Commit graph

429 commits

Author SHA1 Message Date
Pedro Igor
b745ac8259 Documenting LDAP connection pooling
Closes #30995

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-07-04 13:21:47 +02:00
Steven Hawkins
a7ae90cbb6
fix: adds affinity and other scheduling to the operator (#29977)
closes: #29258

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-07-03 20:07:03 +02:00
Thomas Darimont
f34bb21af6
Fix deprecations in common module
- Use charset in `Encode` class
- Replace reflective call to protected `Liquibase#resetServices()` with call to exposed public method on a custom subclass `KeycloakLiquibase`
- Remove usage of deprecated AccessController class in Reflections
- Deprecated SetAccessibleProvilegedAction and UnsetAccessibleProvilegedAction

Fixes #22209

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-07-02 16:02:35 +00:00
Peter Zaoral
add45a25a8
Add default CPU limit/request for the operator (#30601)
Closes: #27432

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2024-07-01 15:12:43 +02:00
Christoph Schulz
657aff787f
Add missing comma to (#30914)
Signed-off-by: Christoph Schulz <mail@ciis0.de>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
2024-06-28 13:13:13 +00:00
Stan Silvert
a1445cd93f
Minor doc fix. (#30899)
Signed-off-by: Stan Silvert <ssilvert@redhat.com>
2024-06-27 16:18:32 -04:00
andymunro
30264c7dd4
Remove inclusive language foreword
Closes #30856

Signed-off-by: AndyMunro <amunro@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-06-27 15:22:03 +02:00
Douglas Palmer
5af3001122 Check if OSGI metadata can be removed entirely
Closes #29104

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-06-25 14:12:33 +02:00
Douglas Palmer
54f4ab50f0 Broken external links
Closes #30717

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-06-25 09:55:50 +02:00
Jon Koops
df18629ffe
Use a default Java version from root POM (#29927)
Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-06-21 14:19:31 +02:00
Pedro Igor
a0ad680346 Adding an alias to organization and exposing them to templates
Closes #30312
Closes #30313

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-06-20 14:36:14 -03:00
Jon Koops
77fb3c4dd4
Use correct host URL for Admin Console requests (#30535)
Closes #30432

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-06-19 15:21:53 +02:00
CARBONNEAUX Mathieu
acf79b81c7
add RS256 algorithm to webauthn default policy (#30528)
closes #28020 

Signed-off-by: Mathieu CARBONNEAUX <mathieu.carbonneaux@ch2o.info>
2024-06-19 10:16:46 +02:00
Pedro Ruivo
5c0dddd837 Batch cluster events
Sending multiple events in a single network request should minimize
latency and traffic.

Closes #30445

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-06-14 21:14:22 +02:00
Thibault Morin
f6fa869b12
feat(SAML): add Artifact Binding on brokering scenarios when Keycloak is SP (#29619)
* feat: add Artifact Binding on brokering scenarios when Keycloak is SP

Signed-off-by: tmorin <git@morin.io>

* Adding broker test and minor improvements

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

* Fixing IdentityProviderTest

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

* Renaming methods related to idp initiated flows

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

* Fixing partial_import_test.spec.ts

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

---------

Signed-off-by: tmorin <git@morin.io>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-06-14 08:54:49 -03:00
Pedro Ruivo
18a6c79011
Infinispan Protostream Marshaller (#29474)
Closes #29394

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-06-13 18:02:46 +02:00
Kohei Tamura
d96967682b
Improve procedure for handling open transactions (#29748)
Signed-off-by: k-tamura <ktamura.biz.80@gmail.com>
2024-06-12 23:21:24 +02:00
Martin Bartoš
04b16a914c Remove link to management interface guide from ignored links in docs
Closes #28475

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2024-06-12 11:50:21 +02:00
daviddelannoy
d4fc5249c4
fix label error for persistent-user-sessions feature flag in documentation
Closes #30368

Signed-off-by: daviddelannoy <16318239+daviddelannoy@users.noreply.github.com>
2024-06-12 09:32:10 +00:00
Pedro Igor
e6df8a2866 Allow multiple instances of the same social broker in a realm
Closes #30088

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-06-11 12:44:10 -03:00
Pedro Igor
22da43c619
Fixing broken link (#30299)
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-06-10 15:22:48 +02:00
Pedro Igor
c35bf11b1b
Adding organization section (#29796)
Closes #28731

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-06-10 09:08:50 +02:00
Giuseppe Graziano
6067f93984
Improvements to refresh token rotation with multiple tabs (#29966)
Closes #14122

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
2024-06-07 12:02:36 +02:00
Steven Hawkins
5059a02eb2
fix: minor refinements to collection utils (#29536)
closes: #29535

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-06-06 10:07:34 -04:00
Steven Hawkins
c7e9ee2bff
fix: adds handling for all kcadm prompts as env variables (#29430)
closes: #21961

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-06-06 13:08:23 +00:00
Marek Posolda
79c8c80058
Example for X.509 direct grant flow authentication (#30203)
closes #29639

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-06-06 11:58:09 +02:00
Erik Jan de Wit
5897334ddb
Align environment variables between consoles (#30125)
* change to make authServerUrl the same as authUrl

fixes: #29641
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Remove `authUrl` entirely

Signed-off-by: Jon Koops <jonkoops@gmail.com>

* Remove file that is unrelated

Signed-off-by: Jon Koops <jonkoops@gmail.com>

* Split out and align environment variables between consoles

Signed-off-by: Jon Koops <jonkoops@gmail.com>

* Restore removed variables to preserve backwards compatibility

Signed-off-by: Jon Koops <jonkoops@gmail.com>

* Also deprecate the `authUrl` for the Admin Console

Signed-off-by: Jon Koops <jonkoops@gmail.com>

---------

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Signed-off-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2024-06-06 08:36:46 +02:00
Giuseppe Graziano
d5e82356f9 Encrypted KC_RESTART cookie and removed sensitive notes
Closes #keycloak/keycloak-private#162

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
2024-06-05 10:33:44 +02:00
Marek Posolda
193439788e
Release notes for support application/jwt response in token introspec… (#30105)
closes #30104

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-06-04 06:49:13 +02:00
Martin Bartoš
262fc09edc
OpenJDK 21 support (#28518)
* OpenJDK 21 support

Closes #28517

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* x509 SAN UPN other name is not handled in JDK 21 (#904)

closes #29968

Signed-off-by: mposolda <mposolda@gmail.com>

---------

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
2024-06-03 14:17:28 +02:00
Peter Zaoral
cd2451d58b
Remove Oracle JDBC driver out of the box (#29895)
Closes: #29491

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2024-05-31 17:21:19 +00:00
Alexander Schwartz
af23150343 Fixing typo in the upgrading guide for persistent sessions
Closes #30028

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-05-31 13:18:34 +02:00
Miquel Simon
2c521bd64d Upgrade supported PostgreSQL to version 16
Closes #29875

Signed-off-by: Miquel Simon <msimonma@redhat.com>
2024-05-29 16:31:40 +02:00
Marek Posolda
336b2c875f
Update release notes for Keycloak 25 (#29894)
closes #29576

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-05-29 14:19:17 +02:00
mposolda
37c10b4d43 Improve documentation for the case when 'basic' client scope already exists
closes #29880

Signed-off-by: mposolda <mposolda@gmail.com>
2024-05-29 13:32:05 +02:00
Ryan Emerson
5788263413
Document Failover Lambda for Active/Passive deployments
Closes #29787

Signed-off-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-05-29 12:33:13 +02:00
Michal Hajas
61d0d56720
Document it is not possible to use rolling configuration upgrade for enabling persistent sessions
Closes #29561

Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-05-29 10:19:20 +02:00
Pedro Igor
bbb83236f5 Do not lower-case the username from the IdP when creating the federated identity
Closes #28495

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-05-29 01:58:20 -03:00
Jon Koops
a3b2dd0735
Remove deprecated ServerCookie class (#29916)
Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-05-28 14:14:05 +00:00
Ryan Emerson
0f17f0abc5
Require external Infinispan be of version 15 or greater
Signed-off-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-05-22 11:26:26 +00:00
Alexander Schwartz
80de3a0a71
Allow migration of non-persistent sessions to persistent sessions
Closes #29375

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-05-22 10:30:46 +02:00
rmartinc
f7044ba5c2 Use SessionExpirationUtils for validate user and client sessions
Check client session is valid in TokenManager
Closes #24936

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-05-22 10:12:20 +02:00
Marek Posolda
6dc28bc7b5
Clarify the documentation about step-up authentication (#29735)
closes #28341

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-05-21 19:46:27 +02:00
mposolda
bbd4b60163 Update documentation after adapters removal
closes #28792

Signed-off-by: mposolda <mposolda@gmail.com>
2024-05-21 09:34:48 +02:00
vramik
35df0140ee Add a note to the migration guide about index name length for Oracle database
Closes #29594

Signed-off-by: vramik <vramik@redhat.com>
2024-05-16 10:06:39 -03:00
Takashi Norimatsu
b4e7d9b1aa
Passkeys: Supporting WebAuthn Conditional UI (#24305)
closes #24264

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: mposolda <mposolda@gmail.com>
2024-05-16 07:58:43 +02:00
Alexander Schwartz
8deca303e2
Update instruction on how to enable persistent sessions (#29490)
Closes #29489

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-05-15 13:26:51 +02:00
Kamesh Akella
1d613d9037
Argon2 release notes and sizing guide update
Closes #29033

Signed-off-by: Kamesh Akella <kamesh.asp@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-05-14 17:40:51 +02:00
mposolda
d8a7773947 Adding dummyHash to DirectGrant request in case user does not exists. Fix dummyHash for normal login requests
closes #12298

Signed-off-by: mposolda <mposolda@gmail.com>
2024-05-13 16:33:29 +02:00
christian2
e200ccfa53 Fix URL endpoint for Docker registry v2 authentication
Closes #29132

Signed-off-by: Christian Hörtnagl <christian2@univie.ac.at>
2024-05-13 13:51:06 +02:00