Thomas Raehalme
566a58b5d8
Replaced AdapterDeploymentContextBean with AdapterDeploymentContextFactoryBean and added support for KeycloakConfigResolver.
2015-12-15 11:53:10 +02:00
Bill Burke
0c8f3f734d
Merge pull request #1855 from Smartling/KEYCLOAK-1391
...
KEYCLOAK-1391: Return an HTTP 401 for API requests
2015-11-25 08:57:05 -05:00
Bill Burke
ff63c5552a
sendError() handling'
2015-11-24 16:48:24 -05:00
Scott Rossillo
f1c3295cec
KEYCLOAK-1391: Return an HTTP 401 for API requests
...
Non browser HTTP requests shouldn't redirect to the Keycloak login
page. Instead, return an HTTP 401 with a proper WWW-Authenticate
header.
2015-11-23 10:46:14 -05:00
Thomas Raehalme
7b7fbd3257
Added sendError(int) to HttpFacade.Response.
2015-11-06 10:47:08 +02:00
agolPl
9755d79879
extract keycloak configuration file name
2015-10-25 00:26:18 +02:00
mposolda
4587fd23b6
KEYCLOAK-1929 Change package names. Fix Fuse demo
2015-10-16 16:30:42 +02:00
Scott Rossillo
05bd51ac1c
WrappedHttpServletRequest may throw an exception returning cookies
...
HttpServletRequest.getCookies() may return null
2015-09-30 14:31:15 -04:00
Bill Burke
88355d7eb4
tomcat6 adapter
2015-09-25 15:12:14 -04:00
Bill Burke
791a740f32
Merge remote-tracking branch 'upstream/master'
2015-09-24 12:05:24 -04:00
Stian Thorgersen
4eaf893492
Merge pull request #1610 from raehalme/KEYCLOAK-1828
...
KEYCLOAK-1828 attemptAuthentication throws KeycloakAuthenticationException if authentication fails
2015-09-24 06:32:27 +02:00
Stian Thorgersen
0ba6ab198a
Merge pull request #1611 from raehalme/KEYCLOAK-1829
...
KEYCLOAK-1829 unsuccessfulAuthentication now returns HTTP response status 401 instead of 403
2015-09-24 06:31:33 +02:00
Bill Burke
0f24bd2ea4
merge
2015-09-17 14:06:33 -04:00
Bill Burke
cb8ca619ae
saml sp
2015-09-17 14:00:57 -04:00
Thomas Raehalme
e0eac89e5a
Added check for null authentication on the logout method.
2015-09-10 12:30:07 +03:00
Thomas Raehalme
90d34bfd06
unsuccessfulAuthentication now returns HTTP response status 401 instead of 403.
2015-09-09 18:31:25 +03:00
Thomas Raehalme
e58b5762f3
attemptAuthentication now throws KeycloakAuthenticationException if authentication fails.
...
Also authenticationFailureHandler is by default set to SimpleUrlAuthenticationFailureHandler
with default login url set to /sso/login.
2015-09-09 15:45:13 +03:00
Bill Burke
333ad0efac
refactor adapters
2015-09-04 15:56:28 -04:00
Thomas Raehalme
3a4897c7d2
Separated the error message for Bearer token and Basic authentication failures.
2015-08-17 22:36:59 +03:00
Thomas Raehalme
b3f142d715
KeycloakAuthenticationProcessingFilter now handles Basic Authentication the same way as Bearer token.
2015-08-17 18:05:49 +03:00
Scott Rossillo
1839b24b90
Support for loading keycloak.json from the classpath
...
Spring Boot and non-web based applications don't have a WEB-INF
directory. Support loading Spring Security adapter's keycloak.json
from the class path.
2015-07-19 12:10:33 -04:00
Scott Rossillo
abfec23404
Fix Spring Security adapter logout handling
...
Stops KeycloakLogoutHandler from throwing an exception if the
authentication is not of type KeycloakAuthenticationToken.
Fixes KEYCLOAK-1438.
2015-06-10 12:22:18 -04:00
Stian Thorgersen
6c98d64874
Merge pull request #1238 from raehalme/KEYCLOAK-1294
...
Added support for GrantedAuthoritiesMapper in KeycloakAuthenticationProvider
2015-05-13 06:57:29 +02:00
Scott Rossillo
4d32ac8765
Add Servlet 2.x support to the Spring Security adapter
...
Cookie.setHttpOnly() was added in Servlet 3.0. Make setting a
cookie as HttpOnly dependent on servlet version.
2015-05-11 19:48:16 -04:00
Thomas Raehalme
78999537f0
Added support for GrantedAuthoritiesMapper in KeycloakAuthenticationProvider.
2015-05-09 13:42:09 +03:00
Bill Burke
e3b0cc7093
Merge pull request #1236 from Smartling/KEYCLOAK-1291
...
Improve Spring Security adapter default configuration
2015-05-08 20:53:36 -04:00
Scott Rossillo
d37a9eada3
Improve Spring Security adapter default configuration
2015-05-08 18:24:49 -04:00
Scott Rossillo
a7bfae2f56
Use backchannel logout for Spring Security SSO
...
Use backchannel logout for Keycloak's Spring Security adapter
single sign-out to allow Spring Security's logout complete handler
to fire.
2015-05-08 18:20:17 -04:00
Stian Thorgersen
58fc4520c9
Merge pull request #1232 from Smartling/KEYCLOAK-1287
...
Enable Spring Security adapter to register nodes
2015-05-08 07:09:42 +02:00
Stian Thorgersen
53716697ca
Merge pull request #1222 from Smartling/KEYCLOAK-1273
...
Improve Spring Security adapter client to client authorization
2015-05-08 07:01:14 +02:00
Scott Rossillo
8ca9a6a64a
Enable Spring Security adapter to register nodes
...
Enable dynamic application node registration and unregistration
from Spring Security protected applications.
2015-05-07 20:09:16 -04:00
Scott Rossillo
2ce3925ba9
Permit Spring Security adapter to process admin tasks with CSRF enabled
...
Spring Security's CSRF protection blocks Keycloak administrative
actions when configured with the default request matcher.
This provides a CSRF request matcher that permits Keycloak
administrative actions without the CSRF token.
2015-05-07 19:58:27 -04:00
Scott Rossillo
b05da425b9
Improve Spring Security adapter client to client authorization
2015-05-06 16:54:55 -04:00
Scott Rossillo
06a7938aa6
Add Spring Security adapter
2015-04-28 15:05:56 -04:00