libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
12621 commits 4 branches 5 tags 480 MiB
Commit graph

338 commits

Author SHA1 Message Date
Sven-Torben Janus
c883c11e7e KEYCLOAK-10158 Use PEM cert as X.509 user identity 
Allows to use the full PEM encoded X.509 certificate from client cert
authentication as a user identity. Also allows to validate that user's
identity against LDAP in PEM (String and binary format). In addition,
a new custom attribute mapper allows to validate against LDAP when
certificate is stored in DER format (binay, Octet-String).

KEYCLOAK-10158 Allow lookup of certs in binary adn DER format from LDAP
 2019-07-08 11:58:26 +02:00
Ian Duffy
de0ee474dd Review feedback 2019-05-27 21:30:01 +02:00
Ian Duffy
54909d3ef4 [KEYCLOAK-10230] Support for LDAP with Start TLS 
This commit sends the STARTTLS on LDAP 389 connections is specified.
STARTTLS doesn't work with connection pooling so connection pooling will
be disabled should TLS be enabled.
 2019-05-27 21:30:01 +02:00
keycloak-bot
49d4e935cb Set version to 7.0.0-SNAPSHOT 2019-04-17 09:48:07 +01:00
rmartinc
a9a4e9daae KEYCLOAK-9884: "user-attribute-ldap-mapper" is not propagating the change of "username" (uid) attribute. 2019-03-27 19:07:51 +01:00
rmartinc
2602c222cd KEYCLOAK-4640: LDAP memberships are being replaced instead of being added or deleted 2019-03-14 18:40:15 +01:00
keycloak-bot
e843d84f6e Set version to 6.0.0-SNAPSHOT 2019-03-06 15:54:08 +01:00
stianst
e06c705ca8 Set version 5.0.0 2019-02-21 09:35:14 +01:00
mposolda
adc3017ff9 KEYCLOAK-8688 LDAPSyncTest is failing in some environments 2019-02-13 12:48:48 +01:00
stianst
7c9f15778a Set version to 4.8.3.Final 2019-01-09 20:39:30 +01:00
stianst
7c4890152c Set version to 4.8.2 2019-01-03 14:43:22 +01:00
Jonatas Esteves Silverio
0d9964c185 KEYCLOAK-7990 Use attribute name from config on LDAP group creation 
Use CommonLDAPGroupMapperConfig.getMembershipLdapAttribute() instead of
constant LDAPConstants.MEMBER to honor the "membership.ldap.attribute"
config key when creating a LDAP group. This fixes an error when trying
to create a group on a DS server configured with a different member
attribute than the standard "member" (eg. 389ds).
 2018-12-13 07:53:09 +01:00
mposolda
88141320ac KEYCLOAK-9002 StackOverflowError when reading LDAP-backed users via REST API 2018-12-07 12:25:05 +01:00
stianst
b674c0d4d9 Prepare for 4.8.0.Final 2018-12-04 13:54:25 +01:00
Pedro Igor
91637120ee [KEYCLOAK-5052] - LDAP group names containing / in the name violates SIBILING_NAME constraint in db 2018-11-23 08:48:08 -02:00
stianst
ecd476fb10 Prepare for 4.7.0.Final 2018-11-14 20:10:59 +01:00
vramik
7a96911a83 KEYCLOAK-8300 KEYCLOAK-8301 Wildfly 14 upgrade 
Co-authored-by: Marek Posolda <mposolda@redhat.com>
 2018-10-17 20:01:07 +02:00
stianst
c3fc9e9815 Set version to 4.6.0.Final-SNAPSHOT 2018-09-26 20:58:41 +02:00
stianst
1fb4ca4525 Set version to 4.5.0.Final 2018-09-06 20:08:02 +02:00
mposolda
575851d45c KEYCLOAK-6038 Kerberos cross-realm trust test 2018-08-10 13:31:36 +02:00
mposolda
959cd035ba Set version to 4.3.0.Final-SNAPSHOT 2018-08-01 22:40:05 +02:00
mposolda
d0a824dde4 Updating version to 4.2.0.Final-SNAPSHOT 2018-07-05 07:42:48 -04:00
Jean-Loup Maillet
af47bd5da8 corrected groups set to be able to add group & explicit imports 2018-06-26 13:30:44 +02:00
J-Loup
0ee5c97b1c Tooltip correction on group selection 
Tooltip correction on group selection for hardcoded-ldap-group-mapper
 2018-06-26 13:30:44 +02:00
Jean-Loup Maillet
d07f13eace hardcoded-ldap-group-mapper 2018-06-26 13:30:44 +02:00
stianst
e1a0e581b9 Update to 4.1.0.Final-SNAPSHOT 2018-06-14 14:22:28 +02:00
Rick van den Hof
2e22dcfc47 Add unit tests 2018-05-29 10:03:54 +02:00
Rick van den Hof
16fd6558a6 Enable adding of default groups 2018-05-29 10:03:54 +02:00
Stian Thorgersen
dbf5c395b0
Bump version to 4.0.0.Final (#5224) 2018-05-24 19:02:30 +02:00
Stian Thorgersen
90e5c7f3eb
Bump version to 4.0.0.Beta3-SNAPSHOT (#5185) 2018-05-02 14:32:20 +02:00
Lubos.Palisek
2bab2acf5b [KEYCLOAK-7239] Fixed ConcurrentModificationException while importing from LDAP with "ignoreMissingGroups" checked. 
Fixed test so that now it checks this use case.
 2018-04-26 18:54:00 +02:00
Ingo Bauersachs
5e4d173f1d KEYCLOAK-7194: avoid NullPointerException (#5157) 2018-04-20 09:24:12 +02:00
Douglas Palmer
cf056b3464 [KEYCLOAK-6069] Allow configuration of LDAP connection pooling 2018-04-06 20:27:11 +02:00
stianst
07fea02146 Bump versions to 4.0.0.Beta2-SNAPSHOT 2018-03-26 18:17:38 +02:00
stianst
0bedbb4dd3 Bump version to 4.0.0.CR1-SNAPSHOT 2017-12-21 15:06:00 +01:00
Hisanobu Okuda
3d0512efd8 KEYCLOAK-3842 SPNEGO: Support for multiple kerberos realms 2017-12-14 12:54:20 +01:00
mposolda
b793e42c53 KEYCLOAK-5017 Adding user to newly created group caused sync all groups to LDAP 2017-12-13 09:15:47 +01:00
stianst
37de8e9f69 Bump version to 3.4.2.Final-SNAPSHOT 2017-12-01 09:34:48 +01:00
mposolda
bd25040e22 KEYCLOAK-5827 Retrieve member attribute from LDAP on group/role queries just when necessary 2017-11-15 15:29:19 +01:00
mposolda
c4a1764801 KEYCLOAK-5836 More logging around LDAP performance. Added LdapManyObjectsInitializerCommand to easily add many users and groups to the LDAP 2017-11-15 15:29:19 +01:00
mposolda
0c414eee80 KEYCLOAK-5848 Possibility to configure different attribute for GET_GROUPS_FROM_USER_MEMBEROF_STRATEGY 2017-11-14 15:05:26 +01:00
Stian Thorgersen
128ff12f8f Bump versions 2017-11-09 15:37:21 +01:00
Bill Burke
54ebc21880 KEYCLOAK-5698 2017-10-19 19:38:56 -04:00
Stian Thorgersen
5421c862e0 KEYCLOAK-5551 (#4579) 2017-10-19 09:23:31 +02:00
Cédric Couralet
656fc5d7c0 KEYCLOAK-4052 - add an option to validate Password Policy for ldap user storage 2017-10-13 13:54:50 +02:00
Markus Heberling
79c51a6a80 KEYCLOAK-5510 
Allow import of groups with missing subgroups.
 2017-09-21 13:11:49 +02:00
Przemyslaw Kadej
5b1a761b0f KEYCLOAK-5453 - Empty RDNs makes Keycloak unstable 2017-09-12 13:28:35 +02:00
filipe lautert
f1628ab903 KEYCLOAK-5381 Implementation of method LDAPStorageProvider.searchForUserByUserAttribute and tests for it. 2017-08-31 16:13:03 -03:00
Stian Thorgersen
463661b051 Set version to 3.4.0.CR1-SNAPSHOT 2017-08-28 15:46:22 +02:00
mposolda
07e2136b3b KEYCLOAK-4187 Added UserSession support for cross-dc 2017-07-27 22:32:58 +02:00
Stian Thorgersen
454c5f4d83 Set version to 3.3.0.CR1-SNAPSHOT 2017-06-30 09:47:11 +02:00
mposolda
e91dd011c5 KEYCLOAK-4438 Disable kerberos flow when provider removed 2017-06-21 09:38:20 +02:00
mposolda
8adde64e2c KEYCLOAK-4016 Provide a Link to go Back to The Application on a Timeout 2017-05-23 09:08:58 +02:00
Stian Thorgersen
87dedb56e5 Set version to 3.2.0.CR1-SNAPSHOT 2017-04-27 14:23:03 +02:00
Stian Thorgersen
54ee055bd8 KEYCLOAK-4671 Add server-private-spi to dependency deployer 2017-04-25 10:16:24 +02:00
Stian Thorgersen
a87ee04024 Bump to 3.1.0.CR1-SNAPSHOT 2017-03-16 14:21:40 +01:00
mposolda
091b376624 KEYCLOAK-1590 Realm import per test class 2017-03-01 09:38:44 +01:00
mposolda
098d8e915d KEYCLOAK-4433 Added HardcodedLDAPAttributeMapper 2017-02-21 08:29:57 +01:00
Bill Burke
c3e72b11db KEYCLOAK-4382 2017-02-13 10:51:10 -05:00
Bill Burke
d9633dc20c Merge remote-tracking branch 'upstream/master' 2017-02-09 09:13:00 -05:00
Bill Burke
cf5e2a1d20 unlink/remoteimported 2017-02-08 19:48:22 -05:00
Bill Burke
f128be9b31 LDAP No-Import 2017-02-04 10:29:34 -05:00
mposolda
73cad40fb7 KEYCLOAK-4364 Fix OpenLDAP issue with renaming DN 2017-02-02 22:21:29 +01:00
Bill Burke
79dede8e78 KEYCLOAK-4363 2017-02-01 10:19:15 -05:00
Stian Thorgersen
6f22f88d85 Bump version to 3.0.0.CR1 2017-01-26 06:18:11 +01:00
mposolda
57127f39d0 KEYCLOAK-4269 2017-01-23 13:36:54 +01:00
mposolda
39f8311484 KEYCLOAK-2403 Cannot create user in LDAP/AD from Keycloak using Full Name User Federation Mapper 2017-01-20 21:08:26 +01:00
mposolda
3444fb62f1 KEYCLOAK-4266 MSAD: User is disabled after registration 2017-01-19 21:32:10 +01:00
Stian Thorgersen
86988833e9 Merge pull request #3761 from abstractj/KEYCLOAK-4207 
[KEYCLOAK-4207] SSSD Provider - NullPointerException when mail attribute is not filled
 2017-01-18 08:41:36 +01:00
mposolda
843b4b470b KEYCLOAK-2333 LDAP/MSAD password policies are not used when user changes password 2017-01-17 21:06:09 +01:00
Bruno Oliveira
9fb46a7b1c [KEYCLOAK-4207] SSSD Provider - NullPointerException when mail attribute is not filled 2017-01-13 17:35:55 -02:00
Marek Posolda
227900f288 Merge pull request #3731 from mposolda/master 
KEYCLOAK-4175 Provide a way to set the connect and read timeout for l…
 2017-01-10 09:49:18 +01:00
Stian Thorgersen
7eeebff874 Merge pull request #3720 from hmlnarik/KEYCLOAK-4091-Possible-NullPointerExceptions-with-disabled-cache 
KEYCLOAK-4091 Prevent NPE with disabled cache
 2017-01-10 06:23:10 +01:00
mposolda
c32620b718 KEYCLOAK-4175 Provide a way to set the connect and read timeout for ldap connections 2017-01-09 21:35:58 +01:00
mposolda
14669dfbc5 KEYCLOAK-4178 Bad error message when kerberos provider unavailable 2017-01-09 16:56:58 +01:00
mposolda
a09bc6520f KEYCLOAK-2888 KEYCLOAK-3927 Fully migrate kerberos tests to the new testsuite 2017-01-09 13:50:41 +01:00
Hynek Mlnarik
377fbced4a KEYCLOAK-4091 Prevent NPE with disabled cache 2017-01-06 10:00:11 +01:00
Stian Thorgersen
e805ffd945 Bump version to 2.5.1.Final-SNAPSHOT 2016-12-22 08:22:18 +01:00
mposolda
4b6df5d489 LDAP polishing 2016-12-19 18:11:23 +01:00
mposolda
ac00f7fee2 KEYCLOAK-4087 LDAP group mapping should be possible via uidNumber in memberUid mode 2016-12-19 16:27:57 +01:00
Marek Posolda
c6363aa146 Merge pull request #3630 from sldab/duplicate-email-support 
KEYCLOAK-4059 Support for duplicate emails
 2016-12-19 15:37:18 +01:00
Slawomir Dabek
93cec9b3ee KEYCLOAK-4059 Support for duplicate emails 2016-12-19 10:55:12 +01:00
Bruno Oliveira
3b3b219a86 [KEYCLOAK-4085] SSSD federation provider should load libunix from alternative paths 2016-12-16 18:19:47 -02:00
Bruno Oliveira
3f2e9c3592 [KEYCLOAK-4083] SSSD Federation is only enabled with superuser permissions 2016-12-16 17:31:24 -02:00
mposolda
7453e96f5c KEYCLOAK-2397 LDAP_ENTRY_DN attribute in LDAP user storage is not updated on changes in LDAP 2016-12-15 21:12:29 +01:00
mposolda
40216b5e7d KEYCLOAK-3921 LDAP binary attributes 2016-12-13 18:31:26 +01:00
mposolda
79c1650c15 KEYCLOAK-2545 KEYCLOAK-3668 KEYCLOAK-3247 LDAP escaping 2016-12-12 13:09:14 +01:00
Bill Burke
1f0600044a KEYCLOAK-3967 2016-12-08 19:29:02 -05:00
mposolda
e7f6c780e2 KEYCLOAK-4058 Improve LDAPStorageMapper and remove LDAPStorageMapperBridge 2016-12-08 18:35:56 +01:00
mposolda
ba51640c61 KEYCLOAK-4042 Better error message when failed updating MSAD password in account mgmt 2016-12-06 11:07:28 +01:00
Marek Posolda
6b1020ec34 Merge pull request #3602 from sldab/fix-model-duplicate-exception 
KEYCLOAK-4028 Fix ModelDuplicateException when logging in with updated email address
 2016-12-06 10:21:55 +01:00
Slawomir Dabek
45fd114143 KEYCLOAK-4028 Fix ModelDuplicateException when logging in with updated email address 2016-12-05 15:44:22 +01:00
Bill Burke
3bc721720f Merge pull request #3580 from abstractj/KEYCLOAK-3970 
[KEYCLOAK-3970] - SSSD testsuite is broken
 2016-12-03 13:37:48 -05:00
Bill Burke
8fd7091068 KEYCLOAK-3986 2016-12-03 09:33:52 -05:00
Bill Burke
ce50b0ed29 Merge remote-tracking branch 'upstream/master' 2016-12-02 19:26:34 -05:00
Bill Burke
e88af874ca finish 2016-12-02 19:25:17 -05:00
Marek Posolda
458ca8a7ee Merge pull request #3578 from sldab/msadlds 
KEYCLOAK-4009 Compatibility with AD LDS
 2016-12-02 17:50:21 +01:00
Slawomir Dabek
b2f0acfe26 KEYCLOAK-4009 Compatibility with AD LDS 2016-12-02 14:43:42 +01:00
Bruno Oliveira
dc6e869c64 [KEYCLOAK-3970] - SSSD testsuite is broken 2016-12-01 15:40:53 -02:00
Stian Thorgersen
b771b84f56 Bump to 2.5.0.Final-SNAPSHOT 2016-11-30 15:44:51 +01:00