libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
12951 commits 4 branches 5 tags 480 MiB
Commit graph

537 commits

Author SHA1 Message Date
mhajas
c6bd293d25 KEYCLOAK-9893 Use SSL in EAP6, add / to url for EAP6 deployment 2019-03-27 14:02:03 +01:00
mposolda
db271f7150 KEYCLOAK-9572 Support for multiple CRLs with X509 authentication 2019-03-20 15:00:44 +01:00
vramik
3cc405b1c5 KEYCLOAK-8542 Remove resteasy workaround - KeycloakStringEntityFilter 2019-03-16 13:53:54 +01:00
mposolda
a48698caa3 KEYCLOAK-6056 Map user by Subject Alternative Name (otherName) when authenticating user with X509 2019-03-15 23:11:47 +01:00
vramik
cf35a4648b KEYCLOAK-9780 Replace XSLT transformations by ant/CLI scripts 2019-03-15 22:18:09 +01:00
Grzegorz Grzybek
79c4d797db KEYCLOAK-9646 Fix itests for Fuse 7.3 
Co-Authored-By: Hynek Mlnarik <hmlnarik@redhat.com>
 2019-03-15 12:58:17 +01:00
rmartinc
2602c222cd KEYCLOAK-4640: LDAP memberships are being replaced instead of being added or deleted 2019-03-14 18:40:15 +01:00
keycloak-bot
e843d84f6e Set version to 6.0.0-SNAPSHOT 2019-03-06 15:54:08 +01:00
mhajas
8a750c7fca KEYCLOAK-6750 Adapt Tomcat adapter tests to new structure 2019-03-06 08:57:46 +01:00
Sebastian Laskawiec
406097a508 KEYCLOAK-6749 Jetty App Server 2019-03-05 15:21:48 +01:00
vramik
845275ef0f KEYCLOAK-9624 support for legacy driver for migration tests 2019-03-05 09:30:31 +01:00
mposolda
89d0c51e13 KEYCLOAK-3159 Migrate federation package from old testsuite 2019-03-04 13:37:12 +01:00
Hynek Mlnarik
37ef47d6ab KEYCLOAK-9509 Upgrade to Wildfly 15 
KEYCLOAK-9584 Update Wildfly Arquillian version

KEYCLOAK-9581: Fix CookiePathTests

KEYCLOAK-9607 CLI sripts and configuration files update

KEYCLOAK-9580 Fix component registration error

KEYCLOAK-9590 Update JDG to newest version

* Infinispan is using whatever version is set in root pom.xml.

KEYCLOAK-9509 Fix Undertow tests

Co-Authored-By: vramik <vramik@redhat.com>
Co-Authored-By: sebastienblanc <scm.blanc@gmail.com>
 2019-02-25 08:56:46 +01:00
stianst
e06c705ca8 Set version 5.0.0 2019-02-21 09:35:14 +01:00
mposolda
e4d4159743 KEYCLOAK-9586 Fix cluster tests. Fix cross-dc tests on embedded undertow 2019-02-20 19:11:38 +01:00
Sebastian Laskawiec
ee41a0450f KEYCLOAK-8349 KEYCLOAK-8659 Use TLS for all tests in the suite 2019-02-08 08:57:48 -02:00
vramik
08e258c0de KEYCLOAK-9269 fix SAMLAdapterClusterTest for EAP6 2019-01-17 17:27:39 +01:00
vramik
c4a46a5591 KEYCLOAK-7677 KEYCLOAK-7723 fix version collision of httpclient 
Co-authored-by: Pedro Igor <psilva@redhat.com>
 2019-01-10 17:45:41 -02:00
stianst
7c9f15778a Set version to 4.8.3.Final 2019-01-09 20:39:30 +01:00
stianst
7c4890152c Set version to 4.8.2 2019-01-03 14:43:22 +01:00
vramik
59bbd82a1a KEYCLOAK-9018 add namespaces to add-hawtio.xsl to fix EAP6Fuse6HawtioAdapterTest 2018-12-06 19:14:46 +01:00
vmuzikar
3e48fa1dbc KEYCLOAK-9023 Add support for Java 11 to the testsuite 2018-12-06 11:47:00 +01:00
vmuzikar
f52d7bef76 KEYCLOAK-9025 Respect app.server.java.home while installing adapters 2018-12-06 11:46:39 +01:00
Hynek Mlnarik
00e0ba8633 KEYCLOAK-8940 Stabilize SessionsPreloadCrossDCTest.loginFailuresPreloadTest 2018-12-04 14:27:57 +01:00
stianst
b674c0d4d9 Prepare for 4.8.0.Final 2018-12-04 13:54:25 +01:00
vramik
4b50fdb404 KEYCLOAK-8955 adapter installation fails on windows - edit logging 2018-12-04 13:50:55 +01:00
vramik
1c46b8936f KEYCLOAK-8994 Update eap71.version in testsuite 2018-12-04 08:59:04 +01:00
vramik
5ad929b9ee KEYCLOAK-8955 adapter installation fails on windows - eap7 2018-11-29 10:18:58 +01:00
Pedro Igor
91637120ee [KEYCLOAK-5052] - LDAP group names containing / in the name violates SIBILING_NAME constraint in db 2018-11-23 08:48:08 -02:00
vramik
abd6e560ac KEYCLOAK-8914 add missing dependency - keycloak-saml-servlet-filter-adapter 2018-11-22 11:29:22 +01:00
vramik
55f90ff09f KEYCLOAK-8837 Adapt TS to be able to test migration from 7.2.5.GA (instead from 7.2.0.GA) 2018-11-19 18:06:33 +01:00
Takashi Norimatsu
0793234c19 KEYCLOAK-8460 Request Object Signature Verification Other Than RS256 (#5603) 
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256

also support client signed signature verification by refactored token
verification mechanism

* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256

incorporate feedbacks and refactor client public key loading mechanism

* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256

unsigned request object not allowed

* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256

revert to re-support "none"
 2018-11-19 14:28:32 +01:00
mposolda
0533782d90 KEYCLOAK-7275 KEYCLOAK-5479 Faster offline sessions preloading at startup. Track lastSessionRefresh timestamps more properly by support bulk update to DB 2018-11-16 14:23:28 +01:00
vramik
22d8fb17f5 KEYCLOAK-8771 add jboss-jsp-api_2.3_spec dependency to app-server-undertow 2018-11-14 22:34:14 +01:00
stianst
ecd476fb10 Prepare for 4.7.0.Final 2018-11-14 20:10:59 +01:00
mposolda
0897d969b1 KEYCLOAK-7340 2018-11-14 20:09:22 +01:00
Hynek Mlnarik
7703d81389 KEYCLOAK-7421 Support SAML cluster logout for Elytron SAML adapter 2018-11-09 21:06:50 +01:00
mhajas
6d04247947 KEYCLOAK-8047 Make Photoz tests great: run them on undertow + make them 
stable
 2018-11-09 12:45:38 +01:00
vramik
560d76b7ee KEYCLOAK-6748 undertow saml adapter tests 2018-11-06 21:17:07 +01:00
scranen
0c6b20e862 [KEYCLOAK-4342] Make adapter state cookie path configurable 2018-11-06 10:28:06 -02:00
mposolda
9652748ba9 KEYCLOAK-8484 Remove audience client scope template 2018-10-31 11:11:02 +01:00
vramik
7a96911a83 KEYCLOAK-8300 KEYCLOAK-8301 Wildfly 14 upgrade 
Co-authored-by: Marek Posolda <mposolda@redhat.com>
 2018-10-17 20:01:07 +02:00
mposolda
4483677cdd KEYCLOAK-8529 Fix most of adapter tests on EAP6 2018-10-12 12:01:33 +02:00
Mark True
28b6e4dd5b cleaning up to do PR 2018-10-08 09:16:53 +02:00
mposolda
2a4cee6044 KEYCLOAK-6884 KEYCLOAK-3454 KEYCLOAK-8298 Default 'roles' and 'web-origins' client scopes. Add roles and allowed-origins to the token through protocol mappers 2018-10-04 12:00:38 +02:00
Pedro Igor
b4b3527df7 [KEYCLOAK-7950] - Fixes user pagination when using filtering users members of groups 2018-10-02 15:44:23 -03:00
stianst
c3fc9e9815 Set version to 4.6.0.Final-SNAPSHOT 2018-09-26 20:58:41 +02:00
vramik
24b7d080af KEYCLOAK-8268 unify fuse70 and fuse71 modules into fuse7x module 2018-09-20 10:27:17 +02:00
wyvie
01051016f5 [KEYCLOAK-8185] add clear method to exportimport resource 2018-09-13 11:54:28 +02:00
stianst
bf758809ba KEYCLOAK-6229 OpenShift Token Review interface 2018-09-07 08:21:28 +02:00
stianst
1fb4ca4525 Set version to 4.5.0.Final 2018-09-06 20:08:02 +02:00
mposolda
f0ba8f6591 KEYCLOAK-8139 Added wildfly-deprecated module for adapters testing. Remove wildfly9 and wildfly10 2018-09-03 08:56:09 +02:00
mhajas
ccba07a5c0 KEYCLOAK-7213 Make example tests running on app-server-undertow 2018-08-29 13:13:06 +02:00
mposolda
e4d05a7852 KEYCLOAK-8127 Added support for app-server-eap71. Make sure ConsoleProtectionTest is executed just for app-server-eap71 2018-08-27 12:52:53 +02:00
mposolda
6fc99cd749 KEYCLOAK-7594 Upgrade to Wildfly 13. Cross-DC: Upgrade to infinispan server 9.2.4 and JDG 7.2 
Co-authored-by: Douglas Palmer <dpalmer@redhat.com>
Co-authored-by: stianst <stianst@gmail.com>
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
 2018-08-27 12:52:53 +02:00
mposolda
575851d45c KEYCLOAK-6038 Kerberos cross-realm trust test 2018-08-10 13:31:36 +02:00
Martin Kanis
ee8c35a48e KEYCLOAK-6119 Create CI job for Postgres with schema 2018-08-08 08:57:11 +02:00
Hynek Mlnarik
fb58214fcc KEYCLOAK-7994 Move examples to test-apps 2018-08-08 08:55:38 +02:00
mposolda
27719565ae KEYCLOAK-4298 Migrate LDAP tests to the new testsuite 2018-08-06 12:08:19 +02:00
Hynek Mlnarik
65030e2c73 KEYCLOAK-7993 Fix failing Fuse 7 tests 2018-08-06 08:22:30 +02:00
mposolda
959cd035ba Set version to 4.3.0.Final-SNAPSHOT 2018-08-01 22:40:05 +02:00
Hynek Mlnarik
26bf7f251d KEYCLOAK-7888 Update Fuse adapter examples to new CXF registration 2018-07-19 15:22:42 +02:00
vramik
54fcbf12b0 KEYCLOAK-7666 - adapter tests - eap6-fuse6 provider 2018-07-18 13:46:56 +02:00
vramik
401a347f6f KEYCLOAK-7817 Update eap6.version in testsuite 2018-07-11 15:28:33 +02:00
rmartinc
4a82979792 KEYCLOAK-1925: SAML adapter multitenant support 2018-07-10 13:21:11 +02:00
mposolda
d0a824dde4 Updating version to 4.2.0.Final-SNAPSHOT 2018-07-05 07:42:48 -04:00
vramik
8a37395760 KEYCLOAK-7722 Move eap6 specific config files to its module 2018-07-04 08:56:24 +02:00
vramik
c97e7e720e KEYCLOAK-7550 - adapter tests - Fuse7.1 provider 2018-06-28 16:24:02 +02:00
vramik
591093f867 KEYCLOAK-7730 - revert OSGiApplicationArchiveProcessor moved into fuse app servers 2018-06-28 10:22:25 -03:00
vramik
9039b44f4d KEYCLOAK-7718 DemoFilterServletAdapterTest test not configured correctly 2018-06-28 09:33:52 -03:00
vramik
8ac7bda52c KEYCLOAK-7589 - adapter tests - Fuse7.0 provider 2018-06-28 08:45:02 +02:00
vramik
39cbf4e9ab KEYCLOAK-7588 - adapter tests - Fuse6.3 provider 2018-06-26 16:47:01 +02:00
vramik
8fdadcc596 KEYCLOAK-7475 adapter tests - add Wildfly10 and Wildfly9 providers 2018-06-25 14:31:11 +02:00
vramik
d9f79fae79 KEYCLOAK-7510 Add Support for server specific ArchiveProcessor 2018-06-22 11:38:57 +02:00
Hynek Mlnarik
530a710dce KEYCLOAK-7412 Tests for Fuse 7.0 2018-06-22 08:59:44 +02:00
stianst
e1a0e581b9 Update to 4.1.0.Final-SNAPSHOT 2018-06-14 14:22:28 +02:00
vramik
f19a324030 KEYCLOAK-7587 Some system properties are not included 2018-06-12 11:42:10 +02:00
vramik
9e42be09d7 KEYCLOAK-7517 - adapter tests - EAP6 provider 2018-06-11 13:46:59 +02:00
vramik
7d466be94e KEYCLOAK-6541 rename AppServerContainerSPI to AppServerContainerProvider 2018-06-11 13:46:59 +02:00
vramik
a5c0cbc3b4 KEYCLOAK-7473 app-server-eap provider 2018-06-11 13:46:59 +02:00
vramik
bb5dc4c473 KEYCLOAK-6745 Adapter tests - remove abstract adapter test classes 2018-06-11 13:46:59 +02:00
vramik
132386f64d KEYCLOAK-6541 app server wildfly provider 2018-06-11 13:46:59 +02:00
vramik
b0c89d739b KEYCLOAK-6541 app server undertow support 2018-06-11 13:46:59 +02:00
vramik
6a07a7ed2c KEYCLOAK-6541 base changes 2018-06-11 13:46:59 +02:00
vramik
f293ab86c3 KEYCLOAK-7267 change a way how to install adapters in testsuite from online to offline scripts 2018-06-11 13:46:59 +02:00
Marek Posolda
49407c2e4f
KEYCLOAK-6630 Client scopes initial support (#5076) 
* KEYCLOAK-6630 KEYCLOAK-349 Client Scopes

Co-authored-by: vramik <vramik@redhat.com>

* KEYCLOAK-6630 Change some clientTemplate occurences to clientScope
 2018-06-08 15:38:38 +02:00
Vlasta Ramik
4d1474afe0 KEYCLOAK-7549 Update artifactId according to latest Fuse7 build (#5253) 2018-06-08 15:15:34 +02:00
Pedro Igor
aa128d6c07
Merge pull request #5240 from pedroigor/KEYCLOAK-7353 
[KEYCLOAK-7353] Support Policy Management in Protection API
 2018-06-07 11:05:49 -03:00
Federico M. Facca
5a9bfea419 [KEYCLOAK-7353] Support Policy Management in Protection API 
See https://issues.jboss.org/browse/KEYCLOAK-7353
 2018-06-06 19:36:42 -03:00
Tomas Kyjovsky
1b4d9a6147 KEYCLOAK-7440 Modcluster configuration for functional cluster test is broken 2018-06-06 20:40:50 +02:00
Takashi Norimatsu
c586c63533 KEYCLOAK-6771 Holder of Key mechanism 
OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access
Tokens
 2018-06-05 08:18:29 +02:00
Stian Thorgersen
dbf5c395b0
Bump version to 4.0.0.Final (#5224) 2018-05-24 19:02:30 +02:00
vramik
99119562bb KEYCLOAK-7312 removed as7, wf8 test modules 2018-05-14 09:10:05 +02:00
mhajas
3ced81a2c2 KEYCLOAK-7315 Fix issues in JavascriptAdapter tests (#5193) 
more in issue KEYCLOAK-7315
 2018-05-07 14:47:56 -04:00
Stian Thorgersen
90e5c7f3eb
Bump version to 4.0.0.Beta3-SNAPSHOT (#5185) 2018-05-02 14:32:20 +02:00
vramik
81918713dd KEYCLOAK-6744 Adapter tests - set container based on property 2018-05-02 13:52:59 +02:00
vramik
8b5fd2b4ac KEYCLOAK-7091 fuse7 testsuite 2018-04-25 14:35:56 +02:00
mhajas
9ed221b168 KEYCLOAK-6873 Fix jboss cli script for removing elytron subsystem 2018-04-06 17:07:17 +02:00
mhajas
70b3f6bd92 KEYCLOAK-6840 Remove untracked file and unpack js adapter directly to testsuite provider target directory (#5133) 2018-04-06 11:47:10 +02:00
mhajas
5022015e4a KEYCLOAK-6836 Fix adding log level for adapters on EAP6 (#5132) 2018-04-06 11:46:03 +02:00
Bill Burke
06f32a47ec fake browser tests 2018-03-30 08:24:30 -04:00
stianst
07fea02146 Bump versions to 4.0.0.Beta2-SNAPSHOT 2018-03-26 18:17:38 +02:00
Pedro Igor
f824582aac
Merge pull request #5009 from pedroigor/KEYCLOAK-6116 
[KEYCLOAK-6116] - Get email attribute from 'subject alternative name' using X509 certificate
 2018-03-12 09:58:02 -03:00
Hynek Mlnarik
190771ddf1 KEYCLOAK-6783 Add authentication into cross-dc testing 2018-03-09 15:08:55 +01:00
pedroigor
1f13427dee [KEYCLOAK-6116] - Enabling tests for both jboss servers 2018-03-09 10:56:35 -03:00
pedroigor
6aee573e2e [KEYCLOAK-6116] - Tests for X509 Subject Alternative Name Extension 2018-03-09 10:56:35 -03:00
pedroigor
c5c285abc3 [KEYCLOAK-6116] - Adding a OpenSSL CA Authority for testing 2018-03-09 10:56:35 -03:00
vramik
569f26776e KEYCLOAK-5060 KEYCLOAK-3157 migrated Adapter package from old testsuite 2018-03-02 10:56:26 +01:00
vmuzikar
d70e4740fc KEYCLOAK-6693 Support external truststore in testsuite 2018-02-27 07:45:21 +01:00
mhajas
e2ad59a74d KEYCLOAK-4816 KEYCLOAK-4817 Move javascript tests to base testsuite and (#4964) 
* KEYCLOAK-4816 KEYCLOAK-4817 Move javascript tests to base testsuite and
use JavascriptExecutor

* Use PhantomJS 2.1.1 instead of 1.9.8 in Travis CI
 2018-02-26 10:49:05 +01:00
stianst
505cf5b251 KEYCLOAK-6519 Theme resource provider 2018-02-09 08:28:59 +01:00
Bill Burke
a571781240 hynek db changes 2018-01-30 17:00:55 -05:00
Bill Burke
4a044fe867 add ofline token test 2018-01-29 17:08:13 -05:00
Bill Burke
79f9de9de4 Merge remote-tracking branch 'upstream/master' into client-storage-spi 2018-01-29 12:28:26 -05:00
Bill Burke
1d8e38f0c6 admin console 2018-01-27 13:05:02 -05:00
Bill Burke
6b84b9b4b6 done 1st iteration 2018-01-27 09:47:16 -05:00
mhajas
f0511c5f51 KEYCLOAK-6392 Install elytron adapter on windows 2018-01-26 11:21:53 +01:00
Bill Burke
a9297df89c KEYCLOAK-6335 2018-01-23 12:09:49 -05:00
stianst
0bedbb4dd3 Bump version to 4.0.0.CR1-SNAPSHOT 2017-12-21 15:06:00 +01:00
Hynek Mlnarik
2a2e6c839b KEYCLOAK-5635 2017-12-13 21:07:46 +01:00
mposolda
b8416dfa3e KEYCLOAK-5981 Test Impersonation works when authenticationSession exists 2017-12-12 09:43:34 +01:00
mhajas
10219c1157 KEYCLOAK-6005 Fail build when adapters installation fails 2017-12-08 13:32:44 +01:00
mposolda
6c34b4c418 KEYCLOAK-5914 Periodic clean of detached client sessions 2017-12-05 08:25:30 +01:00
stianst
37de8e9f69 Bump version to 3.4.2.Final-SNAPSHOT 2017-12-01 09:34:48 +01:00
vramik
6bb04617a6 KEYCLOAK-5802 fix install-adapters.sh script for wildfly10 and below 2017-11-30 12:58:11 +01:00
Martin Kanis
603052c594 KEYCLOAK-5883 Deploy testsuite during product build 2017-11-30 10:50:06 +01:00
stianst
2be78a0239 KEYCLOAK-5924 Add error handler for uncaught errors 2017-11-30 10:33:13 +01:00
Pavel Drozd
4408cdb5c7
Merge pull request #4756 from tkyjovsk/KEYCLOAK-5922 
KEYCLOAK-5922 Cluster tests don't work with non-undertow server
 2017-11-30 09:24:39 +01:00
Hynek Mlnarik
9cae8b79e4 KEYCLOAK-5908 Fix relay configuration 2017-11-29 22:22:35 +01:00
Tomas Kyjovsky
4240295af9 KEYCLOAK-5922 Cluster tests don't work with non-undertow server 2017-11-28 17:35:13 +01:00
vramik
02220558e6 KEYCLOAK-5705 add missing dependency to module.xml for mssql migration server 2017-11-22 14:09:01 +01:00
mposolda
bd1072d2eb KEYCLOAK-5747 Ensure refreshToken doesn't need to send request to the other DC. Other fixes and polishing 2017-11-22 11:55:12 +01:00
vramik
afd906b9a9 KEYCLOAK-5705 add missing dependency to module.xml for mssql in eap module 2017-11-21 21:51:19 +01:00
vramik
c083c1c4cf KEYCLOAK-5873 set DB_CLOSE_ON_EXIT to false when crossdc tests are run on in memory H2 2017-11-21 21:46:59 +01:00
mposolda
a98f085be6 KEYCLOAK-5618 Fix SessionsPreloadCrossDCTest. Update HOW-TO-RUN docs. Ensure it's executed in travis. 2017-11-09 17:39:04 +01:00
Stian Thorgersen
128ff12f8f Bump versions 2017-11-09 15:37:21 +01:00
mposolda
62a1c187a2 KEYCLOAK-5716 KEYCLOAK-5738 Avoid infinispan deadlock. Ensure code-to-token works correctly in cross-dc 2017-11-07 09:01:59 +01:00
Pedro Igor
081ad09ed8 Merge pull request #4619 from pedroigor/KEYCLOAK-4901 
[KEYCLOAK-4901] - Reviewing methods on provider spi
 2017-10-26 15:33:09 -03:00
Pedro Igor
a70cab502c [KEYCLOAK-4901] - Reviewing methods on provider spis 2017-10-26 13:39:57 -02:00
Tomas Kyjovsky
a45a2acc4c KEYCLOAK-5691 Galera cluster, full testsuite 2017-10-26 15:27:57 +02:00
Hynek Mlnarik
75c354fd94 KEYCLOAK-5745 Separate user and client sessions in infinispan 2017-10-26 10:39:41 +02:00
mposolda
9a19e95b60 KEYCLOAK-5710 Change cache-server to use backups based caches 2017-10-24 11:52:08 +02:00
Stan Silvert
9083e5fe5c KEYCLOAK-5298: Enable autoescaping in Freemarker (#4561) 
* KEYCLOAK-5298: Enable autoescaping in Freemarker

* Fix several of the failing tests.

* Fix broken tests in integration-deprecated

* Fix last failing test.
 2017-10-23 12:03:00 -04:00
vramik
25d785df02 KEYCLOAK-5705 add missing dependency to module.xml for mssql 2017-10-20 12:56:51 +02:00
Thomas Darimont
3103e0fd0a KEYCLOAK-5244 Add BlacklistPasswordPolicyProvider (#4370) 
* KEYCLOAK-5244 Add BlacklistPasswordPolicyProvider

This introduces a new PasswordPolicy which can refer to
a named predefined password-blacklist to avoid users
choosing too easy to guess passwords.

The BlacklistPasswordPolicyProvider supports built-in as
well as custom blacklists.
built-in blacklists use the form `default/filename`
and custom ones `custom/filename`, where filename
is the name of the found blacklist-filename.

I'd propose to use some of the freely available password blacklists
from the [SecLists](https://github.com/danielmiessler/SecLists/tree/master/Passwords) project.

For testing purposes one can download the password blacklist
```
wget -O 10_million_password_list_top_1000000.txt https://github.com/danielmiessler/SecLists/blob/master/Passwords/10_million_password_list_top_1000000.txt?raw=true
```
to /data/keycloak/blacklists/

Custom password policies can be configured with the SPI
configuration mechanism via jboss-cli:
```
/subsystem=keycloak-server/spi=password-policy:add()
/subsystem=keycloak-server/spi=password-policy/provider=passwordBlacklist:add(enabled=true)
/subsystem=keycloak-server/spi=password-policy/provider=passwordBlacklist:write-attribute(name=properties.blacklistsFolderUri, value=file:///data/keycloak/blacklists/)
```

Password blacklist is stored in a TreeSet.

* KEYCLOAK-5244 Encode PasswordBlacklist as a BloomFilter

We now use a dynamically sized BloomFilter with a
false positive probability of 1% as a backing store
for PasswordBlacklists.

BloomFilter implementation is provided by google-guava
which is available in wildfly.

Password blacklist files are now resolved against
the ${jboss.server.data.dir}/password-blacklists.

This can be overridden via system property, or SPI config.
See JavaDoc of BlacklistPasswordPolicyProviderFactory for details.

Revised implementation to be more extensible, e.g. it could be
possible to use other stores like databases etc.

Moved FileSystem specific methods to FileBasesPasswordBlacklistPolicy.

The PasswordBlacklistProvider uses the guava version 20.0
shipped with wildfly. Unfortunately the arquillian testsuite
transitively depends on guava 23.0 via the selenium-3.5.1
dependency. Hence we need to use version 23.0 for tests but 20.0
for the policy provider to avoid NoClassDefFoundErrors in the
server-dist.

Configure password blacklist folder for tests

* KEYCLOAK-5244 Configure jboss.server.data.dir for test servers

* KEYCLOAK-5244 Translate blacklisted message in base/login
 2017-10-17 20:41:44 +02:00
Hynek Mlnarik
056ba75a72 KEYCLOAK-5656 Use standard infinispan remote-store 2017-10-16 21:49:42 +02:00
mposolda
1874820008 KEYCLOAK-5371 Fix ConcurrentLoginCrossDCTest.concurrentLoginWithRandomDcFailures 2017-10-11 13:02:55 +02:00
Hynek Mlnarik
fe972ce12b KEYCLOAK-5656 Remove remoteServers configuration option 2017-10-09 11:58:28 +02:00
Hynek Mlnarik
6cbfbeca0b KEYCLOAK-5656 Remove KeycloakTcpTransportFactory 2017-10-06 13:20:17 +02:00
mposolda
bca4c35708 KEYCLOAK-5371 Fix ActionTokenCrossDCTest and BruteForceCrossDCTest 2017-10-04 13:25:45 +02:00
Hynek Mlnařík
9aa4c3cf22 Merge pull request #4530 from vramik/KEYCLOAK-5586 
KEYCLOAK-5586 crossdc tests on Wildfly using real database
 2017-10-04 13:10:08 +02:00
vramik
b0a1550df5 KEYCLOAK-5586 crossdc tests on Wildfly using real database 2017-10-04 12:00:18 +02:00
Pavel Drozd
8e5db87b50 Merge pull request #4505 from mhajas/KEYCLOAK-5568 
KEYCLOAK-5568 Run ConsoleProtection tests only with elytron
 2017-10-04 08:02:31 +02:00
vramik
f806d4a5d6 KEYCLOAK-5586 Add support for testing cross dc tests on jboss-based containers 2017-10-03 14:01:45 +02:00
mposolda
3b6e1f4e93 KEYCLOAK-5007 Used single-use cache for tracke OAuth code. OAuth code changed to be encrypted and signed JWT 2017-09-29 13:20:22 +02:00
mhajas
efb43682a9 KEYCLOAK-5568 Run ConsoleProtection tests only with elytron 2017-09-27 17:45:20 +02:00
Antonio Howcroft Ferreira
a551195ddf KEYCLOAK-2035 update with feedback from PR by bburke 2017-09-22 15:05:49 +01:00
howcroft
e78bf5f876 Keycloak 2035 
This PR adds:
* an endpoint to Role that lists users with the Role
* a tab "Users in Role" in Admin console Role page
* it is applicable to Realm and Client Roles
* Extends UserQueryProvider with default methods (throwing Runtime Exception if not overriden)
* Testing in base testsuite and Console
 2017-09-22 15:05:49 +01:00
mhajas
330cb022eb KEYCLOAK-5320 Configure SSL using creaper 2017-09-08 13:19:48 +02:00
Stian Thorgersen
463661b051 Set version to 3.4.0.CR1-SNAPSHOT 2017-08-28 15:46:22 +02:00
Hynek Mlnarik
794c508b10 KEYCLOAK-4995 Support for distributed SAML logout in cross DC 2017-08-28 13:15:11 +02:00
mposolda
05c8c74c96 KEYCLOAK-5294 Updated README for cross-dc setup on Wildfly 2017-08-25 17:53:45 +02:00
Stian Thorgersen
20ac70d3fd KEYCLOAK-5119 (#4400) 2017-08-22 08:07:36 +02:00
mposolda
868e76fcf3 KEYCLOAK-4630 Added SessionsPreloadCrossDCTest for test preloading sessions and offline sessions. Support for manual.mode to control manually lifecycle of all servers. 2017-08-11 17:44:00 +02:00
Pavel Drozd
6bdc49048a KEYCLOAK-5267 Fuse tests - added timeouts for closing ssh channel 2017-08-09 13:39:04 +02:00
mposolda
251b41a7ac KEYCLOAK-4187 Fix LastSessionRefreshCrossDCTest and ConcurrentLoginCrossDCTest 2017-08-07 11:55:49 +02:00
mposolda
07e2136b3b KEYCLOAK-4187 Added UserSession support for cross-dc 2017-07-27 22:32:58 +02:00
Stian Thorgersen
badba7adaf KEYCLOAK-5143 Run auth-server-wildfly profile on Travis (#4317) 2017-07-14 07:01:54 +02:00
Stian Thorgersen
5fbb362710 KEYCLOAK-5119 Set encoding for TestingResourceProvider.runOnServer (#4292) 2017-07-05 13:39:16 +02:00
Stian Thorgersen
9a9f4137e5 KEYCLOAK-4556 KEYCLOAK-5022 Only cache keycloak.js and iframe if specific version is requested (#4289) 2017-07-04 21:18:34 +02:00
Stian Thorgersen
454c5f4d83 Set version to 3.3.0.CR1-SNAPSHOT 2017-06-30 09:47:11 +02:00
Hynek Mlnarik
5e16a32f86 KEYCLOAK-5106 Fix BasicSamlTest on auth-server-wildfly 2017-06-28 20:47:43 +02:00
mhajas
29c2ef4c60 KEYCLOAK-5097 fix property name 2017-06-27 12:28:32 +02:00
Pavel Drozd
b02d48f772 Merge pull request #4249 from vramik/KEYCLOAK-5048 
KEYCLOAK-5048 missing keycloak version in logs when staring auth-serv…
 2017-06-27 11:40:26 +02:00
Bill Burke
22987bb90b Merge pull request #4250 from mposolda/RHSSO-1027 
KEYCLOAK-5085 Easy fix to just handle the exception
 2017-06-26 10:04:02 -04:00
Hynek Mlnarik
955cbc76d7 KEYCLOAK-5030 Change action tokens cache type to distributed 2017-06-26 10:11:53 +02:00
mposolda
756d996a4a KEYCLOAK-5085 RHSSO-1027 Fix to handle the exception thrown from alternative flow 2017-06-23 19:13:43 +02:00
vramik
e75f47d523 KEYCLOAK-5048 missing keycloak version in logs when staring auth-server-wildfly container. 2017-06-22 09:20:11 +02:00
mposolda
fc61a4e89f KEYCLOAK-4631 Move ClientInitialAccessModel from userSession model to realm model 2017-06-21 22:14:20 +02:00
Hynek Mlnarik
2e2d15be9f KEYCLOAK-4189 Infinispan cache and channel statistics for Cross-DC-testing 2017-06-20 12:48:08 +02:00
vramik
5d72def1bc KEYCLOAK-4189 add possibility to use jdg as cache server 2017-06-15 12:57:25 +02:00
Hynek Mlnarik
bdadef1282 KEYCLOAK-4189 Fix in instructions for running Cross-DC tests 2017-06-14 14:36:10 +02:00
Hynek Mlnarik
a0f3a6469f KEYCLOAK-4189 - Cross DC testing 2017-06-12 11:14:28 +02:00
Pavel Drozd
a52a1f4618 Merge pull request #4196 from vramik/KEYCLOAK-4481 
KEYCLOAK-4481 some authz export tests
 2017-05-30 16:56:54 +02:00
Tomas Kyjovsky
67bee0dfc2 Upgraded wildfly-arquillian-container-* artifacts to 2.1.0.Alpha2 and added wildfly10 modules in app servers and adapter tests 2017-05-30 14:25:51 +02:00
vramik
8f1938c28d KEYCLOAK-4481 Role based permission test 2017-05-30 13:10:09 +02:00
mposolda
c4f172afe7 KEYCLOAK-4977 Upgrade infinispan and undertow version to align with Wildfly 11.0.0.Alpha1 2017-05-26 14:29:30 +02:00
mhajas
88473ce3c1 KEYCLOAK-4959 Use desired version of adapter 2017-05-25 12:02:16 +02:00
Pavel Drozd
c230edbf72 Merge pull request #4151 from pdrozd/KEYCLOAK-4931 
KEYCLOAK-4931 - install patch available from http
 2017-05-23 14:01:44 +02:00
Pavel Drozd
60ef910b5b KEYCLOAK-4931 - install patch available from http 2017-05-18 23:47:12 +02:00
Pavel Drozd
53ab314eb9 KEYCLOAK-4930 - Updated install-keycloak script for overlay installation - added ha installation. 2017-05-18 23:35:04 +02:00
mposolda
7d8796e614 KEYCLOAK-4626 Support for sticky sessions with AUTH_SESSION_ID cookie. Clustering tests with embedded undertow. Last fixes. 2017-05-11 22:24:07 +02:00
mposolda
e7272dc05a KEYCLOAK-4626 AuthenticationSessions - brokering works. Few other fixes and tests added 2017-05-11 22:16:26 +02:00
mposolda
a9ec69e424 KEYCLOAK-4626: AuthenticationSessions - working login, registration, resetPassword flows 2017-05-11 22:16:26 +02:00
mposolda
83b29c5080 KEYCLOAK-4626 AuthenticationSessions: start 2017-05-11 22:16:26 +02:00
Stian Thorgersen
87dedb56e5 Set version to 3.2.0.CR1-SNAPSHOT 2017-04-27 14:23:03 +02:00
Pedro Igor
80a80512ea [KEYCLOAK-4769] - Policy enforcer path matching tests 2017-04-20 13:21:01 -03:00
Pedro Igor
55f747ecd0 [KEYCLOAK-3135] - Part 1: Permission Management API 2017-04-12 00:52:13 -03:00
Pavel Drozd
b4c5eb8354 Merge pull request #3994 from vramik/KEYCLOAK-4534 
KEYCLOAK-4534 ClientInitiatedAccountLinkTest fails with auth-server-w…
 2017-04-04 10:47:36 +02:00
Pedro Igor
f857625d07 [KEYCLOAK-3573] - Elytron adapter CLI scripts and tests. 2017-03-31 11:31:33 -03:00