Commit graph

492 commits

Author SHA1 Message Date
Bill Burke
1dde3e1459 provider events 2015-02-23 11:39:24 -05:00
mposolda
9f8b59dfb6 Kerberos/LDAP fixes 2015-02-23 14:07:55 +01:00
mposolda
9dd5ecd464 Kerberos automated test 2015-02-23 13:13:34 +01:00
Bill Burke
69582ee3be more claims work 2015-02-21 10:26:55 -05:00
Bill Burke
42ffe21f91 Merge remote-tracking branch 'upstream/master' 2015-02-20 09:23:18 -05:00
Bill Burke
20f12ea960 changes 2015-02-20 09:22:49 -05:00
mposolda
d8024b0c6c Kerberos refactored to be federation provider. Support for Kerberos and LDAP. Username/password authentication support with kerberos credentials.
First step - KerberosFederationProvider

Finished KerberosFederationProvider. Added support for username/password authentication with kerberos credentials

Added Kerberos UI to LDAPFederationProvider

Fixes
2015-02-18 17:19:15 +01:00
mposolda
4795059e15 Fix mongo model 2015-02-16 11:50:42 +01:00
Bill Burke
ebd9bae1ee client to protocol mapping model 2015-02-15 17:01:34 -05:00
Bill Burke
2fb97f058b claim support phase 2 2015-02-14 09:56:19 -05:00
Bill Burke
8586a8d1a5 Merge remote-tracking branch 'upstream/master' 2015-02-13 20:57:51 -05:00
Bill Burke
c09b17c2e2 claim mapping phase 1 2015-02-13 20:57:38 -05:00
mposolda
3ef243dd42 Add authenticateByDefault flag to IdentityProviderModel 2015-02-13 10:08:51 +01:00
girirajsharma
c3d7ef8066 Updated BC provider versions and deprecated CertificateUtil methods. 2015-02-10 18:44:54 +05:30
mposolda
d1c4d9795b Mongo fix 2015-02-10 09:50:07 +01:00
pedroigor
ff1f10d7a7 [KEYCLOAK-883] - Refactoring to services endpoints and exposing them through admin client. 2015-02-09 21:30:21 -02:00
pedroigor
1e13254598 [KEYCLOAK-992] - Initial code for examples. Fixing cors when retreiving tokens. 2015-02-08 03:27:57 -02:00
pedroigor
4b1ba704ec [KEYCLOAK-992] - Token retrieval from brokered idps. 2015-02-06 22:23:34 -02:00
pedroigor
47f8f44347 [KEYCLOAK-883] - Fixing alias update. 2015-02-06 16:03:47 -02:00
Pedro Igor
f013796324 Merge pull request #938 from pedroigor/KEYCLOAK-883
[KEYCLOAK-883] - Initial tests for SAML brokering.
2015-01-29 09:11:39 -02:00
pedroigor
1960c608cd [KEYCLOAK-883] - Initial tests for SAML brokering. 2015-01-29 00:04:02 -02:00
Bill Burke
fd20a25100 Merge remote-tracking branch 'upstream/master' 2015-01-28 17:09:59 -05:00
Bill Burke
ea3bba98aa saml frontchannel logout 2015-01-28 17:09:13 -05:00
Stian Thorgersen
6ecd9fbde7 Merge pull request #936 from stianst/master
Provider loaders
2015-01-28 11:51:05 +01:00
Stian Thorgersen
67ba1de56f KEYCLOAK-999 Load providers from file-system 2015-01-28 09:15:07 +01:00
pedroigor
2065815627 [KEYCLOAK-883] - Model tests. 2015-01-27 23:53:56 -02:00
mposolda
ee4fbca868 Improve OOTB experience for ssh and jmx authentication in fuse 2015-01-23 20:57:40 +01:00
mposolda
a634f1a65f Fix mongo model 2015-01-23 10:19:06 +01:00
Stian Thorgersen
e7a792f922 KEYCLOAK-983 Fix login after reset-password 2015-01-21 12:28:30 +01:00
Bill Burke
a0ba6d2c16 saml redirect logout 1st step 2015-01-16 18:57:33 -05:00
pedroigor
fa2533ed11 [KEYCLOAK-883] - Initial changes. 2015-01-13 00:58:19 -02:00
Stian Thorgersen
959933a227 Version bump 2015-01-12 10:35:50 +01:00
Bill Burke
6c04e26376 bump 2014-12-05 21:09:38 -05:00
Bill Burke
c0059a875b bump version 2014-12-05 19:03:13 -05:00
Stian Thorgersen
a843e31c12 KEYCLOAK-862 Use HmacSHA256 for code signatures 2014-11-27 10:02:08 +01:00
Carl J. Mosca
aedbb8eb87 added support for Tivoli LDAP unique identifier 2014-11-13 16:17:40 -05:00
Stian Thorgersen
9343cf2aca KEYCLOAK-824 Wrong digit shown in Invalid Password message 2014-11-06 12:30:24 +01:00
Stian Thorgersen
e7625c2bb1 KEYCLOAK-820 Don't expose realm private key through admin endpoints 2014-11-05 15:34:56 +01:00
Stian Thorgersen
0f8c073354 Version bump 2014-11-04 09:01:06 +01:00
Stian Thorgersen
bb2de4dc59 KEYCLOAK-787 Clicking back to login after sending password reset email fails 2014-10-31 13:59:56 +01:00
Stian Thorgersen
9b0d5acb50 KEYCLOAK-704 KEYCLOAK-768 Improvements to access code generation 2014-10-31 12:45:03 +01:00
Stian Thorgersen
8adad9dddf KEYCLOAK-806
Increase defaults for 'SSO Session Idle Timeout'
2014-10-31 09:41:21 +01:00
mposolda
a6ca925340 KEYCLOAK-788 Ensure expired ClientSessions removed during UserSessionProvider.removeExpiredUserSessions 2014-10-30 23:02:48 +01:00
mposolda
0f25280611 KEYCLOAK-800 Ensure that loginFailures infinispan cache is defined 2014-10-30 21:15:52 +01:00
Bill Burke
cf747dac22 remove info logging 2014-10-30 09:53:06 -04:00
Stian Thorgersen
fcda005d88 KEYCLOAK-772 Event settings are not imported 2014-10-28 20:21:03 +01:00
Bill Burke
dba7864180 Merge remote-tracking branch 'upstream/master' 2014-10-24 10:58:46 -04:00
Bill Burke
ce76270ad8 saml key refactor 2014-10-24 10:58:32 -04:00
mposolda
d9331998c3 KEYCLOAK-778 InfinispanUserCacheProvider not working on EAP6 / AS7 2014-10-23 11:36:06 +02:00
mposolda
f3da9760a3 Send node registration at 1st request instead of deployment startup. Bugfixing 2014-10-21 23:15:21 +02:00
mposolda
7d8f265789 KEYCLOAK-759 dynamic registration of managementUrls in cluster 2014-10-17 21:51:46 +02:00
Stian Thorgersen
01507fc1dc KEYCLOAK-747 Fix onUserRemoved in user session providers 2014-10-17 13:35:07 +02:00
Bill Burke
8fbc8fc736 Merge remote-tracking branch 'upstream/master' 2014-10-14 18:39:08 -04:00
Bill Burke
7760887ac1 app cert support, bug fixes 2014-10-14 18:38:48 -04:00
Stian Thorgersen
94de88ef3b KEYCLOAK-736 Database migration support" 2014-10-14 10:07:41 +02:00
Bill Burke
4d007c776a generate/store realm certificate 2014-10-11 10:49:04 -04:00
Bill Burke
0ace5cd746 merge conflicts 2014-10-09 18:26:14 -04:00
Bill Burke
94da99bf10 use app id in admin console urls 2014-10-09 18:22:02 -04:00
mposolda
36cc298b32 Fix mongo to pass with testsuite 2014-10-09 11:37:42 +02:00
Bill Burke
a1d1877751 ClientModel attributes and protocol 2014-10-08 10:54:13 -04:00
mposolda
6522455b44 KEYCLOAK-738 Possible NPE in MemUserSessionProvider.getUserSessions 2014-10-07 19:19:46 +02:00
Stian Thorgersen
597ee2b8c9 Fixes to infinispan user session provider 2014-10-02 09:00:48 +02:00
Bill Burke
4b399fe05a login protocol abstraction 2014-10-01 10:01:42 -04:00
Stian Thorgersen
a1f223735c Fixes to JPA user session provider 2014-09-30 14:47:22 +02:00
Stian Thorgersen
1d4e842cc0 Fixes to Mongo user session provider 2014-09-30 14:24:49 +02:00
Stian Thorgersen
99c73a9cc7 Clustering support 2014-09-30 09:40:20 +02:00
Bill Burke
524b423733 ClientSession everywhere refactor phase1 2014-09-26 17:44:33 -04:00
Bill Burke
0bf6c36ca7 add auth method to ClientSession 2014-09-23 11:18:39 -04:00
Bill Burke
99a6713e6f clientsession notes 2014-09-22 16:34:42 -04:00
Stian Thorgersen
91fced3b87 Removed info log statement 2014-09-18 12:37:51 +02:00
mposolda
bd0887d18e Fixing testsuite for mongo 2014-09-16 20:02:30 +02:00
Stian Thorgersen
423dc1b8a7 Change version schema to match JBoss 2014-09-12 09:35:08 +02:00
Stian Thorgersen
5dea07793b Version bump 2014-09-11 09:27:58 +02:00
Bill Burke
3f539c6d5c version bump 2014-09-09 13:34:56 -04:00
Stian Thorgersen
d905ce12e3 Fix search for users by attribute on mongo 2014-09-02 11:51:29 +02:00
Stian Thorgersen
8c8c44e50f KEYCLOAK-658 Fix searching for users 2014-09-02 10:01:44 +02:00
Stian Thorgersen
05a1fc1ded Version bump 2014-09-01 10:17:00 +02:00
Stian Thorgersen
e1b9dfe65d KEYCLOAK-649 Invalidate realm if app name or client clientId is changed 2014-08-29 15:49:17 +02:00
Stian Thorgersen
7c7025a83d KEYCLOAK-648 Fix removing role from composite role 2014-08-29 10:18:00 +02:00
Stian Thorgersen
b9d0f64f74 Added password token to use inplace of plain-text password for totp 2014-08-28 13:51:55 +02:00
Stian Thorgersen
3bfe3d256e Rename audit to events 2014-08-28 10:56:37 +02:00
Stian Thorgersen
55bd889a0f KEYCLOAK-531 Reduce info level logging 2014-08-27 11:17:24 +02:00
mposolda
b3b480c25f Display proper error message if LDAP-linked user couldn't be deleted due to read-only mode 2014-08-26 19:10:48 +02:00
mposolda
fd9d2ba4d5 Handle exceptions and UI errors when user is read only. Some sync issues 2014-08-26 12:54:05 +02:00
Bill Burke
7c8edb5d11 bump pom 2014-08-21 10:46:49 -04:00
Bill Burke
e5d5276135 race 2014-08-20 14:50:28 -04:00
mposolda
8419e5883d Ensure that transaction.isActive() is false after commit or rollback 2014-08-12 18:58:37 +02:00
Bill Burke
7c97e02715 X-Frame-Options, Content-Security-Policy 2014-08-11 17:45:01 -04:00
Bill Burke
8d1ff1d49c add jpa realm attributes 2014-08-11 12:33:17 -04:00
mposolda
8ba7559cac Fix transaction handling in KeycloakModelUtils.runJobInTransaction. Start sync tasks for configured federation providers at startup 2014-08-11 13:51:44 +02:00
mposolda
d699404ce7 Support for periodic users sync 2014-08-10 23:23:50 +02:00
mposolda
ee79747cb6 Sync - first iteration 2014-08-10 23:22:35 +02:00
Bill Burke
9aa6b4cbfa optimize imports 2014-08-10 12:17:45 -04:00
Bill Burke
d332851a75 Merge pull request #606 from alarikmyrin/KEYCLOAK-621
KEYCLOAK-621 fix searchForUserByAttributes method
2014-08-10 11:02:08 -04:00
Alarik Myrin
428cd54a81 KEYCLOAK-621 fix searchForUserByAttributes method so that it works and is not subject to SQL injection 2014-08-09 13:59:20 -04:00
mposolda
dc50c312cb Configurable if pagination and connectionPooling are supported in LDAP 2014-08-08 12:09:08 +02:00
mposolda
5673fb34b1 Fix adding social link in mongo. Fixed export/import of federationProviders. Enhanced ExportImportTest 2014-08-07 17:33:48 +02:00
mposolda
76db33829b KEYCLOAK-600 Users shouldn't be registered with Federation Provider on an import 2014-08-07 12:38:56 +02:00
Bill Burke
99e6f0edad delete fed provider 2014-08-06 20:38:30 -04:00
Bill Burke
e04af84ac0 bump version 2014-08-06 09:00:23 -04:00
Bill Burke
905061e2b7 bump version 2014-08-05 20:52:50 -04:00
Bill Burke
ab08ac8ad4 Merge remote-tracking branch 'upstream/master' 2014-08-05 20:29:02 -04:00
Bill Burke
a0d7fc12db all claims for app 2014-08-05 19:46:55 -04:00
Bill Burke
790fd1d94d fix cors example 2014-08-05 16:45:21 -04:00
mposolda
53fbceb49a Fixing mssql 2014-08-05 18:25:54 +02:00
mposolda
38c0b4ad65 Fixing oracle 2014-08-05 15:45:28 +02:00
mposolda
550ba16a09 Fix deleting users on mongo 2014-08-05 14:36:53 +02:00
mposolda
0289f5dff9 Fix typo in UserFederationProvider 2014-08-05 13:31:35 +02:00
Bill Burke
ea0ceeb65d Merge pull request #589 from patriot1burke/master
app full scope
2014-08-04 16:26:51 -04:00
Bill Burke
731d75c756 app full scope by default 2014-08-04 16:04:10 -04:00
Bill Burke
8430fb0ed3 Merge pull request #587 from patriot1burke/master
docs
2014-08-04 12:28:32 -04:00
Bill Burke
04ec750157 federation docs 2014-08-04 12:25:11 -04:00
mposolda
5edb84ccfb Ensure that displayName is persisted. Add 'user' to ActiveDirectory classes 2014-08-04 16:42:48 +02:00
mposolda
46a0caf2e0 Upgrade to latest picketlink. Fix LDAP configuration according to that 2014-08-04 13:58:52 +02:00
Bill Burke
6cf708f6e1 fed exampe 2014-08-02 22:18:17 -04:00
Bill Burke
101a72cd65 remove AuthenticationProvider/Link 2014-08-01 18:03:48 -04:00
Bill Burke
bdc31d9459 Merge remote-tracking branch 'upstream/master' 2014-08-01 13:18:46 -04:00
Bill Burke
f08c42a37e token validation 2014-08-01 13:18:32 -04:00
Stian Thorgersen
6cbeeb1b1a KEYCLOAK-591 Require SSL for all external requests by default 2014-08-01 13:52:04 +01:00
Bill Burke
64589bc807 maxResults 2014-07-31 17:41:38 -04:00
Bill Burke
9f6c206078 ldap edit mode 2014-07-31 17:28:48 -04:00
Bill Burke
a084695978 support registration ldap 2014-07-31 15:22:20 -04:00
Bill Burke
94c06f3f5d fed ui 2014-07-31 13:13:48 -04:00
Bill Burke
b72a7db6fe federation display name 2014-07-31 10:51:04 -04:00
Bill Burke
d0dc75c06f federation ui 2014-07-30 22:52:39 -04:00
Bill Burke
8ea0d19d2f federation refactor 2014-07-30 16:01:54 -04:00
Stian Thorgersen
50bc53d673 KEYCLOAK-562 Cache theme instances 2014-07-30 16:06:08 +01:00
Stian Thorgersen
ed51b4e1ea Deleted old hybrid model 2014-07-30 14:13:16 +01:00
Stian Thorgersen
02a59812e6 Added ClientSessionModel to UserSessionProvider 2014-07-29 16:10:41 +01:00
Bill Burke
3bb0842eae federation iteration 2 2014-07-25 21:05:45 -04:00
Bill Burke
b1cd37814a rename 2014-07-25 10:40:46 -04:00
Bill Burke
1b14444eba rename FederationProvider to UserFederationProvider 2014-07-24 11:11:21 -04:00
Stian Thorgersen
511cc483cb Moved audit/tests and model/tests to testsuite 2014-07-24 13:49:15 +01:00
Bill Burke
43d08f2d05 federation iteration 1 complete 2014-07-23 17:05:49 -04:00
Bill Burke
171e9b1ce9 Merge remote-tracking branch 'upstream/master' 2014-07-23 15:10:48 -04:00
Bill Burke
eec582e704 merge 2014-07-23 15:10:36 -04:00
Stian Thorgersen
d6f5bf6cde Moved rememberMe, usernameUsed fields from AccessCode to UserSessions. Change AccessCode to have a single action instead of a list of required actions, also used action for codes that needs user to grant permissions first. Finally removed expiration time on access code and use timestamp directly 2014-07-23 15:58:09 +01:00
Bill Burke
f1d72d0b6d fed 2 2014-07-23 10:42:18 -04:00
Bill Burke
148d494905 federation iteration 2014-07-23 10:21:25 -04:00
mposolda
b3b46339a4 More DB schema refactoring. Ensure that all columns are named in code 2014-07-22 07:53:05 +02:00
Stian Thorgersen
213b685b43 KEYCLOAK-569 Check application roles for scope 2014-07-21 13:50:27 +01:00
Bill Burke
b999c1e5b1 remove hack comment 2014-07-18 12:07:30 -04:00
Bill Burke
063a63445a keycloak-json fix 2014-07-18 11:45:47 -04:00
Bill Burke
f275ecf6d5 cache settings 2014-07-18 11:30:10 -04:00
Stian Thorgersen
85621bdd9f KEYCLOAK-566 Configure db in keycloak-server.json instead of persistence.xml 2014-07-18 11:21:52 +01:00
Bill Burke
573f7fc1fb Merge pull request #535 from mposolda/master
Export/import improvements and fixes
2014-07-17 16:34:39 -04:00
Bill Burke
aa2d1bcc93 db schema 2014-07-17 16:32:36 -04:00
Bill Burke
20cde9cd00 realmId and roleId used in User and user relationships 2014-07-17 15:41:02 -04:00
mposolda
3dff4afe83 Export/import improvements and fixes 2014-07-17 21:31:33 +02:00
Bill Burke
3edce7f580 named queries and roleId in RoleMapping 2014-07-17 15:20:56 -04:00