mposolda
37c10b4d43
Improve documentation for the case when 'basic' client scope already exists
...
closes #29880
Signed-off-by: mposolda <mposolda@gmail.com>
2024-05-29 13:32:05 +02:00
Ryan Emerson
5788263413
Document Failover Lambda for Active/Passive deployments
...
Closes #29787
Signed-off-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-05-29 12:33:13 +02:00
Michal Hajas
61d0d56720
Document it is not possible to use rolling configuration upgrade for enabling persistent sessions
...
Closes #29561
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-05-29 10:19:20 +02:00
Pedro Igor
bbb83236f5
Do not lower-case the username from the IdP when creating the federated identity
...
Closes #28495
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-05-29 01:58:20 -03:00
Jon Koops
a3b2dd0735
Remove deprecated ServerCookie
class ( #29916 )
...
Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-05-28 14:14:05 +00:00
Ryan Emerson
0f17f0abc5
Require external Infinispan be of version 15 or greater
...
Signed-off-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-05-22 11:26:26 +00:00
Alexander Schwartz
80de3a0a71
Allow migration of non-persistent sessions to persistent sessions
...
Closes #29375
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-05-22 10:30:46 +02:00
rmartinc
f7044ba5c2
Use SessionExpirationUtils for validate user and client sessions
...
Check client session is valid in TokenManager
Closes #24936
Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-05-22 10:12:20 +02:00
Marek Posolda
6dc28bc7b5
Clarify the documentation about step-up authentication ( #29735 )
...
closes #28341
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-05-21 19:46:27 +02:00
mposolda
bbd4b60163
Update documentation after adapters removal
...
closes #28792
Signed-off-by: mposolda <mposolda@gmail.com>
2024-05-21 09:34:48 +02:00
vramik
35df0140ee
Add a note to the migration guide about index name length for Oracle database
...
Closes #29594
Signed-off-by: vramik <vramik@redhat.com>
2024-05-16 10:06:39 -03:00
Takashi Norimatsu
b4e7d9b1aa
Passkeys: Supporting WebAuthn Conditional UI ( #24305 )
...
closes #24264
Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: mposolda <mposolda@gmail.com>
2024-05-16 07:58:43 +02:00
Alexander Schwartz
8deca303e2
Update instruction on how to enable persistent sessions ( #29490 )
...
Closes #29489
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-05-15 13:26:51 +02:00
Kamesh Akella
1d613d9037
Argon2 release notes and sizing guide update
...
Closes #29033
Signed-off-by: Kamesh Akella <kamesh.asp@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-05-14 17:40:51 +02:00
mposolda
d8a7773947
Adding dummyHash to DirectGrant request in case user does not exists. Fix dummyHash for normal login requests
...
closes #12298
Signed-off-by: mposolda <mposolda@gmail.com>
2024-05-13 16:33:29 +02:00
christian2
e200ccfa53
Fix URL endpoint for Docker registry v2 authentication
...
Closes #29132
Signed-off-by: Christian Hörtnagl <christian2@univie.ac.at>
2024-05-13 13:51:06 +02:00
Alexander Schwartz
6fbe207d64
Create documentation for persistent user sessions
...
Closes #29218
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2024-05-13 11:02:45 +02:00
mruzicka
6864ee0ead
doc: Quarkus launch rebuild optimization ( #28320 )
...
Suggest a command which performs the update of the class loading indices
only once.
Closes #28336
Signed-off-by: Michal Růžička <michal.ruza@gmail.com>
2024-05-10 12:28:38 +02:00
AndyMunro
4a5055c3cc
Update create realm topics to replace Master
...
Closes #29280
Signed-off-by: AndyMunro <amunro@redhat.com>
2024-05-08 17:37:20 +02:00
Nathan Raj
8ff1ae0c08
Update stack-overflow.adoc ( #29363 )
...
Corrected capitalisation for heading
2024-05-08 16:06:33 +02:00
Thore
4b194d00be
iso-date validator for the user-profile
...
Adds a new validator in order to be able to validate user-model fields which should be modified/supplied by a datepicker.
Closes #11757
Signed-off-by: Thore <thore@kruess.xyz>
2024-05-07 11:42:39 -03:00
Pedro Igor
d2c5fc86a9
Additional note on release and upgrade guides about partial update on user attributes
...
Closes #28220
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-05-07 09:59:38 -03:00
Dimitri Papadopoulos Orfanos
9db1443367
Fix typos found by codespell in docs ( #28890 )
...
Run `chmod -x` on files that need not be executable.
Signed-off-by: Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-05-03 12:41:16 +00:00
Douglas Palmer
26eaa4f83f
Broken link in documentation
...
Closes #29233
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-05-02 15:29:56 -03:00
Steven Hawkins
4697cc956b
further refinement of context handling ( #28182 )
...
* fully removing providers and moving the keycloaksession creation / final
cleanup
also deprecated Resteasy utility methods
closes : #29223
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-05-02 11:21:01 -04:00
Steven Hawkins
3b1ca46be2
fix: updating docs around -q parameter ( #29151 )
...
closes : #27877
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-05-02 16:48:43 +02:00
Douglas Palmer
8d4d5c1c54
Remove redundant servers from the testsuite
...
Closes #29089
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-04-30 17:39:32 +02:00
Jon Koops
a6e2ab5523
Remove jaxrs-oauth-client
and OIDC servlet-filter
adapters
...
Closes #28784
Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-04-26 15:56:57 +02:00
Douglas Palmer
cca660067a
Remove JAAS login modules
...
Closes #28789
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-04-26 09:30:35 +02:00
Douglas Palmer
eae20c76bd
Remove KeycloakInstalled
...
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
Closes #28790
2024-04-26 09:30:35 +02:00
Douglas Palmer
b2f09feebf
Remove servlet filter saml adapters
...
Closes #28786
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-04-26 09:30:35 +02:00
Douglas Palmer
3e13b40648
Remove Spring adapters
...
Closes #28780
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-04-26 09:30:35 +02:00
Douglas Palmer
bf2c97065f
Remove SpringBoot adapters
...
Closes #28781
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-04-26 09:30:35 +02:00
Douglas Palmer
43aa10e091
Remove Tomcat OIDC adapter
...
Closes #28778
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-04-26 09:30:35 +02:00
Douglas Palmer
98faf6e6a0
Remove Tomcat SAML adapter
...
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
Closes #28783
2024-04-26 09:30:35 +02:00
Mark Banierink
ad32896725
replaced and removed deprecated token methods ( #27715 )
...
closes #19671
Signed-off-by: Mark Banierink <mark.banierink@nedap.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-04-23 09:23:37 +02:00
Stefan Guilhen
8ca4bc77a1
Improve the performance of the queries used to find granted resources
...
- simplifies the queries to avoid unnecessary join
- creates two new indexes to speed up search time
Closes #28861
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-04-22 11:26:06 -03:00
Lex Cao
7e034dbbe0
Add IdpConfirmOverrideLinkAuthenticator to handle duplicate federated identity ( #26393 )
...
Closes #26201 .
Signed-off-by: Lex Cao <lexcao@foxmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-04-22 11:30:14 +02:00
Pedro Ruivo
3e0a185070
Remove deprecated EnvironmentDependentProviderFactory.isSupported method
...
Closes #26280
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-04-19 16:36:49 +02:00
Ricardo Martin
fc6b6f0d94
Perform exact string match if redirect URI contains userinfo, encoded slashes or parent access ( #131 ) ( #28872 )
...
Closes keycloak/keycloak-private#113
Closes keycloak/keycloak-private#134
Signed-off-by: rmartinc <rmartinc@redhat.com>
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2024-04-18 16:02:24 +02:00
Martin Bartoš
7f74286106
Emphasize the need for setting container limit
...
Closes #28729
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2024-04-18 15:44:27 +02:00
rmartinc
ddacfbdefd
Remove deprecated LinkedIn social provider
...
Closes #23127
Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-04-18 10:10:58 +02:00
Martin Bartoš
1fb83bb165
Release notes and Migration guide for Hostname v2 ( #28621 )
...
Closes #27730
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Peter Zaoral <pzaoral@redhat.com>
2024-04-17 09:29:59 +02:00
Alexander Schwartz
5b4a69a6e9
Limit the concurrency of password hashing to the number of CPU cores available
...
Closes #28477
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-04-15 15:05:09 +02:00
Steven Hawkins
58398d1f69
fix: replaces aesh with picocli ( #28276 )
...
* fix: replaces aesh with picocli
closes : #28275
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
* fix: replaces aesh with picocli
closes : #28275
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
---------
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-04-15 13:04:58 +00:00
Christopher Miles
1646315939
Deny list lower cases all passwords when loading from file
...
Closes #28381
We always lower case the inbound password before comparing against the deny list
yet the deny list may contain passwords that contain upper case letters. With
this change we will now convert passwords from the deny list into lower case
while loading, ensuring that more passwords match the deny list.
Signed-off-by: Christopher Miles <twitch@nervestaple.com>
2024-04-15 08:49:37 +02:00
Marek Posolda
e6747bfd23
Adjust priority of SubMapper ( #28663 )
...
closes #28661
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-04-12 14:13:03 +02:00
Martin Bartoš
a3669a6562
Make general cache options runtime ( #28542 )
...
Closes #27549
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2024-04-12 11:56:11 +02:00
rmartinc
6d74e6b289
Escape slashes in full group path representation but disabled by default
...
Closes #23900
Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-04-12 10:53:39 +02:00
Marek Posolda
74faddec8e
Release notes for lightweight access tokens and group together relate… ( #28622 )
...
closes #28460
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-04-11 20:02:33 +02:00