mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-06 06:49:53 -06:00
Code Issues Packages Projects Releases Wiki Activity
26,577 Commits 19 Branches 288 Tags
ebdfe4cd3fd854e3504787e68d6bf409a1b09275
Commit Graph

979 Commits

Author SHA1 Message Date
mposolda
ebdfe4cd3f Unbounded login_hint parameter Can Corrupt KC_RESTART Cookie 
closes #40857

Signed-off-by: mposolda <mposolda@gmail.com>
(cherry picked from commit 5a05d2123e)
 2025-09-09 17:09:40 +02:00
Steven Hawkins
b1f3422fe5 Backport 42151 26.0 (#42237) 
* fix: adding docs about Keycloak CR security (#40260) (#40322)

closes: #40188


(cherry picked from commit f8ba9d3429)

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* fix: expands our warnings/notes around placeholder usage (#42151) (#42233)

addresses CVE-2025-9162

closes: #42046


(cherry picked from commit e891336167)

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-08-29 15:59:24 +02:00
mposolda
f63a870c76 Add option 'Requires short state parameter' to OIDC IDP 
closes #40237

Signed-off-by: mposolda <mposolda@gmail.com>
(cherry picked from commit 274afa88fa)
 2025-07-14 08:43:44 +02:00
rmartinc
eab83b40d5 Disable email verification when email manually changed by idp review 
Closes #40446

Signed-off-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit 86f0a7864f)
 2025-06-27 16:26:01 +02:00
Pedro Ruivo
28c215a13b Add example with TCPPING discovery protocol to documentation (#39873) 
Closes #39871

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2025-05-27 10:07:28 +02:00
mposolda
0ad29a0844 Fix documentation link to quickstarts to point to 'main' branch instead of 'latest' branch 
closes #39798

Signed-off-by: mposolda <mposolda@gmail.com>
(cherry picked from commit fe2790a09d)
 2025-05-19 10:55:22 +02:00
Alexander Schwartz
21b59abafe Fix list design (#39601) 
Closes #39600

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-05-13 11:43:46 +02:00
Michal Hajas
1aa80ab6d1 Fix outdated link to Infinispan docs 
Closes #39225

Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2025-05-05 14:36:01 +02:00
Steve Hawkins
f835f49065 fix: remove ANY mode modification of truststores 
also note that ANY should not be used in production

closes: CVE-2025-3501

Add a test for the error (#1)

Signed-off-by: Ricardo Martin <rmartinc@redhat.com>

Update docs/guides/server/keycloak-truststore.adoc

Co-authored-by: Marek Posolda <mposolda@gmail.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
 2025-04-24 11:44:33 +02:00
Martin Bartoš
e2d646ab2c [Docs] Broken link in ExternalLinksTest for importmap 
Closes #38930

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-04-15 11:08:32 +02:00
Alexander Schwartz
a07561b64e Sorting the chapters of the HA guide (#38834) 
Closes #38721

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-15 10:28:40 +02:00
rmartinc
154206c5f3 Define a max expiration window for Signed JWT client authentication 
Closes #38576

Signed-off-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit a10c8119d4)
 2025-04-03 13:24:12 +02:00
Jon Koops
8ae5205ae3 Fix broken external link in Gitlab IdP docs (#37435) (#37438) 
Closes #37434

Signed-off-by: Jon Koops <jonkoops@gmail.com>
(cherry picked from commit 3ccc88628f)
 2025-02-18 11:32:48 +00:00
Ricardo Martin
707a556828 Force login in reset-credentials to federated users 
Closes #37207

Signed-off-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit 6850f41060)
 2025-02-13 08:31:06 +00:00
Yoshikazu Nojima
ace9068f35 Add Network Ports section for Keycloak < 26.1 
Closes #37160

Signed-off-by: Yoshikazu Nojima <mail@ynojima.net>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2025-02-11 15:00:16 +01:00
Alexander Schwartz
da2fceb699 Outdated documentation reCAPTCHA (#36982) 
Closes #36887

Signed-off-by: Stepan Papazyan <papastepano@gmail.com>
(cherry picked from commit 0c46ad299c)

Co-authored-by: papastepano <papastepano@gmail.com>
 2025-02-03 11:21:52 +01:00
Ricardo Martin
66a6248d51 Provide an option to force login after reset credentials (#36856) 
Closes #36844

Signed-off-by: rmartinc <rmartinc@redhat.com>


Co-authored-by: Ricardo Martin <rmartinc@redhat.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
 2025-01-29 10:05:00 +01:00
andymunro
dbdc837355 Add Dependency section for creating an SPI 
Closes #36798

Signed-off-by: AndyMunro <amunro@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
(cherry picked from commit 1912602a5a)
 2025-01-28 09:37:12 +01:00
andymunro
ca87e36031 Openshift conflict 
Closes #36745

Signed-off-by: AndyMunro <amunro@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Steven Hawkins <shawkins@redhat.com>
(cherry picked from commit 9ab28e7ffe)
 2025-01-27 08:55:35 +01:00
Vlasta Ramik
f58c393bb8 Update index-creation-threshold in migrate_db.adoc 
Closes #36669

(cherry picked from commit a01c8da2bd)

Signed-off-by: vramik <vramik@redhat.com>
 2025-01-24 08:48:24 +01:00
rmartinc
f3b86833fd Check next update time for CRL in certificate validation 
Closes #35983

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-01-23 10:30:44 +01:00
Pedro Igor
3e604cf27d Allow enforce that users are members of organizations when authenticating 
Closes #34275

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-01-22 21:49:30 +01:00
Ricardo Martin
e0b3b739f3 Add some common headers for the links check in docs 
Closes #36675

Signed-off-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit 17d2dd58ca)
 2025-01-22 13:42:05 +00:00
Martin Bartoš
8774c25fff Remove ignored links from the documentation tests after KC 26 release (#36255) 
Closes #32071

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-01-13 17:48:38 +01:00
Marek Posolda
f4ffa5e25f Fix GitHub Links to quickstarts in getting started guide (#35919) (#35956) 
closes #35947

Signed-off-by: Jose Angel Munoz <5019972+imjoseangel@users.noreply.github.com>
Signed-off-by: joseangel <joseangel.munoz@zurich.com>
(cherry picked from commit cfdfd828ce)

Co-authored-by: Jose Angel Munoz <5019972+imjoseangel@users.noreply.github.com>
 2025-01-13 17:46:46 +01:00
Steven Hawkins
5eafdef181 fix: updating the partially dynamic url to not include path 
closes: #35706

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
(cherry picked from commit 2bb98d9684)
 2025-01-13 17:46:15 +01:00
Steven Hawkins
8d59a08205 fix: removing doc that suggests using the config file for quarkus props 
closes: #35770

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
(cherry picked from commit 27eaaefc4f)
 2025-01-13 17:45:24 +01:00
Ricardo Martin
37307937c0 Improve the note about group synchronization in sssd (#35812) 
Closes #35643

Signed-off-by: rmartinc <rmartinc@redhat.com>
(cherry picked from commit 769bd6c9d0)
 2025-01-13 17:43:31 +01:00
Martin Bartoš
6db9a0e9f0 Typo in using custom Keycloak image for Operator guide 
Fixes #35767

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-01-13 17:42:07 +01:00
Pedro Igor
7a76858fe4 Restrict access to environment variables when at the server runtime 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-12-16 10:12:52 -03:00
Alexander Schwartz
d339711346 Changing mis-formatted definition list of hashing algorithms to a table 
Closes #35416

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-12-06 10:53:10 -03:00
Alexander Schwartz
e5868296b4 Upgrading guide 26.0.6 is missing in the upgrading guide (#35546) 
Closes #35544

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-12-03 12:21:28 +01:00
Alexander Schwartz
3400602ee6 Fix unordered list in caching guide (#35283) 
Closes #35006

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-11-26 09:16:15 +01:00
Alexander Schwartz
bbe89d4f58 fix(doc): v24 changelog grammar typo "longer" -> "no longer" (#35285) 
Closes #35163

The missing "no" makes this really confusing to read

Signed-off-by: Cornelius Roemer <cornelius.roemer@gmail.com>
Co-authored-by: Cornelius Roemer <cornelius.roemer@gmail.com>
 2024-11-26 09:15:57 +01:00
Martin Kanis
ea131762ba getAll() organization and organization members only returns the first 10 items 
Closes #34975

Signed-off-by: Martin Kanis <mkanis@redhat.com>
(cherry picked from commit 7e3e46d348)
 2024-11-25 10:11:17 +01:00
Jon Koops
4c2ebfbde6 Use short UUID for ldap components 
Closes #32143

(cherry picked from commit ca1c10f7ba)

Signed-off-by: rmartinc <rmartinc@redhat.com>
Co-authored-by: Ricardo Martin <rmartinc@redhat.com>
 2024-11-22 12:09:52 +01:00
Alexander Schwartz
1ba097a024 Update upgrade guide docs 25.0.0 cache options 
Closes #34987

Signed-off-by: michielpeeters <michielpeeters@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: michielpeeters <michielpeeters@users.noreply.github.com>
 2024-11-22 12:09:00 +01:00
AndyMunro
d3b192c737 Apply QE authorization services guide comments 
Closes #34882

Signed-off-by: AndyMunro <amunro@redhat.com>
(cherry picked from commit 1e1a1f14da)
 2024-11-22 12:02:56 +01:00
AndyMunro
17863d1d4f Address QE comments on Server Admin Guide 
Closes #34916

Signed-off-by: AndyMunro <amunro@redhat.com>
(cherry picked from commit 205898baf3)
 2024-11-22 11:46:26 +01:00
Peter Zaoral
7bdc16f029 fix: prevent inclusion of characters that could lead to FileVault path traversal (#212) 
Closes: #211

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
Co-authored-by: Václav Muzikář <vmuzikar@redhat.com>
 2024-11-18 09:27:50 +01:00
Václav Muzikář
ba9d0c364c Update docs with security warning around client certificate lookup (#213) 
Closes #203

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
 2024-11-13 16:18:20 +01:00
andymunro
90bd3661b6 Update installation locations (#34871) 
Closes #34855

Signed-off-by: AndyMunro <amunro@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
(cherry picked from commit 3ca3a4ad34)
 2024-11-13 12:34:54 +01:00
andymunro
495ddb8673 Update Leveraging Jakarta EE (#34901) 
Closes #34873

Signed-off-by: AndyMunro <amunro@redhat.com>
(cherry picked from commit e63cdd0539)
 2024-11-13 12:34:32 +01:00
andymunro
c27a55d797 Address QE comments on HA guide (#34902) 
Closes #34887

Signed-off-by: AndyMunro <amunro@redhat.com>
(cherry picked from commit 2201241949)
 2024-11-13 12:33:39 +01:00
Pedro Igor
5c9f1837d7 Added a representation that includes an organization and user model 
Closes #34013

Signed-off-by: Robert Rieser <Robert.Rieser@degoya.studio>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Robert Rieser <Robert.Rieser@degoya.studio>
 2024-11-12 10:12:51 +01:00
Kamesh Akella
22cc1194e7 update the sizing guide with the correct instance type 
Closes #34315

update the sizing guide with the correct instance type used in the Keycloak benchmark tests.

Signed-off-by: Kamesh Akella <kamesh.asp@gmail.com>
 2024-11-07 09:22:39 +01:00
Alexander Schwartz
c9d916cc17 Fixing explicit Anchor for downstream 
Closes #34634

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-11-04 18:27:27 +01:00
Alexander Schwartz
47e1e7a890 Fixing cross-references between guides 
Closes #34624

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-11-04 16:11:21 +01:00
mposolda
4938a8e563 Make documentation more clear that keycloak javascript adapter and node.js adapter are OIDC 
closes #34570

Signed-off-by: mposolda <mposolda@gmail.com>
(cherry picked from commit d80cb010ff)
 2024-11-04 13:12:19 +01:00
Pedro Igor
81ce113f8a Do not rely on the pwdLastSet attribute when updating AD entries 
Closes #34467

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-10-31 16:07:09 +01:00