keycloak

mirror of https://github.com/keycloak/keycloak.git synced 2025-12-16 12:05:49 -06:00

Author	SHA1	Message	Date
Pedro Igor	3ec0dd24fe	Avoid multiple calls to LDAP when querying group memberships Closes #44558 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-12-01 14:01:58 +01:00
schnillerman	4e87b1f5a0	Fix grammar in LDAP federation group mapper Closes #44341 Signed-off-by: schnillerman <till.reymann@gmail.com>	2025-11-19 23:11:24 +00:00
Stian Thorgersen	a2c1055f8d	Proposed import order (#43432 ) * Add importOrder to Spotless Closes #43235 Signed-off-by: stianst <stianst@gmail.com> * Re-order imports with Spotless Signed-off-by: stianst <stianst@gmail.com> --------- Signed-off-by: stianst <stianst@gmail.com>	2025-11-14 09:34:49 +01:00
Pedro Igor	ded372a57f	Adding utility class for working with throwables and updating the cause check to limit the number of iterations on the stacktrace Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-11-11 08:48:26 -03:00
Martin Kanis	c28cde359c	Local user can't login when ldap error Closes #43639 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2025-11-11 08:48:26 -03:00
Stian Thorgersen	d8275fe5df	Remove wildcard imports (#44060 ) Closes #44059 Signed-off-by: stianst <stianst@gmail.com>	2025-11-10 11:46:05 +01:00
Tomáš Kyjovský	4c64b7189c	Deprecate `org.keycloak.common.util.Base64` Closes #43370 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Signed-off-by: 1867605+tkyjovsk@users.noreply.github.com Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-30 09:12:14 +01:00
Pedro Igor	6527b139dc	Do not lower-case username and email if users are not imported from LDAP Closes #43621 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-10-23 13:02:33 +02:00
stianst	aedd7fe5db	Remove unused imports as part of #43233 Signed-off-by: stianst <stianst@gmail.com>	2025-10-13 13:32:01 +02:00
Pedro Igor	54289f0130	Lowercase username and email when fetching values from LDAP object Closes #43254 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-10-07 14:14:50 +00:00
Stian Thorgersen	dbd516f8e6	Refactor SimpleHttp to make it injectable and usable outside server (#42936 ) Closes #42902 Signed-off-by: stianst <stianst@gmail.com>	2025-09-29 08:37:05 +02:00
Pedro Igor	41b64c91aa	Do not update email if there is no email from the IdP Closes #42390 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-24 04:05:05 -03:00
Pedro Igor	d65c17ebc7	Do not fail when querying user federation providers and log messages to indicate the problem Closes #42276 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-24 04:03:13 -03:00
Pedro Igor	8f0d528126	Make sure inner transactions are using their own session Closes #41942 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-03 17:38:19 +02:00
Steven Hawkins	b6f039a4cc	fix: adding a default for ldap connection timeout (#41726 ) closes: #39299 Signed-off-by: Steve Hawkins <shawkins@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com>	2025-08-19 16:43:42 +00:00
sguilhen	b7d3c8eb8b	Forward isMemberOf call to the next delegate if the group is not managed by the mapper instance Closes #40680 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-08-15 15:49:08 -03:00
Pedro Igor	3136ec25e6	memberOf attribute empty or values with a DN that does not match the role base DN fetches all roles Closes #41842 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-08-14 11:15:52 +02:00
Peter Skopek	651d651c30	Add missing artifact descriptions to allow Maven Central Portal Publisher pass validation process. (#40822 ) Signed-off-by: Peter Skopek <pskopek@redhat.com>	2025-08-12 16:50:17 +02:00
Stefan Guilhen	5b4973f0e8	Change e-mail verification to perform a find by UUID on LDAP only when the local and imported users are different Closes #41532 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-08-07 15:28:01 -03:00
Martin Kanis	235691b6cb	LDAP Import: KERBEROS_PRINCIPAL not updated when UserPrincipal changes and KERBEROS_PRINCIPAL was null on creation Closes #41520 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2025-07-31 17:28:28 +02:00
Martin Kylian	d97d27f827	Kerberos Server fields now trims whitespace Closes #41335 Signed-off-by: Martin Kylián <kylianm@plzen.eu> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Martin Kylián <kylianm@plzen.eu> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2025-07-28 08:07:52 +00:00
Pedro Igor	d5206b61f6	Update email feature only enabled if the required action is enabled at the realm Closes #41045 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-07-14 16:31:15 -03:00
Sylvere Richard	173471a1c9	Fix #40995 avoid ModelException: At least one condition should be provided to OR query Closes #40995 Signed-off-by: Sylvere Richard <sylvere.richard@gmail.com>	2025-07-10 15:34:02 -03:00
Martin Kanis	5a42390341	Make UPDATE_EMAIL a supported feature Closes #40227 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2025-07-09 10:15:48 -03:00
Pedro Igor	0188d276d8	Invalidate user cache entries when email or username are different from storage Closes #40085 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2025-06-17 20:44:01 +00:00
Pedro Igor	9412e339a8	Password modification time attribute as an operational and read-only attribute Closes #40270 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-06-10 16:28:55 +02:00
vramik	6bf5727b7b	LDAP group mapper skips configured filter and imports all groups with memberOf strategy when fetching the user's groups Closes #37537 Signed-off-by: vramik <vramik@redhat.com>	2025-05-22 09:57:31 -03:00
vramik	f45b8e0c6d	Move FGAP classes to specific package Signed-off-by: vramik <vramik@redhat.com>	2025-05-22 09:53:16 -03:00
Pedro Igor	953ba04018	Skip updating account controls if no control is set when enabling/disabling users Closes #37720 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-05-09 09:11:21 +02:00
Pedro Igor	9ad0e1abfa	Check if LDAP entry is still valid before validating duplicate emails Closes #39345 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-05-06 21:54:30 +02:00
Pedro Igor	68fc5aa44b	Make sure LDAP connections are released when closing sessions Closes #38660 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-04-28 20:13:30 +02:00
Stefan Guilhen	9976f9380c	Fix NPE in LDAPUtils.loadAllLDAPObjects when batch size is set to value <= 0 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Closes #39022	2025-04-16 12:32:57 -03:00
Pedro Igor	ab41366757	Allow setting locale when edit mode is READ_ONLY Closes #38981 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-04-16 08:55:30 +02:00
Stefan Guilhen	86b2a6a95c	Fix docs to also mention roles Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Closes #28569 Signed-off-by: Jakob Overrein <jakob.overrein@basefarm-orange.com>	2025-03-10 16:13:36 -03:00
Stefan Guilhen	a0a314aece	Append comma to the relative DN only if it is missing Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-03-10 16:13:36 -03:00
Jakob Overrein	aec62803c7	Allow users, roles, and groups, to be created in a specified DN relative to the parent DN The new field introduced will prefix the parent DN as a relative path and allow created items to be placed in a subtree instead of the parent DN. Closes #28569 Signed-off-by: Jakob Overrein <jakob.overrein@basefarm-orange.com>	2025-03-10 16:13:36 -03:00
Ricardo Martin	6751c8cb35	Include JNA dependency for the SSSD in the keycloak server (#37905 ) Closes #37898 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-03-07 11:56:33 -05:00
Stefan Guilhen	5babc6c1a3	Ensure the group being joined is not an organization group in GroupLDAPStorageMapper Closes #37393 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-02-17 14:41:53 -03:00
Pedro Igor	4b2d5ed472	Minor fixes, test coverage, and allow deleting local users Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-02-07 10:42:45 -03:00
Pedro Igor	602df06191	Allows querying credential from user storage providers Closes #35020 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-02-05 07:56:05 -03:00
Stefan Guilhen	b2e8942dd1	Ensure LDAPStorageMapper.getGroupMembers is taking the fetch strategy in consideration when retrieving the members - fixes issue when MEMBER-OF strategy is selected but ignored when listing members Closes #33477 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-01-31 09:54:40 -03:00
Justin Stephenson	d22179e6fa	ipatuura README updates (#36660 ) Signed-off-by: Justin Stephenson <jstephen@redhat.com>	2025-01-23 08:13:16 +01:00
Pedro Igor	db986c496e	Allow tracing packets sent to and from LDAP for troubleshooting purposes Closes #36087 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-01-07 12:42:23 +01:00
Alexander Schwartz	180be7b182	Avoid NPE when checking exceptions for password based Kerberos login Closes #36061 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-01-06 17:17:53 +01:00
Alexander Schwartz	4ef178242f	Enable LDAP connection pool by default when using the Admin UI Closes #35852 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-12-19 10:24:47 -03:00
Alexander Schwartz	af54d6469d	Remove unused LDAP properties Closes #35854 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-12-18 10:39:06 -03:00
Pedro Igor	45a6b5c657	Setting protocol when initializing the LDAP provider Closes #35758 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-12-11 10:21:11 +01:00
Stefan Guilhen	24fab37519	Add README.md for the IPA-Tuura user federation #Closes 35563 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-12-03 17:08:27 -03:00
Stefan Guilhen	590944b111	Use proper field type for the IPA-Tuura federation provider password #Closes 35529 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-12-03 05:27:27 -03:00
Stefan Guilhen	3c33a7180e	Add initial IPA-Tuura federation (#35467 ) * Add initial federation ipatuura plugin Closes #35325 Signed-off-by: Justin Stephenson <jstephen@redhat.com> Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Co-authored-by: Stefan Guilhen <sguilhen@redhat.com>	2024-12-02 14:59:21 -03:00

1 2 3 4 5 ...

558 Commits