Commit graph

1498 commits

Author SHA1 Message Date
Johannes Knutsen
9a0de676c4 KEYCLOAK-4559 Filter users by realm id when searching for user by user attribute 2017-03-14 11:05:12 +01:00
Bartosz Majsak
1a6bb2fedb Adds Openshift Identity Provider as part of social brokers 2017-03-02 15:14:57 +01:00
Bill Burke
b4f625e1ce KEYCLOAK-4501 2017-02-27 18:46:00 -05:00
Anders Båtstrand
89c6cda2ac Two new configuration options for the Saml broker:
* wantAssertionsSigned: This will toggle the flag in the SP Metadata Descriptor, and validate the signature if and only if "Validate signature" is selected.
 * wantAssertionsEncrypted: This will simply require that the assertion is encrypted.

 Default behavior is unchanged. The signature validation uses the original XML, and supports therefore an IdP that adds whitespace and line breaks between tags (for example OpenAM).
2017-02-24 15:08:57 +01:00
mposolda
098d8e915d KEYCLOAK-4433 Added HardcodedLDAPAttributeMapper 2017-02-21 08:29:57 +01:00
Stian Thorgersen
3653d7ed9a Merge pull request #3762 from sldab/hide-providers
KEYCLOAK-4224 Allow hiding identity providers on login page
2017-02-17 12:04:35 +01:00
Stian Thorgersen
49ac3587b6 KEYCLOAK-4384 Remove Mongo support 2017-02-15 15:20:58 +01:00
Bill Burke
c3e72b11db KEYCLOAK-4382 2017-02-13 10:51:10 -05:00
Pavel Drozd
beb96b7f01 Merge pull request #3810 from vramik/KEYCLOAK-4337
KEYCLOAK-4337 Few fixes for testsuite
2017-02-13 10:38:31 +01:00
Bill Burke
d9633dc20c Merge remote-tracking branch 'upstream/master' 2017-02-09 09:13:00 -05:00
Bill Burke
cf5e2a1d20 unlink/remoteimported 2017-02-08 19:48:22 -05:00
Bill Burke
f157e2e637 LDAP No-Import: more tests 2017-02-05 09:41:52 -05:00
Bill Burke
f128be9b31 LDAP No-Import 2017-02-04 10:29:34 -05:00
mposolda
73cad40fb7 KEYCLOAK-4364 Fix OpenLDAP issue with renaming DN 2017-02-02 22:21:29 +01:00
Bill Burke
0d308e2b69 KEYCLOAK-4218 2017-01-31 15:15:49 -05:00
vramik
2fd0c38ad1 Removed unused import from LDAPBinaryAttributesTest 2017-01-31 13:18:22 +01:00
Stian Thorgersen
6f22f88d85 Bump version to 3.0.0.CR1 2017-01-26 06:18:11 +01:00
Stian Thorgersen
94ffeda62a Merge pull request #3773 from hmlnarik/KEYCLOAK-4181-SAML-Response-without-any-assertion-leads-to-an-exception
KEYCLOAK-4181 Fix handling of SAML error code in broker
2017-01-24 10:33:05 +01:00
mposolda
9fea9f6fe0 KEYCLOAK-4273 Fix failing MSAD tests 2017-01-23 22:29:13 +01:00
Marek Posolda
b2d1a1a17f Merge pull request #3783 from mposolda/msad-ldap
KEYCLOAK-4269
2017-01-23 15:07:19 +01:00
Pavel Drozd
4868918f94 Merge pull request #3774 from vramik/KEYCLOAK-4263
KEYCLOAK-4263 disable authorization tests in integration testsuite for product profile
2017-01-23 14:05:14 +01:00
mposolda
cf1c577840 Rename some tests 2017-01-23 13:42:12 +01:00
mposolda
39f8311484 KEYCLOAK-2403 Cannot create user in LDAP/AD from Keycloak using Full Name User Federation Mapper 2017-01-20 21:08:26 +01:00
mposolda
3444fb62f1 KEYCLOAK-4266 MSAD: User is disabled after registration 2017-01-19 21:32:10 +01:00
Hynek Mlnarik
350b9550c3 KEYCLOAK-4264 2017-01-19 16:30:01 +01:00
Vlasta Ramik
9cd860d698 disable authorization tests in integration testsuite for product profile 2017-01-19 14:55:20 +01:00
Bill Burke
73d3e8afd9 Merge pull request #3770 from patriot1burke/master
KEYCLOAK-4077
2017-01-19 07:35:10 -05:00
Bill Burke
8daa2c3703 KEYCLOAK-4256 2017-01-18 18:28:08 -05:00
mposolda
843b4b470b KEYCLOAK-2333 LDAP/MSAD password policies are not used when user changes password 2017-01-17 21:06:09 +01:00
Slawomir Dabek
9bb65ba9b7 KEYCLOAK-4224 Allow hiding identity providers on login page 2017-01-17 14:32:59 +01:00
mposolda
7098daaf72 KEYCLOAK-4066 TimeoutException in cluster environment in ClearExpiredSessions 2017-01-11 12:27:51 +01:00
Stian Thorgersen
7eeebff874 Merge pull request #3720 from hmlnarik/KEYCLOAK-4091-Possible-NullPointerExceptions-with-disabled-cache
KEYCLOAK-4091 Prevent NPE with disabled cache
2017-01-10 06:23:10 +01:00
Bill Burke
452611242c Merge remote-tracking branch 'upstream/master' 2017-01-09 17:14:34 -05:00
mposolda
a09bc6520f KEYCLOAK-2888 KEYCLOAK-3927 Fully migrate kerberos tests to the new testsuite 2017-01-09 13:50:41 +01:00
Hynek Mlnarik
377fbced4a KEYCLOAK-4091 Prevent NPE with disabled cache 2017-01-06 10:00:11 +01:00
Bill Burke
f9eeecf836 test KEYCLOAK-4013 2017-01-05 11:27:17 -05:00
Hynek Mlnarik
ad9210a7a7 KEYCLOAK-4148 Prevent unnecessary deserialization when supported
... and gain another ~ 5-10 %
2017-01-05 10:41:31 +01:00
Stian Thorgersen
1c0e204f50 Merge pull request #3690 from stianst/master
Bump version to 2.5.1.Final-SNAPSHOT
2017-01-02 08:52:04 +01:00
Pedro Igor
31ed69a970 [KEYCLOAK-4136] - Missing update on resource_set endpoint 2016-12-29 11:59:42 -02:00
Stian Thorgersen
e805ffd945 Bump version to 2.5.1.Final-SNAPSHOT 2016-12-22 08:22:18 +01:00
mposolda
c998198aac KEYCLOAK-4128 ResourcePermissionManagementTest fails on Oracle DB 2016-12-21 13:01:37 +01:00
mposolda
d2b7f18480 Fix LDAP tests with mongo 2016-12-21 09:28:32 +01:00
Stian Thorgersen
b6b3c04400 Merge pull request #3663 from sldab/autodetect-bearer-only
KEYCLOAK-2962 Autodetect bearer-only clients
2016-12-20 14:05:25 +01:00
mposolda
7cd63f2f8b Fix LDAP tests with MSAD, RHDS and OpenLDAP 2016-12-20 11:40:29 +01:00
mposolda
7e2c06e301 Remove obsolete maven profile. Run LDAPLegacyImportTest just with the embedded LDAP 2016-12-19 22:15:13 +01:00
Pedro Igor
40591cff25 Merge pull request #3662 from pedroigor/KEYCLOAK-4034
[KEYCLOAK-4034] - Improvements to UI, performance and some code cleanup
2016-12-19 16:49:10 -02:00
mposolda
4b6df5d489 LDAP polishing 2016-12-19 18:11:23 +01:00
Slawomir Dabek
b6d29ccd30 KEYCLOAK-2962 Autodetect bearrer-only clients
Suport more headers
2016-12-19 17:13:14 +01:00
mposolda
ac00f7fee2 KEYCLOAK-4087 LDAP group mapping should be possible via uidNumber in memberUid mode 2016-12-19 16:27:57 +01:00
Pedro Igor
c9c9f05e29 [KEYCLOAK-4034] - Improvements to UI, performance and some code cleanup 2016-12-19 11:22:37 -02:00
Stian Thorgersen
f29bb7d501 KEYCLOAK-4092 key provider for HMAC signatures 2016-12-19 10:50:43 +01:00
Bill Burke
3c2a12d019 Merge pull request #3648 from patriot1burke/master
KEYCLOAK-3451
2016-12-14 15:46:24 -05:00
Bill Burke
56f9aa41d0 KEYCLOAK-3451 2016-12-14 15:04:53 -05:00
mposolda
40216b5e7d KEYCLOAK-3921 LDAP binary attributes 2016-12-13 18:31:26 +01:00
mposolda
79c1650c15 KEYCLOAK-2545 KEYCLOAK-3668 KEYCLOAK-3247 LDAP escaping 2016-12-12 13:09:14 +01:00
Pedro Igor
588e1711dd Merge pull request #3597 from jlpettersson/KEYCLOAK-4018
KEYCLOAK-4018 Client-Based Policy
2016-12-09 17:32:19 -02:00
Jonas Pettersson
35c4a379ad
KEYCLOAK-4018 Use clientId and not the client name 2016-12-09 19:33:27 +01:00
Jonas Pettersson
5d070cbf22
KEYCLOAK-4018 Added test for Client-Based Policy 2016-12-09 14:23:33 +01:00
mposolda
e7f6c780e2 KEYCLOAK-4058 Improve LDAPStorageMapper and remove LDAPStorageMapperBridge 2016-12-08 18:35:56 +01:00
Bill Burke
b8c06dd560 fix adapter test 2016-12-07 09:50:17 -05:00
Bill Burke
7271fdaaaa KEYCLOAK-3509 2016-12-06 18:52:37 -05:00
Bill Burke
bab08bf8f0 Merge remote-tracking branch 'upstream/master' 2016-12-06 08:18:05 -05:00
Marek Posolda
c8b22e71f0 Merge pull request #3573 from glavoie/KEYCLOAK-4003
KEYCLOAK-4003: Slow Infinispan RoleAdapter.hasRole() call.
2016-12-06 09:49:42 +01:00
Bill Burke
fc92639d3f KEYCLOAK-3620 2016-12-05 17:52:00 -05:00
Bill Burke
6587cd2478 KEYCLOAK-3620 2016-12-05 17:51:06 -05:00
Bill Burke
8fd7091068 KEYCLOAK-3986 2016-12-03 09:33:52 -05:00
mposolda
cccb532a21 KEYCLOAK-3701 NullPointerException when trying to get access token from offline token 2016-12-02 16:35:21 +01:00
Gabriel Lavoie
6fa504489f KEYCLOAK-4003: Slow Infinispan RoleAdapter.hasRole() call.
- Added a session/query cache for the result getComposites() to avoid always hitting the Infinispan cache.
- KeycloakModelUtils doesn't rely anymore on a "visited" set as performance seems good without it.
- Added test for multiple levels of composite roles. Only one level was covered.
2016-11-30 10:56:26 -05:00
Stian Thorgersen
b771b84f56 Bump to 2.5.0.Final-SNAPSHOT 2016-11-30 15:44:51 +01:00
Bill Burke
9e50a45b4c UserBulkUpdateProvider interface 2016-11-29 18:43:22 -05:00
Bill Burke
1dacddb7e3 KEYCLOAK-3980 2016-11-28 12:20:40 -05:00
mposolda
7c6032cc84 KEYCLOAK-3825 Ability to expire publicKeys cache. Migrated OIDCBrokerWithSignatureTest to new testsuite 2016-11-25 17:45:37 +01:00
Bill Burke
cd92cc504b fix pom 2016-11-23 17:08:24 -05:00
Bill Burke
e82e584b81 port removed migrators 2016-11-23 16:48:02 -05:00
Bill Burke
ccbd8e8c70 remove User Fed SPI 2016-11-23 16:06:44 -05:00
Bill Burke
d5925b8ccf remove realm UserFed SPI methods 2016-11-23 08:31:20 -05:00
Bill Burke
045d6ef1d0 Merge remote-tracking branch 'upstream/master' 2016-11-22 11:28:09 -05:00
Stian Thorgersen
6ec82865d3 Bump version to 2.4.1.Final-SNAPSHOT 2016-11-22 14:56:21 +01:00
Bill Burke
0c05dc093f Merge remote-tracking branch 'upstream/master' 2016-11-21 12:26:24 -05:00
Bill Burke
798fd84698 Merge remote-tracking branch 'upstream/master' 2016-11-21 11:33:52 -05:00
Bill Burke
19575b2c8f port kerberos 2016-11-21 11:33:44 -05:00
mposolda
27e5d9672a KEYCLOAK-3944 Imported legacy LDAP Federation provider doesn't have default mappers available 2016-11-21 16:17:49 +01:00
mposolda
76bfbad2c4 KEYCLOAK-3895 Make UserSessionProvider and UserSessionPersisterProvider to rely on UserRemovedEvent callbacks 2016-11-18 15:58:33 +01:00
mposolda
a27be0cee7 KEYCLOAK-3857 Clustered invalidation cache fixes and refactoring. Support for cross-DC for invalidation caches. 2016-11-16 22:29:23 +01:00
Bill Burke
cc0eb47814 merge 2016-11-14 15:09:41 -05:00
Bill Burke
c280634bfa fix tests 2016-11-14 15:06:17 -05:00
Bill Burke
8a5f817030 ldap jpa migration 2016-11-10 16:52:18 -05:00
Stian Thorgersen
7e33f4a7d1 KEYCLOAK-3882 Split server-spi into server-spi and server-spi-private 2016-11-10 13:28:42 +01:00
Bill Burke
94076a3b24 admin console ui 2016-11-09 17:34:07 -05:00
Hynek Mlnarik
025cf5ebaf KEYCLOAK-3870 Schema for keycloak-saml.xml
Updated schema schema for keycloak-saml.xml (added documentation, set
up enumeration instead of free string where applicable per documentation)
and updated existing keycloak-saml.xml files with schema reference.
2016-11-09 10:45:43 +01:00
Bill Burke
f138eecc27 port KerberosLdapTest 2016-11-06 09:15:49 -05:00
Bill Burke
4302b440ee ldap port 2016-11-05 20:04:53 -04:00
Bill Burke
c75dcb90c2 ldap port 2016-11-04 21:25:47 -04:00
Hynek Mlnarik
4f9e35c0a1 KEYCLOAK-1881 Support for multiple certificates in broker (hardcoded at the moment) 2016-11-04 21:53:43 +01:00
Bill Burke
73e3f2a89b REST API for disable cred type 2016-10-26 15:48:45 -04:00
Bill Burke
3fec344fa3 finish cache policy 2016-10-25 16:13:48 -04:00
Bill Burke
f8a78d5565 finish cache policy 2016-10-25 16:13:22 -04:00
Bill Burke
2cc4a920a0 fix 2016-10-25 13:40:24 -04:00
Bill Burke
b67cb0e97a Merge remote-tracking branch 'upstream/master' 2016-10-25 11:44:22 -04:00
Bill Burke
3e28ac1e46 user spi cache policy 2016-10-24 15:36:37 -04:00