mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-05-03 21:50:47 -05:00
Code Issues Packages Projects Releases Wiki Activity
24,069 Commits 33 Branches 304 Tags
16fca0118e1c49a42338730c4cc59816005ee14f
Commit Graph

550 Commits

Author SHA1 Message Date
Marek Posolda 16fca0118e User profile - release notes and more migration instructions (#27003) 
closes #26917
closes #26932

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2024-02-15 08:14:16 +01:00
Marek Posolda e2fb8406a3 Fixing the docs about default hashing iterations (#27020) 
closes #26816

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2024-02-15 08:11:44 +01:00
Joshua Sorah b81233a4af [docs] Align OAuth 2.0 Security Best Current Practice links (#24706) 
Closes keycloak/keycloak#24705

Signed-off-by: Joshua Sorah <jsorah@gmail.com>
 2024-02-13 13:53:56 +01:00
Michal Hajas 83f3e91e4f Use http-pool-max-threads in HA guides 
Closes #26849

Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-02-13 10:01:59 +00:00
Pedro Igor 750bc2c09c Reviewing references to user attribute management and UIs 
Closes #26155

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-02-12 16:01:34 +01:00
mposolda 7af753e166 Documentation for AIA 
closes #25569

Signed-off-by: mposolda <mposolda@gmail.com>

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2024-02-12 09:42:34 +01:00
Thomas Darimont 93fc6a6c54 Shorter lifespan for offline session cache entries in memory 
Closes #26810

Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: Martin Kanis <mkanis@redhat.com>

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-02-09 19:44:04 +01:00
stianst d2f74dd83d Fix anchors in securing apps guide in prod profile 
Closes #26853

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-02-09 12:31:30 +01:00
Pedro Igor b91ad23b20 Update theme documentation about the considerations when deploying custom themes (#26885) 
Related #23907

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-02-09 04:21:54 +01:00
Steven Hawkins 77581d2527 fix: change from operator. to kc.operator. keys (#26414) 
closes #12352

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-02-08 15:03:20 +01:00
Michal Hajas de598577b1 Fix confusing SAML NameId mapper format tooltip 
Closes #26051
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
 2024-02-08 11:21:11 +01:00
Stian Thorgersen cd1e483134 Remove section on adding custom attributes with account v1 and custom themes (#26858) 
Closes #26856

Signed-off-by: stianst <stianst@gmail.com>
 2024-02-08 07:28:32 +01:00
Alexander Schwartz 786023fd06 Update HA guide about non-blocking probes (#26783) 
Closes #26781

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-02-07 16:16:50 +01:00
Michael Schnitzler fdfe41bdda fix documentation for resetting OTP in "reset credentials" flow (#26834) 
The former version stated that the "Reset OTP" step had to be disabled in the "reset credentials" authentication flow in order to keep the OTP unchanged. This leads to an error. More precisely, the "Reset - Conditional OTP" sub-flow has to be disabled.

Fixex #26834

Signed-off-by: Michael Schnitzler <schnitzler.michael+github@gmail.com>
 2024-02-07 11:57:58 -03:00
Tero Saarni ac1780a54f Added event for temporary lockout for brute force protector (#26630) 
This change adds event for brute force protector when user account is
temporarily disabled.

It also lowers the priority of free-text log for failed login attempts.

Signed-off-by: Tero Saarni <tero.saarni@est.tech>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-02-07 14:13:33 +00:00
zak905 bcd423b270 rephrase sentence in changes-22_0_0.adoc for more clarity 
Signed-off-by: zak905 <zakaria.amine88@gmail.com>
 2024-02-07 09:32:43 -03:00
zak905 c7db7bd528 Update custom rest endpoint documentation and example 
Add a mention about beans.xml and @Provider in the extending server documentation

Add beans.xml in the rest provider example

Add a mention about @Provider in the upgrading guides

Closes #25882

Signed-off-by: zak905 <zakaria.amine88@gmail.com>

Address suggested change for docs/documentation/server_development/topics/extensions.adoc

Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>

Address suggested change for docs/documentation/server_development/topics/extensions.adoc

Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: zak905 <zakaria.amine88@gmail.com>

Address suggested change for docs/documentation/upgrading/topics/keycloak/changes-22_0_0.adoc

Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: zak905 <zakaria.amine88@gmail.com>
 2024-02-07 09:32:43 -03:00
mposolda ab7426b857 User profile migration documentation for default validations and strange attributes 
closes #26634
closes #25979

Signed-off-by: mposolda <mposolda@gmail.com>

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2024-02-06 16:48:03 -03:00
Alexander Schwartz 486b199548 Make label for Keycloak container images configurable 
Closes #26819

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-02-06 16:16:00 +01:00
Stian Thorgersen c4b1fd092a Use code from RestEasy to create and set cookies (#26558) 
Closes #26557

Signed-off-by: stianst <stianst@gmail.com>
 2024-02-06 15:14:04 +01:00
Hynek Mlnarik c866e8e6f9 Introduce index.ftl into base account theme 
Fixes: #26487

Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>
 2024-02-06 14:29:07 +01:00
Alexander Schwartz 43c200a8ce Update migration guide 
Closes #26490

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-02-05 14:41:44 +01:00
Kamesh Akella 4459ed66ad update cpu sizing based on the hashing changes 
Closes #26490

Signed-off-by: Kamesh Akella <kamesh.asp@gmail.com>
 2024-02-05 14:41:44 +01:00
Michal Hajas 80de12d59a Update HA guides to use the new ISPN config options 
Closes #26776

Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2024-02-05 11:40:08 +01:00
Pascal Paulis 2785bbd29b added comment about MySQL Server parameter sql_generate_invisible_primary_key 
Closes #23268

Signed-off-by: Pascal Paulis <ppaulis@gmail.com>
 2024-02-05 10:36:31 +01:00
Pedro Igor 4338f44955 Reviewing the user profile documentation 
Closes #26154

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-02-02 17:14:51 +01:00
christian-2 e14b523a8d Fixes typo in Server Administration guide (#26543) 
Signed-off-by: Christian Hörtnagl <christian2@univie.ac.at>
 2024-02-01 19:36:32 +01:00
mposolda 56a605fae7 Documentation for SuppressRefreshTokenRotationExecutor 
closes #26587

Signed-off-by: mposolda <mposolda@gmail.com>

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2024-02-01 17:18:50 +01:00
Martin Bartoš 14d97ca9ea Update Maven dependency versions for docs 
Update Maven Wrapper version

Closes #26689

Fixes #26686

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2024-02-01 13:42:25 +01:00
Pedro Igor 3a7ce54266 Allow formating numbers when rendering attributes 
Closes keycloak#26320

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-02-01 08:14:58 -03:00
Martin Kanis a3fcacdab7 Map Store Removal: deprecate model legacy module 
Closes #26598

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-01-31 17:40:45 +01:00
Steven Hawkins 66e45a335e doc: noting the formats apply to spi options as well (#26648) 
closes: #26468

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-01-31 16:09:47 +00:00
Steven Hawkins f55e903092 Convert watching to polling and adding infinispan config file support (#26510) 
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-01-31 12:57:34 +00:00
Alexander Schwartz c1ae9a0817 Prevent blank after backslash which breaks shell execution (#26632) 
Closes #26631

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-01-31 13:17:31 +01:00
Stian Thorgersen bc3c27909e Cookie Provider (#26499) 
Closes #26500

Signed-off-by: stianst <stianst@gmail.com>
 2024-01-26 10:45:00 +01:00
Martin Kanis 7797f778d1 Map Store Removal: Rename legacy modules 
Closes #24107

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-01-25 16:29:16 +01:00
Thomas Darimont e7363905fa Change password hashing defaults according to OWASP recommendations (#16629) 
Changes according to the latest [OWASP cheat sheet for secure Password Storage](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2):

- Changed default password hashing algorithm from pbkdf2-sha256 to pbkdf2-sha512
- Increased number of hash iterations for pbkdf2-sha1 from 20.000 to 1.300.000
- Increased number of hash iterations for pbkdf2-sha256 from 27.500 to 600.000
- Increased number of hash iterations for pbkdf2-sha512 from 30.000 to 210.000
- Adapt PasswordHashingTest to new defaults
- The test testBenchmarkPasswordHashingConfigurations can be used to compare the different hashing configurations.
- Document changes in changes document with note on performance and how
  to keep the old behaviour.
- Log a warning at the first time when Pbkdf2PasswordHashProviderFactory is used directly

Fixes #16629

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2024-01-24 18:35:51 +01:00
Stian Thorgersen fea49765f0 Remove Jetty 9.4 adapters (#26261) 
Only removing the distribution of the Jetty adapter for now, and leaving the rest for now. This is due to the complexity of removing all Jetty adapter code due to Spring, OSGI, Fuse, testsuite, etc. and it will be better to leave the rest of the clean-up to after 24 when we are removing most adapters

Closes #26255

Signed-off-by: stianst <stianst@gmail.com>
 2024-01-24 11:17:29 +01:00
Martin Kanis 84603a9363 Map Store Removal: Rename Legacy* classes (#26273) 
Closes #24105

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-01-23 13:50:31 +00:00
Jon Koops 5bf2d4b6ec Enable PKCE by default for Keycloak JS (#26412) 
Closes #26411

Signed-off-by: Jon Koops <jonkoops@gmail.com>
 2024-01-23 14:04:13 +01:00
Thomas Darimont cc7d6a9b79 Improve wording for Concepts for configuring thread pools in docs 
Closes #26402

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-01-23 12:56:55 +00:00
Alexander Schwartz e6cd9a2987 Remove product specific content about Linux only (#26222) 
Closes #26220

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-01-22 10:38:07 +01:00
Pedro Ruivo 70b4c6bf52 Encrypt network communication in JGroups 
Closes #25702 

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-01-18 17:24:27 +00:00
rmartinc 2f0a0b6ad8 Remove deprecated mode for saml encryption 
Closes #26291

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-01-18 16:52:10 +01:00
Lex Cao a960d0d8fa Add upgrading docs for changes to send-verify-email API 
Closes #26146.

Signed-off-by: Lex Cao <lexcao@foxmail.com>
 2024-01-18 09:48:01 +01:00
Ryan Emerson ba76682590 Use the http-max-queued-requests option for load shedding in HA docs 
Resolves #26223

Signed-off-by: Ryan Emerson <remerson@redhat.com>
 2024-01-17 15:44:08 +01:00
Alexander Schwartz b9498b91cb Deprecating the offline session preloading (#26160) 
Closes #25300

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-01-16 09:29:01 +01:00
Luca Orlandi d70dd9db67 Update placeholders for hostname and port (#24153) 
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-01-11 12:05:05 +01:00
Kévin Martins 16dddfa49c Complete the documentation for the use case of a resource from an email template. (#25705) 
Signed-off-by: Kevin MARTINS <k.martins@ubitransport.com>
 2024-01-10 18:08:04 -03:00
Alexander Schwartz 0f48027ffb Reduce internal unsupported options in the Keycloak HA documentation 
Closes #26068

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-01-10 17:38:15 +01:00