mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-25 16:48:49 -06:00
Code Issues Packages Projects Releases Wiki Activity
26,909 Commits 24 Branches 291 Tags
05884e882f769bd51f4dee39a28cb59ebd6df108
Commit Graph

581 Commits

Author SHA1 Message Date
Alexander Schwartz
13e3439246 Upgrading guide 26.0.6 is missing in the upgrading guide (#35545) 
Closes #35544

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-12-03 11:58:32 +01:00
Alexander Schwartz
b98cd12b58 Changing mis-formatted definition list of hashing algorithms to a table 
Closes #35416

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-12-02 15:05:05 -03:00
Pedro Igor
e9e19c2683 Allow asking for additional scopes when querying the account console root URL 
Closes #35243

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-12-02 12:54:00 +00:00
Stefan Guilhen
9861acc2aa UserSessionProvider.removeUserSessions now removes all user sessions (both regular and offline) 
Closes #31359

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-11-29 12:35:15 -03:00
Giuseppe Graziano
a659c8d1cb Sign AUTH_SESSION_ID cookie (#35297) 
closes #34027

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2024-11-28 17:28:52 +01:00
Sebastian Rose
015f06b5b8 Adjust documentation according to new home in keycloak/docs/documentation 
- refer mvnw instead of mvn
- contributing.adoc reflects GitHub-Issues and new git-structure

Closes #35373

Signed-off-by: Sebastian Rose <sebastian.rose@gmail.com>
 2024-11-28 14:28:11 +01:00
Pedro Igor
45f9bcd673 Resolve scopes from bearer tokens when processing requests to the Account API 
Closes #35357

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-11-27 14:17:53 -03:00
Martin Kanis
20770d8aaa Fix upgrading guide about deprecation of getAll() methods in the organization APIs 
Closes #34975

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-11-25 10:10:02 +01:00
rmartinc
b0b247f1f1 Passivate imported keys if the associate certificate is expired 
Closes #34973

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-11-25 09:40:59 +01:00
Cornelius Roemer
29abfd3e89 Fix typos in *.md and *.adoc files using codespell interactive mode 
Closes #35256

This PR fixes a bunch of typos in docs files.

I ran codespell on `*.adoc` and `*.md` files in the repo in interactive mode
carefully checking each identified typo and proposed fix for false positives.

The most widely read file with typos identified is likely the changelog/migration guide.

Signed-off-by: Cornelius Roemer <cornelius.roemer@gmail.com>
 2024-11-25 08:21:26 +01:00
Cornelius Roemer
e11db03d76 fix(doc): v24 changelog grammar typo "longer" -> "no longer" () 
Closes #35163

The missing "no" makes this really confusing to read

Signed-off-by: Cornelius Roemer <cornelius.roemer@gmail.com>
 2024-11-22 11:56:48 +01:00
Cornelius Roemer
610c08a0f3 Fix typo www.recatcha.net -> www.recaptcha.net in docs (#35210) 
closes #35210 

Signed-off-by: Cornelius Roemer <cornelius.roemer@gmail.com>
 2024-11-22 10:39:52 +01:00
AndyMunro
e2d221c4bd Address QE comments on Server Admin Guide 
Closes #34916

Signed-off-by: AndyMunro <amunro@redhat.com>
 2024-11-22 10:20:18 +01:00
Václav Muzikář
d60cb9aaef fix: prevent inclusion of characters that could lead to FileVault path traversal (#35223) 
Closes: #35215

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
Co-authored-by: Peter Zaoral <pepo48@gmail.com>
 2024-11-22 10:18:00 +01:00
Václav Muzikář
cf622e8d51 Update docs with security warning around client certificate lookup (#35222) 
Closes #35217

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
 2024-11-22 10:12:21 +01:00
Martin Kanis
05116f7951 getAll() organization and organization members only returns the first 10 items 
Closes #34975

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-11-21 17:29:37 -03:00
Marek Posolda
a56378e989 Remove upgrading client libraries from the server documentation (#35101) 
closes #34949

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
 2024-11-20 16:14:42 +01:00
Ricardo Martin
ca1c10f7ba Use short UUID for ldap components (#34815) 
Closes #32143

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-11-15 15:15:04 +01:00
michielpeeters
cec081961b Update upgrade guide docs 25.0.0 cache options 
Closes #34987

Signed-off-by: michielpeeters <michielpeeters@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-11-15 14:27:57 +01:00
AndyMunro
da9774b281 Update Leveraging Jakarta EE 
Closes #34873

Signed-off-by: AndyMunro <amunro@redhat.com>
 2024-11-13 10:14:06 +01:00
AndyMunro
85765f94f2 Apply QE authorization services guide comments 
Closes #34882

Signed-off-by: AndyMunro <amunro@redhat.com>
 2024-11-13 10:06:06 +01:00
Marek Posolda
92d9ac6621 Update KEYCLOAK_SESSION cookie to not have sessionId in plaintext (#34551) 
closes #34026

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-11-11 18:47:18 +01:00
Pedro Ruivo
d7e5319f70 Document network ports for Keycloak clustering 
Also switch the default to jdbc-ping as this  should be a drop-in replacement looking at the networking behavior of udp.

Closes #34658

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-11-11 13:28:15 +01:00
Pedro Igor
0a05ba49d1 Adding a details map to admin events to store additional contextual data when the event is fired 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-11-07 17:19:43 -03:00
Pedro Ruivo
33cae33ae4 Remove JGroups thread pool docs from HA Guide 
Clustering is disabled with multi-site deployment and there is no
JGroups thread pool to configure.

Closes #34715

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-11-07 09:00:48 +00:00
Ricardo Martin
226daa41c7 Add service account mappers via client scope instead of dedicated scope (#34664) 
Closes #10417

Signed-off-by: rmartinc <rmartinc@redhat.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Ricardo Martin <rmartinc@redhat.com>
 2024-11-07 08:45:11 +01:00
Ricardo Martin
ce454bda47 Remove online session when offline access is requested as the first request (#34346) 
Closes #34001

Signed-off-by: rmartinc <rmartinc@redhat.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>

---------

Signed-off-by: rmartinc <rmartinc@redhat.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2024-11-06 08:33:12 +01:00
Gilvan Filho
910caf5ff8 Update brute force docs 
Fixes #27378

Signed-off-by: Gilvan Filho <gilvan.sfilho@gmail.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2024-11-04 09:41:26 +00:00
Ryan Emerson
a79b67cac8 Deprecate other transport stacks (ec2, azure, google) 
Closes #34253

Signed-off-by: Ryan Emerson <remerson@redhat.com>
 2024-10-31 11:47:13 +01:00
Erik Jan de Wit
19ef0a608b Add switch to toggle dark mode (#33822) 
Closes #33821

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Signed-off-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
 2024-10-31 10:19:03 +00:00
Pedro Igor
4ad462fbd3 Do not rely on the pwdLastSet attribute when updating AD entries 
Closes #34467

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-10-30 17:43:07 +01:00
AndyMunro
4984900bae Make organizations chapter available in downstream 
Closes #34382

Signed-off-by: AndyMunro <amunro@redhat.com>
 2024-10-28 10:28:24 +01:00
Andy
f994cc54d5 Remove robots.txt entirely 
* remove robots.txt entirely, as blocking page-
crawling prevents the `X-Robots-Tag` headers
(and similar meta tags) from working as intended.

Closes #17433

Signed-off-by: Andy <andy@slice.is>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-10-25 12:09:50 +00:00
Dave Meyer
883b0a3378 doc: Replaced dead link (#34239) 
Replaced dead link to quickstart template with a (similar) template.

Signed-off-by: Dave Meyer <7davidmeyer@gmail.com>
 2024-10-24 15:28:42 +02:00
Ryan Emerson
902abfdae4 JDBC_PING as default discovery protocol 
Closes #29399

- Add ProviderFactory#dependsOn to allow dependencies between
  ProviderFactories to be explicitly defined
- Disable Infinispan default shutdownhook disabled to ensure lifecycle
  is managed exclusively by Keycloak
- Remove Infinispan shutdown hook in KeycloakRecorder and manage
  EmbeddedCacheManager lifecycle only in DefaultInfinispanConnectionProviderFactory#close

Signed-off-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-10-22 20:19:19 +00:00
Gilvan Filho
e6cd1a05c1 Update docs/documentation/server_admin/topics/threat/brute-force.adoc 
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Gilvan Filho <gilvan.sfilho@gmail.com>
 2024-10-22 10:33:22 -03:00
Gilvan Filho
c4005d29f0 add linear strategy to brute force 
closes #25917

Signed-off-by: Gilvan Filho <gilvan.sfilho@gmail.com>
 2024-10-22 10:33:22 -03:00
Pedro Ruivo
fffa9aa72e Enable virtual threads in Infinispan and JGroups by default 
Closes #33939

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-10-21 16:02:28 +00:00
Simon Levermann
dcf1d83199 Enable enforcement of a minimum ACR at the client level (#16884) (#33205) 
closes #16884 

Signed-off-by: Simon Levermann <github@simon.slevermann.de>
 2024-10-21 13:54:02 +02:00
mposolda
dbcb3151a9 Align admin console for client for backchannel and frontchannel logout 
closes #10138

Signed-off-by: mposolda <mposolda@gmail.com>

Co-authored-by: Erik Jan de Wit <edewit@redhat.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
 2024-10-21 11:32:03 +02:00
Jon Koops
7657e71be1 Automatically retrieve configuration for authorization 
Closes #14562

Signed-off-by: Jon Koops <jonkoops@gmail.com>
 2024-10-18 14:03:36 +02:00
Jake
946798aa01 Small grammatical error in documentation 
Closes #34009

Signed-off-by: Jake <156826184+jlanning-gl@users.noreply.github.com>
 2024-10-16 18:49:49 +02:00
Marek Posolda
94b5f05c64 Re-add links to policy-enforcer to the authorization services documen… (#33905) 
closes #32644

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
 2024-10-15 08:34:56 +02:00
Stefan Guilhen
a832381a37 Add section to clarify the impact of having imported LDAP users when performing searches 
Closes #16451

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-10-11 11:01:14 -03:00
kennhhhhh
dbfd059b21 fix: available SPIs should be found in Provider info (#33805) 
Signed-off-by: kennhhhhh <164991693+kennhhhhh@users.noreply.github.com>
 2024-10-11 06:47:24 +00:00
Pedro Ruivo
464fc90519 Fail to start if work cache is not replicated 
Keycloak will now fail to start if the work cache is replicated.
Listeners require the data to be local.

Closes #33702

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-10-09 19:40:24 +00:00
Pedro Ruivo
0e3554934e Read cache-ispn.xml from conf/ by default 
Fixed #31492

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-10-09 16:40:17 +00:00
Jon Koops
05e8b932c3 Add dark mode support to welcome theme and unify approach (#32495) 
Closes #26178

Signed-off-by: Jon Koops <jonkoops@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
 2024-10-04 08:27:37 -04:00
Alexander Schwartz
d8c8c6a0be Fixing broken links after KC26 docs changes (#33577) 
Closes #33576

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-10-04 13:59:47 +02:00
Stian Thorgersen
64e096d89c Update 26_0_0.adoc 
Signed-off-by: Stian Thorgersen <stianst@gmail.com>
 2024-10-04 10:54:19 +02:00