Commit graph

274 commits

Author SHA1 Message Date
Bruno Oliveira
b612415a88 [KEYCLOAK-3900] - SSSD Provider: NullPointerException when SSSD is stopped 2016-11-14 16:04:18 -02:00
Stian Thorgersen
7e33f4a7d1 KEYCLOAK-3882 Split server-spi into server-spi and server-spi-private 2016-11-10 13:28:42 +01:00
Bill Burke
4880c0443c ldap port admin console 2016-11-08 12:30:20 -05:00
Bill Burke
5a86623c88 merge 2016-11-06 08:52:10 -05:00
Bill Burke
14dc0ff92f Merge remote-tracking branch 'upstream/master' 2016-11-05 20:05:01 -04:00
Bill Burke
4302b440ee ldap port 2016-11-05 20:04:53 -04:00
Bill Burke
c75dcb90c2 ldap port 2016-11-04 21:25:47 -04:00
Bruno Oliveira
6c5d1b9214 [KEYCLOAK-3580] - Migrate DBus Java from Unix Socket C library to jnr-unixsocket 2016-11-03 10:25:45 -02:00
Bill Burke
73e3f2a89b REST API for disable cred type 2016-10-26 15:48:45 -04:00
Stian Thorgersen
c615674cbb Bump version 2016-10-21 07:03:15 +02:00
Marek Posolda
940237ee78 Merge pull request #3304 from hmlnarik/KEYCLOAK-2964
KEYCLOAK-2964 - Fix groups not applied for authentication of admin operations
2016-10-18 14:50:12 +02:00
mposolda
00879b39b7 KEYCLOAK-3719 Add 'options' to ProviderConfigProperty and use it for 'List' type instead of defaultValue 2016-10-17 21:34:21 +02:00
Hynek Mlnarik
03cf9bad2e KEYCLOAK-2964 - Fix groups not applied for authentication of admin operations 2016-10-11 15:21:38 +02:00
Stian Thorgersen
7d038e72c9 Merge pull request #3272 from abstractj/KEYCLOAK-3638
KEYCLOAK-3638: UnixUserTest will fails on Windows
2016-10-03 13:19:11 +02:00
Bruno Oliveira
5093dd94e2
KEYCLOAK-3638: UnixUserTest will fails on Windows 2016-09-30 08:19:56 -03:00
Bill Burke
8967ca4066 refactor mongo entities, optimize imports 2016-09-28 15:25:39 -04:00
Bill Burke
ecc104719d bump pom version 2016-09-26 11:01:18 -04:00
Bill Burke
8e65356891 creds 2016-09-22 19:57:39 -04:00
Bill Burke
7209a95dce credential refactoring 2016-09-22 08:34:45 -04:00
Bruno Oliveira
4b1b3a0dda Add Maven Shade for JNA 2016-09-16 18:19:17 -03:00
Stian Thorgersen
ccb9433e5c KEYCLOAK-3535 Tweak logging for SSSD 2016-09-09 11:32:06 +02:00
Stian Thorgersen
1630b9a20c Merge pull request #3220 from abstractj/KEYCLOAK-3535
KEYCLOAK-3535 - Check if SSSD is available via DBUS
2016-09-09 08:15:11 +02:00
Bruno Oliveira
11245701d2 Check if SSSD is available via DBUS 2016-09-08 16:01:45 -03:00
Bill Burke
3b9a6b32e1 Revert "Revert "KEYCLOAK-3440""
This reverts commit 01e48dc4b8.
2016-09-07 23:41:32 -04:00
Bill Burke
01e48dc4b8 Revert "KEYCLOAK-3440" 2016-09-07 23:17:35 -04:00
Bill Burke
3f35234cf5 Merge remote-tracking branch 'upstream/master' 2016-09-07 23:11:38 -04:00
Bill Burke
da135389c7 KEYCLOAK-3440 2016-09-07 23:11:28 -04:00
Bruno Oliveira
1b2a5eda32
Initial FreeIPA Integration
- Provide username/password authentication with PAM
  - Obtain user data from SSSD
  - Feature packs for dbus-java, libpam4j and SSSD API
  - Provisioning script
2016-09-06 18:04:43 -03:00
mposolda
d52e043322 Set version to 2.2.0-SNAPSHOT 2016-08-10 08:57:18 +02:00
Bill Burke
09693eb108 component model 2016-08-02 05:48:57 +02:00
Bill Burke
b224917fc5 bump version 2016-06-30 17:17:53 -04:00
mposolda
df1c111a72 KEYCLOAK-2811 FederationProvidersIntegrationTest.testReadOnly failing on MSAD 2016-04-13 12:40:39 +02:00
mposolda
5d7b549323 Fix LDAPGroupMapperTest with MSAD and Mongo 2016-04-01 10:44:35 +02:00
mposolda
7ffd6dc7a7 KEYCLOAK-2696 Unexpected error when trying to delete role mappings from read-only LDAP role mapper 2016-03-22 13:03:49 +01:00
mposolda
4a06d7590e KEYCLOAK-2682 NPE when LDAP groups points to non-existent user 2016-03-22 13:03:48 +01:00
Marek Posolda
d285721063 Merge pull request #2383 from ratcashdev/master
Fix when importing empty uniqueMember attributes
2016-03-18 12:18:02 +01:00
ratcashdev
13d2f872ff KEYCLOAK-2679: Fix when importing empty uniqueMember attributes 2016-03-18 09:55:35 +01:00
mposolda
23aa490c72 KEYCLOAK-2634 Better error reporting if password update failed due to MSAD password policy 2016-03-14 13:36:20 +01:00
mposolda
e24ce91e81 KEYCLOAK-2659 Allow sync all roles even if there are more than 1000 2016-03-14 09:39:22 +01:00
mposolda
2d188068c4 KEYCLOAK-2644 Delete user with a READ_ONLY LDAP federation provider just from Keycloak DB 2016-03-14 09:39:14 +01:00
mposolda
1142ed5583 KEYCLOAK-2655 Support of lazy sync LDAP groups, which user is member of 2016-03-11 22:33:03 +01:00
mposolda
85ccd64e01 KEYCLOAK-2643 Added write-only property to LDAP full-name attribute mapper 2016-03-11 22:32:55 +01:00
mposolda
73c3534e7a KEYCLOAK-2629 LDAP Federation provider - input fields validation 2016-03-11 22:32:45 +01:00
mposolda
c6a7d0b772 KEYCLOAK-2640 LDAP group sync does not sync more than 1000 groups 2016-03-11 22:32:35 +01:00
Stian Thorgersen
28fe13a800 Next is 2.0.0.CR1 2016-03-10 08:13:00 +01:00
Stian Thorgersen
d722e53108 Next is 1.9.2.Final 2016-03-10 07:28:27 +01:00
mposolda
8d21cfc234 KEYCLOAK-2583 Synchronize users after creating ldap federation provider 2016-03-07 23:19:43 +01:00
mposolda
7f32ce810a KEYCLOAK-1928 Kerberos working with IBM JDK 2016-02-26 09:16:39 +01:00
Stian Thorgersen
a1d9753ec2 Next is 1.9.1.Final-SNAPSHOT 2016-02-23 08:48:26 +01:00
Stian Thorgersen
4fd97091ff Version bump to 2.0.0.CR1-SNAPSHOT 2016-02-22 11:36:56 +01:00
mposolda
daca6d7062 KEYCLOAK-2505 Keystore configuration is not honored for LDAP over SSL connections 2016-02-19 18:02:39 +01:00
mposolda
706d4fc01c KEYCLOAK-2507 All LDAP special DN characters should be escaped in LDAPDn 2016-02-19 14:54:33 +01:00
Stian Thorgersen
579ab56a5a Bump version to 1.9.0.Final-SNAPSHOT 2016-02-04 15:55:11 +01:00
Stian Thorgersen
c7a8742a36 KEYCLOAK-1524
Source code headers
2016-02-03 11:20:22 +01:00
mposolda
db76655717 KEYCLOAK-2431 Ensure users removed through UserManager to properly invoke callbacks. Make UserSessionPersister implementations more resistent when user was not properly removed 2016-02-03 10:16:39 +01:00
George Kankava
e937dda556 squid:LowerCaseLongSuffixCheck - Long suffix "L" should be upper case 2016-01-28 19:06:41 +04:00
mposolda
506194fb7f KEYCLOAK-2379 Fix possible error during sycnchronization changed users with Active Directory 2016-01-26 10:43:17 +01:00
Bill Burke
b93d55cb63 remove model-api, add server-spi 2016-01-15 18:44:17 -05:00
Stian Thorgersen
0193c696ab Version bump 2016-01-13 09:20:38 +01:00
Marko Strukelj
80e2b8eb39 KEYCLOAK-1717 Truststore SPI and file provider 2016-01-10 12:39:30 +01:00
mposolda
658f204d92 Documentation for new LDAP mappers 2016-01-05 18:50:54 +01:00
mposolda
b6718b44a1 KEYCLOAK-2178 KEYCLOAK-1744 Added MSADUserAccountControlMapper. Removing enableUserAccountControlAfterPasswordUpdate option 2016-01-05 12:11:48 +01:00
mposolda
41d22986d5 KEYCLOAK-1899 Added HardcodedLDAPRoleMapper 2015-12-22 16:22:02 +01:00
mposolda
0c293089c3 KEYCLOAK-2154 Group mapper fixes 2015-12-22 12:32:37 +01:00
mposolda
20548b402d Separate package for LDAP tests 2015-12-22 09:35:53 +01:00
mposolda
1747e0981f KEYCLOAK-2154 Added Group mapper for LDAP. LDAP mappers improvements and fixes 2015-12-22 08:54:09 +01:00
mposolda
0d52e4e6c5 Added sync support to UserFederationMapper 2015-12-16 13:52:11 +01:00
mposolda
358c273d39 KEYCLOAK-2227 Added UserRolesRetrieveStrategy. Possibility to read user role mappings through 'memberOf' attribute 2015-12-16 13:52:11 +01:00
mposolda
215d59b1e5 KEYCLOAK-2053 Memberships based on memberUid like attribute 2015-12-16 13:52:11 +01:00
mposolda
06a55419f1 KEYCLOAK-1906 Customized LDAP filter. LDAP conditions improvements 2015-12-14 13:55:11 +01:00
Stian Thorgersen
ff806eae08 Version bump 2015-12-01 19:54:28 +01:00
Markus Backes
1bd9b18803 treat principal name case insensitive
* Kerberos login with active directory failed with invalid username or password because AD treats principal names in a case insensitive way (https://ssimo.org/blog/id_016.html)
2015-11-17 09:32:14 +01:00
Bill Burke
33ac048c8c resolve conflicts 2015-11-11 18:06:39 -05:00
mposolda
adbf2b22ad KEYCLOAK-1750 Improve first time login with social. Added 'first broker login' flow 2015-11-09 10:34:55 +01:00
Bill Burke
d896800ec6 groups initial 2015-10-29 16:33:02 -04:00
Stian Thorgersen
3f8312427a Version bump 2015-10-19 16:15:29 +02:00
mposolda
4587fd23b6 KEYCLOAK-1929 Change package names. Fix Fuse demo 2015-10-16 16:30:42 +02:00
Michal Drela
a1bb202bd4 Customized LDAP filter 2015-10-06 10:01:29 +02:00
mposolda
4f6d3c8dca KEYCLOAK-1815 Reduce info logging 2015-09-30 16:35:56 +02:00
Stian Thorgersen
75c0d5089f KEYCLOAK-1878
Add Base64 to Keycloak core
2015-09-25 07:02:25 +02:00
Marko Strukelj
95967b9c79 KEYCLOAK-1852 Improve Kerberos example documentation and user experience 2015-09-16 12:22:56 +02:00
Stian Thorgersen
3fd4d23bed Version bump 2015-09-09 11:27:21 +02:00
mposolda
6225ccfc06 KEYCLOAK-1826 2015-09-08 21:00:42 +02:00
mposolda
6318964374 KEYCLOAK-1802 2015-09-04 12:21:45 +02:00
mposolda
87f7ec5909 KEYCLOAK-1561 LDAPDn.getParentDn() return value is not a DN 2015-08-21 08:26:12 +02:00
mposolda
7474a31d95 KEYCLOAK-1562 better error reporting when missing UUID on ldap user record 2015-08-04 13:21:09 +02:00
mposolda
a0197bc9da KEYCLOAK-1728 NPE during LDAP sync when some LDAP user doesn't have username 2015-08-04 13:21:09 +02:00
Stian Thorgersen
f3bfb06dec Version bump 2015-07-28 10:20:40 +02:00
mposolda
5203373047 Fix JPA UserSession provider and MySQL 2015-07-24 20:39:39 +02:00
mposolda
ce1a19fdbe KEYCLOAK-1693 Added test and possibility to create users with dot in username 2015-07-24 09:33:16 +02:00
Dylan Plecki
ceb29d76b2 Fix regression in RegEx statements 2015-07-23 14:49:03 -05:00
Dylan Plecki
6efb354cce Fix LDAP DN component matching with negative lookbehind RegEx 2015-07-23 14:48:56 -05:00
Dylan Plecki
8ae242a6ed Fix LDAP RDN resolution based on unescaped comma split 2015-07-23 14:48:48 -05:00
mposolda
c71a4ac4e8 KEYCLOAK-1545 KEYCLOAK-1551 Ensure that username and email are always saved to DB lowercased 2015-07-21 08:26:16 +02:00
mposolda
38c7ca64cb KEYCLOAK-1571 Error when the value of UUID LDAP attribute is the same of the Username LDAP attribute 2015-07-21 08:26:16 +02:00
Stian Thorgersen
1642ac2394 KEYCLOAK-1385 Introduce end-of-line normalization 2015-07-17 13:46:51 +02:00
mposolda
bde65a6c57 KEYCLOAK-1533 Handle importing LDAP user with duplicate email during authentication 2015-07-08 20:41:32 +02:00
mposolda
71ea61e7a6 KEYCLOAK-1532 LDAP sync fixes and other bugfixing 2015-07-04 22:25:47 +02:00
mposolda
09994d1730 KEYCLOAK-1487 Support for multiple values of one UserModel attribute. LDAP multivalued attribute support 2015-06-29 14:56:40 +02:00
mposolda
23445123a2 KEYCLOAK-1490 Possibility to always read user attribute values from LDAP 2015-06-26 14:06:31 +02:00
mposolda
773bb43b41 KEYCLOAK-1487 Fix LDAP case-sensitivity. Show warning in case of duplicate username 2015-06-25 19:27:22 +02:00
Stian Thorgersen
38c1945ce4 Bump version 2015-06-12 14:35:34 +02:00
mposolda
80ff7b92db KEYCLOAK-886 Reduce some LDAP info logging to trace and debug 2015-06-08 19:23:32 +02:00
mposolda
0af68d28f1 KEYCLOAK-1357 LDAP migration 2015-06-08 12:29:24 +02:00
mposolda
0092d9f74d Mongo fixes & few other fixes 2015-06-05 17:52:56 +02:00
mposolda
5b40031251 KEYCLOAK-1359 more Active Directory fixes 2015-06-05 11:32:29 +02:00
mposolda
c3eb6df220 KEYCLOAK-1359 LDAP & Active directory fixes and improvements 2015-06-04 20:15:44 +02:00
mposolda
31d0365e85 KEYCLOAK-1359 More LDAP fixes 2015-06-03 19:57:11 +02:00
mposolda
a34cb92fc1 KEYCLOAK-1359 Fix testsuite with OpenLDAP, Other LDAP fixes 2015-06-03 18:44:23 +02:00
mposolda
496062ef0c KEYCLOAK-1359 LDAP tests update 2015-06-03 14:54:14 +02:00
mposolda
f57ab78916 KEYCLOAK-886 LDAP: Fixes and improvements 2015-06-01 17:38:34 +02:00
mposolda
e83de896c9 LDAP fixes + added authType to UI to allow users specify authType 2015-05-28 19:54:15 +02:00
mposolda
98dd87efbc Added ProviderConfigProperty.CLIENT_LIST and refactor role federation mapper to use it 2015-05-28 12:28:26 +02:00
mposolda
dfe232cf80 KEYCLOAK-886 User Federation Mappers - admin console 2015-05-26 17:48:52 +02:00
mposolda
319f86e91a KEYCLOAK-886 Admin console - step 1 2015-05-22 21:09:55 +02:00
mposolda
490b3e3603 KEYCLOAK-886 Added builtin federation mappers when creating new LDAP Federation model. Testsuite passing 2015-05-22 21:09:55 +02:00
mposolda
7476ee51e4 KEYCLOAK-886 Model and representations for UserFederationMappers 2015-05-22 21:09:50 +02:00
mposolda
a9f1fda68a KEYCLOAK-630 Added Role Federation mapper. Fixes and refactoring 2015-05-22 21:08:33 +02:00
mposolda
975337f225 KEYCLOAK-1300 Added FullNameLDAPFederationMapper 2015-05-22 21:08:21 +02:00
mposolda
1490f106f2 KEYCLOAK-599 Added UserFederationMappers. Added UserAttributeLDAPFederationMapper 2015-05-22 21:07:32 +02:00
mposolda
61c35265a6 KEYCLOAK-826 Show count of created/updated users during federation sync 2015-05-22 21:06:38 +02:00
mposolda
0f4497e53e Remove user from KC after removing from federation 2015-05-22 21:06:38 +02:00
Stian Thorgersen
4e0a32a37a Version bump 2015-05-22 09:04:30 +02:00
mposolda
91eb80beb0 Minor improvements 2015-05-07 20:07:30 +02:00
Stian Thorgersen
035529d7a2 Version bump 2015-05-05 11:45:21 +02:00
Stian Thorgersen
e17105cc8e Updated distribution and cleaning of maven modules 2015-04-23 11:15:05 +02:00
fiorenzo pizza
e32d7c52fc first commit 2015-04-16 12:47:17 +02:00
mposolda
eb5ae4aae9 KEYCLOAK-1007 Fork Picketlink LDAP code. Remove picketlink dependencies from LDAP Federation provider 2015-04-08 22:04:02 +02:00
Bill Burke
326818ea45 bump pom versio 2015-04-02 09:36:43 -04:00
mposolda
c2f2c5ccb6 Minor improvements for kerberos 2015-03-12 09:12:16 +01:00
mposolda
db07d79009 KEYCLOAK-1066 Kerberos credential delegation support 2015-03-06 12:59:29 +01:00
mposolda
0c893b6175 Kerberos fixes for jboss-modules refactoring. Fix environment specific test failures 2015-02-25 22:36:27 +01:00
Bill Burke
100dbd5fd7 ProviderFactory.postInit() 2015-02-23 12:11:48 -05:00
mposolda
9f8b59dfb6 Kerberos/LDAP fixes 2015-02-23 14:07:55 +01:00
mposolda
9dd5ecd464 Kerberos automated test 2015-02-23 13:13:34 +01:00
mposolda
d8024b0c6c Kerberos refactored to be federation provider. Support for Kerberos and LDAP. Username/password authentication support with kerberos credentials.
First step - KerberosFederationProvider

Finished KerberosFederationProvider. Added support for username/password authentication with kerberos credentials

Added Kerberos UI to LDAPFederationProvider

Fixes
2015-02-18 17:19:15 +01:00
Stian Thorgersen
959933a227 Version bump 2015-01-12 10:35:50 +01:00
Bill Burke
6c04e26376 bump 2014-12-05 21:09:38 -05:00
Bill Burke
c0059a875b bump version 2014-12-05 19:03:13 -05:00
mposolda
279a70bcb8 Fix failing tests 2014-11-11 15:17:32 +01:00
mposolda
64e777a4f4 Upgrade to picketlink 2.7.0.CR2 and minor LDAP improvements 2014-11-11 12:58:49 +01:00
Stian Thorgersen
0f8c073354 Version bump 2014-11-04 09:01:06 +01:00
mposolda
78a1df693c KEYCLOAK-808 Issue when DB search is case-sensitive byt LDAP search is not 2014-10-31 10:27:55 +01:00
Bill Burke
cf747dac22 remove info logging 2014-10-30 09:53:06 -04:00
Bill Burke
4b399fe05a login protocol abstraction 2014-10-01 10:01:42 -04:00
Stian Thorgersen
423dc1b8a7 Change version schema to match JBoss 2014-09-12 09:35:08 +02:00
Stian Thorgersen
5dea07793b Version bump 2014-09-11 09:27:58 +02:00
Bill Burke
3f539c6d5c version bump 2014-09-09 13:34:56 -04:00
mposolda
cd91a29a89 Fix SyncProvidersTest with ActiveDirectory 2014-09-02 11:06:31 +02:00
Stian Thorgersen
05a1fc1ded Version bump 2014-09-01 10:17:00 +02:00