Commit graph

217 commits

Author SHA1 Message Date
rmartinc
cab7e50410 Better handling for SAML signatures in POST and REDIRECT bindings
Closes https://github.com/keycloak/keycloak/issues/17456
2023-03-15 09:06:59 -03:00
Jon Koops
972ebb9650
Use a valid SemVer format for the SNAPSHOT version (#17334)
* Use a valid SemVer format for the SNAPSHOT version

* Update pom.xml

* Update pom.xml

---------

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2023-03-03 11:11:44 +01:00
laskasn
dc8b759c3d Use encryption keys rather than sig for crypto in SAML
Closes #13606

Co-authored-by: mhajas <mhajas@redhat.com>
Co-authored-by: hmlnarik <hmlnarik@redhat.com>
2023-02-10 12:06:49 +01:00
Peter Skopek
8f9c3cdeab SAML adapter is missing "crypto/default" module (#15146)
Closes #15146
2022-10-26 11:59:56 +02:00
Stian Thorgersen
97ae90de88
Remove Red Hat Single Sign-On product profile from upstream (#14697)
* Remove Red Hat Single Sign-On product profile from upstream

Closes #14916

* review suggestions: Remove Red Hat Single Sign-On product profile from upstream

Closes #14916

Co-authored-by: Peter Skopek <pskopek@redhat.com>
2022-10-18 14:43:04 +02:00
Alexander Schwartz
850af55edc Ensure that only JDK 8 APIs are used where JDK 8 is still required.
Closes #10842
2022-06-20 14:44:33 -03:00
Stian Thorgersen
075e284455
Remove legacy (non-Elytron) WildFly adapter (#11789)
Closes #11683
2022-05-18 10:34:47 +02:00
Stian Thorgersen
491b3262de
Remove Jetty 9.2 and 9.3 adapters (#11792)
Closes #11791
2022-05-04 15:24:46 +02:00
Stian Thorgersen
b65d76edab
Remove EAP6 and AS7 adapters (#11605)
Closes #11604
2022-04-28 11:20:44 +02:00
Stian Thorgersen
e3f3e65ac5
Remove JDK7 support for adapters (#11607)
Closes #11606
2022-04-27 08:33:23 +02:00
rmartinc
755080d745 [#10894] SAML Adapters tests start failing in recent versions of EAP/wildfly 2022-03-29 12:31:09 +02:00
keycloak-bot
c71aa8b711
Set version to 999-SNAPSHOT (#10784) 2022-03-22 09:22:48 +01:00
stianst
5ef8265b75 Remove Tomcat 7 adapter
Closes #9428
2022-02-28 07:50:36 +01:00
Stian Thorgersen
fa87d46210
Remove additional repositories where they are not needed. Set updatePolicy for GA. (#10047)
Closes: #10133
2022-02-16 08:59:05 +01:00
keycloak-bot
d9f1a9b207
Set version to 18.0.0-SNAPSHOT (#10165) 2022-02-11 21:28:06 +01:00
Hans-Christian Halfbrodt
d9d77fe1f7
Fix for KEYCLOAK-18914 (#9355)
Closed #9382 

Co-authored-by: Hans-Christian Halfbrodt <hc-github42@halfbrodt.org>
2022-01-06 18:05:50 +01:00
keycloak-bot
9f3d4a7d42 Set version to 17.0.0-SNAPSHOT 2021-12-20 10:50:39 +01:00
Hisanobu Okuda
24e7ab6748 8942 - port in location header is -1 when doing SAML global logout 2021-12-13 13:22:50 +01:00
Martin Bartoš
1e1a6779be Issue 8814: Replace deprecated hamcrest-all dependencies 2021-11-23 13:56:28 +01:00
Stefan Guilhen
271033c3a4 [KEYCLOAK-19102] Replace usages of deprecated setAllowNull(boolean) calls in the adapters subsystems with setRequired(boolean)
- WildFly will remove deprecated APIs, code needs to be changed before the next WildFly upgrade.
2021-09-24 13:01:50 +02:00
keycloak-bot
262ec3d031 Set version to 16.0.0-SNAPSHOT 2021-07-30 14:56:10 +02:00
Stefan Guilhen
9e676fce7e [KEYCLOAK-18559] Fix SAML adapters so they allow unescaped characters in URIs
- Makes adapters bahavior consistent with containers that allow unescaped characters in URIs
2021-07-29 12:11:32 +02:00
Martin Bartoš
06077dc4ea KEYCLOAK-18466 Configure HTTP client timeouts for adapters - change property names 2021-07-22 10:54:59 +02:00
ruromero
464475caa0 [KEYCLOAK-17872] Add missing HTTPClient properties
Signed-off-by: ruromero <rromerom@redhat.com>
2021-07-22 10:54:59 +02:00
Martin Bartoš
23e3bc5f8f KEYCLOAK-18466 Configure HTTP client timeouts for adapters 2021-07-22 10:54:59 +02:00
keycloak-bot
13f7831a77 Set version to 15.0.0-SNAPSHOT 2021-06-18 10:42:27 +02:00
keycloak-bot
4b44f7d566 Set version to 14.0.0-SNAPSHOT 2021-05-06 14:55:01 +02:00
Bruno Oliveira da Silva
4f08912071 [KEYCLOAK-17989] Update Jetty to the latest version 2021-05-04 16:56:43 -03:00
Phillip Schichtel
f754b34c0c KEYCLOAK-13633 Generalize GenericPrincipalFactory to PrincipleFactory
This allows to replace java.security.acl.Group usage only where necessary while keeping legacy adapter unchanged.

Signed-off-by: Phillip Schichtel <phillip@schich.tel>
2021-03-22 15:40:51 +01:00
Andrew Elwell
c76ca4ad13
Correct "doesn't exists" typos - fixes KEYCLOAK-14986 (#7316)
* Correct "doesn't exists" typos

* Revert changes to imported package

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2021-03-16 11:52:36 +01:00
Hynek Mlnarik
acfea8ecd2 KEYCLOAK-4250 Include certificates without name for validation
Nameless certificates are now included for signature validation
in the SAML adapter when the certificate is downloaded from
metadataUrl.
2021-01-15 22:03:16 +01:00
keycloak-bot
75be33ccad Set version to 13.0.0-SNAPSHOT 2020-12-16 17:31:55 +01:00
Miquel Simon
53dfa7c56b KEYCLOAK-14109. Added profiles for Spring 2.3 version.
KEYCLOAK-14737. Updated Jetty version to 9.4.29, as required per Spring 2.3.
2020-11-13 12:09:22 -03:00
Hynek Mlnarik
4541a1b250 KEYCLOAK-15907 Fix new host in SAML adapter cannot restore session 2020-10-12 13:23:03 +02:00
testn
269a72d672 KEYCLOAK-15184: Use static inner class where possible 2020-10-09 23:37:08 +02:00
testn
2cd03569d6 KEYCLOAK-15238: Fix potential resource leak from not closing Stream/Reader 2020-09-21 13:05:03 +02:00
Luca Leonardo Scorcia
da6530471b KEYCLOAK-14742 SAML2NameIDPolicyBuilder: add AllowCreate and SPNameQualifier properties 2020-07-25 10:16:57 +02:00
keycloak-bot
afff0a5109 Set version to 12.0.0-SNAPSHOT 2020-07-22 14:36:15 +02:00
Jan Lieskovsky
969b09f530 [KEYCLOAK-13692] Upgrade to Wildfly "20.0.1.Final" and Infinispan "10.1.8.Final"
Co-authored-by: Jan Lieskovsky <jlieskov@redhat.com>
Co-authored-by: Marek Posolda <mposolda@redhat.com>
2020-07-20 22:15:08 +02:00
Stefan Guilhen
76717134ba [KEYCLOAK-12998] Prevent duplicate resources from being added to the keycloak-saml subsystem
- Fixes an issue in parser where the closing tag of the IDP element was in the wrong place, which could break the server configuration
 - Parser now checks for duplicates of elements described with maxOccurs=1 in the schema
 - Add handler for SP and IDP now check for existing SPs or IDPs in the config, preventing addition of a duplicate resource via CLI
 - Subsystem test was enhanced so it now tests some invalid configs with duplicate elements
2020-06-23 20:03:36 +02:00
mhajas
5d1d75db40 KEYCLOAK-14103 Add Warn message for possibly missing SameSite configuration 2020-06-15 14:45:57 +02:00
Hynek Mlnarik
32f13016fa KEYCLOAK-12874 Align Destination field existence check with spec 2020-05-04 09:19:44 +02:00
keycloak-bot
ae20b7d3cd Set version to 11.0.0-SNAPSHOT 2020-04-29 12:57:55 +02:00
Stefan Guilhen
fd9c4e9228 [KEYCLOAK-12097] Fix NPE when trying to obtain the cache container name from jboss-web.xml
- check if the cache name as configured in jboss-web.xml is composite - i.e. has a 'parent.child' structure
2020-04-27 10:13:25 +02:00
keycloak-bot
33314ae3ca Set version to 10.0.0-SNAPSHOT 2020-04-21 09:19:32 +02:00
keycloak-bot
f6a592b15a Set version to 9.0.4-SNAPSHOT 2020-03-24 08:31:18 +01:00
Hynek Mlnarik
0cf0955318 KEYCLOAK-13181 Fix NPE in EAP 6 adapter 2020-03-04 10:19:43 +01:00
keycloak-bot
d352d3fa8e Set version to 9.0.1-SNAPSHOT 2020-02-17 20:38:54 +01:00
Stefan Guilhen
d943b8a9e3 [KEYCLOAK-12873] Fix differences between keycloak-saml.xml (adapter) and the keycloak-saml subsystem 2020-02-07 12:06:28 +01:00
mhajas
fc7b769b6e KEYCLOAK-6817 Ignore SniSSLSocketFactory exception for IBM jdk 2020-01-31 09:08:44 +01:00