* fix: adding a -- separator for spi options
closes: #39063
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
* adding a warning for ambiguous spi options
also adding a note about the change
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
# Conflicts:
# docs/documentation/upgrading/topics/changes/changes-26_3_0.adoc
* updating docs to the new format
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
# Conflicts:
# docs/guides/high-availability/examples/generated/keycloak-ispn.yaml
# docs/guides/high-availability/examples/generated/keycloak.yaml
* internally using the new spi options
also adding a deprecation notice
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
* Apply suggestions from code review
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
* correcting options output
adding + + inlining where needed
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
* adding test showing the env mapping with __
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
---------
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Closes#35256
This PR fixes a bunch of typos in docs files.
I ran codespell on `*.adoc` and `*.md` files in the repo in interactive mode
carefully checking each identified typo and proposed fix for false positives.
The most widely read file with typos identified is likely the changelog/migration guide.
Signed-off-by: Cornelius Roemer <cornelius.roemer@gmail.com>
Closes#9758
Signed-off-by: vramik <vramik@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
Changes according to the latest [OWASP cheat sheet for secure Password Storage](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2):
- Changed default password hashing algorithm from pbkdf2-sha256 to pbkdf2-sha512
- Increased number of hash iterations for pbkdf2-sha1 from 20.000 to 1.300.000
- Increased number of hash iterations for pbkdf2-sha256 from 27.500 to 600.000
- Increased number of hash iterations for pbkdf2-sha512 from 30.000 to 210.000
- Adapt PasswordHashingTest to new defaults
- The test testBenchmarkPasswordHashingConfigurations can be used to compare the different hashing configurations.
- Document changes in changes document with note on performance and how
to keep the old behaviour.
- Log a warning at the first time when Pbkdf2PasswordHashProviderFactory is used directly
Fixes#16629
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Closes#25915
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
