Commit graph

7275 commits

Author SHA1 Message Date
Eivind Mikkelsen
24a2773524 Add SAML NameID Formats and include certificate in signature
The NameID Format in the AuthnRequest NameIDPolicy is now respected,
and support has been added for the following NameID Formats:

  - urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
  - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
  - urn:oasis:names:tc:SAML:2.0:nameid-format:transient

The persistent NameID format was previously used in all responses
and mapped to the principal's username. Now, unspecified is mapped
to the principal's username and used by default if no NameIDPolicy
is specified by the SP.

The persistent format requires generating a pseudo-random identifier
that must be generated by the IdP on first login and stored in the
user's profile. Persistent NameID Format is not yet implemented.

The certificate is now added to the signature to enable support for
integration with Service Providers where only the IdP's certificate
fingerprint is configured (e.g. Zendesk).
2014-11-12 01:24:51 +01:00
Marek Posolda
7f29d4c247 Merge pull request #851 from mposolda/pl-upgrade
PL upgrade to 2.7.0.CR2 and ldap improvements
2014-11-11 15:20:46 +01:00
mposolda
279a70bcb8 Fix failing tests 2014-11-11 15:17:32 +01:00
mposolda
2f0498bb7f KEYCLOAK-827 add entryDN as one of attributes, which can be mapped to username 2014-11-11 13:20:12 +01:00
mposolda
64e777a4f4 Upgrade to picketlink 2.7.0.CR2 and minor LDAP improvements 2014-11-11 12:58:49 +01:00
Bill Burke
3fd8cd66d6 Merge pull request #850 from patriot1burke/master
update readme
2014-11-10 17:11:29 -05:00
Bill Burke
d72bcebdf0 update readme 2014-11-10 17:11:07 -05:00
Bill Burke
7e9dbce259 Merge pull request #849 from patriot1burke/master
jetty 8
2014-11-10 17:09:39 -05:00
Bill Burke
3b6f10913c merge 2014-11-10 17:09:00 -05:00
Bill Burke
3fbffc9d7d jetty 8 2014-11-10 16:59:31 -05:00
Marek Posolda
b4e0a1e6f5 Merge pull request #848 from mposolda/fuse
KEYCLOAK-835 KEYCLOAK-836
2014-11-10 22:26:11 +01:00
mposolda
63198288df Add jetty modules to distribution 2014-11-10 22:16:20 +01:00
mposolda
07fd8ae9d7 KEYCLOAK-836 Added OsgiJaxrsBearerTokenFilterImpl to be used in fuse 2014-11-10 22:16:20 +01:00
mposolda
a94ab5883d KEYCLOAK-835 Move AdapterConstants to different package 2014-11-10 22:16:20 +01:00
mposolda
d1e819cef1 KEYCLOAK-836 Refactoring of JaxrsBearerTokenFilter to work with both resteasy and Apache CXF. Added test 2014-11-10 22:16:14 +01:00
Bill Burke
ebb795af5a Merge pull request #847 from patriot1burke/master
Jetty 9.x adapters
2014-11-07 21:11:24 -05:00
Bill Burke
b0a5161e6b final jetty stuff 2014-11-07 21:10:15 -05:00
Bill Burke
3805510e20 more jetty adapter 2014-11-07 18:34:53 -05:00
Bill Burke
31050e0580 Merge pull request #811 from ssilvert/deploy-auth-in-subsys
KEYCLOAK-795 Move Auth Server into Keycloak Subsystem
2014-11-06 17:57:19 -05:00
Bill Burke
2e9f1908f0 Merge pull request #846 from patriot1burke/master
document truststore classpath:
2014-11-06 17:46:21 -05:00
Bill Burke
f12cd5fa09 document truststore classpath: 2014-11-06 17:46:01 -05:00
Bill Burke
b487d6c836 Merge pull request #844 from Monezz/master
KEYCLOAK-829 Support loading keystore from classpath
2014-11-06 17:39:37 -05:00
Bill Burke
47ea0f5e23 Merge pull request #845 from patriot1burke/master
jetty adapter
2014-11-06 17:36:48 -05:00
Bill Burke
d77f1f090f merge for jetty 2014-11-06 17:36:22 -05:00
Bill Burke
666851a44a Merge remote-tracking branch 'upstream/master' 2014-11-06 17:27:44 -05:00
Bill Burke
cd25d7019b jetty adapter 2014-11-06 17:27:31 -05:00
Timon Veenstra
7c9e3f4555 KEYCLOAK-829 Adjustment to KetstoreUtil to support loading keystore from classpath 2014-11-06 21:43:49 +01:00
Marek Posolda
c0f377c8c7 Merge pull request #841 from jpkrohling/JPK-KEYCLOAK-821
KEYCLOAK-821 - Support for comma-separated list of file names to import.
2014-11-06 20:32:31 +01:00
Stian Thorgersen
4a38b04e3e Merge pull request #843 from stianst/master
KEYCLOAK-824 Wrong digit shown in Invalid Password message
2014-11-06 13:08:42 +01:00
Stian Thorgersen
9343cf2aca KEYCLOAK-824 Wrong digit shown in Invalid Password message 2014-11-06 12:30:24 +01:00
Marek Posolda
3d70bae994 Merge pull request #842 from mposolda/master
KEYCLOAK-822 More mandatory fields in LDAP configuration in admin consol...
2014-11-05 17:20:31 +01:00
mposolda
8895d0b91e KEYCLOAK-822 More mandatory fields in LDAP configuration in admin console 2014-11-05 17:14:03 +01:00
Juraci Paixão Kröhling
cd0ad70952 KEYCLOAK-821 - Support for comma-separated list of file names to import. 2014-11-05 17:04:17 +01:00
Stian Thorgersen
5041d6ed80 Merge pull request #840 from stianst/master
KEYCLOAK-820  Don't expose realm private key through admin endpoints
2014-11-05 15:35:32 +01:00
Stian Thorgersen
e7625c2bb1 KEYCLOAK-820 Don't expose realm private key through admin endpoints 2014-11-05 15:34:56 +01:00
Stan Silvert
63712039e7 KEYCLOAK-795: Update CLI 2014-11-05 08:31:09 -05:00
Stan Silvert
aa55a86ff6 KEYCLOAK-795 Update documentation. Add latest version of CLI to appliance
dist.
2014-11-05 08:31:08 -05:00
Stan Silvert
e8e50d2d1c KEYCLOAK-795 Cleanup appliance dist. 2014-11-05 08:31:07 -05:00
Stan Silvert
3f75ebf029 KEYCLOAK-795 Move Auth Server into Keycloak Subsystem 2014-11-05 08:31:07 -05:00
Stan Silvert
f9215e961d Incremental commit because I haven't done one in awhile. 2014-11-05 08:31:06 -05:00
Stan Silvert
4776582a6a Old experiment with keycloak-server.json embedded into standalone.xml 2014-11-05 08:31:05 -05:00
Stian Thorgersen
5091e07555 Fix label for certificate on realm-keys page 2014-11-05 13:57:27 +01:00
Stian Thorgersen
5943af79af Update pom for 'examples/demo-template/example-ear' to not deploy to repo 2014-11-05 13:54:14 +01:00
Stian Thorgersen
875e9ba513 Merge pull request #839 from jpkrohling/JPK-Wildfly-Adapter-Dist-Zip-Bug
KEYCLOAK-816 Removed undertow-adapter as dependency from wildfly-adapter-zip
2014-11-05 13:14:04 +01:00
Juraci Paixão Kröhling
8c8f82d0fd KEYCLOAK-816 - Removed undertow-adapter as dependency from wildfly-adapter-zip 2014-11-05 12:15:37 +01:00
Bill Burke
00167ee76a Merge pull request #838 from patriot1burke/master
doclet fix
2014-11-04 16:05:44 -05:00
Bill Burke
9c175bfb5d Merge remote-tracking branch 'upstream/master' 2014-11-04 15:55:47 -05:00
Bill Burke
ede59a4441 fix jax-doclets 2014-11-04 15:55:33 -05:00
Stian Thorgersen
e91129db92 Merge pull request #837 from stianst/master
Fixes
2014-11-04 16:00:54 +01:00
Stian Thorgersen
ebf04c01c6 Fix version in pom for admin-client 2014-11-04 15:57:14 +01:00