Commit graph

39 commits

Author SHA1 Message Date
Peter Zaoral
d5d6390b1c
Make Keycloak fail with an error when the persisted build options differs from those provided (#33241)
* PropertyException is now thrown instead of a warning
* Operator guides clarification around health and metrics options

Closes: #32717

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2024-09-30 19:28:23 +02:00
Steven Hawkins
5d99d91818
fix: allows for the detection of a master realm with --import-realms (#32914)
also moving initial bootstrapping after import

closes: #32689

Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2024-09-30 14:40:16 +02:00
mposolda
8f038f19dd Upgrade BCFIPS to 2.0
closes #30415

Signed-off-by: mposolda <mposolda@gmail.com>
2024-09-26 06:52:21 +02:00
Jon Koops
021a2af2fd
Compute SHA-256 digest for PKCE using the Web Crypto API (#33251)
Closes #33250

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-09-25 16:19:16 +02:00
Martin Bartoš
84564f080a
Redirect to relative-path from the root path (#32868)
Closes #32863

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2024-09-18 16:37:28 +02:00
mposolda
f1ec0a9bb6 Release notes and upgrading guide for the client libraries
closes #30815

Signed-off-by: mposolda <mposolda@gmail.com>

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
2024-09-18 14:52:11 +02:00
Jon Koops
8bb3598129
Remove deprecated setOrCreateChild() method from Admin Client (#33022)
Closes #33021

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-09-18 09:33:54 +02:00
Václav Muzikář
83c00731c3
Upgrade to Quarkus 3.14.2 (#32519)
Closes #32517

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-09-13 20:18:48 +02:00
Pedro Ruivo
24fce87a8e
Deprecate old remote store (feedback)
Closes #32577

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-09-11 14:08:53 +00:00
Alexander Schwartz
b88ecc0237
Removing the extra two-minute Window for persistent user sessions (#32660)
Closes #28418

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2024-09-09 09:28:48 +02:00
Pedro Ruivo
3274591fe1
Deprecate old remote store
Closes #32577

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-09-04 10:25:51 +00:00
Theresa Henze
a1c23fef8c introduce event types to update/remove credentials
Closes #10114

Signed-off-by: Theresa Henze <theresa.henze@bare.id>
2024-09-03 18:27:27 +02:00
Thomas Darimont
88a5c96fff
Add kc_action to redirect URI after a required action is cancelled (#31925)
Closes #31894

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-09-03 14:26:23 +00:00
Jon Koops
2d17024b14
Remove redirect_uri support from OIDC logout endpoint
Closes #10983

Signed-off-by: Jon Koops <jonkoops@gmail.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
2024-08-30 12:52:49 +00:00
Michal Hajas
af53af1506
Document persistent sessions are enabled by default
Closes #32387

Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Pedro Ruivo <pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-30 09:20:58 +00:00
Václav Muzikář
7d3dcae96e
Additional datasources now require XA (#32403)
* Additional datasources now require XA

Closes #32402

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

* Apply suggestions from code review

Co-authored-by: Steven Hawkins <shawkins@redhat.com>
Signed-off-by: Václav Muzikář <vaclav@muzikari.cz>

* Relax validation

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

* Added a note on recovery

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

* Fix `CustomJpaEntityProviderDistTest`

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

---------

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Signed-off-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Steven Hawkins <shawkins@redhat.com>
2024-08-29 11:16:38 +02:00
Václav Muzikář
9bbfec5cdd
Remove GELF (#32230)
Closes #27365

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-08-28 21:25:05 +02:00
Steven Hawkins
29eb0171de
task: remove hostname v1 (#32352)
closes: #27731

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-08-28 17:48:06 +02:00
Jon Koops
5ac8ffa5b5
Move unrelated files out of common resources (#32285)
Closes #24861

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-08-22 09:57:15 +02:00
yelhouti
e8840df0e0
Fix: admin GUI not working with 1000s of realms
Search by RealmName is done before loading all realms when filtering

Closes #31956

Signed-off-by: Youssef El Houti <youssef.elhouti@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-21 14:58:36 +02:00
Pedro Ruivo
4675a4eda9 Deprecate UserSessionCrossDCManager
Fixes #31878

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-08-21 08:52:39 +02:00
Stefan Guilhen
fa7c2b5da6 Address review comments
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-19 09:06:35 -03:00
Stefan Guilhen
f82159cf65 Rework logic to fetch IDPs for the login page so that IDPs are fetched from the provider and not filtered in code.
Closes #32090

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-19 09:06:35 -03:00
Václav Muzikář
cb418b0bfc
Upgrade to Quarkus 3.13.2 (#31678)
* Upgrade to Quarkus 3.13.2

Closes #31676

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Peter Zaoral <pzaoral@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2024-08-16 11:41:34 +02:00
Steven Hawkins
ea3937f37c
fix: always replacing placeholders (#31871)
closes: #31625

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-08-12 16:20:47 +00:00
Pedro Igor
3ab2446074 Do not return identity providers when querying the realm representation
Closes #21072

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-08-07 10:06:51 -03:00
Ryan Emerson
db14ab1365
Refactor HA guide to refer to generic multi-site deployments
Old Active/Passive guides replaced with Active/Active architecture, but
A/P vs A/A distinction hidden from users in favour of generic multi-site
docs.

Closes #31029

Signed-off-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-07 08:22:59 +00:00
Peter Zaoral
07cfdac862
Document admin bootstrapping and recovery
Closes: #30011

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
2024-07-30 15:45:56 +02:00
Alexander Schwartz
227c71f7f0
Persisting revoked access tokens
Closes #31296

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-07-26 11:46:14 +02:00
Thomas Darimont
dbd4079f92
Allow users to customize the footer of a login theme (#31391)
Closes  #31390

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-07-23 09:29:38 +02:00
Steven Hawkins
4970a9b729
fix: deprecate KEYCLOAK_ADMIN and KEYCLOAK_ADMIN_PASSWORD
closes: #30658

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2024-07-11 18:07:57 +02:00
Steve Hawkins
9247029ca3 fix: removes the operator's usage of the v1 proxy option
closes: #30945

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-07-11 14:21:50 +02:00
Pedro Igor
1a8075d62a Update migration and upgrade guides about GroupRemovedEvent no longer fired when removing a realm
Closes #30919

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-07-05 10:14:30 +02:00
Pedro Igor
b745ac8259 Documenting LDAP connection pooling
Closes #30995

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-07-04 13:21:47 +02:00
Steven Hawkins
a7ae90cbb6
fix: adds affinity and other scheduling to the operator (#29977)
closes: #29258

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-07-03 20:07:03 +02:00
Thomas Darimont
f34bb21af6
Fix deprecations in common module
- Use charset in `Encode` class
- Replace reflective call to protected `Liquibase#resetServices()` with call to exposed public method on a custom subclass `KeycloakLiquibase`
- Remove usage of deprecated AccessController class in Reflections
- Deprecated SetAccessibleProvilegedAction and UnsetAccessibleProvilegedAction

Fixes #22209

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-07-02 16:02:35 +00:00
Peter Zaoral
add45a25a8
Add default CPU limit/request for the operator (#30601)
Closes: #27432

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2024-07-01 15:12:43 +02:00
Pedro Ruivo
5c0dddd837 Batch cluster events
Sending multiple events in a single network request should minimize
latency and traffic.

Closes #30445

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-06-14 21:14:22 +02:00
Pedro Ruivo
18a6c79011
Infinispan Protostream Marshaller (#29474)
Closes #29394

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-06-13 18:02:46 +02:00