The ProtoStream schema is automatically uploaded to the Infinispan
server during startup.
When the schema is updated, the indexes are updated and re-created.
Use the delete statement to delete entities when a realm is removed.
Fixes#30931
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
also allowing the bootstrap options to be used by the cli, which
requires hidden options to stay hidden
and a minor refactoring for clarity
closes: #31160
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
A bug in Infinispan prevents the metrics to be registered if the "stack"
is not specified.
Change the default configuration shipped with Keycloak to use the UDP
stack as default.
UDP is the default in previous Keycloak versions.
Fixes#31218
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
closes: #30658
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
* fix: adding password and service account based bootstrap and recovery
closes: #29324, #30002, #30003
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
* Fix tests
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
---------
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Václav Muzikář <vmuzikar@redhat.com>
- Use charset in `Encode` class
- Replace reflective call to protected `Liquibase#resetServices()` with call to exposed public method on a custom subclass `KeycloakLiquibase`
- Remove usage of deprecated AccessController class in Reflections
- Deprecated SetAccessibleProvilegedAction and UnsetAccessibleProvilegedAction
Fixes#22209
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Includes a new implementation for the providers:
* StickySessionEncoderProviderFactory
* LoadBalancerCheckProviderFactory
* SingleUseObjectProviderFactory
Closes#28648
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Part 1 includes
* New experimental feature to enable the new code
* New providers using RemoteCache only
* New test profile to run the tests with the experimental feature
New providers' implementation for:
* InfinispanConnectionProvider
* AuthenticationSessionProvider
* ClusterProvider
Closes#28140
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
This avoids problems if the hostname can't be resolved by InetAddress.getLocalHost()
Closes#26042
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Also ensure that JS project is not built too often, and the Quarkus distribution is not missed when sub-dependencies change.
Closes#30463
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Create Infinispan configuration in the main thread to have access to the
default option values.
Fixes#30130
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
* OpenJDK 21 support
Closes#28517
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
* x509 SAN UPN other name is not handled in JDK 21 (#904)
closes#29968
Signed-off-by: mposolda <mposolda@gmail.com>
---------
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
Closes: #29491
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
Signed-off-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Closes#29218
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
* fully removing providers and moving the keycloaksession creation / final
cleanup
also deprecated Resteasy utility methods
closes: #29223
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Closes#28178
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
* Enable syslog log handler
Closes#27544
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
* Suggest an alternative to GELF
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
---------
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
* Support management port for health and metrics
Closes#19334
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
* Deprecate option
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
* Remove relativePath first-class citizen, rename ManagementSpec
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
* Fix KeycloakDistConfiguratorTest
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
---------
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Adding two feature toggles for new code paths to store online sessions in the existing offline sessions table. Separate the code which is due to be changed in the next iteration in new classes/providers which used instead of the old one.
Closes#27976
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
Closes#27871
Signed-off-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
* Conditionally enable and disable CLI options
Closes#13113
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
* Support for duplicates in config
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
* Fix rendering config options in docs
Fixes#26515
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
* Reorder OptionsDistTest
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
---------
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
