keycloak

mirror of https://github.com/keycloak/keycloak.git synced 2026-04-15 22:09:46 -04:00

Author	SHA1	Message	Date
Pedro Ruivo	468c063e27	Client session may be lost during session restart Fixes #43349 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-14 11:01:16 +00:00
Pedro Igor	fa581c8148	Allow passing a context to steps Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-10-13 09:53:30 -03:00
Pedro Igor	5b5a83b800	Moving WorkflowsManager and WorkflowStateSpi to server-spi-private module Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-10-13 09:53:30 -03:00
stianst	aedd7fe5db	Remove unused imports as part of #43233 Signed-off-by: stianst <stianst@gmail.com>	2025-10-13 13:32:01 +02:00
Alexander Schwartz	10f06e9eb7	JDBC_PING publishes its physical address on startup Closes #43357 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-13 09:53:30 +01:00
Alexander Schwartz	66b9e801c1	Mark the reading of admin and user events read-only This should decrease the memory usage and improve response times Closes #43365 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-13 09:46:38 +02:00
Giuseppe Graziano	0bfb9079f2	Reject search for not allowed client attributes Closes #42541 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2025-10-10 09:37:40 +02:00
Alexander Schwartz	17fb20c58d	Prevent using JTA transaction when initializing JDBC_PING Closes #43335 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-09 23:09:36 +02:00
Steve Hawkins	6f36a02ffe	fix: retaining user creation timestamp when importing closes: #43195 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-10-08 11:36:29 -03:00
vramik	e4dc88de13	[FGAP] Make additional rest endpoints respect permissions Closes #40058 Signed-off-by: vramik <vramik@redhat.com>	2025-10-08 08:47:22 -03:00
Pedro Igor	4f55b9b6bd	Filter invalid resources and scopes when processing entries from the cache Closes #42907 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-10-03 19:25:57 +02:00
Ryan Emerson	5cb0562fd2	Prevent users configuring max-count=-1 for caches with a default upper-bound Closes #33146 Signed-off-by: Ryan Emerson <remerson@ibm.com>	2025-10-02 19:58:28 +00:00
Pedro Ruivo	4f24f93b85	Restarting an user session broken for persistent sessions Fixes #43161 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>	2025-10-02 21:29:04 +02:00
Pedro Igor	37577cde14	Make sure the component state is updated when invoking sync on user storage providers Make sure periodic tasks are cancelled if the provider is disabled or import users is disabled Closes #42470 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-10-02 10:22:50 -03:00
Stefan Guilhen	7f29c9bb88	Improve workflow logging messages - every execution gets its own id that can be used to track all activities related to that particular workflow execution Closes #42952 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-09-29 23:10:21 -03:00
Pedro Igor	6e851ce80e	Only filter default organization related scopes based on dynamic scope format Closes #42877 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-26 16:28:12 -03:00
Václav Muzikář	b65a60e40d	Support for EDB 17 (#42341 ) Closes #42742 Closes #42293 Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>	2025-09-26 16:04:47 +02:00
Stefan Guilhen	7e28d13e76	Add workflow condition that uses boolean expressions to combine and negate conditions Closes #42583 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-09-26 07:52:12 -03:00
Alexander Schwartz	a84d243d47	Avoid invalidating the realm when managing client initial access Closes #42922 Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2025-09-24 21:31:32 +02:00
Martin Bartoš	5acec7d5fc	[PERF] InitClusterStartupTime debug messages (#42908 ) Closes #42880 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2025-09-24 16:04:03 +02:00
Alexander Schwartz	4389bc2990	Fix duplicate label when using password history Closes #42736 Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2025-09-24 11:21:59 +02:00
Pedro Igor	fe8fce859d	Improve the Workflow JSON schema Closes #42697 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-24 04:04:44 -03:00
Pedro Igor	54d2451b35	Make user read-only and a proper error message when the user federation provider is not available Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-24 04:03:13 -03:00
Pedro Igor	d65c17ebc7	Do not fail when querying user federation providers and log messages to indicate the problem Closes #42276 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-24 04:03:13 -03:00
Alexander Schwartz	a9ed355bfc	Adding missing time column to index Closes #42792 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-09-23 07:33:08 -03:00
Pedro Ruivo	47f85631f3	Automatically create external caches for MULTI_SITE deployments Closes #32129 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>	2025-09-19 18:56:38 +02:00
Pedro Ruivo	4ccf7407ed	Lazy load client sessions Closes #42628 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>	2025-09-19 10:45:11 +00:00
Pedro Igor	c1fdbb0be4	Better names for workflow events Closes #42389 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-18 14:50:45 +02:00
Stian Thorgersen	f9ee040ef0	Add federated subject configuration option to federated-jwt authenticator (#42610 ) Closes #42608 Signed-off-by: stianst <stianst@gmail.com>	2025-09-17 13:39:50 +02:00
Pedro Ruivo	f7ff7e55d8	Replace UUID with composite key for client session cache Closes #42547 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2025-09-17 10:25:51 +00:00
Pedro Ruivo	f1bd42116e	NullPointerException when persisting a client session Fixes #42652 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>	2025-09-16 17:49:36 +02:00
vramik	d0e83cc05e	Rename RLM to Workflows Closes #42512 Signed-off-by: vramik <vramik@redhat.com>	2025-09-16 08:52:50 -03:00
Ricardo Martin	a2acdda535	Automatic download and cache of the SAML client public keys (#41947 ) Closes #17028 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-09-16 13:07:33 +02:00
Pedro Ruivo	714d71b4f5	Concurrent update embedded caches and database Closes #42374 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2025-09-15 18:38:03 +00:00
Stefan Guilhen	20f5a15278	Adjust scheduled action time so that it is always based on the previous action Closes #42385 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-09-12 15:50:38 -03:00
Martin Kanis	5a02bc1adb	Admin UI hides local users when LDAP provider fails Closes #42276 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2025-09-12 10:43:08 -03:00
Ryan Emerson	73a4020baa	Remove default cache configurations from cache-local.xml Closes #42351 Signed-off-by: Ryan Emerson <remerson@ibm.com>	2025-09-11 21:11:56 +02:00
Alexander Schwartz	6ea3c8aedf	Session IDs and auth codes should have 128 bits of entropy Closes #42274 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-09-11 17:05:40 +02:00
Alexander Schwartz	6a202146b4	Handle already existing user session in the store Closes #40374 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-09-11 14:58:53 +02:00
Stian Thorgersen	51465f52a3	Get client by client attribute Closes #42543 Signed-off-by: stianst <stianst@gmail.com>	2025-09-11 12:07:13 +00:00
Pedro Ruivo	8567eec526	ClientSession timestamp not updated in the database Closes #42012 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>	2025-09-10 20:34:22 +02:00
Pedro Igor	0d5dfc3eae	Add support for ad-hoc policies (#42508 ) Closes #42126 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-10 15:40:17 +00:00
Vlasta Ramik	b32b612f75	Compilation error in RolePolicyConditionProvider (#42497 ) Closes #42496 Signed-off-by: vramik <vramik@redhat.com>	2025-09-10 09:04:49 +00:00
Pedro Igor	1b17a3c9a6	Add a policy condition based on user roles (#42487 ) Closes #42117 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-10 03:23:56 +02:00
Vlasta Ramik	4382072d89	[RLM] Disable policy when the origin or selection criteria is removed Closes keycloak#42123 Signed-off-by: vramik <vramik@redhat.com>	2025-09-09 16:46:43 -03:00
Pedro Igor	58990a5544	Add a policy condition based on user attributes Closes #42118 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-09 12:07:59 -03:00
vramik	3507773854	[RLM] Cleanup code from initial PR Closes #42316 Signed-off-by: vramik <vramik@redhat.com>	2025-09-08 11:31:12 -03:00
Alexander Schwartz	cad613aa6e	Avoid removing client sessions before the user session times out As the client session timeout can be overwritten on a per client level, the realm level timeout can not be used to remove client sessions early. Closes #35825 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-09-08 10:59:15 -03:00
Steven Hawkins	b743b3d3b1	fix: adding better management of closed entitymanagers closes: #42114 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-09-05 16:57:47 +02:00
Alexander Schwartz	4d3589c776	Lock the database before doing migrations Closes #41801 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-09-03 15:22:04 -03:00

1 2 3 4 5 ...

2760 commits