
Use ReentrantLock instead of synchronized to avoid thread pinning
...
+ since the runSerialized mechanism is currently on the best effort basis it is possible there are concurrent executions if T1 obtained a lock T2 removed the lock and T3 created a new lock before T1 called putIfAbsent therefore I added a debug log detecting this situation
Signed-off-by: Michal Hajas <mhajas@redhat.com>
2024-04-09 14:55:21 +02:00
Alexander Schwartz
355901dfd8
Add a back-off period when replacing cache entries fails
...
Closes #28388
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-04-09 14:55:21 +02:00
Alexander Schwartz
63e7523a6d
Avoid unnecessary updates to the sessions during refreshes of tokens
...
Closes #28388
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-04-09 14:55:21 +02:00
Alexander Schwartz
dc18bd4efb
Avoid conflicts when writing to session stores by checking for concurrent requests within the JVM
...
Closes #28388
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-04-09 14:55:21 +02:00
Stijn Last
e9498079e0
LDAP: Show error message when groups synchronization fails
...
closes : #28436
Signed-off-by: Stijn Last <stijn.last@barco.com>
2024-04-09 09:10:19 -03:00
vibrown
3fffc5182e
Added ClientType implementation from Marek's prototype
...
Signed-off-by: vibrown <vibrown@redhat.com>
More updates
Signed-off-by: vibrown <vibrown@redhat.com>
Added client type logic from Marek's prototype
Signed-off-by: vibrown <vibrown@redhat.com>
updates
Signed-off-by: vibrown <vibrown@redhat.com>
updates
Signed-off-by: vibrown <vibrown@redhat.com>
updates
Signed-off-by: vibrown <vibrown@redhat.com>
Testing to see if skipRestart was cause of test failures in MR
2024-04-08 20:20:37 +02:00
Pedro Igor
52ba9b4b7f
Make sure attribute metadata from user storage providers are added only for the provider associated with a federated user
...
Closes #28248
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-04-08 09:05:16 -03:00
Garth
16770ffad8
updated organization table name to not conflict. fixes #28246
...
Signed-off-by: Garth <244253+xgp@users.noreply.github.com>
2024-04-03 17:57:26 -03:00
Pedro Igor
fefeb83588
Changes the contract to make it simpler and rely on the realm available from the current session
...
Closes #28403
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-04-03 14:45:31 +02:00
Giuseppe Graziano
fe06df67c2
New default client scope for 'basic' claims with 'auth_time' protocol mapper
...
Closes #27623
Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
2024-04-02 08:44:28 +02:00
Alexander Schwartz
c580c88c93
Persist online sessions to the database ( #27977 )
...
Adding two feature toggles for new code paths to store online sessions in the existing offline sessions table. Separate the code which is due to be changed in the next iteration in new classes/providers which used instead of the old one.
Closes #27976
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2024-03-28 09:17:07 +01:00
vramik
fa1571f231
Map organization metadata when issuing tokens for OIDC clients acting on behalf of an organization member
...
Closes #27993
Signed-off-by: vramik <vramik@redhat.com>
2024-03-26 14:02:09 -03:00
rmartinc
220564c7ba
ORA-01450 error for index IDX_CLIENT_ATT_BY_NAME_VALUE in oracle when MAX_STRING_SIZE is EXTENDED
...
Closes #27967
Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-03-22 08:48:01 -03:00
Steven Hawkins
35b9d8aa49
task: remove usage of resteasy-core-spi ( #27387 )
...
closes : #27242
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-03-21 15:28:34 +01:00
synth3
99478887a4
Remove custom Hibernate dialect detection
...
Closes #27954
Signed-off-by: synth3 <19573241+synth3@users.noreply.github.com>
2024-03-21 14:27:19 +01:00
Pedro Igor
32541f19a3
Allow managing members for an organization
...
Closes #27934
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-03-21 10:26:30 -03:00
Sebastian Schuster
0542554984
12671 querying by user attribute no longer forces case insensitivity for keys
...
Signed-off-by: Sebastian Schuster <sebastian.schuster@bosch.io>
2024-03-21 08:35:29 -03:00
Konstantinos Georgilakis
4bca804d5a
Correct unique constraints for UserConsent entity
...
Closes #13045
Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>
2024-03-19 22:16:42 +01:00
Alexander Schwartz
62d24216e3
Remove offline session preloading
...
Closes #27602
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-03-15 15:19:27 +01:00
Pedro Igor
7fc2269ba5
The bare minimum implementation for organization
...
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: vramik <vramik@redhat.com>
2024-03-15 11:06:43 -03:00
Stefan Guilhen
0e717f735e
Add realm to session context when exporting to prevent NPE when vault is enabled. ( #27911 )
...
Closes #22617
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-03-15 12:24:22 +01:00
Stefan Guilhen
970a78fe7a
Set correct version for the federated user terms and conditions migration
...
Closes #27228
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-03-13 18:03:41 -03:00
PetkoNosal
3989cb5e90
Fix missing log argument in MigrateTo24_0_0
...
Closes #27779
Signed-off-by: Nosal, Peter (pn1895) <pn1895@att.com>
Co-authored-by: Nosal, Peter (pn1895) <pn1895@att.com>
2024-03-13 16:36:27 +00:00
Pedro Igor
9ad447390a
Only remove attributes with empty values when updating user profile
...
Closes #27797
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-03-13 15:03:08 +01:00
Alexander Schwartz
f168b8cce9
Avoid invalidating the cache if removing an entry doesn't exist
...
Closes #27852
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-03-13 13:36:07 +01:00
Stefan Guilhen
1099f03fe6
Add migration for terms and conditions required action in FED_USER_REQUIRED_ACTION table
...
Closes #27228
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-03-13 08:43:11 -03:00
Pedro Igor
1e48cce3ae
Make sure empty configuration resolves to the system default configuration
...
Closes #27611
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-03-11 09:01:38 -03:00
Alexander Schwartz
050acf0d94
Map Storage Removal: Remove deprecated model/legacy module ( #27601 )
...
Closes #26657
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-03-08 15:17:24 +00:00
Steve Hawkins
4091baf4c2
fix: accounting for the possibility of null flows from existing realms
...
closes : #23980
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-03-08 14:25:23 +01:00
rmartinc
ea4155bbcd
Remove recursively when deleting an authentication executor
...
Closes #24795
Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-03-07 14:43:23 +01:00
vramik
4fc7e3d607
Map Store Removal: Remove unnecessary check in Jpa Connection Provider
...
Closes #26406
Signed-off-by: vramik <vramik@redhat.com>
2024-03-04 14:00:54 +01:00
vramik
7adcc98c6c
Map Store Removal: Remove obsolete KeycloakModelUtils.isRealmProviderJpa method
...
Closes #27445
Signed-off-by: vramik <vramik@redhat.com>
2024-03-04 12:22:04 +01:00
Steven Hawkins
8d9439913c
fix: removal of resteasy-core ( #27032 )
...
* fix: partial removal of resteasy-core
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
* fix: fully removing resteasy-core
closes : #26315
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
---------
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-02-29 11:43:13 +00:00
Pedro Igor
326d63ce74
Make sure group searches are cached and entries invalidate accordingly
...
Closes #26983
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-02-29 05:06:36 +09:00
Vlasta Ramik
ade3b31a91
Introduce new CLI config options for Infinispan remote store
...
Closes #25676
Signed-off-by: vramik <vramik@redhat.com>
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Pedro Ruivo <pruivo@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-28 15:49:19 +00:00
Réda Housni Alaoui
a3b3ee4b87
Ability to declare a default "First broker login flow" per Realm
...
Closes #25823
Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2024-02-28 16:17:51 +01:00
rmartinc
2bd9f09e29
Re-index CLIENT_ATTRIBUTES using name and value
...
Closes #26618
Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-02-28 11:07:03 +01:00
Alexander Schwartz
ee3a4a6e4f
Set expiry and maxidle when loading entries from the remote store ( #26942 )
...
Closes #26941
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2024-02-27 17:56:17 +01:00
Douglas Palmer
b0ef746f39
Permanently lock users out after X temporary lockouts during a brute force attack
...
Closes #26172
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-02-22 09:34:51 +01:00
Vlasta Ramik
76453550a5
User attribute value length extension
...
Closes #9758
Signed-off-by: vramik <vramik@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2024-02-16 08:09:34 +01:00
Michal Hajas
f7f7f1bd10
Add caching for subGroupsCount
...
Closes #25731
Signed-off-by: Michal Hajas <mhajas@redhat.com>
2024-02-15 19:46:04 +09:00
rmartinc
4ff4c3f897
Increase internal algorithm security using HS512 and 128 byte hmac keys
...
Closes #13080
Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-02-15 08:16:45 +01:00
Alexander Schwartz
c7b51fc7f0
Use the appropriate database dialect to add quotes to the schema name ( #26964 )
...
Closes #25961
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-13 13:09:55 +01:00
Stefan Guilhen
2161e72872
Add migration for the useTruststoreSpi config property in LDAP user storage provider
...
- legacy `ldapsOnly` value now migrated to `always`.
Closes #25912
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-02-12 11:53:19 +01:00
Thomas Darimont
93fc6a6c54
Shorter lifespan for offline session cache entries in memory
...
Closes #26810
Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: Martin Kanis <mkanis@redhat.com>
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-02-09 19:44:04 +01:00
Douglas Palmer
66f0d2ff1d
blah
...
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-02-07 15:55:06 -03:00
Douglas Palmer
d9d41b1a09
Brute Force Detection is disabled when updating frontenUrl via admin client
...
Closes #21409
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-02-07 15:55:06 -03:00
Stian Thorgersen
3e08a1713b
Ignore empty attribute values when retriveing boolean/int/long ( #26729 ) ( #26737 )
...
Resolves #26597 , resolves #26665
Signed-off-by: stianst <stianst@gmail.com>
2024-02-06 15:29:34 +01:00
Stefan Guilhen
fbeba83b87
Upgrade liquibase to version 4.25.1
...
Closes #26570
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-02-05 19:07:25 +01:00
Michal Hajas
00742a62dd
Remove RealmModel from authorization services interfaces ( #26708 )
...
Closes #26530
Signed-off-by: Michal Hajas <mhajas@redhat.com>
2024-02-02 16:51:32 +01:00