27cd19e68e
add index for user_id and type on event_entity
...
Closes #26995
Signed-off-by: Oliver Cremerius <antikalk@users.noreply.github.com >
Signed-off-by: Alexander Schwartz <aschwart@redhat.com >
Co-authored-by: Alexander Schwartz <aschwart@redhat.com >
2025-07-30 20:52:48 +00:00
c9943af4f3
Reduce likelihood of multiple coordinators on concurrent startup
...
Closes #41290
Signed-off-by: Alexander Schwartz <aschwart@redhat.com >
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net >
Co-authored-by: Pedro Ruivo <pruivo@users.noreply.github.com >
2025-07-30 15:39:44 +02:00
cf21fa10fd
Update docs how to verify that a cluster has formed
...
Closes #40296
Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com >
Signed-off-by: Alexander Schwartz <aschwart@redhat.com >
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com >
Co-authored-by: Alexander Schwartz <aschwart@redhat.com >
2025-07-28 10:01:00 +00:00
8d8ed924c4
Setting 'write_data_on_find' to true to ensure merging of views
...
Closes #41390
Signed-off-by: Alexander Schwartz <aschwart@redhat.com >
2025-07-24 16:25:08 +02:00
4a23e43e02
Avoid additional execution of Liquibase changelog lock table statement
...
Closes #41295
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
2025-07-24 12:18:25 +02:00
74cfa87f3c
Remove obsolete code for the Liquibase LogHistoryService
...
Closes #41229
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
2025-07-22 13:50:30 +02:00
7fd3380b19
OpenTelemetry Tracing: Visualize JGroups communication ( #39659 )
...
Closes #39658
Signed-off-by: Alexander Schwartz <aschwart@redhat.com >
2025-07-22 11:51:58 +02:00
98612bbb67
fix: adding group import handling similar to users
...
closes : #41235
Signed-off-by: Steve Hawkins <shawkins@redhat.com >
Signed-off-by: Alexander Schwartz <aschwart@redhat.com >
Co-authored-by: Alexander Schwartz <aschwart@redhat.com >
2025-07-22 09:29:32 +00:00
b27213aef5
Remove obsolete Liquibase FK snapshot generator
...
Closes #41293
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
2025-07-22 10:15:33 +02:00
e0bba39da0
Allow configure encryption details for SAML clients
...
Closes #40933
Signed-off-by: rmartinc <rmartinc@redhat.com >
2025-07-18 20:13:40 +02:00
52a83509dc
Default jdbc-ping cluster setup for distributed caches fails in Oracle
...
* Add DatabaseConfig to TestDatabase so the underlying DB can be
configured per test
* Allow DB initScripts to be configured by tests
Closes #40784
Closes #41105
Signed-off-by: Ryan Emerson <remerson@redhat.com >
Signed-off-by: Alexander Schwartz <aschwart@redhat.com >
Co-authored-by: Alexander Schwartz <aschwart@redhat.com >
2025-07-17 15:57:25 +00:00
7ea7c2dcc4
Document spi-user-sessions--infinispan--use-batches
...
Closes #41219
Signed-off-by: Ryan Emerson <remerson@redhat.com >
2025-07-17 12:41:53 +00:00
4bb02305c3
Implement CompatibilityMetadataProvider for Cache CLI args
...
Closes #41138
Signed-off-by: Ryan Emerson <remerson@redhat.com >
2025-07-16 19:52:51 +02:00
23c301f2ed
Upgrade to the Quarkus 3.24.2 version ( #40867 )
...
Closes #40592
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
2025-07-15 16:15:03 +02:00
164274ac51
Check if PK for DATABASECHANGELOG already exists
...
Closes #41082
Signed-off-by: rmartinc <rmartinc@redhat.com >
2025-07-11 16:06:08 +02:00
5219a331b9
Skip computing lifespan for read-only sessions
...
Fixes #40980
Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com >
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com >
2025-07-10 20:40:28 +02:00
88069cd5fb
Mark user session for removal when the user bound to cannot be resolved
...
Closes #40398
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com >
2025-07-10 20:37:18 +02:00
f39a37d8d1
[OID4VCI] Move realm attributes to clientScope and protocol-mappers ( #39768 )
...
fixes #39527
Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de >
Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de >
2025-07-10 14:46:36 +02:00
21eda2ae7a
Improve logging for client sessions load
...
Closes #41034
Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com >
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net >
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com >
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net >
Co-authored-by: Marek Posolda <mposolda@gmail.com >
2025-07-10 10:08:27 +00:00
900d8c7400
Changing default passwordless webauthn policy to follow recommended values in the documentation
...
Closes #40792
Signed-off-by: rmartinc <rmartinc@redhat.com >
2025-07-09 11:34:28 +02:00
332c9b6e4a
Fix NPE when accessing group concurrently
...
Closes #40368
Signed-off-by: vramik <vramik@redhat.com >
2025-07-08 16:13:54 -03:00
9322d71d61
UserSession Offline removed from DB if not in cache
...
Fixes #40754
Signed-off-by: Pedro Ruivo <pruivo@redhat.com >
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net >
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net >
2025-07-07 20:52:06 +02:00
eb7ce6ae15
Provide CLI Parameters for jgroups.* options
...
Closes #40481
Signed-off-by: Ryan Emerson <remerson@redhat.com >
2025-07-07 13:07:45 +02:00
c9f38d36a9
fix: reducing memory footprint for cached entries
...
closes : #35932
Signed-off-by: Steve Hawkins <shawkins@redhat.com >
2025-06-30 18:18:29 +00:00
2b44c5676f
fix: adding logic to isolate realm migration processing ( #39377 )
...
* fix: adding logic to isolate realm migration processing
also adding an info log for each realm migrated
closes : #33978 #38649
Signed-off-by: Steve Hawkins <shawkins@redhat.com >
* switching to an export strategy tolerant to read committed
also preventing creating cached users during export
Signed-off-by: Steve Hawkins <shawkins@redhat.com >
* updating the docs to still recommend shutting the server down for export
Signed-off-by: Steve Hawkins <shawkins@redhat.com >
* accounting for null managed users
Signed-off-by: Steve Hawkins <shawkins@redhat.com >
* refinements based upon review comments
Signed-off-by: Steve Hawkins <shawkins@redhat.com >
* Scaling back the docs
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net >
* Remove rogue release note
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com >
---------
Signed-off-by: Steve Hawkins <shawkins@redhat.com >
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net >
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com >
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net >
Co-authored-by: Václav Muzikář <vmuzikar@redhat.com >
2025-06-30 08:31:57 -04:00
a981f6b6d5
Access Token IDs have less than 128 bits of entropy
...
Closes #38663
Signed-off-by: Douglas Palmer <dpalmer@redhat.com >
2025-06-26 16:48:03 +02:00
1c05c8df63
Adjusted the comparisons for PersistentClientSessionEntity
...
Closes #40663
Signed-off-by: Anchels <mishtitov@gmail.com >
2025-06-26 10:55:08 +02:00
3a7569662e
Use updated PostgresDatabase from Liquibase 4.32.0 ( #40530 )
...
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
2025-06-24 18:26:30 +02:00
c5964b4ac8
Issue with Handling Negative Values in Certain Fields of Brute Force Detection
...
Closes #40353
Signed-off-by: Douglas Palmer <dpalmer@redhat.com >
2025-06-24 09:13:00 -03:00
f4d5fa68c1
Update documentation about volatile sessions
...
Closes #40639
Signed-off-by: Pedro Ruivo <pruivo@redhat.com >
Signed-off-by: Alexander Schwartz <aschwart@redhat.com >
Co-authored-by: Alexander Schwartz <aschwart@redhat.com >
2025-06-20 16:45:22 +00:00
cde47667fd
Making DefaultLazyLoader thread safe
...
Closes #40531
Signed-off-by: Alexander Schwartz <aschwart@redhat.com >
2025-06-18 15:24:07 -03:00
e4f0bfc8e7
Make UPDATE_TIME unique for MIGRATION_MODEL table
...
Closes #40088
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
Signed-off-by: Alexander Schwartz <aschwart@redhat.com >
Co-authored-by: Alexander Schwartz <aschwart@redhat.com >
2025-06-18 13:08:42 +00:00
0188d276d8
Invalidate user cache entries when email or username are different from storage
...
Closes #40085
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com >
Signed-off-by: Alexander Schwartz <aschwart@redhat.com >
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net >
Co-authored-by: Alexander Schwartz <aschwart@redhat.com >
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net >
2025-06-17 20:44:01 +00:00
61586ff328
Disabling persistent sessions affects also offline session cache
...
Closes #40483
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net >
Signed-off-by: Alexander Schwartz <aschwart@redhat.com >
2025-06-17 08:02:28 +00:00
6062ddc6b2
Avoid calling the underlying user storage multiple times when lazily loading model attributes
...
Closes #40213
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com >
2025-06-16 20:06:32 +02:00
78f575b53b
Default to num_owners=2 when the persistent-user-sessions feature is disabled
...
Closes #39429
Closes #40472
Signed-off-by: Ryan Emerson <remerson@redhat.com >
2025-06-16 09:43:39 +02:00
76ab8bd21d
Implemented validation to ensure each OTP device has a unique label
...
Closes #38465
Signed-off-by: Saikrishna <saikrishnap@optimeyes.ai >
Signed-off-by: Alexander Schwartz <aschwart@redhat.com >
Co-authored-by: Saikrishna <saikrishnap@optimeyes.ai >
Co-authored-by: Alexander Schwartz <aschwart@redhat.com >
2025-06-12 12:08:05 +02:00
ad92af3c58
MigrationModel duplicate entry
...
Closes #39866
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
Signed-off-by: Alexander Schwartz <aschwart@redhat.com >
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net >
Co-authored-by: Alexander Schwartz <aschwart@redhat.com >
2025-06-11 10:54:29 +02:00
4b0c994055
Keycloak fails to start on MySQL Cluster due to missing primary key in databasechangelog
...
Closes #38602
Signed-off-by: vramik <vramik@redhat.com >
2025-06-10 08:36:15 +00:00
56af1aa22a
Remove outdated tests in model/infinispan
...
Closes #40203
Signed-off-by: Ryan Emerson <remerson@redhat.com >
Signed-off-by: Alexander Schwartz <aschwart@redhat.com >
Co-authored-by: Alexander Schwartz <aschwart@redhat.com >
2025-06-05 16:01:58 +00:00
41110823c7
Integrate current auth-username-password-form authenticator with passkeys isConditionalMediationAvailable ( #38781 )
...
Closes #29596
Signed-off-by: rmartinc <rmartinc@redhat.com >
2025-06-05 08:53:00 +02:00
17e2602a56
[OID4VCI] Fix creation of clientScopes with protocol oid4vc ( #39556 )
...
closes #39527
Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de >
2025-06-05 08:49:05 +02:00
f3a1dc4aee
Remove kubernetes stack port_range workarounds
...
Closes #39546
Signed-off-by: Ryan Emerson <remerson@redhat.com >
2025-06-04 17:08:28 +00:00
706390addd
JGroups: Switch to "per-destination" bundler for jdbc-ping
...
Closes #39545
Signed-off-by: Ryan Emerson <remerson@redhat.com >
2025-06-04 12:58:36 +00:00
5e59370c28
Cache the client session if it is missing from the cache ( #39786 )
...
Closes #39785
Signed-off-by: Alexander Schwartz <aschwart@redhat.com >
2025-06-02 16:30:49 +02:00
ad10cde87e
Add options to configure JPQL comments and slow SQL threshold ( #39589 )
...
Closes #39587
Signed-off-by: Alexander Schwartz <aschwart@redhat.com >
2025-06-02 14:55:43 +02:00
15469d58e1
Throw an exception if transport mTLS keystore or Truststore does not exist ( #40089 )
...
Closes #40024
Signed-off-by: Ryan Emerson <remerson@redhat.com >
2025-05-30 15:38:24 +02:00
669cc2533c
Use previous password in SMTP when the the authType defaults to basic
...
Closes #39781
Signed-off-by: rmartinc <rmartinc@redhat.com >
2025-05-30 08:50:22 +02:00
88f660b235
Add experimental feature rolling-updates:v2 that allows rolling updat… ( #39751 )
...
...e for patch releases
Closes #38882
Signed-off-by: Michal Hajas <mhajas@redhat.com >
2025-05-27 11:17:42 -03:00
ef4ad0d59c
Remove parent and children composite dependencies when removing roles
...
Closes #39724
Signed-off-by: rmartinc <rmartinc@redhat.com >
2025-05-23 11:29:18 +02:00
Oliver