keycloak-scim

Author	SHA1	Message	Date
Stefan Guilhen	7f232f1510	Switch to VaultStringSecret to avoid encoding issues when special characters (such as §) are present in the ldap bind credential Closes #29808 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-05-27 10:11:16 -03:00
Dimitri Papadopoulos Orfanos	64a145e960	Fix user-facing typos in error messages (#29326 ) Update resource file and tests accordingly Signed-off-by: Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com>	2024-05-16 09:55:41 +02:00
Alexander Schwartz	2d053312a0	Retrieve UUID from LDAP in same context (#29470 ) This should avoid out-of-sync problems in distributed LDAP environments. Closes #29206 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-05-13 16:18:30 +02:00
Dimitri Papadopoulos Orfanos	cd8e0fd333	Fix user-facing typos in Javadoc (#28971 ) Signed-off-by: Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com> Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>	2024-05-06 18:57:55 +00:00
Robin Meese	8a5fb8337b	Fix catching NameAlreadyBoundException Closes #29142 Signed-off-by: Robin Meese <39960884+robson90@users.noreply.github.com>	2024-05-02 15:10:08 -03:00
Tero Saarni	64862d568e	Convert database errors to 500 instead of 400. Signed-off-by: Tero Saarni <tero.saarni@est.tech>	2024-04-22 11:42:18 -03:00
Pedro Ruivo	3e0a185070	Remove deprecated EnvironmentDependentProviderFactory.isSupported method Closes #26280 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-04-19 16:36:49 +02:00
Stefan Guilhen	e6b9d287af	Add null checks after retrieving user from LDAP for validation to prevent NPE when user is removed in LDAP. Closes #28523 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-04-11 14:29:30 -03:00
Stijn Last	e9498079e0	LDAP: Show error message when groups synchronization fails closes: #28436 Signed-off-by: Stijn Last <stijn.last@barco.com>	2024-04-09 09:10:19 -03:00
Pedro Igor	52ba9b4b7f	Make sure attribute metadata from user storage providers are added only for the provider associated with a federated user Closes #28248 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-04-08 09:05:16 -03:00
Stefan Guilhen	9bb2402d3b	Propagate Username LDAP Attribute changes to the username mapper to keep mapper and main LDAP storage config in synch. Closed #27984 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-04-03 09:11:55 -03:00
Stefan Guilhen	2ca59d4141	Align isEnabled in MSAD mappers to how other properties are processed in UserAttributeLDAPStorageMapper - user model is updated by onImport with the enabled/disabled status of the LDAP user - a config option always.read.enabled.value.from.ldap was introduced, in synch to what we have in UserAttributeLDAPStorageMapper - isEnabled checks the flag to decide if it should always retrieve the value from LDAP, or return the local value. - setEnabled first updates the LDAP tx, and then calls the delegate to avoid issue #24201 Closes #26695 Closed #24201 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-04-01 08:20:35 -03:00
Pedro Igor	b9a7152a29	Avoid commiting the transaction prematurely when creating users through the User API Closes #28217 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-03-27 19:16:09 -03:00
rmartinc	d679c13040	Continue LDAP search if a duplicated user (ModelDuplicateException) is found Closes #25778 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-03-13 08:52:58 -03:00
Steven Hawkins	8d9439913c	fix: removal of resteasy-core (#27032 ) * fix: partial removal of resteasy-core Signed-off-by: Steve Hawkins <shawkins@redhat.com> * fix: fully removing resteasy-core closes: #26315 Signed-off-by: Steve Hawkins <shawkins@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-02-29 11:43:13 +00:00
Ricardo Martin	3bc074913e	Allow LDAP provider to search using any attribute configured via mappers (#26235 ) Closes #22436 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-02-21 08:48:39 +00:00
Stefan Guilhen	143ccbfa15	Check if kerberos auth is enabled before creating the kerberos principal in LDAPStorageProvider - prevents misleading warn messages from being logged Closes #25294 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-02-16 15:44:45 +01:00
Stefan Guilhen	2161e72872	Add migration for the useTruststoreSpi config property in LDAP user storage provider - legacy `ldapsOnly` value now migrated to `always`. Closes #25912 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-02-12 11:53:19 +01:00
Stefan Guilhen	eac43822c3	Avoid changing the config value for the useTruststoreSpi property - prevents cached LDAPConfig entry from changing when retrieving this value Closes #25912 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-02-12 11:53:19 +01:00
Stefan Guilhen	d3ae075a33	Fix MembershipType so that NPE is not thrown when an empty member is found within a group Closes #25883 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-02-09 19:04:37 +01:00
rmartinc	509f618992	Improvements for test connection and authentication in the LDAP provider Closes #26464 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-02-06 13:04:06 -03:00
Marek Posolda	651d99db25	Allow selecting attributes from user profile when managing token mappers (#26415 ) * Allow selecting attributes from user profile when managing token mappers closes #24250 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2024-01-25 17:01:02 +01:00
Martin Kanis	7797f778d1	Map Store Removal: Rename legacy modules Closes #24107 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-01-25 16:29:16 +01:00
Martin Kanis	84603a9363	Map Store Removal: Rename Legacy* classes (#26273 ) Closes #24105 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-01-23 13:50:31 +00:00
rmartinc	42f0488d76	Avoid returning duplicated users in LDAP and unsynced Closes #24141 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-01-10 12:47:15 +01:00
Réda Housni Alaoui	5287500703	@NoCache is not considered anymore Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com>	2024-01-02 09:06:55 -03:00
mposolda	eb184a8554	More info on UserProfileContext closes #25691 Signed-off-by: mposolda <mposolda@gmail.com>	2023-12-19 13:00:31 -03:00
rmartinc	4e7bd76954	Use conditions instead of String for filters and just use default escape strategy Closes https://github.com/keycloak/keycloak/issues/24767 Signed-off-by: rmartinc <rmartinc@redhat.com>	2023-12-14 15:50:46 -03:00
rmartinc	c8009b4627	Ensure that all LDAP conditions escape attribute values Closes https://github.com/keycloak/keycloak/issues/24767 Signed-off-by: rmartinc <rmartinc@redhat.com>	2023-12-14 15:50:46 -03:00
Ricardo Martin	f78c54fa42	Fixes for LDAP group membership and search in chunks Closes #23966	2023-12-08 17:55:17 +01:00
rmartinc	31b7c9d2c3	Add UP decorator to SSSD provider Closes https://github.com/keycloak/keycloak/issues/25075 Signed-off-by: rmartinc <rmartinc@redhat.com>	2023-12-01 15:41:05 +01:00
mposolda	479e6bc86b	Update Kerberos provider for user-profile closes #25074 Signed-off-by: mposolda <mposolda@gmail.com>	2023-11-29 15:21:26 -03:00
Tero Saarni	ab3758842c	Add configuration option for LDAP referral (#24852 ) Signed-off-by: Tero Saarni <tero.saarni@est.tech>	2023-11-28 14:06:34 +01:00
Pedro Igor	2c611cb8fc	User profile configuration scoped to user-federation provider closes #23878 Co-Authored-By: mposolda <mposolda@gmail.com> Signed-off-by: mposolda <mposolda@gmail.com>	2023-11-27 14:45:44 +01:00
Stian Thorgersen	a32b58d337	Escape ldap id when using normal attribute syntax (#25 ) (#25036 ) Closes https://github.com/keycloak/security/issues/46 Co-authored-by: Ricardo Martin <rmartinc@redhat.com>	2023-11-27 11:38:14 +01:00
rmartinc	6963364514	Keep same name on update for LDAP attributes Closes https://github.com/keycloak/keycloak/issues/23888	2023-11-09 23:54:45 +01:00
Alice	69497382d8	Group scalability upgrades (#22700 ) closes #22372 Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: Michal Hajas <mhajas@redhat.com>	2023-10-26 16:50:45 +02:00
rmartinc	d10ccc7245	Use jdk LdapName and Rdn to parse inside LDAPDn and RDN and avoid string conversions Closes: https://github.com/keycloak/keycloak/issues/21797 Closes: https://github.com/keycloak/keycloak/issues/21818	2023-10-19 08:31:49 +02:00
Martin Bartoš	21a23ace1d	Mark required config properties for LDAP Mappers Closes #23685	2023-10-09 08:46:57 +02:00
Bruno Oliveira	50589d7657	Weak hashing algorithm usage in SSSD User federation Closes #23713	2023-10-05 07:46:45 -03:00
Michal Hajas	496c5ad989	Use new findGroupByPath implementation and remove the old one Closes #23344 Signed-off-by: Michal Hajas <mhajas@redhat.com>	2023-09-25 10:44:24 +02:00
Bernd Bohmann	bb2f59df87	Calling getTopLevelGroups is slow inside GroupLDAPStorageMapper#getLDAPGroupMappingsConverted (#8430 ) Closes #14820 --------- Co-authored-by: Michal Hajas <mhajas@redhat.com>	2023-09-20 17:20:43 +02:00
Pedro Igor	217a09ce46	Switch to Resteasy Reactive Closes #10713	2023-09-18 09:19:03 -03:00
Hynek Mlnarik	8effe31fdf	Fix ldap:// with STARTTLS Closes: #21935	2023-09-14 10:07:09 +02:00
rmartinc	48ab2b1688	FullNameLDAPStoreMapper removes values for other attributes Closes https://github.com/keycloak/keycloak/issues/22526	2023-09-13 08:11:32 +02:00
stianst	211c027adb	Remove use of Guava in services Closes #23009	2023-09-07 08:59:02 +02:00
mposolda	57e51e9dd4	Use an original domain name of Kerberos Principal in UserModel attribute instead of configured value of Kerberos realm in User federation closes #20045	2023-08-30 13:24:48 +02:00
Marek Posolda	6f989fc132	Fallback to next LDAP/Kerberos provider when not able to find authenticated Kerberos principal (#22531 ) closes #22352 #9422	2023-08-29 11:21:01 +00:00
rmartinc	7336ff07ac	Check RDN attribute for DN membership Closes https://github.com/keycloak/keycloak/issues/20718	2023-07-21 11:13:45 +02:00
mposolda	0ea2891eee	Remove support for OpenJDK 11 on the server side closes #15014	2023-07-03 13:12:22 -03:00

1 2 3 4 5 ...

482 commits