libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions
keycloak-scim/docs/documentation
History
Thomas Darimont e7363905fa Change password hashing defaults according to OWASP recommendations (#16629) 
Changes according to the latest [OWASP cheat sheet for secure Password Storage](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2):

- Changed default password hashing algorithm from pbkdf2-sha256 to pbkdf2-sha512
- Increased number of hash iterations for pbkdf2-sha1 from 20.000 to 1.300.000
- Increased number of hash iterations for pbkdf2-sha256 from 27.500 to 600.000
- Increased number of hash iterations for pbkdf2-sha512 from 30.000 to 210.000
- Adapt PasswordHashingTest to new defaults
- The test testBenchmarkPasswordHashingConfigurations can be used to compare the different hashing configurations.
- Document changes in changes document with note on performance and how
  to keep the old behaviour.
- Log a warning at the first time when Pbkdf2PasswordHashProviderFactory is used directly

Fixes #16629

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-01-24 18:35:51 +01:00
..
aggregation Remove latest vs. archive document header (#20103) 2023-05-03 09:16:34 +00:00
api_documentation Run tests for the moved documentation (#19278) 2023-03-28 12:35:27 +02:00
authorization_services Update placeholders for hostname and port (#24153) 2024-01-11 12:05:05 +01:00
dist Run tests for the moved documentation (#19278) 2023-03-28 12:35:27 +02:00
header-maven-plugin Moving docs to new folder 2023-03-20 09:07:58 +01:00
internal_resources Update docs/documentation/internal_resources/contributing.adoc 2023-06-02 07:58:59 -03:00
release_notes Remove Jetty 9.4 adapters (#26261) 2024-01-24 11:17:29 +01:00
securing_apps Remove Jetty 9.4 adapters (#26261) 2024-01-24 11:17:29 +01:00
server_admin Change password hashing defaults according to OWASP recommendations (#16629) 2024-01-24 18:35:51 +01:00
server_development Complete the documentation for the use case of a resource from an email template. (#25705) 2024-01-10 18:08:04 -03:00
tests Fix broken link to node.js and internal anchor 2023-11-13 12:20:54 +01:00
topics/templates Remove adapters from product documentation (#21177) 2023-07-11 13:32:52 +02:00
upgrading Change password hashing defaults according to OWASP recommendations (#16629) 2024-01-24 18:35:51 +01:00
.asciidoctorconfig Remove latest vs. archive document header (#20103) 2023-05-03 09:16:34 +00:00
.gitattributes Moving docs to new folder 2023-03-20 09:07:58 +01:00
.gitignore Cache Node.js installation and PNPM store 2023-10-30 07:50:06 -04:00
.vale.ini Moving docs to new folder 2023-03-20 09:07:58 +01:00
build-auto.sh Moving docs to new folder 2023-03-20 09:07:58 +01:00
get-version.sh Moving docs to new folder 2023-03-20 09:07:58 +01:00
License.html Moving docs to new folder 2023-03-20 09:07:58 +01:00
pom.xml Replace guide with a placeholder for downstream docs (#20266) 2023-05-16 08:59:11 +02:00
README.md Changed references to Jira issues to Github issues 2023-05-09 08:54:25 +02:00

README.md

Keycloak Documentation

Open Source Identity and Access Management for modern Applications and Services.

For more information about Keycloak visit the Keycloak homepage and Keycloak blog.

Contributing to Keycloak Documentation

See our Contributor's Guide. The directory also includes a set of templates and other resources to help you get started.

If you want to file a bug report or tell us about any other issue with this documentation, you are invited to please use our issue tracker.

Building Keycloak Documentation

Ensure that you have Maven installed.

First, clone the Keycloak repository:

git clone https://github.com/keycloak/keycloak.git
cd keycloak/docs/documentation

If you are using Windows, you need to run the following command with administrator privilege because this project uses symbolic links:

git clone -c core.symlinks=true https://github.com/keycloak/keycloak.git

To build Keycloak Documentation run:

mvn clean install -am -pl docs/documentation/dist -Pdocumentation

Or to build a specific guide run:

mvn clean install -pl docs/documentation/GUIDE_DIR -Pdocumentation

By default, an archive version of the documentation is built. To build the latest build run:

mvn clean install ... -Platest,documentation

You can then view the documentation by opening docs/documentation/GUIDE_DIR/target/generated-docs/index.html.

License