Commit graph

496 commits

Author SHA1 Message Date
Cédric Couralet
5f006b283a KEYCLOAK-8316 Add an option to ldap provider to trust emails on import
Signed-off-by: Cédric Couralet <cedric.couralet@insee.fr>
2019-10-04 16:28:02 +02:00
Felix Borchers
3d175dbe0c KEYCLOAK-11582 Fix ldap groups sync which fails when syncing back to MSAD (#6348)
* KEYCLOAK-11582 Fix sync which fails when syncing to MSAD
2019-10-03 20:13:12 +02:00
Sven-Torben Janus
1887d3b038 KEYCLOAK-10942 Incorporate comments from code review
see https://github.com/keycloak/keycloak/pull/6251/files#r325212980
2019-09-18 09:47:18 +02:00
Sven-Torben Janus
f261c43fab KEYCLOAK-10942 Support eDirectory GUID
Convert eDirectory GUID which is in binary format to a UUID in dashed
string format.
2019-09-18 09:47:18 +02:00
Jan Lieskovsky
7ab854fecf [KEYCLOAK-8253] When syncing flat (all groups being the top-level ones) structure
of LDAP groups from federation provider to Keycloak, perform the search if the
currently processed group already exists in Keycloak in log(N) time

Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2019-09-12 20:14:18 +02:00
Jan Lieskovsky
cfb225b499 [KEYCLOAK-8253] Improve the time complexity of LDAP groups synchronization
(in the direction from LDAP provider to Keycloak) from exponential to
linear time in the case of syncing flat LDAP groups structure

Add a corresponding test (intentionally configured as to be ignored
by CI/CD due to higher demand on time, required fo the test completion)

Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2019-09-12 09:54:13 +02:00
mhajas
9c2525ec1a KEYCLOAK-11245 Use transcription object for LDAP bindCredential 2019-09-09 19:39:53 +02:00
keycloak-bot
17e9832dc6 Set version to 8.0.0-SNAPSHOT 2019-07-19 19:05:03 +02:00
Sven-Torben Janus
c883c11e7e KEYCLOAK-10158 Use PEM cert as X.509 user identity
Allows to use the full PEM encoded X.509 certificate from client cert
authentication as a user identity. Also allows to validate that user's
identity against LDAP in PEM (String and binary format). In addition,
a new custom attribute mapper allows to validate against LDAP when
certificate is stored in DER format (binay, Octet-String).

KEYCLOAK-10158 Allow lookup of certs in binary adn DER format from LDAP
2019-07-08 11:58:26 +02:00
Ian Duffy
de0ee474dd Review feedback 2019-05-27 21:30:01 +02:00
Ian Duffy
54909d3ef4 [KEYCLOAK-10230] Support for LDAP with Start TLS
This commit sends the STARTTLS on LDAP 389 connections is specified.
STARTTLS doesn't work with connection pooling so connection pooling will
be disabled should TLS be enabled.
2019-05-27 21:30:01 +02:00
keycloak-bot
49d4e935cb Set version to 7.0.0-SNAPSHOT 2019-04-17 09:48:07 +01:00
rmartinc
a9a4e9daae KEYCLOAK-9884: "user-attribute-ldap-mapper" is not propagating the change of "username" (uid) attribute. 2019-03-27 19:07:51 +01:00
rmartinc
2602c222cd KEYCLOAK-4640: LDAP memberships are being replaced instead of being added or deleted 2019-03-14 18:40:15 +01:00
keycloak-bot
e843d84f6e Set version to 6.0.0-SNAPSHOT 2019-03-06 15:54:08 +01:00
stianst
e06c705ca8 Set version 5.0.0 2019-02-21 09:35:14 +01:00
mposolda
adc3017ff9 KEYCLOAK-8688 LDAPSyncTest is failing in some environments 2019-02-13 12:48:48 +01:00
stianst
7c9f15778a Set version to 4.8.3.Final 2019-01-09 20:39:30 +01:00
stianst
7c4890152c Set version to 4.8.2 2019-01-03 14:43:22 +01:00
Jonatas Esteves Silverio
0d9964c185 KEYCLOAK-7990 Use attribute name from config on LDAP group creation
Use CommonLDAPGroupMapperConfig.getMembershipLdapAttribute() instead of
constant LDAPConstants.MEMBER to honor the "membership.ldap.attribute"
config key when creating a LDAP group. This fixes an error when trying
to create a group on a DS server configured with a different member
attribute than the standard "member" (eg. 389ds).
2018-12-13 07:53:09 +01:00
mposolda
88141320ac KEYCLOAK-9002 StackOverflowError when reading LDAP-backed users via REST API 2018-12-07 12:25:05 +01:00
stianst
b674c0d4d9 Prepare for 4.8.0.Final 2018-12-04 13:54:25 +01:00
Pedro Igor
91637120ee [KEYCLOAK-5052] - LDAP group names containing / in the name violates SIBILING_NAME constraint in db 2018-11-23 08:48:08 -02:00
stianst
ecd476fb10 Prepare for 4.7.0.Final 2018-11-14 20:10:59 +01:00
vramik
7a96911a83 KEYCLOAK-8300 KEYCLOAK-8301 Wildfly 14 upgrade
Co-authored-by: Marek Posolda <mposolda@redhat.com>
2018-10-17 20:01:07 +02:00
stianst
c3fc9e9815 Set version to 4.6.0.Final-SNAPSHOT 2018-09-26 20:58:41 +02:00
stianst
1fb4ca4525 Set version to 4.5.0.Final 2018-09-06 20:08:02 +02:00
mposolda
575851d45c KEYCLOAK-6038 Kerberos cross-realm trust test 2018-08-10 13:31:36 +02:00
mposolda
959cd035ba Set version to 4.3.0.Final-SNAPSHOT 2018-08-01 22:40:05 +02:00
mposolda
d0a824dde4 Updating version to 4.2.0.Final-SNAPSHOT 2018-07-05 07:42:48 -04:00
Jean-Loup Maillet
af47bd5da8 corrected groups set to be able to add group & explicit imports 2018-06-26 13:30:44 +02:00
J-Loup
0ee5c97b1c Tooltip correction on group selection
Tooltip correction on group selection for hardcoded-ldap-group-mapper
2018-06-26 13:30:44 +02:00
Jean-Loup Maillet
d07f13eace hardcoded-ldap-group-mapper 2018-06-26 13:30:44 +02:00
stianst
e1a0e581b9 Update to 4.1.0.Final-SNAPSHOT 2018-06-14 14:22:28 +02:00
Rick van den Hof
2e22dcfc47 Add unit tests 2018-05-29 10:03:54 +02:00
Rick van den Hof
16fd6558a6 Enable adding of default groups 2018-05-29 10:03:54 +02:00
Stian Thorgersen
dbf5c395b0
Bump version to 4.0.0.Final (#5224) 2018-05-24 19:02:30 +02:00
Stian Thorgersen
90e5c7f3eb
Bump version to 4.0.0.Beta3-SNAPSHOT (#5185) 2018-05-02 14:32:20 +02:00
Lubos.Palisek
2bab2acf5b [KEYCLOAK-7239] Fixed ConcurrentModificationException while importing from LDAP with "ignoreMissingGroups" checked.
Fixed test so that now it checks this use case.
2018-04-26 18:54:00 +02:00
Ingo Bauersachs
5e4d173f1d KEYCLOAK-7194: avoid NullPointerException (#5157) 2018-04-20 09:24:12 +02:00
Douglas Palmer
cf056b3464 [KEYCLOAK-6069] Allow configuration of LDAP connection pooling 2018-04-06 20:27:11 +02:00
stianst
07fea02146 Bump versions to 4.0.0.Beta2-SNAPSHOT 2018-03-26 18:17:38 +02:00
stianst
0bedbb4dd3 Bump version to 4.0.0.CR1-SNAPSHOT 2017-12-21 15:06:00 +01:00
Hisanobu Okuda
3d0512efd8 KEYCLOAK-3842 SPNEGO: Support for multiple kerberos realms 2017-12-14 12:54:20 +01:00
mposolda
b793e42c53 KEYCLOAK-5017 Adding user to newly created group caused sync all groups to LDAP 2017-12-13 09:15:47 +01:00
stianst
37de8e9f69 Bump version to 3.4.2.Final-SNAPSHOT 2017-12-01 09:34:48 +01:00
mposolda
bd25040e22 KEYCLOAK-5827 Retrieve member attribute from LDAP on group/role queries just when necessary 2017-11-15 15:29:19 +01:00
mposolda
c4a1764801 KEYCLOAK-5836 More logging around LDAP performance. Added LdapManyObjectsInitializerCommand to easily add many users and groups to the LDAP 2017-11-15 15:29:19 +01:00
mposolda
0c414eee80 KEYCLOAK-5848 Possibility to configure different attribute for GET_GROUPS_FROM_USER_MEMBEROF_STRATEGY 2017-11-14 15:05:26 +01:00
Stian Thorgersen
128ff12f8f Bump versions 2017-11-09 15:37:21 +01:00
Bill Burke
54ebc21880 KEYCLOAK-5698 2017-10-19 19:38:56 -04:00
Stian Thorgersen
5421c862e0 KEYCLOAK-5551 (#4579) 2017-10-19 09:23:31 +02:00
Cédric Couralet
656fc5d7c0 KEYCLOAK-4052 - add an option to validate Password Policy for ldap user storage 2017-10-13 13:54:50 +02:00
Markus Heberling
79c51a6a80 KEYCLOAK-5510
Allow import of groups with missing subgroups.
2017-09-21 13:11:49 +02:00
Przemyslaw Kadej
5b1a761b0f KEYCLOAK-5453 - Empty RDNs makes Keycloak unstable 2017-09-12 13:28:35 +02:00
filipe lautert
f1628ab903 KEYCLOAK-5381 Implementation of method LDAPStorageProvider.searchForUserByUserAttribute and tests for it. 2017-08-31 16:13:03 -03:00
Stian Thorgersen
463661b051 Set version to 3.4.0.CR1-SNAPSHOT 2017-08-28 15:46:22 +02:00
mposolda
07e2136b3b KEYCLOAK-4187 Added UserSession support for cross-dc 2017-07-27 22:32:58 +02:00
Stian Thorgersen
454c5f4d83 Set version to 3.3.0.CR1-SNAPSHOT 2017-06-30 09:47:11 +02:00
mposolda
e91dd011c5 KEYCLOAK-4438 Disable kerberos flow when provider removed 2017-06-21 09:38:20 +02:00
mposolda
8adde64e2c KEYCLOAK-4016 Provide a Link to go Back to The Application on a Timeout 2017-05-23 09:08:58 +02:00
Stian Thorgersen
87dedb56e5 Set version to 3.2.0.CR1-SNAPSHOT 2017-04-27 14:23:03 +02:00
Stian Thorgersen
54ee055bd8 KEYCLOAK-4671 Add server-private-spi to dependency deployer 2017-04-25 10:16:24 +02:00
Stian Thorgersen
a87ee04024 Bump to 3.1.0.CR1-SNAPSHOT 2017-03-16 14:21:40 +01:00
mposolda
091b376624 KEYCLOAK-1590 Realm import per test class 2017-03-01 09:38:44 +01:00
mposolda
098d8e915d KEYCLOAK-4433 Added HardcodedLDAPAttributeMapper 2017-02-21 08:29:57 +01:00
Bill Burke
c3e72b11db KEYCLOAK-4382 2017-02-13 10:51:10 -05:00
Bill Burke
d9633dc20c Merge remote-tracking branch 'upstream/master' 2017-02-09 09:13:00 -05:00
Bill Burke
cf5e2a1d20 unlink/remoteimported 2017-02-08 19:48:22 -05:00
Bill Burke
f128be9b31 LDAP No-Import 2017-02-04 10:29:34 -05:00
mposolda
73cad40fb7 KEYCLOAK-4364 Fix OpenLDAP issue with renaming DN 2017-02-02 22:21:29 +01:00
Bill Burke
79dede8e78 KEYCLOAK-4363 2017-02-01 10:19:15 -05:00
Stian Thorgersen
6f22f88d85 Bump version to 3.0.0.CR1 2017-01-26 06:18:11 +01:00
mposolda
57127f39d0 KEYCLOAK-4269 2017-01-23 13:36:54 +01:00
mposolda
39f8311484 KEYCLOAK-2403 Cannot create user in LDAP/AD from Keycloak using Full Name User Federation Mapper 2017-01-20 21:08:26 +01:00
mposolda
3444fb62f1 KEYCLOAK-4266 MSAD: User is disabled after registration 2017-01-19 21:32:10 +01:00
Stian Thorgersen
86988833e9 Merge pull request #3761 from abstractj/KEYCLOAK-4207
[KEYCLOAK-4207] SSSD Provider - NullPointerException when mail attribute is not filled
2017-01-18 08:41:36 +01:00
mposolda
843b4b470b KEYCLOAK-2333 LDAP/MSAD password policies are not used when user changes password 2017-01-17 21:06:09 +01:00
Bruno Oliveira
9fb46a7b1c [KEYCLOAK-4207] SSSD Provider - NullPointerException when mail attribute is not filled 2017-01-13 17:35:55 -02:00
Marek Posolda
227900f288 Merge pull request #3731 from mposolda/master
KEYCLOAK-4175 Provide a way to set the connect and read timeout for l…
2017-01-10 09:49:18 +01:00
Stian Thorgersen
7eeebff874 Merge pull request #3720 from hmlnarik/KEYCLOAK-4091-Possible-NullPointerExceptions-with-disabled-cache
KEYCLOAK-4091 Prevent NPE with disabled cache
2017-01-10 06:23:10 +01:00
mposolda
c32620b718 KEYCLOAK-4175 Provide a way to set the connect and read timeout for ldap connections 2017-01-09 21:35:58 +01:00
mposolda
14669dfbc5 KEYCLOAK-4178 Bad error message when kerberos provider unavailable 2017-01-09 16:56:58 +01:00
mposolda
a09bc6520f KEYCLOAK-2888 KEYCLOAK-3927 Fully migrate kerberos tests to the new testsuite 2017-01-09 13:50:41 +01:00
Hynek Mlnarik
377fbced4a KEYCLOAK-4091 Prevent NPE with disabled cache 2017-01-06 10:00:11 +01:00
Stian Thorgersen
e805ffd945 Bump version to 2.5.1.Final-SNAPSHOT 2016-12-22 08:22:18 +01:00
mposolda
4b6df5d489 LDAP polishing 2016-12-19 18:11:23 +01:00
mposolda
ac00f7fee2 KEYCLOAK-4087 LDAP group mapping should be possible via uidNumber in memberUid mode 2016-12-19 16:27:57 +01:00
Marek Posolda
c6363aa146 Merge pull request #3630 from sldab/duplicate-email-support
KEYCLOAK-4059 Support for duplicate emails
2016-12-19 15:37:18 +01:00
Slawomir Dabek
93cec9b3ee KEYCLOAK-4059 Support for duplicate emails 2016-12-19 10:55:12 +01:00
Bruno Oliveira
3b3b219a86 [KEYCLOAK-4085] SSSD federation provider should load libunix from alternative paths 2016-12-16 18:19:47 -02:00
Bruno Oliveira
3f2e9c3592 [KEYCLOAK-4083] SSSD Federation is only enabled with superuser permissions 2016-12-16 17:31:24 -02:00
mposolda
7453e96f5c KEYCLOAK-2397 LDAP_ENTRY_DN attribute in LDAP user storage is not updated on changes in LDAP 2016-12-15 21:12:29 +01:00
mposolda
40216b5e7d KEYCLOAK-3921 LDAP binary attributes 2016-12-13 18:31:26 +01:00
mposolda
79c1650c15 KEYCLOAK-2545 KEYCLOAK-3668 KEYCLOAK-3247 LDAP escaping 2016-12-12 13:09:14 +01:00
Bill Burke
1f0600044a KEYCLOAK-3967 2016-12-08 19:29:02 -05:00
mposolda
e7f6c780e2 KEYCLOAK-4058 Improve LDAPStorageMapper and remove LDAPStorageMapperBridge 2016-12-08 18:35:56 +01:00
mposolda
ba51640c61 KEYCLOAK-4042 Better error message when failed updating MSAD password in account mgmt 2016-12-06 11:07:28 +01:00
Marek Posolda
6b1020ec34 Merge pull request #3602 from sldab/fix-model-duplicate-exception
KEYCLOAK-4028 Fix ModelDuplicateException when logging in with updated email address
2016-12-06 10:21:55 +01:00
Slawomir Dabek
45fd114143 KEYCLOAK-4028 Fix ModelDuplicateException when logging in with updated email address 2016-12-05 15:44:22 +01:00
Bill Burke
3bc721720f Merge pull request #3580 from abstractj/KEYCLOAK-3970
[KEYCLOAK-3970] - SSSD testsuite is broken
2016-12-03 13:37:48 -05:00
Bill Burke
8fd7091068 KEYCLOAK-3986 2016-12-03 09:33:52 -05:00
Bill Burke
ce50b0ed29 Merge remote-tracking branch 'upstream/master' 2016-12-02 19:26:34 -05:00
Bill Burke
e88af874ca finish 2016-12-02 19:25:17 -05:00
Marek Posolda
458ca8a7ee Merge pull request #3578 from sldab/msadlds
KEYCLOAK-4009 Compatibility with AD LDS
2016-12-02 17:50:21 +01:00
Slawomir Dabek
b2f0acfe26 KEYCLOAK-4009 Compatibility with AD LDS 2016-12-02 14:43:42 +01:00
Bruno Oliveira
dc6e869c64 [KEYCLOAK-3970] - SSSD testsuite is broken 2016-12-01 15:40:53 -02:00
Stian Thorgersen
b771b84f56 Bump to 2.5.0.Final-SNAPSHOT 2016-11-30 15:44:51 +01:00
Bill Burke
9e50a45b4c UserBulkUpdateProvider interface 2016-11-29 18:43:22 -05:00
Bill Burke
ccbd8e8c70 remove User Fed SPI 2016-11-23 16:06:44 -05:00
Bill Burke
045d6ef1d0 Merge remote-tracking branch 'upstream/master' 2016-11-22 11:28:09 -05:00
Stian Thorgersen
6ec82865d3 Bump version to 2.4.1.Final-SNAPSHOT 2016-11-22 14:56:21 +01:00
Bill Burke
a3cb3730b4 sssd port 2016-11-21 17:24:55 -05:00
Bill Burke
798fd84698 Merge remote-tracking branch 'upstream/master' 2016-11-21 11:33:52 -05:00
Bill Burke
19575b2c8f port kerberos 2016-11-21 11:33:44 -05:00
Bruno Oliveira
8a0cb507c5 [KEYCLOAK-3913] - Native libraries included within SSSD jar
- Revert "[KEYCLOAK-3580] - Migrate DBus Java from Unix Socket C library to jnr-unixsocket"
    This reverts commit 6c5d1b9214.
  - Use JNA RPM, instead of Maven
2016-11-16 09:14:05 -02:00
Bill Burke
8794416241 fix db2 2016-11-14 16:22:30 -05:00
Bill Burke
f471ad46c9 fix server-private spi changes 2016-11-14 15:28:08 -05:00
Bill Burke
39ffd3d756 fix pom 2016-11-14 15:15:20 -05:00
Bill Burke
7666387277 rename directory 2016-11-14 15:10:35 -05:00
Bill Burke
cc0eb47814 merge 2016-11-14 15:09:41 -05:00
Bill Burke
c280634bfa fix tests 2016-11-14 15:06:17 -05:00
Bruno Oliveira
b612415a88 [KEYCLOAK-3900] - SSSD Provider: NullPointerException when SSSD is stopped 2016-11-14 16:04:18 -02:00
Stian Thorgersen
7e33f4a7d1 KEYCLOAK-3882 Split server-spi into server-spi and server-spi-private 2016-11-10 13:28:42 +01:00
Bill Burke
4880c0443c ldap port admin console 2016-11-08 12:30:20 -05:00
Bill Burke
5a86623c88 merge 2016-11-06 08:52:10 -05:00
Bill Burke
14dc0ff92f Merge remote-tracking branch 'upstream/master' 2016-11-05 20:05:01 -04:00
Bill Burke
4302b440ee ldap port 2016-11-05 20:04:53 -04:00
Bill Burke
c75dcb90c2 ldap port 2016-11-04 21:25:47 -04:00
Bruno Oliveira
6c5d1b9214 [KEYCLOAK-3580] - Migrate DBus Java from Unix Socket C library to jnr-unixsocket 2016-11-03 10:25:45 -02:00
Bill Burke
73e3f2a89b REST API for disable cred type 2016-10-26 15:48:45 -04:00
Stian Thorgersen
c615674cbb Bump version 2016-10-21 07:03:15 +02:00
Marek Posolda
940237ee78 Merge pull request #3304 from hmlnarik/KEYCLOAK-2964
KEYCLOAK-2964 - Fix groups not applied for authentication of admin operations
2016-10-18 14:50:12 +02:00
mposolda
00879b39b7 KEYCLOAK-3719 Add 'options' to ProviderConfigProperty and use it for 'List' type instead of defaultValue 2016-10-17 21:34:21 +02:00
Hynek Mlnarik
03cf9bad2e KEYCLOAK-2964 - Fix groups not applied for authentication of admin operations 2016-10-11 15:21:38 +02:00
Stian Thorgersen
7d038e72c9 Merge pull request #3272 from abstractj/KEYCLOAK-3638
KEYCLOAK-3638: UnixUserTest will fails on Windows
2016-10-03 13:19:11 +02:00
Bruno Oliveira
5093dd94e2
KEYCLOAK-3638: UnixUserTest will fails on Windows 2016-09-30 08:19:56 -03:00
Bill Burke
8967ca4066 refactor mongo entities, optimize imports 2016-09-28 15:25:39 -04:00
Bill Burke
ecc104719d bump pom version 2016-09-26 11:01:18 -04:00
Bill Burke
8e65356891 creds 2016-09-22 19:57:39 -04:00
Bill Burke
7209a95dce credential refactoring 2016-09-22 08:34:45 -04:00
Bruno Oliveira
4b1b3a0dda Add Maven Shade for JNA 2016-09-16 18:19:17 -03:00
Stian Thorgersen
ccb9433e5c KEYCLOAK-3535 Tweak logging for SSSD 2016-09-09 11:32:06 +02:00
Stian Thorgersen
1630b9a20c Merge pull request #3220 from abstractj/KEYCLOAK-3535
KEYCLOAK-3535 - Check if SSSD is available via DBUS
2016-09-09 08:15:11 +02:00
Bruno Oliveira
11245701d2 Check if SSSD is available via DBUS 2016-09-08 16:01:45 -03:00
Bill Burke
3b9a6b32e1 Revert "Revert "KEYCLOAK-3440""
This reverts commit 01e48dc4b8.
2016-09-07 23:41:32 -04:00
Bill Burke
01e48dc4b8 Revert "KEYCLOAK-3440" 2016-09-07 23:17:35 -04:00
Bill Burke
3f35234cf5 Merge remote-tracking branch 'upstream/master' 2016-09-07 23:11:38 -04:00
Bill Burke
da135389c7 KEYCLOAK-3440 2016-09-07 23:11:28 -04:00
Bruno Oliveira
1b2a5eda32
Initial FreeIPA Integration
- Provide username/password authentication with PAM
  - Obtain user data from SSSD
  - Feature packs for dbus-java, libpam4j and SSSD API
  - Provisioning script
2016-09-06 18:04:43 -03:00
mposolda
d52e043322 Set version to 2.2.0-SNAPSHOT 2016-08-10 08:57:18 +02:00
Bill Burke
09693eb108 component model 2016-08-02 05:48:57 +02:00
Bill Burke
b224917fc5 bump version 2016-06-30 17:17:53 -04:00
mposolda
df1c111a72 KEYCLOAK-2811 FederationProvidersIntegrationTest.testReadOnly failing on MSAD 2016-04-13 12:40:39 +02:00
mposolda
5d7b549323 Fix LDAPGroupMapperTest with MSAD and Mongo 2016-04-01 10:44:35 +02:00
mposolda
7ffd6dc7a7 KEYCLOAK-2696 Unexpected error when trying to delete role mappings from read-only LDAP role mapper 2016-03-22 13:03:49 +01:00
mposolda
4a06d7590e KEYCLOAK-2682 NPE when LDAP groups points to non-existent user 2016-03-22 13:03:48 +01:00
Marek Posolda
d285721063 Merge pull request #2383 from ratcashdev/master
Fix when importing empty uniqueMember attributes
2016-03-18 12:18:02 +01:00
ratcashdev
13d2f872ff KEYCLOAK-2679: Fix when importing empty uniqueMember attributes 2016-03-18 09:55:35 +01:00
mposolda
23aa490c72 KEYCLOAK-2634 Better error reporting if password update failed due to MSAD password policy 2016-03-14 13:36:20 +01:00
mposolda
e24ce91e81 KEYCLOAK-2659 Allow sync all roles even if there are more than 1000 2016-03-14 09:39:22 +01:00
mposolda
2d188068c4 KEYCLOAK-2644 Delete user with a READ_ONLY LDAP federation provider just from Keycloak DB 2016-03-14 09:39:14 +01:00
mposolda
1142ed5583 KEYCLOAK-2655 Support of lazy sync LDAP groups, which user is member of 2016-03-11 22:33:03 +01:00
mposolda
85ccd64e01 KEYCLOAK-2643 Added write-only property to LDAP full-name attribute mapper 2016-03-11 22:32:55 +01:00
mposolda
73c3534e7a KEYCLOAK-2629 LDAP Federation provider - input fields validation 2016-03-11 22:32:45 +01:00
mposolda
c6a7d0b772 KEYCLOAK-2640 LDAP group sync does not sync more than 1000 groups 2016-03-11 22:32:35 +01:00
Stian Thorgersen
28fe13a800 Next is 2.0.0.CR1 2016-03-10 08:13:00 +01:00
Stian Thorgersen
d722e53108 Next is 1.9.2.Final 2016-03-10 07:28:27 +01:00
mposolda
8d21cfc234 KEYCLOAK-2583 Synchronize users after creating ldap federation provider 2016-03-07 23:19:43 +01:00
mposolda
7f32ce810a KEYCLOAK-1928 Kerberos working with IBM JDK 2016-02-26 09:16:39 +01:00
Stian Thorgersen
a1d9753ec2 Next is 1.9.1.Final-SNAPSHOT 2016-02-23 08:48:26 +01:00
Stian Thorgersen
4fd97091ff Version bump to 2.0.0.CR1-SNAPSHOT 2016-02-22 11:36:56 +01:00
mposolda
daca6d7062 KEYCLOAK-2505 Keystore configuration is not honored for LDAP over SSL connections 2016-02-19 18:02:39 +01:00
mposolda
706d4fc01c KEYCLOAK-2507 All LDAP special DN characters should be escaped in LDAPDn 2016-02-19 14:54:33 +01:00
Stian Thorgersen
579ab56a5a Bump version to 1.9.0.Final-SNAPSHOT 2016-02-04 15:55:11 +01:00
Stian Thorgersen
c7a8742a36 KEYCLOAK-1524
Source code headers
2016-02-03 11:20:22 +01:00
mposolda
db76655717 KEYCLOAK-2431 Ensure users removed through UserManager to properly invoke callbacks. Make UserSessionPersister implementations more resistent when user was not properly removed 2016-02-03 10:16:39 +01:00
George Kankava
e937dda556 squid:LowerCaseLongSuffixCheck - Long suffix "L" should be upper case 2016-01-28 19:06:41 +04:00
mposolda
506194fb7f KEYCLOAK-2379 Fix possible error during sycnchronization changed users with Active Directory 2016-01-26 10:43:17 +01:00
Bill Burke
b93d55cb63 remove model-api, add server-spi 2016-01-15 18:44:17 -05:00
Stian Thorgersen
0193c696ab Version bump 2016-01-13 09:20:38 +01:00
Marko Strukelj
80e2b8eb39 KEYCLOAK-1717 Truststore SPI and file provider 2016-01-10 12:39:30 +01:00
mposolda
658f204d92 Documentation for new LDAP mappers 2016-01-05 18:50:54 +01:00
mposolda
b6718b44a1 KEYCLOAK-2178 KEYCLOAK-1744 Added MSADUserAccountControlMapper. Removing enableUserAccountControlAfterPasswordUpdate option 2016-01-05 12:11:48 +01:00
mposolda
41d22986d5 KEYCLOAK-1899 Added HardcodedLDAPRoleMapper 2015-12-22 16:22:02 +01:00
mposolda
0c293089c3 KEYCLOAK-2154 Group mapper fixes 2015-12-22 12:32:37 +01:00
mposolda
20548b402d Separate package for LDAP tests 2015-12-22 09:35:53 +01:00
mposolda
1747e0981f KEYCLOAK-2154 Added Group mapper for LDAP. LDAP mappers improvements and fixes 2015-12-22 08:54:09 +01:00
mposolda
0d52e4e6c5 Added sync support to UserFederationMapper 2015-12-16 13:52:11 +01:00
mposolda
358c273d39 KEYCLOAK-2227 Added UserRolesRetrieveStrategy. Possibility to read user role mappings through 'memberOf' attribute 2015-12-16 13:52:11 +01:00
mposolda
215d59b1e5 KEYCLOAK-2053 Memberships based on memberUid like attribute 2015-12-16 13:52:11 +01:00
mposolda
06a55419f1 KEYCLOAK-1906 Customized LDAP filter. LDAP conditions improvements 2015-12-14 13:55:11 +01:00
Stian Thorgersen
ff806eae08 Version bump 2015-12-01 19:54:28 +01:00
Markus Backes
1bd9b18803 treat principal name case insensitive
* Kerberos login with active directory failed with invalid username or password because AD treats principal names in a case insensitive way (https://ssimo.org/blog/id_016.html)
2015-11-17 09:32:14 +01:00
Bill Burke
33ac048c8c resolve conflicts 2015-11-11 18:06:39 -05:00
mposolda
adbf2b22ad KEYCLOAK-1750 Improve first time login with social. Added 'first broker login' flow 2015-11-09 10:34:55 +01:00
Bill Burke
d896800ec6 groups initial 2015-10-29 16:33:02 -04:00
Stian Thorgersen
3f8312427a Version bump 2015-10-19 16:15:29 +02:00
mposolda
4587fd23b6 KEYCLOAK-1929 Change package names. Fix Fuse demo 2015-10-16 16:30:42 +02:00
Michal Drela
a1bb202bd4 Customized LDAP filter 2015-10-06 10:01:29 +02:00
mposolda
4f6d3c8dca KEYCLOAK-1815 Reduce info logging 2015-09-30 16:35:56 +02:00
Stian Thorgersen
75c0d5089f KEYCLOAK-1878
Add Base64 to Keycloak core
2015-09-25 07:02:25 +02:00
Marko Strukelj
95967b9c79 KEYCLOAK-1852 Improve Kerberos example documentation and user experience 2015-09-16 12:22:56 +02:00
Stian Thorgersen
3fd4d23bed Version bump 2015-09-09 11:27:21 +02:00
mposolda
6225ccfc06 KEYCLOAK-1826 2015-09-08 21:00:42 +02:00
mposolda
6318964374 KEYCLOAK-1802 2015-09-04 12:21:45 +02:00
mposolda
87f7ec5909 KEYCLOAK-1561 LDAPDn.getParentDn() return value is not a DN 2015-08-21 08:26:12 +02:00
mposolda
7474a31d95 KEYCLOAK-1562 better error reporting when missing UUID on ldap user record 2015-08-04 13:21:09 +02:00
mposolda
a0197bc9da KEYCLOAK-1728 NPE during LDAP sync when some LDAP user doesn't have username 2015-08-04 13:21:09 +02:00
Stian Thorgersen
f3bfb06dec Version bump 2015-07-28 10:20:40 +02:00
mposolda
5203373047 Fix JPA UserSession provider and MySQL 2015-07-24 20:39:39 +02:00
mposolda
ce1a19fdbe KEYCLOAK-1693 Added test and possibility to create users with dot in username 2015-07-24 09:33:16 +02:00
Dylan Plecki
ceb29d76b2 Fix regression in RegEx statements 2015-07-23 14:49:03 -05:00
Dylan Plecki
6efb354cce Fix LDAP DN component matching with negative lookbehind RegEx 2015-07-23 14:48:56 -05:00
Dylan Plecki
8ae242a6ed Fix LDAP RDN resolution based on unescaped comma split 2015-07-23 14:48:48 -05:00
mposolda
c71a4ac4e8 KEYCLOAK-1545 KEYCLOAK-1551 Ensure that username and email are always saved to DB lowercased 2015-07-21 08:26:16 +02:00
mposolda
38c7ca64cb KEYCLOAK-1571 Error when the value of UUID LDAP attribute is the same of the Username LDAP attribute 2015-07-21 08:26:16 +02:00
Stian Thorgersen
1642ac2394 KEYCLOAK-1385 Introduce end-of-line normalization 2015-07-17 13:46:51 +02:00
mposolda
bde65a6c57 KEYCLOAK-1533 Handle importing LDAP user with duplicate email during authentication 2015-07-08 20:41:32 +02:00
mposolda
71ea61e7a6 KEYCLOAK-1532 LDAP sync fixes and other bugfixing 2015-07-04 22:25:47 +02:00
mposolda
09994d1730 KEYCLOAK-1487 Support for multiple values of one UserModel attribute. LDAP multivalued attribute support 2015-06-29 14:56:40 +02:00
mposolda
23445123a2 KEYCLOAK-1490 Possibility to always read user attribute values from LDAP 2015-06-26 14:06:31 +02:00
mposolda
773bb43b41 KEYCLOAK-1487 Fix LDAP case-sensitivity. Show warning in case of duplicate username 2015-06-25 19:27:22 +02:00
Stian Thorgersen
38c1945ce4 Bump version 2015-06-12 14:35:34 +02:00
mposolda
80ff7b92db KEYCLOAK-886 Reduce some LDAP info logging to trace and debug 2015-06-08 19:23:32 +02:00
mposolda
0af68d28f1 KEYCLOAK-1357 LDAP migration 2015-06-08 12:29:24 +02:00
mposolda
0092d9f74d Mongo fixes & few other fixes 2015-06-05 17:52:56 +02:00
mposolda
5b40031251 KEYCLOAK-1359 more Active Directory fixes 2015-06-05 11:32:29 +02:00
mposolda
c3eb6df220 KEYCLOAK-1359 LDAP & Active directory fixes and improvements 2015-06-04 20:15:44 +02:00
mposolda
31d0365e85 KEYCLOAK-1359 More LDAP fixes 2015-06-03 19:57:11 +02:00
mposolda
a34cb92fc1 KEYCLOAK-1359 Fix testsuite with OpenLDAP, Other LDAP fixes 2015-06-03 18:44:23 +02:00
mposolda
496062ef0c KEYCLOAK-1359 LDAP tests update 2015-06-03 14:54:14 +02:00
mposolda
f57ab78916 KEYCLOAK-886 LDAP: Fixes and improvements 2015-06-01 17:38:34 +02:00
mposolda
e83de896c9 LDAP fixes + added authType to UI to allow users specify authType 2015-05-28 19:54:15 +02:00
mposolda
98dd87efbc Added ProviderConfigProperty.CLIENT_LIST and refactor role federation mapper to use it 2015-05-28 12:28:26 +02:00
mposolda
dfe232cf80 KEYCLOAK-886 User Federation Mappers - admin console 2015-05-26 17:48:52 +02:00
mposolda
319f86e91a KEYCLOAK-886 Admin console - step 1 2015-05-22 21:09:55 +02:00
mposolda
490b3e3603 KEYCLOAK-886 Added builtin federation mappers when creating new LDAP Federation model. Testsuite passing 2015-05-22 21:09:55 +02:00
mposolda
7476ee51e4 KEYCLOAK-886 Model and representations for UserFederationMappers 2015-05-22 21:09:50 +02:00
mposolda
a9f1fda68a KEYCLOAK-630 Added Role Federation mapper. Fixes and refactoring 2015-05-22 21:08:33 +02:00
mposolda
975337f225 KEYCLOAK-1300 Added FullNameLDAPFederationMapper 2015-05-22 21:08:21 +02:00
mposolda
1490f106f2 KEYCLOAK-599 Added UserFederationMappers. Added UserAttributeLDAPFederationMapper 2015-05-22 21:07:32 +02:00
mposolda
61c35265a6 KEYCLOAK-826 Show count of created/updated users during federation sync 2015-05-22 21:06:38 +02:00
mposolda
0f4497e53e Remove user from KC after removing from federation 2015-05-22 21:06:38 +02:00
Stian Thorgersen
4e0a32a37a Version bump 2015-05-22 09:04:30 +02:00
mposolda
91eb80beb0 Minor improvements 2015-05-07 20:07:30 +02:00
Stian Thorgersen
035529d7a2 Version bump 2015-05-05 11:45:21 +02:00
Stian Thorgersen
e17105cc8e Updated distribution and cleaning of maven modules 2015-04-23 11:15:05 +02:00
fiorenzo pizza
e32d7c52fc first commit 2015-04-16 12:47:17 +02:00
mposolda
eb5ae4aae9 KEYCLOAK-1007 Fork Picketlink LDAP code. Remove picketlink dependencies from LDAP Federation provider 2015-04-08 22:04:02 +02:00