Commit graph

852 commits

Author SHA1 Message Date
Steven Hawkins
29eb0171de
task: remove hostname v1 (#32352)
closes: #27731

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-08-28 17:48:06 +02:00
Alexander Schwartz
8e0d50edc0
Upgrade Keycloak's sizing guide for KC26 (#32344)
Closes #32343
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Kamesh Akella <kakella@redhat.com>
2024-08-27 16:38:38 +02:00
Franck Arnulfo
cec359f0a2
Update realm-config.adoc with correct button label (#32405)
Signed-off-by: Franck Arnulfo <franck.arnulfo@gmail.com>
2024-08-27 14:13:42 +00:00
Yuvi Panda
5210b7e546 Use Google as example, not Google+
Google+ no longer exists

Signed-off-by: Yuvi Panda <yuvipanda@gmail.com>
2024-08-26 10:18:52 +02:00
Jon Koops
5ac8ffa5b5
Move unrelated files out of common resources (#32285)
Closes #24861

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-08-22 09:57:15 +02:00
Steven Hawkins
2cbe476c52
fix: adding consistent language for the non-server commands (#32317)
closes: #29200

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-08-22 08:37:07 +02:00
Martin Bartoš
607ab01405
OTEL: Dynamic service name for tracing in K8s environment (#32140)
* OTEL: Dynamic service name for tracing in K8s environment

Closes #32095

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Update docs/guides/server/tracing.adoc

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

---------

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
2024-08-21 17:22:36 +02:00
Steven Hawkins
087647dab3
fix: adding docs around client redirect uris and hostname-strict (#32101)
* fix: adding docs around admin client redirect uris and hostname-strict

closes: #31640

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* Update docs/documentation/upgrading/topics/changes/changes-25_0_0.adoc

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>

* Update docs/documentation/upgrading/topics/changes/changes-25_0_0.adoc

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>

---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
2024-08-21 14:19:30 +00:00
yelhouti
e8840df0e0
Fix: admin GUI not working with 1000s of realms
Search by RealmName is done before loading all realms when filtering

Closes #31956

Signed-off-by: Youssef El Houti <youssef.elhouti@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-21 14:58:36 +02:00
Pedro Igor
c1f6d5ca64 Support for selecting an organization when requesting the organization scope
Closes #31438

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-08-21 13:04:58 +02:00
Pedro Ruivo
4675a4eda9 Deprecate UserSessionCrossDCManager
Fixes #31878

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-08-21 08:52:39 +02:00
Pedro Igor
eeae50fb43 Make sure federationLink always map to the storage provider associated with federated users
Closes #31670

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-08-20 11:27:22 +02:00
Martin Bartoš
bf5cf47351
Management Interface is turned on even though nothing is exposed on it (#31938)
* Management Interface is turned on even though nothing is exposed on it

Fixes #31818

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Remove conditional enablement, add relevancy description

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

---------

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2024-08-19 15:52:59 +02:00
Stefan Guilhen
fa7c2b5da6 Address review comments
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-19 09:06:35 -03:00
Stefan Guilhen
f82159cf65 Rework logic to fetch IDPs for the login page so that IDPs are fetched from the provider and not filtered in code.
Closes #32090

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-19 09:06:35 -03:00
Michal Hajas
709165a90a
High availability guide updates (#32093)
* Remove connecting Infinispan to Keycloak building block
* Rephrase two sites restriction limitation
* Update the KCB generated yaml files for HA guide
* Remove setting number of owners to 1 for session caches as it is no longer necessary
* Add multi-site feature
* Remove histrograms and slos
* Replace stonith with fencing
* Switch for DG in community and product

Closes #31029

Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-19 13:29:11 +02:00
Václav Muzikář
cb418b0bfc
Upgrade to Quarkus 3.13.2 (#31678)
* Upgrade to Quarkus 3.13.2

Closes #31676

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Peter Zaoral <pzaoral@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2024-08-16 11:41:34 +02:00
Erik Jan de Wit
e85f25434f
added documentation on how use npm packages (#31426)
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-08-16 11:09:18 +02:00
Yoshiyuki Tabata
c7415de89f
Modify cnfc to cncf (#32174)
Signed-off-by: Yoshiyuki Tabata <yoshiyuki.tabata.jy@hitachi.com>
2024-08-16 09:26:01 +02:00
Michal Hajas
36ad5fb3bd
Remove information about online_user_session table
Closes #32178

Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
2024-08-16 09:23:14 +02:00
Stian Thorgersen
310824cc2b
Remove legacy cookies
Closes #16770

Signed-off-by: stianst <stianst@gmail.com>
Signed-off-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2024-08-15 15:27:38 +02:00
Yoshiyuki Tabata
cb6eb187ac Client Policy - Condition : Client - Client Attribute
Closes https://github.com/keycloak/keycloak/issues/31766

Signed-off-by: Yoshiyuki Tabata <yoshiyuki.tabata.jy@hitachi.com>
2024-08-14 09:56:56 +02:00
Alexander Schwartz
d4991ce56f Fix server guide cross-references for downstream docs
Closes #31947

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-13 14:51:01 -03:00
Martin Bartoš
3ff825807f Tracing - Configurable service name and resource attributes
Closes #32056

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2024-08-13 15:43:07 +02:00
Martin Bartoš
f0162db56f
Cache guide does not properly print cache-stack values (#31943)
* Cache guide does not properly print cache-stack values

Ability to choose expected values strict

Fixes #31941

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Add Javadoc

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Reflect non-strict values in docs

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Use 'or any' in docs for non-strict expected values

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Edit approved files for HelpCommandDistTest

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

---------

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2024-08-13 08:35:40 +00:00
Martin Bartoš
d17a48f8f8
Add docs for the OpenTelemetry tracing
Closes #31908

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
2024-08-13 08:46:48 +02:00
Pedro Ruivo
07c92c85cb Drop AuthenticatedClientSessionStore from user sessions
New entities for client and user sessions, more query friendly.
The client sessions are found using query instead of storing them in the
user session entity.
Remove of sessions by its field is done based on queries.

Closes #30934

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-08-12 20:35:50 +02:00
Steven Hawkins
ea3937f37c
fix: always replacing placeholders (#31871)
closes: #31625

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-08-12 16:20:47 +00:00
rmartinc
347f595913 Add ECDH-ES encyption algorithms to the java keystore key provider
Closes #32023

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-08-09 15:57:51 +02:00
Ryan Emerson
c0a51b94ea Update HA cache configurations to latest blueprint
Closes #31029

Signed-off-by: Ryan Emerson <remerson@redhat.com>
2024-08-07 19:06:14 +02:00
Pedro Igor
3ab2446074 Do not return identity providers when querying the realm representation
Closes #21072

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-08-07 10:06:51 -03:00
rmartinc
acbbfde4ab Adding upgrading notes for brute force changes
Closes #31960

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-08-07 14:38:30 +02:00
Ryan Emerson
31d610c2fc Upgrade to Infinispan 15.0.7.Final
Closes #31963

Signed-off-by: Ryan Emerson <remerson@redhat.com>
2024-08-07 13:32:23 +02:00
Ryan Emerson
db14ab1365
Refactor HA guide to refer to generic multi-site deployments
Old Active/Passive guides replaced with Active/Active architecture, but
A/P vs A/A distinction hidden from users in favour of generic multi-site
docs.

Closes #31029

Signed-off-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-07 08:22:59 +00:00
Tero Saarni
62fd969fe1
Allow requests from local IPv6 addresses
If administrator selects EXTERNAL for Require SSL setting, allow clear-text
HTTP requests when client is coming from IPv6 link-local or unique local
address (ULA).

Previously only private IPv4 addresses were allowed and private IPv6 addresses
were rejected.

Closes #30678

Signed-off-by: Tero Saarni <tero.saarni@est.tech>
2024-08-05 16:38:55 +02:00
rmartinc
942d5d0aa3 Convert chapter planning for securing applications and services to guides
Final removal of the securing_apps documentation
Final checks for links, order and other minor things
Closes #31328

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-08-01 16:45:56 +02:00
Giuseppe Graziano
adb2af442a
Move token exchange documentation to guides (#31707)
Closes #31334


Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
2024-07-30 21:04:05 +02:00
Giuseppe Graziano
a3c9944610
Move Keycloak JavaScript adapter to guides (#31751)
Closes #31695


Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
2024-07-30 18:39:33 +02:00
rmartinc
b07b120f2a Convert chapter client registration CLI from securing apps into guides
Closes #31333

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-07-30 18:30:46 +02:00
rmartinc
b2b27f8a4e Convert chapter client registration service from securing apps into guides
Closes #31332

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-07-30 18:30:46 +02:00
Giuseppe Graziano
e1266c2678 Move mod-auth-openidc.adoc to guides
Closes #31697

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
2024-07-30 18:23:40 +02:00
Peter Zaoral
07cfdac862
Document admin bootstrapping and recovery
Closes: #30011

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
2024-07-30 15:45:56 +02:00
Giuseppe Graziano
ca2b6dc754 Move Node.js adapter to guides
Closes #31696

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
2024-07-30 11:29:51 +02:00
Marek Posolda
5b52117351
Documentation for Delete Credential action and related changes (#31719)
closes #31718


Signed-off-by: mposolda <mposolda@gmail.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-07-30 10:05:14 +02:00
Giuseppe Graziano
c3019fb2d3
Move oidc documentation to guides (#31627)
Closes #31329

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
2024-07-30 09:46:14 +02:00
Steven Hawkins
6a91436746
enhance: add bootstrap admin handling to the operator (#31646)
switching to manual invocation of statefulset reconciliation

closes: #30004



* Update docs/guides/operator/advanced-configuration.adoc




* enhance: add bootstrap admin handling to the operator

closes: #30004



---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
2024-07-29 14:08:31 +02:00
Steven Hawkins
22f8e5cdf0
Added field to the RealmImport spec to replace environment variables within the realm import (#31232)
* Added field to the RealmImport spec to replace environment variables within the realm import

Closes #26470

Signed-off-by: stustison <scott.tustison@gmail.com>

* Added field to the RealmImport spec to replace environment variables within the realm import

Closes #26470

Signed-off-by: stustison <scott.tustison@gmail.com>

* testing refinement for placeholder handling

closes: #26470

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* changing from placeholdersecret to placeholder

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* Update docs/guides/operator/realm-import.adoc

Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>

* Update docs/documentation/release_notes/topics/26_0_0.adoc

Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>

---------

Signed-off-by: stustison <scott.tustison@gmail.com>
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: stustison <scott.tustison@gmail.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2024-07-29 11:16:09 +02:00
rmartinc
e97ffe7a32 Convert chapter docker registry from securing apps into guides
Closes #31331

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-07-26 15:39:51 +02:00
Alexander Schwartz
227c71f7f0
Persisting revoked access tokens
Closes #31296

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-07-26 11:46:14 +02:00
Václav Muzikář
6f62e6768c Revert "operator bootstrap admin handling (#30711)"
This reverts commit 3139b82e3c.
2024-07-26 10:02:13 +02:00