Commit graph

2957 commits

Author SHA1 Message Date
Bill Burke
0143d71728 Merge pull request #863 from patriot1burke/master
proxy
2014-11-20 21:55:49 -05:00
Bill Burke
21279fc9ed proxy 2014-11-20 21:48:59 -05:00
Stian Thorgersen
0327bc0d5a Merge pull request #862 from stianst/master
KEYCLOAK-791 Denial of Service by invalid character injection
2014-11-18 14:59:01 +01:00
Stian Thorgersen
ed1073ca92 KEYCLOAK-791 Denial of Service by invalid character injection 2014-11-18 14:58:20 +01:00
Bill Burke
ca946d4b19 Merge pull request #860 from carljmosca/master
added support for Tivoli LDAP unique identifier
2014-11-17 10:52:50 -05:00
Bill Burke
7244e2f173 Merge pull request #859 from patriot1burke/master
tomcat6
2014-11-15 12:00:18 -05:00
Bill Burke
5be045c42b tomcat6 2014-11-15 11:59:33 -05:00
Marek Posolda
a991ccf909 Merge pull request #858 from mposolda/master
Fixes to login module
2014-11-15 00:14:57 +01:00
mposolda
b08930961f Fixes to login module 2014-11-14 21:06:07 +01:00
Bill Burke
e01c634ed7 Merge remote-tracking branch 'upstream/master' 2014-11-14 09:20:17 -05:00
Bill Burke
46983d68f3 move ServerCookie to core 2014-11-14 09:20:03 -05:00
Marek Posolda
4ebca3ca43 Merge pull request #857 from mposolda/master
KEYCLOAK-853 Added jaas login module BearerTokenLoginModule
2014-11-14 13:40:58 +01:00
mposolda
68bff44b2e KEYCLOAK-853 Added jaas login module BearerTokenLoginModule 2014-11-14 13:40:12 +01:00
Carl J. Mosca
aedbb8eb87 added support for Tivoli LDAP unique identifier 2014-11-13 16:17:40 -05:00
Bill Burke
41c6aacce8 Merge pull request #856 from patriot1burke/master
tomcat 8
2014-11-12 19:04:04 -05:00
Bill Burke
a65560c5e6 tomcat8 2014-11-12 19:03:22 -05:00
Bill Burke
e2045907d4 tomcat8 2014-11-12 18:56:18 -05:00
Bill Burke
f552057b06 Merge remote-tracking branch 'upstream/master' 2014-11-12 15:38:05 -05:00
Bill Burke
81dc076bae Merge pull request #855 from ssilvert/subsys-enhancements
KEYCLOAK-839 Auth Server overlay enhancements
2014-11-12 15:37:39 -05:00
Stan Silvert
67c0182a49 KEYCLOAK-839 Auth Server overlay enhancements 2014-11-12 13:39:39 -05:00
Stan Silvert
c85a31be7f KEYCLOAK-839 Auth Server overlay enhancements 2014-11-12 13:39:38 -05:00
Bill Burke
ac2b8af172 overview update 2014-11-12 11:00:48 -05:00
Bill Burke
8b515ae625 Merge pull request #854 from patriot1burke/master
jetty 8 support
2014-11-12 10:44:53 -05:00
Bill Burke
9a622a05b1 jetty 8 docs 2014-11-12 10:44:20 -05:00
Bill Burke
eccb295076 fix jsps with bad import 2014-11-12 10:34:21 -05:00
Bill Burke
dd8c40b0d8 last jetty8 stuff 2014-11-12 10:32:37 -05:00
Bill Burke
25740508b5 fix artifact 2014-11-12 10:08:42 -05:00
Bill Burke
7f23c0dff8 Merge pull request #853 from patriot1burke/master
fix JWS impl, fix contributor SAML PR
2014-11-11 22:10:10 -05:00
Bill Burke
5c6dd8e0c3 temp fix for contributor SAML PR 2014-11-11 22:09:38 -05:00
Bill Burke
3b347d5f52 Merge remote-tracking branch 'upstream/master' 2014-11-11 21:28:49 -05:00
Bill Burke
0636cd898f fix incorrect JWS implementation 2014-11-11 21:28:35 -05:00
Bill Burke
43cb52b319 Merge pull request #852 from eivim/master
Add SAML NameID Formats and include certificate in signature
2014-11-11 20:42:29 -05:00
Eivind Mikkelsen
24a2773524 Add SAML NameID Formats and include certificate in signature
The NameID Format in the AuthnRequest NameIDPolicy is now respected,
and support has been added for the following NameID Formats:

  - urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
  - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
  - urn:oasis:names:tc:SAML:2.0:nameid-format:transient

The persistent NameID format was previously used in all responses
and mapped to the principal's username. Now, unspecified is mapped
to the principal's username and used by default if no NameIDPolicy
is specified by the SP.

The persistent format requires generating a pseudo-random identifier
that must be generated by the IdP on first login and stored in the
user's profile. Persistent NameID Format is not yet implemented.

The certificate is now added to the signature to enable support for
integration with Service Providers where only the IdP's certificate
fingerprint is configured (e.g. Zendesk).
2014-11-12 01:24:51 +01:00
Marek Posolda
7f29d4c247 Merge pull request #851 from mposolda/pl-upgrade
PL upgrade to 2.7.0.CR2 and ldap improvements
2014-11-11 15:20:46 +01:00
mposolda
279a70bcb8 Fix failing tests 2014-11-11 15:17:32 +01:00
mposolda
2f0498bb7f KEYCLOAK-827 add entryDN as one of attributes, which can be mapped to username 2014-11-11 13:20:12 +01:00
mposolda
64e777a4f4 Upgrade to picketlink 2.7.0.CR2 and minor LDAP improvements 2014-11-11 12:58:49 +01:00
Bill Burke
3fd8cd66d6 Merge pull request #850 from patriot1burke/master
update readme
2014-11-10 17:11:29 -05:00
Bill Burke
d72bcebdf0 update readme 2014-11-10 17:11:07 -05:00
Bill Burke
7e9dbce259 Merge pull request #849 from patriot1burke/master
jetty 8
2014-11-10 17:09:39 -05:00
Bill Burke
3b6f10913c merge 2014-11-10 17:09:00 -05:00
Bill Burke
3fbffc9d7d jetty 8 2014-11-10 16:59:31 -05:00
Marek Posolda
b4e0a1e6f5 Merge pull request #848 from mposolda/fuse
KEYCLOAK-835 KEYCLOAK-836
2014-11-10 22:26:11 +01:00
mposolda
63198288df Add jetty modules to distribution 2014-11-10 22:16:20 +01:00
mposolda
07fd8ae9d7 KEYCLOAK-836 Added OsgiJaxrsBearerTokenFilterImpl to be used in fuse 2014-11-10 22:16:20 +01:00
mposolda
a94ab5883d KEYCLOAK-835 Move AdapterConstants to different package 2014-11-10 22:16:20 +01:00
mposolda
d1e819cef1 KEYCLOAK-836 Refactoring of JaxrsBearerTokenFilter to work with both resteasy and Apache CXF. Added test 2014-11-10 22:16:14 +01:00
Bill Burke
ebb795af5a Merge pull request #847 from patriot1burke/master
Jetty 9.x adapters
2014-11-07 21:11:24 -05:00
Bill Burke
b0a5161e6b final jetty stuff 2014-11-07 21:10:15 -05:00
Bill Burke
3805510e20 more jetty adapter 2014-11-07 18:34:53 -05:00