Closes#32577
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Closes#10983
Signed-off-by: Jon Koops <jonkoops@gmail.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Closes#32387
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Pedro Ruivo <pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
* Additional datasources now require XA
Closes#32402
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
* Apply suggestions from code review
Co-authored-by: Steven Hawkins <shawkins@redhat.com>
Signed-off-by: Václav Muzikář <vaclav@muzikari.cz>
* Relax validation
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
* Added a note on recovery
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
* Fix `CustomJpaEntityProviderDistTest`
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
---------
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Signed-off-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Steven Hawkins <shawkins@redhat.com>
Search by RealmName is done before loading all realms when filtering
Closes#31956
Signed-off-by: Youssef El Houti <youssef.elhouti@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
* Upgrade to Quarkus 3.13.2
Closes#31676
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Peter Zaoral <pzaoral@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Closes#31908
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Old Active/Passive guides replaced with Active/Active architecture, but
A/P vs A/A distinction hidden from users in favour of generic multi-site
docs.
Closes#31029
Signed-off-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
If administrator selects EXTERNAL for Require SSL setting, allow clear-text
HTTP requests when client is coming from IPv6 link-local or unique local
address (ULA).
Previously only private IPv4 addresses were allowed and private IPv6 addresses
were rejected.
Closes#30678
Signed-off-by: Tero Saarni <tero.saarni@est.tech>
Final removal of the securing_apps documentation
Final checks for links, order and other minor things
Closes#31328
Signed-off-by: rmartinc <rmartinc@redhat.com>
Closes#31334
Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
Closes#31695
Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
Closes: #30011
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
* Added field to the RealmImport spec to replace environment variables within the realm import
Closes#26470
Signed-off-by: stustison <scott.tustison@gmail.com>
* Added field to the RealmImport spec to replace environment variables within the realm import
Closes#26470
Signed-off-by: stustison <scott.tustison@gmail.com>
* testing refinement for placeholder handling
closes: #26470
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
* changing from placeholdersecret to placeholder
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
* Update docs/guides/operator/realm-import.adoc
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
* Update docs/documentation/release_notes/topics/26_0_0.adoc
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
---------
Signed-off-by: stustison <scott.tustison@gmail.com>
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: stustison <scott.tustison@gmail.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Fixes#27677
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
closes: #30658
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
* Disable username prohibited chars validator when email as the username is set
Closes#25339
Signed-off-by: Martin Kanis <mkanis@redhat.com>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
- Use charset in `Encode` class
- Replace reflective call to protected `Liquibase#resetServices()` with call to exposed public method on a custom subclass `KeycloakLiquibase`
- Remove usage of deprecated AccessController class in Reflections
- Deprecated SetAccessibleProvilegedAction and UnsetAccessibleProvilegedAction
Fixes#22209
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
* feat: add Artifact Binding on brokering scenarios when Keycloak is SP
Signed-off-by: tmorin <git@morin.io>
* Adding broker test and minor improvements
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
* Fixing IdentityProviderTest
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
* Renaming methods related to idp initiated flows
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
* Fixing partial_import_test.spec.ts
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
---------
Signed-off-by: tmorin <git@morin.io>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
* change to make authServerUrl the same as authUrl
fixes: #29641
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
* Remove `authUrl` entirely
Signed-off-by: Jon Koops <jonkoops@gmail.com>
* Remove file that is unrelated
Signed-off-by: Jon Koops <jonkoops@gmail.com>
* Split out and align environment variables between consoles
Signed-off-by: Jon Koops <jonkoops@gmail.com>
* Restore removed variables to preserve backwards compatibility
Signed-off-by: Jon Koops <jonkoops@gmail.com>
* Also deprecate the `authUrl` for the Admin Console
Signed-off-by: Jon Koops <jonkoops@gmail.com>
---------
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Signed-off-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
* OpenJDK 21 support
Closes#28517
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
* x509 SAN UPN other name is not handled in JDK 21 (#904)
closes#29968
Signed-off-by: mposolda <mposolda@gmail.com>
---------
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
Closes: #29491
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>